Commands were chained with && so if the project directory was missing,
cd would fail and docker compose down would never execute — leaving
containers and volumes running. Use semicolons to run each command
independently, matching the existing stack deletion pattern.
Closes#4064
- Updated the AnalyzeLogs component to display a message and button for configuring AI providers when none are available, improving user guidance.
- Added a link to the settings page for easy access to AI provider configuration.
- Integrated new icon for the configuration button to enhance UI clarity.
These changes improve the user experience by ensuring users are informed about the need to set up AI providers for log analysis.
- Updated the `getContainerLogs` function to accept either an application name or container ID, improving flexibility in log retrieval.
- Simplified the command execution logic by consolidating the remote and local execution paths.
- Added a new parameter to directly use container IDs, streamlining the process for users.
These changes enhance the usability of the logging feature, allowing for more efficient access to container logs.
- Implemented a new `readLogs` procedure across various routers (application, compose, libsql, mariadb, mongo, mysql, postgres, redis) to enable users to retrieve logs from containers.
- Each procedure includes input validation for parameters such as `tail`, `since`, and `search`, ensuring robust access control and authorization checks.
- Enhanced the `getContainerLogs` service to support fetching logs from both Docker containers and services, improving the logging capabilities of the application.
This feature enhances observability and troubleshooting for users by providing direct access to container logs.
- Corrected the API URL for Z.AI by removing the trailing slash.
- Modified the AI router mutation to include context and added access control to ensure users can only access their organization's AI settings.
These changes improve the accuracy of the API integration and enhance security by enforcing organizational access restrictions.
- Introduced the AnalyzeLogs component for analyzing logs using AI, allowing users to select AI providers and view analysis results.
- Integrated AnalyzeLogs into the ShowDeployment and DockerLogsId components, enabling log analysis for both build and runtime contexts.
- Updated the AI router to include a new endpoint for log analysis, which processes logs and returns structured insights.
- Enhanced the AI provider selection logic to support new providers, including Z.AI and MiniMax.
This feature enhances the user experience by providing actionable insights from logs, improving troubleshooting and operational efficiency.
Add allForApps endpoint that returns only sshKeyId and name using protectedProcedure instead of withPermission, so members can select SSH keys in the git provider dropdown without needing access to the SSH Keys management panel.
closes#4069
Move server.listen() before the initialization block so the HTTP server
is already responding when Docker healthchecks begin. Previously, slow
operations like SMTP timeouts in sendDokployRestartNotifications() could
block the server from listening, causing healthcheck failures and
container restarts.
Closes#4049
The catch block was swallowing the real error from the ntfy server,
making it impossible to diagnose connection failures (e.g. SSL, DNS,
auth issues). Now the underlying error message is included in the
tRPC error response.
Closes#4047
- Change compose.loadServices permission from service:create to service:read
since loading services from a compose file is a read-only operation
- Add saveEnvironment endpoint to compose router with envVars:write permission
- Update show-environment.tsx to use saveEnvironment mutations instead of
generic update mutations for all service types (compose, databases)
Closes#4052
The actions array in Slack attachments requires Interactive Components
to be configured on the Slack app, which causes notifications to fail.
Replaces with a Details field using mrkdwn hyperlink syntax and adds
mrkdwn_in to ensure the link renders as clickable.
Closes#4053
writeDomainsToCompose reads the compose file in Node.js before the
shell script runs, so patches applied as shell commands were being
overwritten by the stale pre-patch content.
Split patch execution into a separate step that runs before
getBuildComposeCommand, so the file is already patched when Node.js
reads it for domain injection.
Also added missing patch support to rebuildCompose which was skipping
patches entirely on redeploys.
Closes#4113
The naive split(":").pop() approach treated the port number in
registry URLs (e.g. registry:5000/image) as the image tag.
Now uses lastIndexOf(":") and checks if the suffix matches a port
followed by a path (digits + slash), consistent with extractImageName.
Closes#4082
- Normalize emails with toLowerCase().trim() before comparing
- Wrap getUserByToken in try/catch since it throws TRPCError on miss,
rethrow as APIError for consistent error responses
Also checks that the invitation is not expired and has not already been
used before allowing account creation.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Updated the authentication process to check if the email of the user matches the email associated with the invitation token.
- Improved error handling for cases where the user is not found or the email does not match the invitation.
- Added `isEnterpriseCloud` field to the user schema to enhance user differentiation for enterprise cloud services.
- This change supports the ongoing updates to billing and subscription management for enterprise users.
- Introduced `isEnterpriseCloud` boolean field in the user schema to differentiate enterprise users.
- Updated billing UI to display specific information for enterprise cloud users, including a dedicated section for managing subscriptions.
- Modified API webhook logic to handle subscription updates and server management based on the `isEnterpriseCloud` status.
- Introduced `accessedServers` field in user permissions schema and member table.
- Implemented server access validation across various API routers to ensure users can only access permitted servers.
- Added a new query to fetch accessible server IDs based on user roles and licenses.
- Updated UI components to support server selection in user permissions.
Mauricio Siu