mirror of
https://github.com/dokploy/dokploy.git
synced 2026-06-13 19:09:49 +00:00
Mauricio Siu
c968a2755e
* fix: strip credentials from service-level API responses
Registry passwords and S3 destination credentials were being returned
in service `.one` tRPC endpoints to any user with service-level read
access. Reported by Nihon Kohden Corporation security team.
- Strip registry `password` from `findApplicationById` via Drizzle `columns: { password: false }`
- Strip destination `accessKey`/`secretAccessKey` from all DB service finders (postgres, mysql, mariadb, mongo, libsql, compose, backup, volume-backups)
- Add `findRegistryByIdWithCredentials` for internal use only
- Builders and upload utils now load registry credentials by ID at execution time
- `createRollback` enriches `fullContext` with registry credentials before persisting to DB so rollback execution has what it needs
- Remove `findApplicationByIdWithCredentials` and `ApplicationNestedWithCredentials` — no longer needed
- Backup execution utils load full destination via `findDestinationById` at runtime instead of reading from the joined relation
* [autofix.ci] apply automated fixes
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Join us on Discord for help, feedback, and discussions!
Dokploy is a free, self-hostable Platform as a Service (PaaS) that simplifies the deployment and management of applications and databases.
✨ Features
Dokploy includes multiple features to make your life easier.
- Applications: Deploy any type of application (Node.js, PHP, Python, Go, Ruby, etc.).
- Databases: Create and manage databases with support for MySQL, PostgreSQL, MongoDB, MariaDB, libsql, and Redis.
- Backups: Automate backups for databases to an external storage destination.
- Docker Compose: Native support for Docker Compose to manage complex applications.
- Multi Node: Scale applications to multiple nodes using Docker Swarm to manage the cluster.
- Templates: Deploy open-source templates (Plausible, Pocketbase, Calcom, etc.) with a single click.
- Traefik Integration: Automatically integrates with Traefik for routing and load balancing.
- Real-time Monitoring: Monitor CPU, memory, storage, and network usage for every resource.
- Docker Management: Easily deploy and manage Docker containers.
- CLI/API: Manage your applications and databases using the command line or through the API.
- Notifications: Get notified when your deployments succeed or fail (via Slack, Discord, Telegram, Email, etc.).
- Multi Server: Deploy and manage your applications remotely to external servers.
- Self-Hosted: Self-host Dokploy on your VPS.
🚀 Getting Started
To get started, run the following command on a VPS:
Want to skip the installation process? Try the Dokploy Cloud.
curl -sSL https://dokploy.com/install.sh | bash
For detailed documentation, visit docs.dokploy.com.
Contributors 🤝
📺 Video Tutorial
🤝 Contributing
Check out the Contributing Guide for more information.