Merge pull request #1955 from coollabsio/next

v4.0.0-beta.254

SECURITY.md

@@ -0,0 +1,16 @@
+# Security Policy
+
+## Supported Versions
+
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| > 4   | :white_check_mark: |
+| 3   | :x:                |
+
+
+## Reporting a Vulnerability
+
+If you have any vulnerability please report at hi@coollabs.io

app/Console/Kernel.php

@@ -121,6 +121,9 @@ class Kernel extends ConsoleKernel
             return;
         }
         foreach ($scheduled_tasks as $scheduled_task) {
+            if ($scheduled_task->enabled === false) {
+                continue;
+            }
             $service = $scheduled_task->service;
             $application = $scheduled_task->application;
 

app/Livewire/Settings/Backup.php

@@ -41,35 +41,39 @@ class Backup extends Component
     }
     public function add_coolify_database()
     {
-        $server = Server::find(0);
-        $out = instant_remote_process(['docker inspect coolify-db'], $server);
-        $envs = format_docker_envs_to_json($out);
-        $postgres_password = $envs['POSTGRES_PASSWORD'];
-        $postgres_user = $envs['POSTGRES_USER'];
-        $postgres_db = $envs['POSTGRES_DB'];
-        $this->database = StandalonePostgresql::create([
-            'id' => 0,
-            'name' => 'coolify-db',
-            'description' => 'Coolify database',
-            'postgres_user' => $postgres_user,
-            'postgres_password' => $postgres_password,
-            'postgres_db' => $postgres_db,
-            'status' => 'running',
-            'destination_type' => 'App\Models\StandaloneDocker',
-            'destination_id' => 0,
-        ]);
-        $this->backup = ScheduledDatabaseBackup::create([
-            'id' => 0,
-            'enabled' => true,
-            'save_s3' => false,
-            'frequency' => '0 0 * * *',
-            'database_id' => $this->database->id,
-            'database_type' => 'App\Models\StandalonePostgresql',
-            'team_id' => currentTeam()->id,
-        ]);
-        $this->database->refresh();
-        $this->backup->refresh();
-        $this->s3s = S3Storage::whereTeamId(0)->get();
+        try {
+            $server = Server::findOrFail(0);
+            $out = instant_remote_process(['docker inspect coolify-db'], $server);
+            $envs = format_docker_envs_to_json($out);
+            $postgres_password = $envs['POSTGRES_PASSWORD'];
+            $postgres_user = $envs['POSTGRES_USER'];
+            $postgres_db = $envs['POSTGRES_DB'];
+            $this->database = StandalonePostgresql::create([
+                'id' => 0,
+                'name' => 'coolify-db',
+                'description' => 'Coolify database',
+                'postgres_user' => $postgres_user,
+                'postgres_password' => $postgres_password,
+                'postgres_db' => $postgres_db,
+                'status' => 'running',
+                'destination_type' => 'App\Models\StandaloneDocker',
+                'destination_id' => 0,
+            ]);
+            $this->backup = ScheduledDatabaseBackup::create([
+                'id' => 0,
+                'enabled' => true,
+                'save_s3' => false,
+                'frequency' => '0 0 * * *',
+                'database_id' => $this->database->id,
+                'database_type' => 'App\Models\StandalonePostgresql',
+                'team_id' => currentTeam()->id,
+            ]);
+            $this->database->refresh();
+            $this->backup->refresh();
+            $this->s3s = S3Storage::whereTeamId(0)->get();
+        } catch (\Exception $e) {
+            return handleError($e, $this);
+        }
     }
 
     public function backup_now()

app/Models/Application.php

@@ -621,7 +621,6 @@ class Application extends BaseModel
                         $commands->push("cd {$baseDir} && git fetch origin {$branch} && $git_checkout_command");
                     }
                 }
-                ray($commands);
                 return [
                     'commands' => $commands->implode(' && '),
                     'branch' => $branch,

bootstrap/helpers/github.php

@@ -29,7 +29,7 @@ function generate_github_installation_token(GithubApp $source)
         'Accept' => 'application/vnd.github.machine-man-preview+json'
     ])->post("{$source->api_url}/app/installations/{$source->installation_id}/access_tokens");
     if ($token->failed()) {
-        throw new RuntimeException("Failed to get access token for " . $source->name . " with error: " . $token->json()['message']);
+        throw new RuntimeException("Failed to get access token for " . $source->name . " with error: " . data_get($token->json(),'message','no error message found'));
     }
     return $token->json()['token'];
 }

bootstrap/helpers/remoteProcess.php

@@ -7,11 +7,10 @@ use App\Models\Application;
 use App\Models\ApplicationDeploymentQueue;
 use App\Models\PrivateKey;
 use App\Models\Server;
-use App\Notifications\Server\Revived;
-use App\Notifications\Server\Unreachable;
 use Carbon\Carbon;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Support\Collection;
+use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Facades\Process;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Str;
@@ -135,7 +134,6 @@ function generateSshCommand(Server $server, string $command)
     $connectionTimeout = config('constants.ssh.connection_timeout');
     $serverInterval = config('constants.ssh.server_interval');
 
-    $delimiter = 'EOF-COOLIFY-SSH';
     $ssh_command = "timeout $timeout ssh ";
 
     if (config('coolify.mux_enabled') && config('coolify.is_windows_docker_desktop') == false) {
@@ -145,6 +143,9 @@ function generateSshCommand(Server $server, string $command)
         $ssh_command .= '-o ProxyCommand="/usr/local/bin/cloudflared access ssh --hostname %h" ';
     }
     $command = "PATH=\$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/host/usr/local/sbin:/host/usr/local/bin:/host/usr/sbin:/host/usr/bin:/host/sbin:/host/bin && $command";
+
+    $delimiter = Hash::make($command);
+    $command = str_replace($delimiter, '', $command);
     $ssh_command .= "-i {$privateKeyLocation} "
         . '-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null '
         . '-o PasswordAuthentication=no '
@@ -158,6 +159,7 @@ function generateSshCommand(Server $server, string $command)
         . $command . PHP_EOL
         . $delimiter;
     // ray($ssh_command);
+    // ray($delimiter);
     return $ssh_command;
 }
 function instant_remote_process(Collection|array $command, Server $server, $throwError = true)

config/sentry.php

@@ -7,7 +7,7 @@ return [
 
     // The release version of your application
     // Example with dynamic git hash: trim(exec('git --git-dir ' . base_path('.git') . ' log --pretty="%h" -n1 HEAD'))
-    'release' => '4.0.0-beta.252',
+    'release' => '4.0.0-beta.254',
     // When left empty or `null` the Laravel environment will be used
     'environment' => config('app.env'),
 

config/version.php

@@ -1,3 +1,3 @@
 <?php
 
-return '4.0.0-beta.252';
+return '4.0.0-beta.254';

database/migrations/2024_04_09_095517_make_custom_docker_commands_longer.php

@@ -0,0 +1,29 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        Schema::table('applications', function (Blueprint $table) {
+            $table->text('custom_docker_run_options')->nullable()->change();
+
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        Schema::table('applications', function (Blueprint $table) {
+            $table->string('custom_docker_run_options')->nullable()->change();
+        });
+    }
+};

scripts/install.sh

@@ -6,7 +6,7 @@ set -e # Exit immediately if a command exits with a non-zero status
 #set -u # Treat unset variables as an error and exit
 set -o pipefail # Cause a pipeline to return the status of the last command that exited with a non-zero status
 
-VERSION="1.3.0"
+VERSION="1.3.1"
 DOCKER_VERSION="24.0"
 
 CDN="https://cdn.coollabs.io/coolify"
@@ -23,7 +23,7 @@ if [ "$OS_TYPE" = 'amzn' ]; then
     dnf install -y findutils >/dev/null 2>&1
 fi
 
-LATEST_VERSION=$(curl --silent $CDN/versions.json | grep -i version | sed -n '2p' | xargs | awk '{print $2}' | tr -d ',')
+LATEST_VERSION=$(curl --silent $CDN/versions.json | grep -i version | xargs | awk '{print $2}' | tr -d ',')
 DATE=$(date +"%Y%m%d-%H%M%S")
 
 if [ $EUID != 0 ]; then

versions.json

@@ -1,7 +1,7 @@
 {
     "coolify": {
         "v4": {
-            "version": "4.0.0-beta.252"
+            "version": "4.0.0-beta.254"
         }
     }
 }