sneak/upaas
1
0
Fork 0
Code Issues 21 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Compare commits

base: sneak:867cdf01abaa0fc7e53bb3269352a818d4fc278a
Branches Tags
sneak:main
sneak:schema-consolidation
sneak:feature/json-api
sneak:chore/update-todo
sneak:feature/edit-config-entities
sneak:feature/deployment-rollback-tests
sneak:update-todo-md
sneak:feature/edit-entities
sneak:feature/deployment-rollback
sneak:feature/deploy-cancel
..
compare: sneak:13d5467177ad1f217c527ffb330623fb3afa7c5b
Branches Tags
sneak:schema-consolidation
sneak:main
sneak:feature/json-api
sneak:chore/update-todo
sneak:feature/edit-config-entities
sneak:feature/deployment-rollback-tests
sneak:update-todo-md
sneak:feature/edit-entities
sneak:feature/deployment-rollback
sneak:feature/deploy-cancel

2 Commits
867cdf01ab ... 13d5467177

Author SHA1 Message Date
clawbot
13d5467177 fix: add ownership verification on env var, label, volume, and port deletion 
Verify that the resource's AppID matches the URL path app ID before
allowing deletion. Without this check, any authenticated user could
delete resources belonging to any app by providing the target resource's
ID in the URL regardless of the app ID in the path (IDOR vulnerability).

Closes #19
 2026-02-15 20:52:59 -08:00
clawbot
0f3e99f7cc test: add IDOR tests for resource deletion ownership verification 
Tests demonstrate that env vars, labels, volumes, and ports can be
deleted via another app's URL path without ownership checks.

All 4 tests fail, confirming the vulnerability described in #19.
 2026-02-15 20:52:19 -08:00
29 changed files with 79 additions and 424 deletions
Show Stats Expand all files Collapse all files

3
go.mod
View File

@ -5,11 +5,9 @@ go 1.25
require ( require (
github.com/99designs/basicauth-go v0.0.0-20230316000542-bf6f9cbbf0f8 github.com/99designs/basicauth-go v0.0.0-20230316000542-bf6f9cbbf0f8
github.com/docker/docker v27.3.1+incompatible github.com/docker/docker v27.3.1+incompatible
github.com/docker/go-connections v0.6.0
github.com/go-chi/chi/v5 v5.2.3 github.com/go-chi/chi/v5 v5.2.3
github.com/go-chi/cors v1.2.2 github.com/go-chi/cors v1.2.2
github.com/google/uuid v1.6.0 github.com/google/uuid v1.6.0
github.com/gorilla/csrf v1.7.3
github.com/gorilla/sessions v1.4.0 github.com/gorilla/sessions v1.4.0
github.com/joho/godotenv v1.5.1 github.com/joho/godotenv v1.5.1
github.com/mattn/go-sqlite3 v1.14.32 github.com/mattn/go-sqlite3 v1.14.32
@ -29,6 +27,7 @@ require (
github.com/containerd/log v0.1.0 // indirect github.com/containerd/log v0.1.0 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect github.com/davecgh/go-spew v1.1.1 // indirect
github.com/distribution/reference v0.6.0 // indirect github.com/distribution/reference v0.6.0 // indirect
github.com/docker/go-connections v0.6.0 // indirect
github.com/docker/go-units v0.5.0 // indirect github.com/docker/go-units v0.5.0 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/fsnotify/fsnotify v1.9.0 // indirect github.com/fsnotify/fsnotify v1.9.0 // indirect

2
go.sum
View File

@ -50,8 +50,6 @@ github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/gorilla/csrf v1.7.3 h1:BHWt6FTLZAb2HtWT5KDBf6qgpZzvtbp9QWDRKZMXJC0=
github.com/gorilla/csrf v1.7.3/go.mod h1:F1Fj3KG23WYHE6gozCmBAezKookxbIvUJT+121wTuLk=
github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA= github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo= github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
github.com/gorilla/sessions v1.4.0 h1:kpIYOp/oi6MG/p5PgxApU8srsSw9tuFbt46Lt7auzqQ= github.com/gorilla/sessions v1.4.0 h1:kpIYOp/oi6MG/p5PgxApU8srsSw9tuFbt46Lt7auzqQ=

56
internal/database/database.go
View File

@ -3,9 +3,7 @@ package database
import ( import (
"context" "context"
"crypto/sha256"
"database/sql" "database/sql"
"encoding/hex"
"fmt" "fmt"
"log/slog" "log/slog"
"os" "os"
@ -160,60 +158,6 @@ func (d *Database) connect(ctx context.Context) error {
return fmt.Errorf("failed to run migrations: %w", err) return fmt.Errorf("failed to run migrations: %w", err)
} }
// Backfill webhook_secret_hash for any rows that have a secret but no hash
err = d.backfillWebhookSecretHashes(ctx)
if err != nil {
return fmt.Errorf("failed to backfill webhook secret hashes: %w", err)
}
return nil
}
// HashWebhookSecret returns the hex-encoded SHA-256 hash of a webhook secret.
func HashWebhookSecret(secret string) string {
sum := sha256.Sum256([]byte(secret))
return hex.EncodeToString(sum[:])
}
func (d *Database) backfillWebhookSecretHashes(ctx context.Context) error {
rows, err := d.database.QueryContext(ctx,
"SELECT id, webhook_secret FROM apps WHERE webhook_secret_hash = '' AND webhook_secret != ''")
if err != nil {
return fmt.Errorf("querying apps for backfill: %w", err)
}
defer func() { _ = rows.Close() }()
type row struct {
id, secret string
}
var toUpdate []row
for rows.Next() {
var r row
if scanErr := rows.Scan(&r.id, &r.secret); scanErr != nil {
return fmt.Errorf("scanning app for backfill: %w", scanErr)
}
toUpdate = append(toUpdate, r)
}
if rowsErr := rows.Err(); rowsErr != nil {
return fmt.Errorf("iterating apps for backfill: %w", rowsErr)
}
for _, r := range toUpdate {
hash := HashWebhookSecret(r.secret)
_, updateErr := d.database.ExecContext(ctx,
"UPDATE apps SET webhook_secret_hash = ? WHERE id = ?", hash, r.id)
if updateErr != nil {
return fmt.Errorf("updating webhook_secret_hash for app %s: %w", r.id, updateErr)
}
d.log.Info("backfilled webhook_secret_hash", "app_id", r.id)
}
return nil return nil
} }

28
internal/database/hash_test.go
View File

@ -1,28 +0,0 @@
package database_test
import (
"testing"
"github.com/stretchr/testify/assert"
"git.eeqj.de/sneak/upaas/internal/database"
)
func TestHashWebhookSecret(t *testing.T) {
t.Parallel()
// Known SHA-256 of "test-secret"
hash := database.HashWebhookSecret("test-secret")
assert.Equal(t,
"9caf06bb4436cdbfa20af9121a626bc1093c4f54b31c0fa937957856135345b6",
hash,
)
// Different secrets produce different hashes
hash2 := database.HashWebhookSecret("other-secret")
assert.NotEqual(t, hash, hash2)
// Same secret always produces same hash (deterministic)
hash3 := database.HashWebhookSecret("test-secret")
assert.Equal(t, hash, hash3)
}

2
internal/database/migrations/005_add_webhook_secret_hash.sql
View File

@ -1,2 +0,0 @@
-- Add webhook_secret_hash column for constant-time secret lookup
ALTER TABLE apps ADD COLUMN webhook_secret_hash TEXT NOT NULL DEFAULT '';

41
internal/handlers/app.go
View File

@ -29,8 +29,8 @@ const (
func (h *Handlers) HandleAppNew() http.HandlerFunc { func (h *Handlers) HandleAppNew() http.HandlerFunc {
tmpl := templates.GetParsed() tmpl := templates.GetParsed()
return func(writer http.ResponseWriter, request *http.Request) { return func(writer http.ResponseWriter, _ *http.Request) {
data := h.addGlobals(map[string]any{}, request) data := h.addGlobals(map[string]any{})
err := tmpl.ExecuteTemplate(writer, "app_new.html", data) err := tmpl.ExecuteTemplate(writer, "app_new.html", data)
if err != nil { if err != nil {
@ -57,12 +57,12 @@ func (h *Handlers) HandleAppCreate() http.HandlerFunc {
branch := request.FormValue("branch") branch := request.FormValue("branch")
dockerfilePath := request.FormValue("dockerfile_path") dockerfilePath := request.FormValue("dockerfile_path")
data := h.addGlobals(map[string]any{ data := map[string]any{
"Name": name, "Name": name,
"RepoURL": repoURL, "RepoURL": repoURL,
"Branch": branch, "Branch": branch,
"DockerfilePath": dockerfilePath, "DockerfilePath": dockerfilePath,
}, request) }
if name == "" || repoURL == "" { if name == "" || repoURL == "" {
data["Error"] = "Name and repository URL are required" data["Error"] = "Name and repository URL are required"
@ -150,7 +150,7 @@ func (h *Handlers) HandleAppDetail() http.HandlerFunc {
"WebhookURL": webhookURL, "WebhookURL": webhookURL,
"DeployKey": deployKey, "DeployKey": deployKey,
"Success": request.URL.Query().Get("success"), "Success": request.URL.Query().Get("success"),
}, request) })
err := tmpl.ExecuteTemplate(writer, "app_detail.html", data) err := tmpl.ExecuteTemplate(writer, "app_detail.html", data)
if err != nil { if err != nil {
@ -183,7 +183,7 @@ func (h *Handlers) HandleAppEdit() http.HandlerFunc {
data := h.addGlobals(map[string]any{ data := h.addGlobals(map[string]any{
"App": application, "App": application,
}, request) })
err := tmpl.ExecuteTemplate(writer, "app_edit.html", data) err := tmpl.ExecuteTemplate(writer, "app_edit.html", data)
if err != nil { if err != nil {
@ -241,10 +241,10 @@ func (h *Handlers) HandleAppUpdate() http.HandlerFunc {
if saveErr != nil { if saveErr != nil {
h.log.Error("failed to update app", "error", saveErr) h.log.Error("failed to update app", "error", saveErr)
data := h.addGlobals(map[string]any{ data := map[string]any{
"App": application, "App": application,
"Error": "Failed to update app", "Error": "Failed to update app",
}, request) }
_ = tmpl.ExecuteTemplate(writer, "app_edit.html", data) _ = tmpl.ExecuteTemplate(writer, "app_edit.html", data)
return return
@ -267,29 +267,6 @@ func (h *Handlers) HandleAppDelete() http.HandlerFunc {
return return
} }
// Stop and remove the Docker container before deleting the DB record
containerInfo, containerErr := h.docker.FindContainerByAppID(request.Context(), appID)
if containerErr == nil && containerInfo != nil {
if containerInfo.Running {
stopErr := h.docker.StopContainer(request.Context(), containerInfo.ID)
if stopErr != nil {
h.log.Error("failed to stop container during app deletion",
"error", stopErr, "app", application.Name,
"container", containerInfo.ID)
}
}
removeErr := h.docker.RemoveContainer(request.Context(), containerInfo.ID, true)
if removeErr != nil {
h.log.Error("failed to remove container during app deletion",
"error", removeErr, "app", application.Name,
"container", containerInfo.ID)
} else {
h.log.Info("removed container during app deletion",
"app", application.Name, "container", containerInfo.ID)
}
}
deleteErr := application.Delete(request.Context()) deleteErr := application.Delete(request.Context())
if deleteErr != nil { if deleteErr != nil {
h.log.Error("failed to delete app", "error", deleteErr) h.log.Error("failed to delete app", "error", deleteErr)
@ -360,7 +337,7 @@ func (h *Handlers) HandleAppDeployments() http.HandlerFunc {
data := h.addGlobals(map[string]any{ data := h.addGlobals(map[string]any{
"App": application, "App": application,
"Deployments": deployments, "Deployments": deployments,
}, request) })
err := tmpl.ExecuteTemplate(writer, "deployments.html", data) err := tmpl.ExecuteTemplate(writer, "deployments.html", data)
if err != nil { if err != nil {

6
internal/handlers/auth.go
View File

@ -10,8 +10,8 @@ import (
func (h *Handlers) HandleLoginGET() http.HandlerFunc { func (h *Handlers) HandleLoginGET() http.HandlerFunc {
tmpl := templates.GetParsed() tmpl := templates.GetParsed()
return func(writer http.ResponseWriter, request *http.Request) { return func(writer http.ResponseWriter, _ *http.Request) {
data := h.addGlobals(map[string]any{}, request) data := h.addGlobals(map[string]any{})
err := tmpl.ExecuteTemplate(writer, "login.html", data) err := tmpl.ExecuteTemplate(writer, "login.html", data)
if err != nil { if err != nil {
@ -38,7 +38,7 @@ func (h *Handlers) HandleLoginPOST() http.HandlerFunc {
data := h.addGlobals(map[string]any{ data := h.addGlobals(map[string]any{
"Username": username, "Username": username,
}, request) })
if username == "" || password == "" { if username == "" || password == "" {
data["Error"] = "Username and password are required" data["Error"] = "Username and password are required"

2
internal/handlers/dashboard.go
View File

@ -67,7 +67,7 @@ func (h *Handlers) HandleDashboard() http.HandlerFunc {
data := h.addGlobals(map[string]any{ data := h.addGlobals(map[string]any{
"AppStats": appStats, "AppStats": appStats,
}, request) })
execErr := tmpl.ExecuteTemplate(writer, "dashboard.html", data) execErr := tmpl.ExecuteTemplate(writer, "dashboard.html", data)
if execErr != nil { if execErr != nil {

13
internal/handlers/handlers.go
View File

@ -3,11 +3,9 @@ package handlers
import ( import (
"encoding/json" "encoding/json"
"html/template"
"log/slog" "log/slog"
"net/http" "net/http"
"github.com/gorilla/csrf"
"go.uber.org/fx" "go.uber.org/fx"
"git.eeqj.de/sneak/upaas/internal/database" "git.eeqj.de/sneak/upaas/internal/database"
@ -66,18 +64,11 @@ func New(_ fx.Lifecycle, params Params) (*Handlers, error) {
}, nil }, nil
} }
// addGlobals adds version info and CSRF token to template data map. // addGlobals adds version info to template data map.
func (h *Handlers) addGlobals( func (h *Handlers) addGlobals(data map[string]any) map[string]any {
data map[string]any,
request *http.Request,
) map[string]any {
data["Version"] = h.globals.Version data["Version"] = h.globals.Version
data["Appname"] = h.globals.Appname data["Appname"] = h.globals.Appname
if request != nil {
data["CSRFField"] = template.HTML(csrf.TemplateField(request)) //nolint:gosec // csrf.TemplateField produces safe HTML
}
return data return data
} }

43
internal/handlers/handlers_test.go
View File

@ -450,49 +450,6 @@ func createTestApp(
return createdApp return createdApp
} }
// TestDeleteEnvVarOwnershipVerification tests that deleting an env var
// via another app's URL path returns 404 (IDOR prevention).
func TestHandleWebhookRejectsOversizedBody(t *testing.T) {
t.Parallel()
testCtx := setupTestHandlers(t)
// Create an app first
createdApp, createErr := testCtx.appSvc.CreateApp(
context.Background(),
app.CreateAppInput{
Name: "oversize-test-app",
RepoURL: "git@example.com:user/repo.git",
Branch: "main",
},
)
require.NoError(t, createErr)
// Create a body larger than 1MB - it should be silently truncated
// and the webhook should still process (or fail gracefully on parse)
largePayload := strings.Repeat("x", 2*1024*1024) // 2MB
request := httptest.NewRequest(
http.MethodPost,
"/webhook/"+createdApp.WebhookSecret,
strings.NewReader(largePayload),
)
request = addChiURLParams(
request,
map[string]string{"secret": createdApp.WebhookSecret},
)
request.Header.Set("Content-Type", "application/json")
request.Header.Set("X-Gitea-Event", "push")
recorder := httptest.NewRecorder()
handler := testCtx.handlers.HandleWebhook()
handler.ServeHTTP(recorder, request)
// Should still return OK (payload is truncated and fails JSON parse,
// but webhook service handles invalid JSON gracefully)
assert.Equal(t, http.StatusOK, recorder.Code)
}
// TestDeleteEnvVarOwnershipVerification tests that deleting an env var // TestDeleteEnvVarOwnershipVerification tests that deleting an env var
// via another app's URL path returns 404 (IDOR prevention). // via another app's URL path returns 404 (IDOR prevention).
func TestDeleteEnvVarOwnershipVerification(t *testing.T) { func TestDeleteEnvVarOwnershipVerification(t *testing.T) {

12
internal/handlers/setup.go
View File

@ -15,8 +15,8 @@ const (
func (h *Handlers) HandleSetupGET() http.HandlerFunc { func (h *Handlers) HandleSetupGET() http.HandlerFunc {
tmpl := templates.GetParsed() tmpl := templates.GetParsed()
return func(writer http.ResponseWriter, request *http.Request) { return func(writer http.ResponseWriter, _ *http.Request) {
data := h.addGlobals(map[string]any{}, request) data := h.addGlobals(map[string]any{})
err := tmpl.ExecuteTemplate(writer, "setup.html", data) err := tmpl.ExecuteTemplate(writer, "setup.html", data)
if err != nil { if err != nil {
@ -54,14 +54,13 @@ func validateSetupForm(formData setupFormData) string {
func (h *Handlers) renderSetupError( func (h *Handlers) renderSetupError(
tmpl *templates.TemplateExecutor, tmpl *templates.TemplateExecutor,
writer http.ResponseWriter, writer http.ResponseWriter,
request *http.Request,
username string, username string,
errorMsg string, errorMsg string,
) { ) {
data := h.addGlobals(map[string]any{ data := h.addGlobals(map[string]any{
"Username": username, "Username": username,
"Error": errorMsg, "Error": errorMsg,
}, request) })
_ = tmpl.ExecuteTemplate(writer, "setup.html", data) _ = tmpl.ExecuteTemplate(writer, "setup.html", data)
} }
@ -84,7 +83,7 @@ func (h *Handlers) HandleSetupPOST() http.HandlerFunc {
} }
if validationErr := validateSetupForm(formData); validationErr != "" { if validationErr := validateSetupForm(formData); validationErr != "" {
h.renderSetupError(tmpl, writer, request, formData.username, validationErr) h.renderSetupError(tmpl, writer, formData.username, validationErr)
return return
} }
@ -96,7 +95,7 @@ func (h *Handlers) HandleSetupPOST() http.HandlerFunc {
) )
if createErr != nil { if createErr != nil {
h.log.Error("failed to create user", "error", createErr) h.log.Error("failed to create user", "error", createErr)
h.renderSetupError(tmpl, writer, request, formData.username, "Failed to create user") h.renderSetupError(tmpl, writer, formData.username, "Failed to create user")
return return
} }
@ -107,7 +106,6 @@ func (h *Handlers) HandleSetupPOST() http.HandlerFunc {
h.renderSetupError( h.renderSetupError(
tmpl, tmpl,
writer, writer,
request,
formData.username, formData.username,
"Failed to create session", "Failed to create session",
) )

7
internal/handlers/webhook.go
View File

@ -9,9 +9,6 @@ import (
"git.eeqj.de/sneak/upaas/internal/models" "git.eeqj.de/sneak/upaas/internal/models"
) )
// maxWebhookBodySize is the maximum allowed size of a webhook request body (1MB).
const maxWebhookBodySize = 1 << 20
// HandleWebhook handles incoming Gitea webhooks. // HandleWebhook handles incoming Gitea webhooks.
func (h *Handlers) HandleWebhook() http.HandlerFunc { func (h *Handlers) HandleWebhook() http.HandlerFunc {
return func(writer http.ResponseWriter, request *http.Request) { return func(writer http.ResponseWriter, request *http.Request) {
@ -41,8 +38,8 @@ func (h *Handlers) HandleWebhook() http.HandlerFunc {
return return
} }
// Read request body with size limit to prevent memory exhaustion // Read request body
body, readErr := io.ReadAll(io.LimitReader(request.Body, maxWebhookBodySize)) body, readErr := io.ReadAll(request.Body)
if readErr != nil { if readErr != nil {
h.log.Error("failed to read webhook body", "error", readErr) h.log.Error("failed to read webhook body", "error", readErr)
http.Error(writer, "Bad Request", http.StatusBadRequest) http.Error(writer, "Bad Request", http.StatusBadRequest)

10
internal/middleware/middleware.go
View File

@ -10,7 +10,6 @@ import (
"github.com/99designs/basicauth-go" "github.com/99designs/basicauth-go"
"github.com/go-chi/chi/v5/middleware" "github.com/go-chi/chi/v5/middleware"
"github.com/go-chi/cors" "github.com/go-chi/cors"
"github.com/gorilla/csrf"
"go.uber.org/fx" "go.uber.org/fx"
"git.eeqj.de/sneak/upaas/internal/config" "git.eeqj.de/sneak/upaas/internal/config"
@ -153,15 +152,6 @@ func (m *Middleware) SessionAuth() func(http.Handler) http.Handler {
} }
} }
// CSRF returns CSRF protection middleware using gorilla/csrf.
func (m *Middleware) CSRF() func(http.Handler) http.Handler {
return csrf.Protect(
[]byte(m.params.Config.SessionSecret),
csrf.Secure(false), // Allow HTTP for development; reverse proxy handles TLS
csrf.Path("/"),
)
}
// SetupRequired returns middleware that redirects to setup if no user exists. // SetupRequired returns middleware that redirects to setup if no user exists.
func (m *Middleware) SetupRequired() func(http.Handler) http.Handler { func (m *Middleware) SetupRequired() func(http.Handler) http.Handler {
return func(next http.Handler) http.Handler { return func(next http.Handler) http.Handler {

53
internal/models/app.go
View File

@ -10,12 +10,6 @@ import (
"git.eeqj.de/sneak/upaas/internal/database" "git.eeqj.de/sneak/upaas/internal/database"
) )
// appColumns is the standard column list for app queries.
const appColumns = `id, name, repo_url, branch, dockerfile_path, webhook_secret,
ssh_private_key, ssh_public_key, image_id, status,
docker_network, ntfy_topic, slack_webhook, webhook_secret_hash,
created_at, updated_at`
// AppStatus represents the status of an app. // AppStatus represents the status of an app.
type AppStatus string type AppStatus string
@ -37,9 +31,8 @@ type App struct {
RepoURL string RepoURL string
Branch string Branch string
DockerfilePath string DockerfilePath string
WebhookSecret string WebhookSecret string
WebhookSecretHash string SSHPrivateKey string
SSHPrivateKey string
SSHPublicKey string SSHPublicKey string
ImageID sql.NullString ImageID sql.NullString
Status AppStatus Status AppStatus
@ -77,8 +70,11 @@ func (a *App) Delete(ctx context.Context) error {
// Reload refreshes the app from the database. // Reload refreshes the app from the database.
func (a *App) Reload(ctx context.Context) error { func (a *App) Reload(ctx context.Context) error {
row := a.db.QueryRow(ctx, row := a.db.QueryRow(ctx, `
"SELECT "+appColumns+" FROM apps WHERE id = ?", SELECT id, name, repo_url, branch, dockerfile_path, webhook_secret,
ssh_private_key, ssh_public_key, image_id, status,
docker_network, ntfy_topic, slack_webhook, created_at, updated_at
FROM apps WHERE id = ?`,
a.ID, a.ID,
) )
@ -140,13 +136,13 @@ func (a *App) insert(ctx context.Context) error {
INSERT INTO apps ( INSERT INTO apps (
id, name, repo_url, branch, dockerfile_path, webhook_secret, id, name, repo_url, branch, dockerfile_path, webhook_secret,
ssh_private_key, ssh_public_key, image_id, status, ssh_private_key, ssh_public_key, image_id, status,
docker_network, ntfy_topic, slack_webhook, webhook_secret_hash docker_network, ntfy_topic, slack_webhook
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)` ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
_, err := a.db.Exec(ctx, query, _, err := a.db.Exec(ctx, query,
a.ID, a.Name, a.RepoURL, a.Branch, a.DockerfilePath, a.WebhookSecret, a.ID, a.Name, a.RepoURL, a.Branch, a.DockerfilePath, a.WebhookSecret,
a.SSHPrivateKey, a.SSHPublicKey, a.ImageID, a.Status, a.SSHPrivateKey, a.SSHPublicKey, a.ImageID, a.Status,
a.DockerNetwork, a.NtfyTopic, a.SlackWebhook, a.WebhookSecretHash, a.DockerNetwork, a.NtfyTopic, a.SlackWebhook,
) )
if err != nil { if err != nil {
return err return err
@ -181,7 +177,6 @@ func (a *App) scan(row *sql.Row) error {
&a.SSHPrivateKey, &a.SSHPublicKey, &a.SSHPrivateKey, &a.SSHPublicKey,
&a.ImageID, &a.Status, &a.ImageID, &a.Status,
&a.DockerNetwork, &a.NtfyTopic, &a.SlackWebhook, &a.DockerNetwork, &a.NtfyTopic, &a.SlackWebhook,
&a.WebhookSecretHash,
&a.CreatedAt, &a.UpdatedAt, &a.CreatedAt, &a.UpdatedAt,
) )
} }
@ -198,7 +193,6 @@ func scanApps(appDB *database.Database, rows *sql.Rows) ([]*App, error) {
&app.SSHPrivateKey, &app.SSHPublicKey, &app.SSHPrivateKey, &app.SSHPublicKey,
&app.ImageID, &app.Status, &app.ImageID, &app.Status,
&app.DockerNetwork, &app.NtfyTopic, &app.SlackWebhook, &app.DockerNetwork, &app.NtfyTopic, &app.SlackWebhook,
&app.WebhookSecretHash,
&app.CreatedAt, &app.UpdatedAt, &app.CreatedAt, &app.UpdatedAt,
) )
if scanErr != nil { if scanErr != nil {
@ -227,8 +221,11 @@ func FindApp(
app := NewApp(appDB) app := NewApp(appDB)
app.ID = appID app.ID = appID
row := appDB.QueryRow(ctx, row := appDB.QueryRow(ctx, `
"SELECT "+appColumns+" FROM apps WHERE id = ?", SELECT id, name, repo_url, branch, dockerfile_path, webhook_secret,
ssh_private_key, ssh_public_key, image_id, status,
docker_network, ntfy_topic, slack_webhook, created_at, updated_at
FROM apps WHERE id = ?`,
appID, appID,
) )
@ -244,8 +241,7 @@ func FindApp(
return app, nil return app, nil
} }
// FindAppByWebhookSecret finds an app by webhook secret using a SHA-256 hash // FindAppByWebhookSecret finds an app by webhook secret.
// lookup. This avoids SQL string comparison timing side-channels.
// //
//nolint:nilnil // returning nil,nil is idiomatic for "not found" in Active Record //nolint:nilnil // returning nil,nil is idiomatic for "not found" in Active Record
func FindAppByWebhookSecret( func FindAppByWebhookSecret(
@ -254,11 +250,13 @@ func FindAppByWebhookSecret(
secret string, secret string,
) (*App, error) { ) (*App, error) {
app := NewApp(appDB) app := NewApp(appDB)
secretHash := database.HashWebhookSecret(secret)
row := appDB.QueryRow(ctx, row := appDB.QueryRow(ctx, `
"SELECT "+appColumns+" FROM apps WHERE webhook_secret_hash = ?", SELECT id, name, repo_url, branch, dockerfile_path, webhook_secret,
secretHash, ssh_private_key, ssh_public_key, image_id, status,
docker_network, ntfy_topic, slack_webhook, created_at, updated_at
FROM apps WHERE webhook_secret = ?`,
secret,
) )
err := app.scan(row) err := app.scan(row)
@ -275,8 +273,11 @@ func FindAppByWebhookSecret(
// AllApps returns all apps ordered by name. // AllApps returns all apps ordered by name.
func AllApps(ctx context.Context, appDB *database.Database) ([]*App, error) { func AllApps(ctx context.Context, appDB *database.Database) ([]*App, error) {
rows, err := appDB.Query(ctx, rows, err := appDB.Query(ctx, `
"SELECT "+appColumns+" FROM apps ORDER BY name", SELECT id, name, repo_url, branch, dockerfile_path, webhook_secret,
ssh_private_key, ssh_public_key, image_id, status,
docker_network, ntfy_topic, slack_webhook, created_at, updated_at
FROM apps ORDER BY name`,
) )
if err != nil { if err != nil {
return nil, fmt.Errorf("querying all apps: %w", err) return nil, fmt.Errorf("querying all apps: %w", err)

2
internal/models/models_test.go
View File

@ -297,7 +297,6 @@ func TestAllApps(t *testing.T) {
app.Branch = testBranch app.Branch = testBranch
app.DockerfilePath = "Dockerfile" app.DockerfilePath = "Dockerfile"
app.WebhookSecret = "secret-" + strconv.Itoa(idx) app.WebhookSecret = "secret-" + strconv.Itoa(idx)
app.WebhookSecretHash = database.HashWebhookSecret(app.WebhookSecret)
app.SSHPrivateKey = "private" app.SSHPrivateKey = "private"
app.SSHPublicKey = "public" app.SSHPublicKey = "public"
@ -792,7 +791,6 @@ func createTestApp(t *testing.T, testDB *database.Database) *models.App {
app.Branch = testBranch app.Branch = testBranch
app.DockerfilePath = "Dockerfile" app.DockerfilePath = "Dockerfile"
app.WebhookSecret = "secret-" + t.Name() app.WebhookSecret = "secret-" + t.Name()
app.WebhookSecretHash = database.HashWebhookSecret(app.WebhookSecret)
app.SSHPrivateKey = "private" app.SSHPrivateKey = "private"
app.SSHPublicKey = "public" app.SSHPublicKey = "public"

23
internal/server/routes.go
View File

@ -37,22 +37,18 @@ func (s *Server) SetupRoutes() {
http.FileServer(http.FS(static.Static)), http.FileServer(http.FS(static.Static)),
)) ))
// Webhook endpoint (uses secret for auth, not session — no CSRF) // Public routes
s.router.Get("/login", s.handlers.HandleLoginGET())
s.router.Post("/login", s.handlers.HandleLoginPOST())
s.router.Get("/setup", s.handlers.HandleSetupGET())
s.router.Post("/setup", s.handlers.HandleSetupPOST())
// Webhook endpoint (uses secret for auth, not session)
s.router.Post("/webhook/{secret}", s.handlers.HandleWebhook()) s.router.Post("/webhook/{secret}", s.handlers.HandleWebhook())
// All HTML-serving routes get CSRF protection // Protected routes (require session auth)
s.router.Group(func(r chi.Router) { s.router.Group(func(r chi.Router) {
r.Use(s.mw.CSRF()) r.Use(s.mw.SessionAuth())
// Public routes
r.Get("/login", s.handlers.HandleLoginGET())
r.Post("/login", s.handlers.HandleLoginPOST())
r.Get("/setup", s.handlers.HandleSetupGET())
r.Post("/setup", s.handlers.HandleSetupPOST())
// Protected routes (require session auth)
r.Group(func(r chi.Router) {
r.Use(s.mw.SessionAuth())
// Dashboard // Dashboard
r.Get("/", s.handlers.HandleDashboard()) r.Get("/", s.handlers.HandleDashboard())
@ -94,7 +90,6 @@ func (s *Server) SetupRoutes() {
// Ports // Ports
r.Post("/apps/{id}/ports", s.handlers.HandlePortAdd()) r.Post("/apps/{id}/ports", s.handlers.HandlePortAdd())
r.Post("/apps/{id}/ports/{portID}/delete", s.handlers.HandlePortDelete()) r.Post("/apps/{id}/ports/{portID}/delete", s.handlers.HandlePortDelete())
})
}) })
// Metrics endpoint (optional, with basic auth) // Metrics endpoint (optional, with basic auth)

2
internal/service/app/app.go
View File

@ -11,7 +11,6 @@ import (
"github.com/google/uuid" "github.com/google/uuid"
"github.com/oklog/ulid/v2" "github.com/oklog/ulid/v2"
"go.uber.org/fx" "go.uber.org/fx"
"git.eeqj.de/sneak/upaas/internal/database" "git.eeqj.de/sneak/upaas/internal/database"
@ -83,7 +82,6 @@ func (svc *Service) CreateApp(
} }
app.WebhookSecret = uuid.New().String() app.WebhookSecret = uuid.New().String()
app.WebhookSecretHash = database.HashWebhookSecret(app.WebhookSecret)
app.SSHPrivateKey = keyPair.PrivateKey app.SSHPrivateKey = keyPair.PrivateKey
app.SSHPublicKey = keyPair.PublicKey app.SSHPublicKey = keyPair.PublicKey
app.Status = models.AppStatusPending app.Status = models.AppStatusPending

1
internal/service/auth/auth.go
View File

@ -73,7 +73,6 @@ func New(_ fx.Lifecycle, params ServiceParams) (*Service, error) {
Path: "/", Path: "/",
MaxAge: sessionMaxAgeSeconds, MaxAge: sessionMaxAgeSeconds,
HttpOnly: true, HttpOnly: true,
Secure: !params.Config.Debug,
SameSite: http.SameSiteLaxMode, SameSite: http.SameSiteLaxMode,
} }

70
internal/service/auth/auth_test.go
View File

@ -2,8 +2,6 @@ package auth_test
import ( import (
"context" "context"
"net/http"
"net/http/httptest"
"path/filepath" "path/filepath"
"testing" "testing"
@ -70,74 +68,6 @@ func setupTestService(t *testing.T) (*auth.Service, func()) {
return svc, cleanup return svc, cleanup
} }
func TestSessionCookieSecureFlag(testingT *testing.T) {
testingT.Parallel()
testingT.Run("secure flag is true when debug is false", func(t *testing.T) {
t.Parallel()
tmpDir := t.TempDir()
globals.SetAppname("upaas-test")
globals.SetVersion("test")
globalsInst, err := globals.New(fx.Lifecycle(nil))
require.NoError(t, err)
loggerInst, err := logger.New(
fx.Lifecycle(nil),
logger.Params{Globals: globalsInst},
)
require.NoError(t, err)
cfg := &config.Config{
Port: 8080,
DataDir: tmpDir,
SessionSecret: "test-secret-key-at-least-32-chars",
Debug: false,
}
dbInst, err := database.New(fx.Lifecycle(nil), database.Params{
Logger: loggerInst,
Config: cfg,
})
require.NoError(t, err)
svc, err := auth.New(fx.Lifecycle(nil), auth.ServiceParams{
Logger: loggerInst,
Config: cfg,
Database: dbInst,
})
require.NoError(t, err)
// Create user and session, check cookie has Secure flag
_, err = svc.CreateUser(context.Background(), "admin", "password123")
require.NoError(t, err)
user, err := svc.Authenticate(context.Background(), "admin", "password123")
require.NoError(t, err)
recorder := httptest.NewRecorder()
request := httptest.NewRequest(http.MethodGet, "/", nil)
err = svc.CreateSession(recorder, request, user)
require.NoError(t, err)
cookies := recorder.Result().Cookies()
require.NotEmpty(t, cookies)
var sessionCookie *http.Cookie
for _, c := range cookies {
if c.Name == "upaas_session" {
sessionCookie = c
break
}
}
require.NotNil(t, sessionCookie, "session cookie should exist")
assert.True(t, sessionCookie.Secure, "session cookie should have Secure flag in production mode")
})
}
func TestHashPassword(testingT *testing.T) { func TestHashPassword(testingT *testing.T) {
testingT.Parallel() testingT.Parallel()

1
internal/service/webhook/webhook_test.go
View File

@ -91,7 +91,6 @@ func createTestApp(
app.Branch = branch app.Branch = branch
app.DockerfilePath = "Dockerfile" app.DockerfilePath = "Dockerfile"
app.WebhookSecret = "webhook-secret-123" app.WebhookSecret = "webhook-secret-123"
app.WebhookSecretHash = database.HashWebhookSecret(app.WebhookSecret)
app.SSHPrivateKey = "private-key" app.SSHPrivateKey = "private-key"
app.SSHPublicKey = "public-key" app.SSHPublicKey = "public-key"
app.Status = models.AppStatusPending app.Status = models.AppStatusPending

69
static/js/app.js
View File

@ -61,21 +61,15 @@ document.addEventListener("alpine:init", () => {
*/ */
scrollToBottom(el) { scrollToBottom(el) {
if (el) { if (el) {
// Use double RAF to ensure DOM has fully updated and reflowed
requestAnimationFrame(() => { requestAnimationFrame(() => {
el.scrollTop = el.scrollHeight; requestAnimationFrame(() => {
el.scrollTop = el.scrollHeight;
});
}); });
} }
}, },
/**
* Check if a scrollable element is at (or near) the bottom.
* Tolerance of 30px accounts for rounding and partial lines.
*/
isScrolledToBottom(el, tolerance = 30) {
if (!el) return true;
return el.scrollHeight - el.scrollTop - el.clientHeight <= tolerance;
},
/** /**
* Copy text to clipboard * Copy text to clipboard
*/ */
@ -182,27 +176,11 @@ document.addEventListener("alpine:init", () => {
showBuildLogs: !!config.initialDeploymentId, showBuildLogs: !!config.initialDeploymentId,
deploying: false, deploying: false,
deployments: [], deployments: [],
// Track whether user wants auto-scroll (per log pane)
_containerAutoScroll: true,
_buildAutoScroll: true,
init() { init() {
this.deploying = Alpine.store("utils").isDeploying(this.appStatus); this.deploying = Alpine.store("utils").isDeploying(this.appStatus);
this.fetchAll(); this.fetchAll();
setInterval(() => this.fetchAll(), 1000); setInterval(() => this.fetchAll(), 1000);
// Set up scroll listeners after DOM is ready
this.$nextTick(() => {
this._initScrollTracking(this.$refs.containerLogsWrapper, '_containerAutoScroll');
this._initScrollTracking(this.$refs.buildLogsWrapper, '_buildAutoScroll');
});
},
_initScrollTracking(el, flag) {
if (!el) return;
el.addEventListener('scroll', () => {
this[flag] = Alpine.store("utils").isScrolledToBottom(el);
}, { passive: true });
}, },
fetchAll() { fetchAll() {
@ -236,15 +214,11 @@ document.addEventListener("alpine:init", () => {
try { try {
const res = await fetch(`/apps/${this.appId}/container-logs`); const res = await fetch(`/apps/${this.appId}/container-logs`);
const data = await res.json(); const data = await res.json();
const newLogs = data.logs || "No logs available"; this.containerLogs = data.logs || "No logs available";
const changed = newLogs !== this.containerLogs;
this.containerLogs = newLogs;
this.containerStatus = data.status; this.containerStatus = data.status;
if (changed && this._containerAutoScroll) { this.$nextTick(() => {
this.$nextTick(() => { Alpine.store("utils").scrollToBottom(this.$refs.containerLogsWrapper);
Alpine.store("utils").scrollToBottom(this.$refs.containerLogsWrapper); });
});
}
} catch (err) { } catch (err) {
this.containerLogs = "Failed to fetch logs"; this.containerLogs = "Failed to fetch logs";
} }
@ -257,15 +231,11 @@ document.addEventListener("alpine:init", () => {
`/apps/${this.appId}/deployments/${this.currentDeploymentId}/logs`, `/apps/${this.appId}/deployments/${this.currentDeploymentId}/logs`,
); );
const data = await res.json(); const data = await res.json();
const newLogs = data.logs || "No build logs available"; this.buildLogs = data.logs || "No build logs available";
const changed = newLogs !== this.buildLogs;
this.buildLogs = newLogs;
this.buildStatus = data.status; this.buildStatus = data.status;
if (changed && this._buildAutoScroll) { this.$nextTick(() => {
this.$nextTick(() => { Alpine.store("utils").scrollToBottom(this.$refs.buildLogsWrapper);
Alpine.store("utils").scrollToBottom(this.$refs.buildLogsWrapper); });
});
}
} catch (err) { } catch (err) {
this.buildLogs = "Failed to fetch logs"; this.buildLogs = "Failed to fetch logs";
} }
@ -336,23 +306,12 @@ document.addEventListener("alpine:init", () => {
logs: "", logs: "",
status: config.status || "", status: config.status || "",
pollInterval: null, pollInterval: null,
_autoScroll: true,
init() { init() {
// Read initial logs from script tag (avoids escaping issues) // Read initial logs from script tag (avoids escaping issues)
const initialLogsEl = this.$el.querySelector(".initial-logs"); const initialLogsEl = this.$el.querySelector(".initial-logs");
this.logs = initialLogsEl?.textContent || "Loading..."; this.logs = initialLogsEl?.textContent || "Loading...";
// Set up scroll tracking
this.$nextTick(() => {
const wrapper = this.$refs.logsWrapper;
if (wrapper) {
wrapper.addEventListener('scroll', () => {
this._autoScroll = Alpine.store("utils").isScrolledToBottom(wrapper);
}, { passive: true });
}
});
// Only poll if deployment is in progress // Only poll if deployment is in progress
if (Alpine.store("utils").isDeploying(this.status)) { if (Alpine.store("utils").isDeploying(this.status)) {
this.fetchLogs(); this.fetchLogs();
@ -377,8 +336,8 @@ document.addEventListener("alpine:init", () => {
this.logs = newLogs; this.logs = newLogs;
this.status = data.status; this.status = data.status;
// Scroll to bottom only when content changes AND user hasn't scrolled up // Scroll to bottom only when content changes
if (logsChanged && this._autoScroll) { if (logsChanged) {
this.$nextTick(() => { this.$nextTick(() => {
Alpine.store("utils").scrollToBottom(this.$refs.logsWrapper); Alpine.store("utils").scrollToBottom(this.$refs.logsWrapper);
}); });

36
templates/app_detail.html
View File

@ -35,7 +35,6 @@
<div class="flex gap-3"> <div class="flex gap-3">
<a href="/apps/{{.App.ID}}/edit" class="btn-secondary">Edit</a> <a href="/apps/{{.App.ID}}/edit" class="btn-secondary">Edit</a>
<form method="POST" action="/apps/{{.App.ID}}/deploy" class="inline" @submit="submitDeploy()"> <form method="POST" action="/apps/{{.App.ID}}/deploy" class="inline" @submit="submitDeploy()">
{{ .CSRFField }}
<button type="submit" class="btn-success" x-bind:disabled="deploying" x-bind:class="{ 'opacity-50 cursor-not-allowed': deploying }"> <button type="submit" class="btn-success" x-bind:disabled="deploying" x-bind:class="{ 'opacity-50 cursor-not-allowed': deploying }">
<span x-text="deploying ? 'Deploying...' : 'Deploy Now'"></span> <span x-text="deploying ? 'Deploying...' : 'Deploy Now'"></span>
</button> </button>
@ -107,7 +106,6 @@
<td class="font-mono text-gray-500">{{.Value}}</td> <td class="font-mono text-gray-500">{{.Value}}</td>
<td class="text-right"> <td class="text-right">
<form method="POST" action="/apps/{{$.App.ID}}/env/{{.ID}}/delete" class="inline" x-data="confirmAction('Delete this environment variable?')" @submit="confirm($event)"> <form method="POST" action="/apps/{{$.App.ID}}/env/{{.ID}}/delete" class="inline" x-data="confirmAction('Delete this environment variable?')" @submit="confirm($event)">
{{ .CSRFField }}
<button type="submit" class="text-error-500 hover:text-error-700 text-sm">Delete</button> <button type="submit" class="text-error-500 hover:text-error-700 text-sm">Delete</button>
</form> </form>
</td> </td>
@ -118,7 +116,6 @@
</div> </div>
{{end}} {{end}}
<form method="POST" action="/apps/{{.App.ID}}/env" class="flex flex-col sm:flex-row gap-2"> <form method="POST" action="/apps/{{.App.ID}}/env" class="flex flex-col sm:flex-row gap-2">
{{ .CSRFField }}
<input type="text" name="key" placeholder="KEY" required class="input flex-1 font-mono text-sm"> <input type="text" name="key" placeholder="KEY" required class="input flex-1 font-mono text-sm">
<input type="text" name="value" placeholder="value" required class="input flex-1 font-mono text-sm"> <input type="text" name="value" placeholder="value" required class="input flex-1 font-mono text-sm">
<button type="submit" class="btn-primary">Add</button> <button type="submit" class="btn-primary">Add</button>
@ -152,7 +149,6 @@
<td class="font-mono text-gray-500">{{.Value}}</td> <td class="font-mono text-gray-500">{{.Value}}</td>
<td class="text-right"> <td class="text-right">
<form method="POST" action="/apps/{{$.App.ID}}/labels/{{.ID}}/delete" class="inline" x-data="confirmAction('Delete this label?')" @submit="confirm($event)"> <form method="POST" action="/apps/{{$.App.ID}}/labels/{{.ID}}/delete" class="inline" x-data="confirmAction('Delete this label?')" @submit="confirm($event)">
{{ .CSRFField }}
<button type="submit" class="text-error-500 hover:text-error-700 text-sm">Delete</button> <button type="submit" class="text-error-500 hover:text-error-700 text-sm">Delete</button>
</form> </form>
</td> </td>
@ -162,7 +158,6 @@
</table> </table>
</div> </div>
<form method="POST" action="/apps/{{.App.ID}}/labels" class="flex flex-col sm:flex-row gap-2"> <form method="POST" action="/apps/{{.App.ID}}/labels" class="flex flex-col sm:flex-row gap-2">
{{ .CSRFField }}
<input type="text" name="key" placeholder="label.key" required class="input flex-1 font-mono text-sm"> <input type="text" name="key" placeholder="label.key" required class="input flex-1 font-mono text-sm">
<input type="text" name="value" placeholder="value" required class="input flex-1 font-mono text-sm"> <input type="text" name="value" placeholder="value" required class="input flex-1 font-mono text-sm">
<button type="submit" class="btn-primary">Add</button> <button type="submit" class="btn-primary">Add</button>
@ -197,7 +192,6 @@
</td> </td>
<td class="text-right"> <td class="text-right">
<form method="POST" action="/apps/{{$.App.ID}}/volumes/{{.ID}}/delete" class="inline" x-data="confirmAction('Delete this volume mount?')" @submit="confirm($event)"> <form method="POST" action="/apps/{{$.App.ID}}/volumes/{{.ID}}/delete" class="inline" x-data="confirmAction('Delete this volume mount?')" @submit="confirm($event)">
{{ .CSRFField }}
<button type="submit" class="text-error-500 hover:text-error-700 text-sm">Delete</button> <button type="submit" class="text-error-500 hover:text-error-700 text-sm">Delete</button>
</form> </form>
</td> </td>
@ -208,7 +202,6 @@
</div> </div>
{{end}} {{end}}
<form method="POST" action="/apps/{{.App.ID}}/volumes" class="flex flex-col sm:flex-row gap-2 items-end"> <form method="POST" action="/apps/{{.App.ID}}/volumes" class="flex flex-col sm:flex-row gap-2 items-end">
{{ .CSRFField }}
<div class="flex-1 w-full"> <div class="flex-1 w-full">
<input type="text" name="host_path" placeholder="/host/path" required class="input font-mono text-sm"> <input type="text" name="host_path" placeholder="/host/path" required class="input font-mono text-sm">
</div> </div>
@ -251,7 +244,6 @@
</td> </td>
<td class="text-right"> <td class="text-right">
<form method="POST" action="/apps/{{$.App.ID}}/ports/{{.ID}}/delete" class="inline" x-data="confirmAction('Delete this port mapping?')" @submit="confirm($event)"> <form method="POST" action="/apps/{{$.App.ID}}/ports/{{.ID}}/delete" class="inline" x-data="confirmAction('Delete this port mapping?')" @submit="confirm($event)">
{{ .CSRFField }}
<button type="submit" class="text-error-500 hover:text-error-700 text-sm">Delete</button> <button type="submit" class="text-error-500 hover:text-error-700 text-sm">Delete</button>
</form> </form>
</td> </td>
@ -262,7 +254,6 @@
</div> </div>
{{end}} {{end}}
<form method="POST" action="/apps/{{.App.ID}}/ports" class="flex flex-col sm:flex-row gap-2 items-end"> <form method="POST" action="/apps/{{.App.ID}}/ports" class="flex flex-col sm:flex-row gap-2 items-end">
{{ .CSRFField }}
<div class="flex-1 w-full"> <div class="flex-1 w-full">
<label class="block text-xs text-gray-500 mb-1">Host (external)</label> <label class="block text-xs text-gray-500 mb-1">Host (external)</label>
<input type="text" name="host_port" placeholder="8080" required pattern="[0-9]+" class="input font-mono text-sm"> <input type="text" name="host_port" placeholder="8080" required pattern="[0-9]+" class="input font-mono text-sm">
@ -288,17 +279,8 @@
<h2 class="section-title">Container Logs</h2> <h2 class="section-title">Container Logs</h2>
<span x-bind:class="containerStatusBadgeClass" x-text="containerStatusLabel"></span> <span x-bind:class="containerStatusBadgeClass" x-text="containerStatusLabel"></span>
</div> </div>
<div class="relative"> <div x-ref="containerLogsWrapper" class="bg-gray-900 rounded-lg p-4 overflow-auto" style="max-height: 400px;">
<div x-ref="containerLogsWrapper" class="bg-gray-900 rounded-lg p-4 overflow-y-auto" style="max-height: 400px;"> <pre class="text-gray-100 text-xs font-mono whitespace-pre-wrap" x-text="containerLogs"></pre>
<pre class="text-gray-100 text-xs font-mono whitespace-pre-wrap break-words m-0" x-text="containerLogs"></pre>
</div>
<button
x-show="!_containerAutoScroll"
x-transition
@click="_containerAutoScroll = true; Alpine.store('utils').scrollToBottom($refs.containerLogsWrapper)"
class="absolute bottom-2 right-4 bg-primary-600 hover:bg-primary-700 text-white text-xs px-3 py-1 rounded-full shadow-lg opacity-90 hover:opacity-100 transition"
title="Scroll to bottom"
>↓ Follow</button>
</div> </div>
</div> </div>
@ -347,17 +329,8 @@
<h2 class="section-title">Last Deployment Build Logs</h2> <h2 class="section-title">Last Deployment Build Logs</h2>
<span x-bind:class="buildStatusBadgeClass" x-text="buildStatusLabel"></span> <span x-bind:class="buildStatusBadgeClass" x-text="buildStatusLabel"></span>
</div> </div>
<div class="relative"> <div x-ref="buildLogsWrapper" class="bg-gray-900 rounded-lg p-4 overflow-auto" style="max-height: 400px;">
<div x-ref="buildLogsWrapper" class="bg-gray-900 rounded-lg p-4 overflow-y-auto" style="max-height: 400px;"> <pre class="text-gray-100 text-xs font-mono whitespace-pre-wrap" x-text="buildLogs"></pre>
<pre class="text-gray-100 text-xs font-mono whitespace-pre-wrap break-words m-0" x-text="buildLogs"></pre>
</div>
<button
x-show="!_buildAutoScroll"
x-transition
@click="_buildAutoScroll = true; Alpine.store('utils').scrollToBottom($refs.buildLogsWrapper)"
class="absolute bottom-2 right-4 bg-primary-600 hover:bg-primary-700 text-white text-xs px-3 py-1 rounded-full shadow-lg opacity-90 hover:opacity-100 transition"
title="Scroll to bottom"
>↓ Follow</button>
</div> </div>
</div> </div>
@ -366,7 +339,6 @@
<h2 class="text-lg font-medium text-error-700 mb-4">Danger Zone</h2> <h2 class="text-lg font-medium text-error-700 mb-4">Danger Zone</h2>
<p class="text-error-600 text-sm mb-4">Deleting this app will remove all configuration and deployment history. This action cannot be undone.</p> <p class="text-error-600 text-sm mb-4">Deleting this app will remove all configuration and deployment history. This action cannot be undone.</p>
<form method="POST" action="/apps/{{.App.ID}}/delete" x-data="confirmAction('Are you sure you want to delete this app? This action cannot be undone.')" @submit="confirm($event)"> <form method="POST" action="/apps/{{.App.ID}}/delete" x-data="confirmAction('Are you sure you want to delete this app? This action cannot be undone.')" @submit="confirm($event)">
{{ .CSRFField }}
<button type="submit" class="btn-danger">Delete App</button> <button type="submit" class="btn-danger">Delete App</button>
</form> </form>
</div> </div>

1
templates/app_edit.html
View File

@ -21,7 +21,6 @@
{{template "alert-error" .}} {{template "alert-error" .}}
<form method="POST" action="/apps/{{.App.ID}}" class="space-y-6"> <form method="POST" action="/apps/{{.App.ID}}" class="space-y-6">
{{ .CSRFField }}
<div class="form-group"> <div class="form-group">
<label for="name" class="label">App Name</label> <label for="name" class="label">App Name</label>
<input <input

1
templates/app_new.html
View File

@ -21,7 +21,6 @@
{{template "alert-error" .}} {{template "alert-error" .}}
<form method="POST" action="/apps" class="space-y-6"> <form method="POST" action="/apps" class="space-y-6">
{{ .CSRFField }}
<div class="form-group"> <div class="form-group">
<label for="name" class="label">App Name</label> <label for="name" class="label">App Name</label>
<input <input

1
templates/base.html
View File

@ -32,7 +32,6 @@
New App New App
</a> </a>
<form method="POST" action="/logout" class="inline"> <form method="POST" action="/logout" class="inline">
{{ .CSRFField }}
<button type="submit" class="btn-text">Logout</button> <button type="submit" class="btn-text">Logout</button>
</form> </form>
</div> </div>

1
templates/dashboard.html
View File

@ -69,7 +69,6 @@
<a href="/apps/{{.App.ID}}" class="btn-text text-sm py-1 px-2">View</a> <a href="/apps/{{.App.ID}}" class="btn-text text-sm py-1 px-2">View</a>
<a href="/apps/{{.App.ID}}/edit" class="btn-secondary text-sm py-1 px-2">Edit</a> <a href="/apps/{{.App.ID}}/edit" class="btn-secondary text-sm py-1 px-2">Edit</a>
<form method="POST" action="/apps/{{.App.ID}}/deploy" class="inline"> <form method="POST" action="/apps/{{.App.ID}}/deploy" class="inline">
{{ .CSRFField }}
<button type="submit" class="btn-success text-sm py-1 px-2">Deploy</button> <button type="submit" class="btn-success text-sm py-1 px-2">Deploy</button>
</form> </form>
</div> </div>

15
templates/deployments.html
View File

@ -18,7 +18,6 @@
<div class="section-header"> <div class="section-header">
<h1 class="text-2xl font-medium text-gray-900">Deployment History</h1> <h1 class="text-2xl font-medium text-gray-900">Deployment History</h1>
<form method="POST" action="/apps/{{.App.ID}}/deploy" @submit="submitDeploy()"> <form method="POST" action="/apps/{{.App.ID}}/deploy" @submit="submitDeploy()">
{{ .CSRFField }}
<button type="submit" class="btn-success" x-bind:disabled="isDeploying" x-bind:class="{ 'opacity-50 cursor-not-allowed': isDeploying }"> <button type="submit" class="btn-success" x-bind:disabled="isDeploying" x-bind:class="{ 'opacity-50 cursor-not-allowed': isDeploying }">
<span x-text="isDeploying ? 'Deploying...' : 'Deploy Now'"></span> <span x-text="isDeploying ? 'Deploying...' : 'Deploy Now'"></span>
</button> </button>
@ -86,17 +85,8 @@
</a> </a>
{{end}} {{end}}
</div> </div>
<div class="relative"> <div x-ref="logsWrapper" class="bg-gray-900 rounded-lg p-4 overflow-auto" style="max-height: 400px;">
<div x-ref="logsWrapper" class="bg-gray-900 rounded-lg p-4 overflow-y-auto" style="max-height: 400px;"> <pre class="text-gray-100 text-xs font-mono whitespace-pre-wrap" x-text="logs"></pre>
<pre class="text-gray-100 text-xs font-mono whitespace-pre-wrap break-words m-0" x-text="logs"></pre>
</div>
<button
x-show="!_autoScroll"
x-transition
@click="_autoScroll = true; Alpine.store('utils').scrollToBottom($refs.logsWrapper)"
class="absolute bottom-2 right-4 bg-primary-600 hover:bg-primary-700 text-white text-xs px-3 py-1 rounded-full shadow-lg opacity-90 hover:opacity-100 transition"
title="Scroll to bottom"
>↓ Follow</button>
</div> </div>
{{if .Logs.Valid}}<script type="text/plain" class="initial-logs">{{.Logs.String}}</script>{{end}} {{if .Logs.Valid}}<script type="text/plain" class="initial-logs">{{.Logs.String}}</script>{{end}}
</div> </div>
@ -113,7 +103,6 @@
<p class="empty-state-description">Deploy your application to see the deployment history here.</p> <p class="empty-state-description">Deploy your application to see the deployment history here.</p>
<div class="mt-6"> <div class="mt-6">
<form method="POST" action="/apps/{{.App.ID}}/deploy" @submit="submitDeploy()"> <form method="POST" action="/apps/{{.App.ID}}/deploy" @submit="submitDeploy()">
{{ .CSRFField }}
<button type="submit" class="btn-success" x-bind:disabled="isDeploying" x-bind:class="{ 'opacity-50 cursor-not-allowed': isDeploying }"> <button type="submit" class="btn-success" x-bind:disabled="isDeploying" x-bind:class="{ 'opacity-50 cursor-not-allowed': isDeploying }">
<span x-text="isDeploying ? 'Deploying...' : 'Deploy Now'"></span> <span x-text="isDeploying ? 'Deploying...' : 'Deploy Now'"></span>
</button> </button>

1
templates/login.html
View File

@ -14,7 +14,6 @@
{{template "alert-error" .}} {{template "alert-error" .}}
<form method="POST" action="/login" class="space-y-6"> <form method="POST" action="/login" class="space-y-6">
{{ .CSRFField }}
<div class="form-group"> <div class="form-group">
<label for="username" class="label">Username</label> <label for="username" class="label">Username</label>
<input <input

1
templates/setup.html
View File

@ -14,7 +14,6 @@
{{template "alert-error" .}} {{template "alert-error" .}}
<form method="POST" action="/setup" class="space-y-6"> <form method="POST" action="/setup" class="space-y-6">
{{ .CSRFField }}
<div class="form-group"> <div class="form-group">
<label for="username" class="label">Username</label> <label for="username" class="label">Username</label>
<input <input