Commit graph

949 commits

Author SHA1 Message Date
courtmanr@gmail.com
30d2d4ecd3 chore: remove outdated docs, update cleanup script and release workflow 2025-11-24 19:14:54 +00:00
courtmanr@gmail.com
875c64ecbc Fix workflow name in trigger-release.sh 2025-11-24 18:10:13 +00:00
courtmanr@gmail.com
561db13f23 Bump version to 4.32.7 2025-11-24 18:06:14 +00:00
courtmanr@gmail.com
5031ba481b Fix: Allow double slashes in install script URLs 2025-11-24 17:58:00 +00:00
courtmanr@gmail.com
6b84b9a2bf Add PULSE_AUTH_HIDE_LOCAL_LOGIN option to hide password form
Implements #750 - allows hiding the username/password login form when
using OIDC SSO to avoid user confusion, while maintaining security.

- Added HideLocalLogin config option (env: PULSE_AUTH_HIDE_LOCAL_LOGIN)
- Exposed hideLocalLogin in /api/security/status endpoint
- Updated Login.tsx to conditionally hide local login form
- Added escape hatch via ?show_local=true URL parameter

This approach avoids the security and upgrade issues that led to
DISABLE_AUTH being removed (see #707, #678), while solving the UX
problem of users being confused by multiple login options.
2025-11-24 17:40:43 +00:00
courtmanr@gmail.com
9caba86389 Fix #735: Allow HEAD requests for download endpoints and fix routing
- Allow HEAD requests in addition to GET for all download handlers
  (install scripts, binaries, checksums) to prevent 405 errors
- Add /uninstall-host-agent.sh to special routes in ServeHTTP
- Add test coverage for HEAD request handling
- Resolves 'method not allowed' errors during agent installation
2025-11-24 15:16:14 +00:00
courtmanr@gmail.com
07d8381858 Fix host agent registration verification issues (#746)
- Change default server listen addresses to empty string (listen on all interfaces including IPv6)
- Add short hostname matching fallback in host lookup API to handle FQDN vs short name mismatches
- Implement retry loop (30s) in both Windows and Linux/macOS installers for registration verification
- Fix lint errors: remove unnecessary fmt.Sprintf and nil checks before len()

This resolves the 'Installer could not yet confirm host registration with Pulse' warning
by addressing timing issues, hostname matching, and network connectivity.
2025-11-24 14:28:09 +00:00
courtmanr@gmail.com
efad01b717 Fix dashboard layout on wide screens and remove wasted whitespace #643 2025-11-24 08:09:52 +00:00
courtmanr@gmail.com
08a83c9adb Add host agent checksum route and bump version to 4.32.6
- Add /download/pulse-host-agent.sha256 route to serve checksums
- Fixes 'Checksum not available' warning during host agent installation
- Bump version to 4.32.6

Related to #746
2025-11-24 07:57:17 +00:00
courtmanr@gmail.com
60721cbc22 Add mutex protection for config watcher reloads (re #748)
Introduced sync.RWMutex to protect concurrent access to configuration
fields (AuthUser, AuthPass, APITokens) that are modified by the
ConfigWatcher at runtime.

- Added global config.Mu RWMutex in internal/config/config.go
- Protected config updates in ConfigWatcher.reloadConfig() and reloadAPITokens()
- Protected config reads in CheckAuth and all API token handlers
- Protected Router.SetConfig() during full config reloads

This prevents race conditions when .env file changes trigger config
reloads while authentication handlers are reading the same fields.
2025-11-24 07:45:21 +00:00
courtmanr@gmail.com
0c7af34ad2 Implement status bars for Storage, Backups, and Hosts tabs #744 2025-11-23 22:53:33 +00:00
courtmanr@gmail.com
68ffa1bc0b Feat: Add support for Raspberry Pi RP1 ADC temperature sensor (Fixes #745)
- Added 'rp1_adc' to the list of recognized CPU temperature chips
2025-11-23 22:33:16 +00:00
courtmanr@gmail.com
af7eabb56d Fix: Correct context cancellation in loop (Fixes #727)
- Replaced defer in loop with explicit cancellation to avoid resource leak
- Properly tagged issue #727
2025-11-23 22:28:28 +00:00
courtmanr@gmail.com
b34e18e839 Fix: Prevent single node auth failure from disabling global SSH temperature collection
- Removed global legacySSHDisabled flag that was triggered by any single node auth failure
- Changed disableLegacySSHOnAuthFailure to only log warnings
- Fixed potential context leak in monitor.go
- Updated tests to reflect removal of global disable logic
2025-11-23 22:24:15 +00:00
courtmanr@gmail.com
35392c1f96 Improve agent update logging and installer warnings (related to #737) 2025-11-23 22:07:37 +00:00
courtmanr@gmail.com
d0a725fde5 fix: Add dev environment fallback paths for Docker agent downloads
- Add fallback to project root scripts/ directory for install-docker-agent.sh
- Add fallback to project root bin/ directory for pulse-docker-agent binary
- Fixes 404 errors when downloading agent installer and binary in dev mode
- Production paths remain unchanged (/opt/pulse/...)
2025-11-23 16:01:40 +00:00
courtmanr@gmail.com
6e404b24eb Fix install-host-agent.sh function order, remove duplicate, and improve dev serving 2025-11-23 12:27:11 +00:00
courtmanr@gmail.com
4bf9c42dbc Fix temperature collection regression for cluster nodes. Related to #727 2025-11-23 12:13:57 +00:00
rcourtman
0c7b61c989 Fix: let GitHub API create the tag, don't pre-create it
GitHub's API has a quirk: if you POST to /releases with a tag_name
that already exists as a git tag, it creates an 'untagged' release
instead of attaching to the existing tag.

The fix is to let the API create both tag and release together.
2025-11-23 09:51:51 +00:00
rcourtman
9dc7990fbe Add target_commitish to release API call
Without target_commitish, GitHub creates an untagged release
even when the tag exists.
2025-11-23 09:37:35 +00:00
rcourtman
db120a8e9b Fix: use GitHub API directly for release creation
gh release create doesn't work properly when the tag already exists -
it creates an 'untagged' release instead of attaching to the existing tag.

Using the API directly with POST to /releases fixes this.
2025-11-23 09:24:04 +00:00
rcourtman
a5fb98e7c6 Fix: create git tag explicitly before release
gh release create with --target was still creating untagged releases.
The fix is to create and push the git tag explicitly first, then
create the release which will properly attach to the existing tag.
2025-11-23 09:09:37 +00:00
rcourtman
b484ba1f5d Fix release workflow to create tag automatically
The workflow was broken because it expected a tag to exist but the
documented process never created one. This caused gh release create
to fail with 'untagged' releases.

Changes:
- Workflow now creates the tag using --target flag
- Simplified release creation logic (no retry loops needed)
- Removed confusing comment about 'tag already exists'

This fixes the fundamental issue where the workflow and documented
process were out of sync.
2025-11-23 08:55:12 +00:00
courtmanr@gmail.com
2c00cd7806 chore(ci): keep release as draft for manual review 2025-11-23 08:25:37 +00:00
courtmanr@gmail.com
53836ea9b0 fix(sensor-proxy): relax pvecm status parsing to support decimal node IDs
Fixes an issue where pvecm status output using decimal node IDs (e.g. '1' instead of '0x1') caused node discovery to fail. Added test case for this format.
2025-11-23 08:21:58 +00:00
courtmanr@gmail.com
dedce8796b fix(ci): robustly handle existing and untagged releases in workflow 2025-11-23 08:05:11 +00:00
courtmanr@gmail.com
413e84b925 Auto-publish release after validation for v4.32.4 2025-11-23 00:21:15 +00:00
courtmanr@gmail.com
2312345a02 feat: add degraded status dot to Proxmox and Docker tabs (fixes #744) 2025-11-23 00:10:58 +00:00
courtmanr@gmail.com
8ab370d4c0 Fix PBS discovery causing auth failures
Increases confidence score for PBS when receiving 401/403 responses to avoid unnecessary probing of other endpoints that trigger auth failure logs.

Fixes #741
2025-11-23 00:08:54 +00:00
courtmanr@gmail.com
6034ba69ea Bump version to 4.32.4 2025-11-22 23:57:08 +00:00
courtmanr@gmail.com
1945795d36 Fix ZFS storage reporting on TrueNAS SCALE (#718)
- Refactor collector to support mocking
- Fix ZFS detection to support 'fuse.zfs' and case-insensitivity
- Add regression tests for ZFS dataset deduplication
2025-11-22 23:53:39 +00:00
courtmanr@gmail.com
b2c4a583f7 Fix pvecm status parsing for QDevice flags (#738) 2025-11-22 23:44:01 +00:00
courtmanr@gmail.com
d5fdf2f471 fix: ensure proxmox nodes are displayed even if cluster endpoints are missing
Fixes #727. Previously, if temperature monitoring was enabled and a node wasn't found in ClusterEndpoints, the entire node processing was skipped. This change ensures we only skip temperature collection.
2025-11-22 23:31:30 +00:00
rcourtman
f8647b53ff Fix mp mount detection pattern for pulse-sensor-proxy
The grep pattern was looking for 'pulse-sensor-proxy' as a standalone
string, but the actual mount line contains paths like:
  mp0: /run/pulse-sensor-proxy,mp=/mnt/pulse-proxy,replicate=0

This caused the removal logic to never execute, leaving the old mp
mount in place and preventing the migration to lxc.mount.entry format.

Changed pattern to match either path component:
- /pulse-sensor-proxy (source path)
- /mnt/pulse-proxy (mount point)

Also removed space after colon in pattern to match actual format.

This completes the fix for temperature proxy setup on LXC containers.
2025-11-22 22:34:26 +00:00
rcourtman
080453b68a Fix LXC config modification for Proxmox pmxcfs filesystem
The /etc/pve/ directory is a clustered FUSE filesystem (pmxcfs) managed
by Proxmox. Direct modifications using sed -i or echo >> don't work
reliably on this filesystem, and LXC config files contain snapshot
sections that must be preserved.

Changes:
- Use temp file approach: copy config, modify temp, copy back to trigger sync
- Only modify main config section (before first [snapshot] marker)
- Properly handle both mp mount removal and lxc.mount.entry addition
- Apply fix to both install.sh and install-sensor-proxy.sh

This fixes temperature proxy setup failures where the socket mount
entry wasn't being persisted to the container configuration.

Related to #628
2025-11-22 22:19:00 +00:00
rcourtman
9b50dec0e4 Align alert grouping defaults with backend 2025-11-22 17:11:52 +00:00
rcourtman
93d8c624b4 Persist PVE fallback host after portless retry 2025-11-22 17:06:15 +00:00
rcourtman
8606bb47cf Handle PVE portless fallback when default port fails 2025-11-22 17:01:16 +00:00
rcourtman
5dbaf7c596 Add OIDC CA bundle support 2025-11-22 09:44:03 +00:00
rcourtman
cd31bdece1 Add log level control to host agent
Related to #742
2025-11-22 07:48:34 +00:00
rcourtman
19a2cac355 Add log level control for docker agent
Related to #742
2025-11-22 07:43:48 +00:00
rcourtman
ee3f1e0cdb Handle standby SMART temps and capture disk identity 2025-11-22 07:35:13 +00:00
rcourtman
bbbb417b01 Prevent token manager auth swap and fix docker agent perms (Related to #740) 2025-11-22 07:18:42 +00:00
rcourtman
5360f05bdd Document TrueNAS exec requirement for host agent 2025-11-21 23:06:22 +00:00
rcourtman
91c51689c9 Guard host-agent installs on noexec filesystems (Related to #718) 2025-11-21 23:00:47 +00:00
rcourtman
6ff54beb38 Handle ignored docker containers during alert reevaluation (related to #561) 2025-11-21 22:19:19 +00:00
rcourtman
6de8df9281 Related to #584 2025-11-21 22:07:06 +00:00
rcourtman
4e68675e0b Add recovery notifications and grouping controls 2025-11-21 22:07:00 +00:00
rcourtman
19408fdb2b Related to #738: make pulse proxy mount migration-safe 2025-11-21 21:29:14 +00:00
rcourtman
4c1da82e28 Handle VM guest agent errors without marking nodes unhealthy (related to #736) 2025-11-21 17:34:25 +00:00