ezpm2gui 1.4.0 → 1.6.0

package/dist/server/index.js

@@ -4,10 +4,16 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.createServer = createServer;
+const path_1 = __importDefault(require("path"));
+// @group Configuration : Load .env.local first (local overrides), then .env (defaults)
+// Must happen before any code reads process.env
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const dotenv = require('dotenv');
+dotenv.config({ path: path_1.default.resolve(process.cwd(), '.env.local') });
+dotenv.config({ path: path_1.default.resolve(process.cwd(), '.env') });
 const express_1 = __importDefault(require("express"));
 const http_1 = __importDefault(require("http"));
 const socket_io_1 = require("socket.io");
-const path_1 = __importDefault(require("path"));
 const pm2_1 = __importDefault(require("pm2"));
 const os_1 = __importDefault(require("os"));
 const processConfig_1 = __importDefault(require("./routes/processConfig"));
@@ -15,6 +21,8 @@ const deployApplication_1 = __importDefault(require("./routes/deployApplication"
 const modules_1 = __importDefault(require("./routes/modules"));
 const remoteConnections_1 = __importDefault(require("./routes/remoteConnections"));
 const cronJobs_1 = __importDefault(require("./routes/cronJobs"));
+const updates_1 = __importDefault(require("./routes/updates"));
+const pageAuth_1 = __importDefault(require("./routes/pageAuth"));
 const logStreaming_1 = require("./routes/logStreaming");
 const pm2_connection_1 = require("./utils/pm2-connection");
 const remote_connection_1 = require("./utils/remote-connection");
@@ -58,6 +66,8 @@ function createServer() {
     app.use('/api/modules', modules_1.default);
     app.use('/api/remote', remoteConnections_1.default);
     app.use('/api/cron-jobs', cronJobs_1.default);
+    app.use('/api/update', updates_1.default);
+    app.use('/api/auth', pageAuth_1.default);
     // Setup log streaming with Socket.IO
     (0, logStreaming_1.setupLogStreaming)(io); // PM2 API endpoints
     app.get('/api/processes', async (req, res) => {
@@ -127,45 +137,224 @@ function createServer() {
         };
         res.json(metrics);
     });
-    // Get process logs
+    // @group LogHistory : Resolve log path from PM2 process descriptor
+    const resolveLocalLogPath = async (id, logType) => {
+        var _a, _b, _c;
+        const processDesc = await (0, pm2_connection_1.executePM2Command)((callback) => {
+            pm2_1.default.describe(id, callback);
+        });
+        if (!processDesc || processDesc.length === 0)
+            return null;
+        return (_c = (_b = (_a = processDesc[0]) === null || _a === void 0 ? void 0 : _a.pm2_env) === null || _b === void 0 ? void 0 : _b[`pm_${logType}_log_path`]) !== null && _c !== void 0 ? _c : null;
+    };
+    // @group LogHistory : Get log lines — ?lines=N (default 200, 0 = all)
     app.get('/api/logs/:id/:type', async (req, res) => {
-        var _a, _b;
         const { id, type } = req.params;
         const logType = type === 'err' ? 'err' : 'out';
+        const lines = parseInt(req.query.lines || '200', 10);
         try {
-            const processDesc = await (0, pm2_connection_1.executePM2Command)((callback) => {
-                pm2_1.default.describe(id, callback);
-            });
-            if (!processDesc || processDesc.length === 0) {
-                res.status(404).json({ error: 'Process not found' });
+            const logPath = await resolveLocalLogPath(id, logType);
+            if (!logPath) {
+                res.status(404).json({ error: 'Process not found or log path unavailable' });
+                return;
+            }
+            const fs = require('fs');
+            if (!fs.existsSync(logPath)) {
+                res.json({ logs: [], logPath });
                 return;
             }
-            const logPath = (_b = (_a = processDesc[0]) === null || _a === void 0 ? void 0 : _a.pm2_env) === null || _b === void 0 ? void 0 : _b[`pm_${logType}_log_path`];
+            const { lines: result, total } = await streamTailLines(fs.createReadStream(logPath), lines);
+            res.json({ logs: result, logPath, totalLines: total });
+        }
+        catch (err) {
+            console.error(`Error reading log file: ${err}`);
+            res.status(500).json({ error: 'Failed to read log file' });
+        }
+    });
+    // @group LogHistory : Download full log file
+    app.get('/api/logs/:id/:type/download', async (req, res) => {
+        const { id, type } = req.params;
+        const logType = type === 'err' ? 'err' : 'out';
+        try {
+            const logPath = await resolveLocalLogPath(id, logType);
             if (!logPath) {
-                res.status(404).json({ error: `Log file for ${logType} not found` });
+                res.status(404).json({ error: 'Process not found or log path unavailable' });
                 return;
             }
             const fs = require('fs');
-            let logContent = '';
-            if (fs.existsSync(logPath)) {
-                const stats = fs.statSync(logPath);
-                const fileSize = stats.size;
-                const readSize = Math.min(fileSize, 10 * 1024); // 10KB max
-                const position = Math.max(0, fileSize - readSize);
-                const buffer = Buffer.alloc(readSize);
-                const fd = fs.openSync(logPath, 'r');
-                fs.readSync(fd, buffer, 0, readSize, position);
-                fs.closeSync(fd);
-                logContent = buffer.toString('utf8');
+            if (!fs.existsSync(logPath)) {
+                res.status(404).json({ error: 'Log file does not exist yet' });
+                return;
             }
-            const logs = logContent.split('\n').filter((line) => line.trim() !== '');
-            res.json({ logs });
+            const fileName = `${id}-${logType}.log`;
+            res.setHeader('Content-Disposition', `attachment; filename="${fileName}"`);
+            res.setHeader('Content-Type', 'text/plain; charset=utf-8');
+            fs.createReadStream(logPath).pipe(res);
         }
         catch (err) {
-            console.error(`Error reading log file: ${err}`);
+            console.error(`Error downloading log file: ${err}`);
+            res.status(500).json({ error: 'Failed to download log file' });
+        }
+    });
+    // @group LogHistory : List all log files (current + rotated) for a process
+    // Uses /api/log-files/:id to avoid Express matching /:id/:type with type='files'
+    app.get('/api/log-files/:id', async (req, res) => {
+        const { id } = req.params;
+        try {
+            const fs = require('fs');
+            const nodePath = require('path');
+            const [outPath, errPath] = await Promise.all([
+                resolveLocalLogPath(id, 'out'),
+                resolveLocalLogPath(id, 'err'),
+            ]);
+            if (!outPath && !errPath) {
+                res.status(404).json({ error: 'Process not found or no log paths available' });
+                return;
+            }
+            // Derive the process base name from the log path (strip -out.log suffix)
+            const baseName = outPath
+                ? nodePath.basename(outPath).replace(/-out\.log.*$/, '')
+                : nodePath.basename(errPath).replace(/-(error|err)\.log.*$/, '');
+            const logDirs = new Set();
+            if (outPath)
+                logDirs.add(nodePath.dirname(outPath));
+            if (errPath)
+                logDirs.add(nodePath.dirname(errPath));
+            const files = [];
+            for (const dir of logDirs) {
+                if (!fs.existsSync(dir))
+                    continue;
+                for (const fileName of fs.readdirSync(dir)) {
+                    if (!fileName.startsWith(baseName))
+                        continue;
+                    const filePath = nodePath.join(dir, fileName);
+                    const stat = fs.statSync(filePath);
+                    if (!stat.isFile())
+                        continue;
+                    let type = 'unknown';
+                    if (fileName.includes('-out'))
+                        type = 'out';
+                    else if (fileName.includes('-error') || fileName.includes('-err'))
+                        type = 'err';
+                    files.push({
+                        name: fileName,
+                        path: filePath,
+                        size: stat.size,
+                        modified: stat.mtime.toISOString(),
+                        type,
+                        compressed: fileName.endsWith('.gz'),
+                    });
+                }
+            }
+            files.sort((a, b) => new Date(b.modified).getTime() - new Date(a.modified).getTime());
+            res.json({ files });
+        }
+        catch (err) {
+            console.error('Error listing log files:', err);
+            res.status(500).json({ error: 'Failed to list log files' });
+        }
+    });
+    // @group LogHistory : Security helper — block path traversal; allow any absolute log file path
+    const isAllowedLogPath = (filePath) => {
+        const nodePath = require('path');
+        const norm = nodePath.normalize(filePath);
+        // Require absolute path; reject shell-dangerous characters; require log extension
+        const SHELL_UNSAFE = /['"`;$|&<>(){}\\\n\r\0]/;
+        return (nodePath.isAbsolute(norm) &&
+            !norm.includes('..') &&
+            !SHELL_UNSAFE.test(norm) &&
+            /\.(log|gz)$/i.test(norm));
+    };
+    // @group LogHistory : Stream last N lines from a readable stream (ring buffer, no full-file load)
+    const streamTailLines = (inputStream, maxLines) => {
+        return new Promise((resolve, reject) => {
+            const rl = require('readline').createInterface({ input: inputStream, crlfDelay: Infinity });
+            const buffer = [];
+            let total = 0;
+            rl.on('line', (line) => {
+                if (line.trim() === '')
+                    return;
+                total++;
+                if (maxLines > 0) {
+                    buffer.push(line);
+                    if (buffer.length > maxLines)
+                        buffer.shift();
+                }
+                else {
+                    buffer.push(line);
+                }
+            });
+            rl.on('close', () => resolve({ lines: buffer, total }));
+            rl.on('error', reject);
+            inputStream.on('error', reject);
+        });
+    };
+    // @group LogHistory : Read a specific log file by path — ?lines=N, supports .gz
+    // Uses /api/log-file (singular, top-level) to avoid clashing with /api/logs/:id/:type
+    app.get('/api/log-file', async (req, res) => {
+        const filePath = req.query.path;
+        const lines = parseInt(req.query.lines || '200', 10);
+        if (!filePath) {
+            res.status(400).json({ error: 'path query parameter required' });
+            return;
+        }
+        if (!isAllowedLogPath(filePath)) {
+            res.status(403).json({ error: 'Access denied: path is outside PM2 log directories' });
+            return;
+        }
+        try {
+            const fs = require('fs');
+            const zlib = require('zlib');
+            if (!fs.existsSync(filePath)) {
+                res.status(404).json({ error: 'File not found' });
+                return;
+            }
+            const inputStream = filePath.endsWith('.gz')
+                ? fs.createReadStream(filePath).pipe(zlib.createGunzip())
+                : fs.createReadStream(filePath);
+            const { lines: result, total } = await streamTailLines(inputStream, lines);
+            res.json({ logs: result, totalLines: total });
+        }
+        catch (err) {
+            console.error('Error reading log file:', err);
             res.status(500).json({ error: 'Failed to read log file' });
         }
     });
+    // @group LogHistory : Download a specific log file by path (streams .gz as-is)
+    app.get('/api/log-file/download', async (req, res) => {
+        const filePath = req.query.path;
+        if (!filePath) {
+            res.status(400).json({ error: 'path query parameter required' });
+            return;
+        }
+        if (!isAllowedLogPath(filePath)) {
+            res.status(403).json({ error: 'Access denied' });
+            return;
+        }
+        try {
+            const fs = require('fs');
+            const zlib = require('zlib');
+            const nodePath = require('path');
+            if (!fs.existsSync(filePath)) {
+                res.status(404).json({ error: 'File not found' });
+                return;
+            }
+            // Decompress .gz server-side so the download is always plain text
+            const baseName = nodePath.basename(filePath).replace(/\.gz$/i, '');
+            res.setHeader('Content-Disposition', `attachment; filename="${baseName}"`);
+            res.setHeader('Content-Type', 'text/plain; charset=utf-8');
+            if (filePath.endsWith('.gz')) {
+                fs.createReadStream(filePath).pipe(zlib.createGunzip()).pipe(res);
+            }
+            else {
+                fs.createReadStream(filePath).pipe(res);
+            }
+        }
+        catch (err) {
+            console.error('Error downloading log file:', err);
+            res.status(500).json({ error: 'Failed to download file' });
+        }
+    });
     // WebSocket for real-time updates
     io.on('connection', (socket) => {
         console.log('Client connected');
@@ -219,7 +408,7 @@ function createServer() {
 }
 // Only start the server if this file is run directly
 if (require.main === module) {
-    const PORT = process.env.PORT || 3001;
+    const PORT = process.env.PORT || 3101;
     const HOST = process.env.HOST || 'localhost';
     const server = createServer();
     server.listen(PORT, () => {

package/dist/server/routes/deployApplication.js

@@ -11,7 +11,7 @@ const ProjectSetupService_1 = require("../services/ProjectSetupService");
 const router = (0, express_1.Router)();
 // Deploy a new application
 router.post('/', async (req, res) => {
-    const { name, script, cwd, instances, exec_mode, autorestart, watch, max_memory_restart, env, appType, autoSetup = true } = req.body;
+    const { name, script, cwd, namespace, instances, exec_mode, autorestart, watch, max_memory_restart, env, appType, autoSetup = true } = req.body;
     // Validate required fields
     if (!name || !script) {
         return res.status(400).json({ error: 'Name and script path are required' });
@@ -67,6 +67,7 @@ router.post('/', async (req, res) => {
             name,
             script,
             cwd: projectPath,
+            namespace: namespace || 'default',
             instances: parseInt(instances) || 1,
             exec_mode: exec_mode || 'fork',
             autorestart: autorestart !== undefined ? autorestart : true,
@@ -158,8 +159,8 @@ router.post('/generate-ecosystem', (req, res) => {
                     env: pm2Env.env || {}
                 };
             });
-            const ecosystemConfig = `module.exports = {
-  apps: ${JSON.stringify(apps, null, 2)}
+            const ecosystemConfig = `module.exports = {
+  apps: ${JSON.stringify(apps, null, 2)}
 };`;
             // Create the file (either at specified path or default location)
             const filePath = req.body.path || path_1.default.join(process.cwd(), 'ecosystem.config.js');
@@ -212,8 +213,8 @@ router.get('/generate-ecosystem-preview', (req, res) => {
                     env: pm2Env.env || {}
                 };
             });
-            const ecosystemConfig = `module.exports = {
-  apps: ${JSON.stringify(apps, null, 2)}
+            const ecosystemConfig = `module.exports = {
+  apps: ${JSON.stringify(apps, null, 2)}
 };`;
             pm2_1.default.disconnect();
             res.json({

package/dist/server/routes/pageAuth.d.ts

@@ -0,0 +1,3 @@
+import { Router } from 'express';
+declare const router: Router;
+export default router;

package/dist/server/routes/pageAuth.js

@@ -0,0 +1,177 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const express_1 = __importDefault(require("express"));
+const crypto_1 = __importDefault(require("crypto"));
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+// @group Configuration : Path to the stored auth config file
+const AUTH_FILE = path_1.default.join(__dirname, '../config/auth.json');
+// @group Utilities : Load auth config — returns null when no password is set
+function loadAuthConfig() {
+    try {
+        if (!fs_1.default.existsSync(AUTH_FILE))
+            return null;
+        const raw = fs_1.default.readFileSync(AUTH_FILE, 'utf8').trim();
+        if (!raw)
+            return null;
+        return JSON.parse(raw);
+    }
+    catch {
+        return null;
+    }
+}
+// @group Utilities : Persist auth config to disk
+function saveAuthConfig(config) {
+    const dir = path_1.default.dirname(AUTH_FILE);
+    if (!fs_1.default.existsSync(dir))
+        fs_1.default.mkdirSync(dir, { recursive: true });
+    fs_1.default.writeFileSync(AUTH_FILE, JSON.stringify(config), 'utf8');
+}
+// @group Utilities : Hash a plaintext password with PBKDF2 + salt
+function hashPassword(password, salt) {
+    return crypto_1.default.pbkdf2Sync(password, salt, 100000, 64, 'sha512').toString('hex');
+}
+// @group Router : Express router for password-protection endpoints
+const router = express_1.default.Router();
+// @group Endpoints : GET /api/auth/status — is a password/PIN configured?
+router.get('/status', (_req, res) => {
+    var _a;
+    const config = loadAuthConfig();
+    res.json({
+        passwordSet: config !== null,
+        pinSet: !!(config === null || config === void 0 ? void 0 : config.pinHash),
+        autoLockMinutes: (_a = config === null || config === void 0 ? void 0 : config.autoLockMinutes) !== null && _a !== void 0 ? _a : 0,
+    });
+});
+// @group Endpoints : PATCH /api/auth/settings — update non-password settings (e.g. autoLockMinutes)
+router.patch('/settings', (req, res) => {
+    var _a;
+    const { autoLockMinutes } = req.body;
+    const config = loadAuthConfig();
+    if (!config) {
+        return res.status(400).json({ success: false, error: 'No password set — configure a password first' });
+    }
+    const minutes = typeof autoLockMinutes === 'number' && autoLockMinutes >= 0 ? Math.floor(autoLockMinutes) : (_a = config.autoLockMinutes) !== null && _a !== void 0 ? _a : 0;
+    saveAuthConfig({ ...config, autoLockMinutes: minutes });
+    res.json({ success: true, autoLockMinutes: minutes });
+});
+// @group Endpoints : POST /api/auth/set — set or change the password
+router.post('/set', (req, res) => {
+    var _a;
+    const { password, currentPassword } = req.body;
+    if (!password || typeof password !== 'string' || password.length < 4) {
+        return res.status(400).json({ success: false, error: 'Password must be at least 4 characters' });
+    }
+    const existing = loadAuthConfig();
+    // If a password is already set, require the current one before changing
+    if (existing) {
+        if (!currentPassword) {
+            return res.status(401).json({ success: false, error: 'Current password required to change password' });
+        }
+        const currentHash = hashPassword(currentPassword, existing.salt);
+        if (!crypto_1.default.timingSafeEqual(Buffer.from(currentHash, 'hex'), Buffer.from(existing.hash, 'hex'))) {
+            return res.status(401).json({ success: false, error: 'Current password is incorrect' });
+        }
+    }
+    const salt = crypto_1.default.randomBytes(32).toString('hex');
+    const hash = hashPassword(password, salt);
+    // Preserve PIN and autoLock settings when changing password
+    saveAuthConfig({
+        hash,
+        salt,
+        autoLockMinutes: (_a = existing === null || existing === void 0 ? void 0 : existing.autoLockMinutes) !== null && _a !== void 0 ? _a : 0,
+        ...((existing === null || existing === void 0 ? void 0 : existing.pinHash) ? { pinHash: existing.pinHash, pinSalt: existing.pinSalt } : {}),
+    });
+    res.json({ success: true });
+});
+// @group Endpoints : POST /api/auth/verify — verify a password attempt
+router.post('/verify', (req, res) => {
+    const { password } = req.body;
+    if (!password || typeof password !== 'string') {
+        return res.status(400).json({ success: false, error: 'Password is required' });
+    }
+    const config = loadAuthConfig();
+    if (!config) {
+        // No password set — treat as unlocked
+        return res.json({ success: true });
+    }
+    const hash = hashPassword(password, config.salt);
+    const match = crypto_1.default.timingSafeEqual(Buffer.from(hash, 'hex'), Buffer.from(config.hash, 'hex'));
+    if (!match) {
+        return res.status(401).json({ success: false, error: 'Incorrect password' });
+    }
+    res.json({ success: true });
+});
+// @group Endpoints : DELETE /api/auth/remove — remove the password (requires current password)
+router.delete('/remove', (req, res) => {
+    const { password } = req.body;
+    const config = loadAuthConfig();
+    if (!config) {
+        return res.json({ success: true }); // nothing to remove
+    }
+    if (!password || typeof password !== 'string') {
+        return res.status(400).json({ success: false, error: 'Current password required' });
+    }
+    const hash = hashPassword(password, config.salt);
+    const match = crypto_1.default.timingSafeEqual(Buffer.from(hash, 'hex'), Buffer.from(config.hash, 'hex'));
+    if (!match) {
+        return res.status(401).json({ success: false, error: 'Incorrect password' });
+    }
+    fs_1.default.unlinkSync(AUTH_FILE);
+    res.json({ success: true });
+});
+// @group Endpoints : POST /api/auth/pin/set — set or change the PIN (4-digit)
+router.post('/pin/set', (req, res) => {
+    const { pin } = req.body;
+    if (!pin || !/^\d{4}$/.test(pin)) {
+        return res.status(400).json({ success: false, error: 'PIN must be exactly 4 digits' });
+    }
+    const config = loadAuthConfig();
+    if (!config) {
+        return res.status(400).json({ success: false, error: 'Set a password first before adding a PIN' });
+    }
+    const pinSalt = crypto_1.default.randomBytes(32).toString('hex');
+    const pinHash = hashPassword(pin, pinSalt);
+    saveAuthConfig({ ...config, pinHash, pinSalt });
+    res.json({ success: true });
+});
+// @group Endpoints : POST /api/auth/pin/verify — verify a PIN attempt
+router.post('/pin/verify', (req, res) => {
+    const { pin } = req.body;
+    if (!pin || typeof pin !== 'string') {
+        return res.status(400).json({ success: false, error: 'PIN is required' });
+    }
+    const config = loadAuthConfig();
+    if (!(config === null || config === void 0 ? void 0 : config.pinHash) || !(config === null || config === void 0 ? void 0 : config.pinSalt)) {
+        return res.status(400).json({ success: false, error: 'No PIN configured' });
+    }
+    const hash = hashPassword(pin, config.pinSalt);
+    const match = crypto_1.default.timingSafeEqual(Buffer.from(hash, 'hex'), Buffer.from(config.pinHash, 'hex'));
+    if (!match) {
+        return res.status(401).json({ success: false, error: 'Incorrect PIN' });
+    }
+    res.json({ success: true });
+});
+// @group Endpoints : DELETE /api/auth/pin/remove — remove PIN (requires current password)
+router.delete('/pin/remove', (req, res) => {
+    const { password } = req.body;
+    const config = loadAuthConfig();
+    if (!config) {
+        return res.json({ success: true }); // nothing to remove
+    }
+    if (!password || typeof password !== 'string') {
+        return res.status(400).json({ success: false, error: 'Current password required to remove PIN' });
+    }
+    const hash = hashPassword(password, config.salt);
+    const match = crypto_1.default.timingSafeEqual(Buffer.from(hash, 'hex'), Buffer.from(config.hash, 'hex'));
+    if (!match) {
+        return res.status(401).json({ success: false, error: 'Incorrect password' });
+    }
+    const { pinHash: _ph, pinSalt: _ps, ...rest } = config;
+    saveAuthConfig(rest);
+    res.json({ success: true });
+});
+exports.default = router;