c4171e5b87
feat: protect initial owner from role change and deletion
2026-04-07 20:47:22 +02:00
8b9de9e83d
feat: add Bastillion-style SSH key enforcement worker
2026-04-06 00:17:03 +02:00
3a843354b6
docs: add dashboard screenshot to README
2026-04-05 22:46:09 +02:00
61cc63d3f9
Merge pull request 'v0.2.1-alpha' ( #3 ) from v0.2.1-alpha into master
...
Release Docker Image / Build & Push Docker Image (release) Successful in 5m31s
Reviewed-on: #3
2026-04-05 20:30:39 +00:00
f893d26791
fix: enforce LF line endings for shell scripts (.gitattributes)
PR Tests / Lint, Build & Test (pull_request) Successful in 5m30s
Security Scan / Go Vulnerability Check (pull_request) Successful in 4m47s
2026-04-05 22:17:51 +02:00
68777a5516
feat: add CLI password reset command (docker exec reset-password)
2026-04-05 22:17:46 +02:00
0fcd99a191
Merge pull request 'v0.2.0-alpha' ( #2 ) from v0.2.0-alpha into master
...
Release Docker Image / Build & Push Docker Image (release) Successful in 5m33s
Reviewed-on: #2
2026-04-05 17:56:47 +00:00
025d23e5a6
docs: add container registry URL to deployment docs and README
PR Tests / Lint, Build & Test (pull_request) Successful in 5m0s
Security Scan / Go Vulnerability Check (pull_request) Successful in 4m46s
2026-04-05 19:45:47 +02:00
be05dd5eac
fix: add entrypoint.sh to fix /data permission denied on bind-mount
PR Tests / Lint, Build & Test (pull_request) Has been cancelled
Security Scan / Go Vulnerability Check (pull_request) Has been cancelled
2026-04-05 19:42:18 +02:00
bb3bf0330f
security: fix data loss on container restart due to relative paths
...
Root cause: .env.example used relative paths (./data/...) which resolve
to /app/data/ inside the container instead of the persistent volume at
/data/. This caused the database to be recreated on every container
restart, resetting the admin password to a new initial value.
Fixes:
- .env.example: comment out path settings with clear warning about
relative paths; Dockerfile already provides correct absolute defaults
- auth: add initial_setup_complete flag in settings table as
defence-in-depth so EnsureAdmin never re-creates an admin after
the initial setup, even if the users table is unexpectedly empty
- main: add validateDataPaths() startup check that warns when relative
container paths are detected (potential data-loss misconfiguration)
- auth_test: extend TestEnsureAdmin to verify the flag prevents
admin re-creation after user deletion
2026-04-05 19:21:15 +02:00
c2d4148de6
add build to docker-compose
2026-04-05 19:12:44 +02:00
ea3e7e71ca
refactor: convert force_password_change to standalone layout (no sidebar)
2026-04-05 19:03:32 +02:00
5bd77de32d
Merge pull request 'v0.1.1-alpha' ( #1 ) from v0.1.1-alpha into master
...
Release Docker Image / Build & Push Docker Image (release) Successful in 5m11s
Reviewed-on: #1
2026-04-05 16:41:18 +00:00
43827d0d9e
docs: add Matrix community chat links
PR Tests / Lint, Build & Test (pull_request) Successful in 5m14s
Security Scan / Go Vulnerability Check (pull_request) Successful in 4m48s
2026-04-05 18:28:26 +02:00
1d60ba2999
fix: add nodejs to security-scan container for checkout action
PR Tests / Lint, Build & Test (pull_request) Has been cancelled
Security Scan / Go Vulnerability Check (pull_request) Has been cancelled
2026-04-05 18:25:46 +02:00
268955732a
fix: use net.JoinHostPort for IPv6-compatible address formatting
PR Tests / Lint, Build & Test (pull_request) Successful in 5m19s
Security Scan / Go Vulnerability Check (pull_request) Failing after 17s
2026-04-05 18:18:26 +02:00
1083b54fb9
fix: add nodejs to alpine container for actions/checkout
PR Tests / Lint, Build & Test (pull_request) Failing after 4m29s
Security Scan / Go Vulnerability Check (pull_request) Failing after 13s
2026-04-05 18:07:56 +02:00
45baaf8db8
docs: add secure key generation guide for session and encryption keys
PR Tests / Lint, Build & Test (pull_request) Failing after 45s
Security Scan / Go Vulnerability Check (pull_request) Failing after 14s
2026-04-05 17:58:02 +02:00
fbff33d201
docs: update feedback link to GitHub Issues
2026-04-05 17:53:59 +02:00
e994f13526
refactor: rename KEYWARDEN_ADMIN_USER/EMAIL env vars to KEYWARDEN_OWNER_USER/EMAIL
...
- Rename environment variables to match the owner role
- Add backward compatibility: legacy ADMIN vars still accepted with deprecation warning
- Update .env.example, docs and quickstart accordingly
2026-04-05 17:45:43 +02:00
775186038e
feat: use prebuilt image, bind mount and custom network in docker-compose
2026-04-05 17:41:06 +02:00
6cbcb272d0
fix(ci): handle empty tag in workflow_dispatch trigger
...
- Fallback to latest git tag when github.event.release.tag_name is empty
- Add fetch-depth: 0 to checkout step so git tags are available
- Fail with clear error if no tag exists at all
2026-04-05 17:19:05 +02:00
91e4758bb8
ci: add workflow_dispatch trigger to release-docker workflow
2026-04-05 17:15:09 +02:00
7a448034e4
fix(ci): remove protocol prefix from Docker image tags
2026-04-05 17:13:30 +02:00
fd13e67aef
Release: v0.1.0-alpha
Release Docker Image / Build & Push Docker Image (release) Failing after 1m30s
2026-04-05 16:56:16 +02:00
23ff731579
Initial commit
2026-04-05 14:52:17 +00:00
