[RELEASE] v3.2.3-beta #278

Co-authored-by: Tommy Johnston <tommy@timmygstudios.com>

.dockerignore

@@ -0,0 +1,81 @@
+# Git
+.git
+.gitignore
+
+# Documentation
+README.md
+CONTRIBUTING.md
+*.md
+
+# Node modules
+node_modules
+*/node_modules
+**/node_modules
+
+# Build outputs
+.next
+dist
+build
+
+# Development files
+.env*
+.vscode
+.idea
+
+# Logs
+*.log
+logs
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Coverage directory used by tools like istanbul
+coverage
+
+# nyc test coverage
+.nyc_output
+
+# Dependency directories
+jspm_packages/
+
+# Optional npm cache directory
+.npm
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variables file
+.env
+
+# Docker files
+Dockerfile*
+docker-compose*
+
+# Storage directories (created at runtime)
+uploads/
+temp-uploads/
+apps/server/uploads/
+apps/server/temp-uploads/
+
+# Static files
+apps/server/prisma/*.db
+apps/server/.env
+apps/web/.env
+
+# OS generated files
+.DS_Store
+.DS_Store?
+._*
+.Spotlight-V100
+.Trashes
+ehthumbs.db
+Thumbs.db 

.github/pull_request_template.md

@@ -0,0 +1,56 @@
+## **🎯 Please make sure you are opening this Pull Request against the `next` branch!**
+
+## 📝 Description
+
+Please provide a clear and concise description of the changes introduced by this pull request.
+
+## 🔗 Related Issue(s)
+
+If this PR fixes or relates to an issue, please link it here (e.g., `Closes #123`).
+
+## 💡 Motivation and Context
+
+Why is this change required? What problem does it solve?
+
+## 🤖 Use of Artificial Intelligence (AI)
+
+The use of AI tools is absolutely welcome and not an issue. For transparency and continuous improvement, please answer the following:
+
+- Did you use any AI tools (such as GitHub Copilot, ChatGPT, etc.) to help develop this PR?
+    - [ ] No, this PR was developed without the assistance of AI tools.
+    - [ ] Yes, AI tools assisted in the development of this PR (please specify which ones and how they were used):
+        - Tool(s) used:
+        - Brief description of how AI contributed:
+- Was this PR generated entirely by an AI tool (i.e., with minimal human intervention)?  
+    - [ ] No  
+    - [ ] Yes (please provide details):
+
+## 🧪 How Has This Been Tested?
+
+Please describe the tests that you ran to verify your changes. Include details about your test environment, and the test cases you ran.
+
+## 📸 Screenshots (if appropriate)
+
+Add any relevant screenshots to help explain your changes.
+
+## 🔄 Types of Changes
+
+Check the relevant option(s) below:
+
+- [ ] 🐛 Bug fix (non-breaking change which fixes an issue)
+- [ ] ✨ New feature (non-breaking change which adds functionality)
+- [ ] ⚠️ Breaking change (fix or feature that would cause existing functionality to change)
+- [ ] 📚 Documentation update
+
+## ✅ Checklist
+
+- [ ] My code follows the code style of this project
+- [ ] I have performed a self-review of my code
+- [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] I have added tests that prove my fix is effective or that my feature works
+- [ ] I have added necessary documentation (if appropriate)
+- [ ] I have rebased and/or merged on top of the latest `next` branch
+
+---
+
+🙏 Thank you for your contribution!

.gitignore

@@ -30,3 +30,7 @@ apps/server/dist/*
 
 #DEFAULT
 .env
+.steering
+data/
+
+node_modules/

.husky/pre-push

@@ -0,0 +1,12 @@
+echo "🔍 Running pre-push validation for all apps..."
+
+echo "📱 Validating web app..."
+cd apps/web && pnpm validate
+
+echo "📚 Validating docs app..."
+cd ../docs && pnpm validate
+
+echo "🖥️ Validating server app..."
+cd ../server && pnpm validate
+
+echo "✅ All validations passed!" 

Dockerfile

@@ -0,0 +1,168 @@
+FROM node:20-alpine AS base
+
+# Install system dependencies
+RUN apk add --no-cache \
+  gcompat \
+  supervisor \
+  curl \
+  su-exec
+
+# Enable pnpm
+RUN corepack enable pnpm
+
+# Set working directory
+WORKDIR /app
+
+# === SERVER BUILD STAGE ===
+FROM base AS server-deps
+WORKDIR /app/server
+
+# Copy server package files
+COPY apps/server/package*.json ./
+COPY apps/server/pnpm-lock.yaml ./
+
+# Install server dependencies
+RUN pnpm install --frozen-lockfile
+
+FROM base AS server-builder
+WORKDIR /app/server
+
+# Copy server dependencies
+COPY --from=server-deps /app/server/node_modules ./node_modules
+
+# Copy server source code
+COPY apps/server/ ./
+
+# Generate Prisma client
+RUN npx prisma generate
+
+# Build server
+RUN pnpm build
+
+# === WEB BUILD STAGE ===
+FROM base AS web-deps
+WORKDIR /app/web
+
+# Copy web package files
+COPY apps/web/package.json apps/web/pnpm-lock.yaml ./
+
+# Install web dependencies
+RUN pnpm install --frozen-lockfile
+
+FROM base AS web-builder
+WORKDIR /app/web
+
+# Copy web dependencies
+COPY --from=web-deps /app/web/node_modules ./node_modules
+
+# Copy web source code
+COPY apps/web/ ./
+
+# Set environment variables for build
+ENV NEXT_TELEMETRY_DISABLED=1
+ENV NODE_ENV=production
+
+# Build web application
+RUN pnpm run build
+
+# === PRODUCTION STAGE ===
+FROM base AS runner
+
+# Set production environment
+ENV NODE_ENV=production
+ENV NEXT_TELEMETRY_DISABLED=1
+ENV API_BASE_URL=http://127.0.0.1:3333
+
+# Define build arguments for user/group configuration (defaults to current values)
+ARG PALMR_UID=1001
+ARG PALMR_GID=1001
+
+# Create application user with configurable UID/GID
+RUN addgroup --system --gid ${PALMR_GID} nodejs
+RUN adduser --system --uid ${PALMR_UID} --ingroup nodejs palmr
+
+# Create application directories 
+RUN mkdir -p /app/palmr-app /app/web /app/infra /home/palmr/.npm /home/palmr/.cache
+RUN chown -R palmr:nodejs /app /home/palmr
+
+# === Copy Server Files to /app/palmr-app (separate from /app/server for bind mounts) ===
+WORKDIR /app/palmr-app
+
+# Copy server production files
+COPY --from=server-builder --chown=palmr:nodejs /app/server/dist ./dist
+COPY --from=server-builder --chown=palmr:nodejs /app/server/node_modules ./node_modules
+COPY --from=server-builder --chown=palmr:nodejs /app/server/prisma ./prisma
+COPY --from=server-builder --chown=palmr:nodejs /app/server/package.json ./
+
+# Copy password reset script and make it executable
+COPY --from=server-builder --chown=palmr:nodejs /app/server/reset-password.sh ./
+COPY --from=server-builder --chown=palmr:nodejs /app/server/src/scripts/ ./src/scripts/
+RUN chmod +x ./reset-password.sh
+
+# Copy seed file to the shared location for bind mounts
+RUN mkdir -p /app/server/prisma
+COPY --from=server-builder --chown=palmr:nodejs /app/server/prisma/seed.js /app/server/prisma/seed.js
+
+# === Copy Web Files ===
+WORKDIR /app/web
+
+# Copy web production files
+COPY --from=web-builder --chown=palmr:nodejs /app/web/public ./public
+COPY --from=web-builder --chown=palmr:nodejs /app/web/.next/standalone ./
+COPY --from=web-builder --chown=palmr:nodejs /app/web/.next/static ./.next/static
+
+# === Setup Supervisor ===
+WORKDIR /app
+
+# Create supervisor configuration
+RUN mkdir -p /etc/supervisor/conf.d
+
+# Copy server start script and configuration files
+COPY infra/server-start.sh /app/server-start.sh
+COPY infra/configs.json /app/infra/configs.json
+COPY infra/providers.json /app/infra/providers.json
+COPY infra/check-missing.js /app/infra/check-missing.js
+RUN chmod +x /app/server-start.sh
+RUN chown -R palmr:nodejs /app/server-start.sh /app/infra
+
+# Copy supervisor configuration
+COPY infra/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
+
+# Create main startup script
+COPY <<EOF /app/start.sh
+#!/bin/sh
+set -e
+
+echo "Starting Palmr Application..."
+echo "Storage Mode: \${ENABLE_S3:-false}"
+echo "Secure Site: \${SECURE_SITE:-false}"
+echo "Encryption: \${DISABLE_FILESYSTEM_ENCRYPTION:-true}"
+echo "Database: SQLite"
+
+# Set global environment variables
+export DATABASE_URL="file:/app/server/prisma/palmr.db"
+export NEXT_PUBLIC_DEFAULT_LANGUAGE=\${DEFAULT_LANGUAGE:-en-US}
+
+# Ensure /app/server directory exists for bind mounts
+mkdir -p /app/server/uploads /app/server/temp-uploads /app/server/prisma
+
+echo "Data directories ready for first run..."
+
+# Start supervisor
+exec /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf
+EOF
+
+RUN chmod +x /app/start.sh
+
+# Create volume mount points for bind mounts
+VOLUME ["/app/server"]
+
+# Expose ports
+EXPOSE 3333 5487
+
+# Health check
+HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
+  CMD curl -f http://localhost:5487 || exit 1
+
+# Start application
+CMD ["/app/start.sh"]

LICENSE

@@ -1,25 +1,190 @@
-BSD 2-Clause License
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
 
-Copyright (c) 2025, Daniel Luiz Alves (danielalves96)
-All rights reserved.
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
 
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
+   1. Definitions.
 
-1. Redistributions of source code must retain the above copyright notice, this
-   list of conditions and the following disclaimer.
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
 
-2. Redistributions in binary form must reproduce the above copyright notice,
-   this list of conditions and the following disclaimer in the documentation
-   and/or other materials provided with the distribution.
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
 
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   Copyright 2025 Daniel Luiz Alves (danielalves96) - Kyantech Solutions, Inc.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

Makefile

@@ -0,0 +1,64 @@
+.PHONY: help build start clean logs stop restart update-version
+
+# Default target
+help:
+	@echo "🚀 Palmr - Available Commands:"
+	@echo ""
+	@echo "  make build         - Build Docker image with multi-platform support"
+	@echo "  make update-version - Update version in all package.json files"
+	@echo "  make start         - Start the application using docker-compose"
+	@echo "  make stop          - Stop all running containers"
+	@echo "  make logs          - Show application logs"
+	@echo "  make clean         - Clean up containers and images"
+	@echo "  make shell         - Access the application container shell"
+	@echo ""
+	@echo "📁 Scripts location: ./infra/"
+
+# Build Docker image using the build script
+build:
+	@echo "🏗️  Building Palmr Docker image..."
+	@echo "📝 This will update version numbers in all package.json files before building"
+	@echo ""
+	@chmod +x ./infra/update-versions.sh
+	@chmod +x ./infra/build-docker.sh
+	@echo "🔄 Starting build process..."
+	@./infra/build-docker.sh
+
+# Update version in all package.json files
+update-version:
+	@echo "🔄 Updating version numbers..."
+	@echo "🏷️  Please enter the new version (e.g., v3.0.0, 3.0-beta):"
+	@read -p "Version: " VERSION; \
+	if [ -z "$$VERSION" ]; then \
+		echo "❌ Error: Version cannot be empty"; \
+		exit 1; \
+	fi; \
+	chmod +x ./infra/update-versions.sh; \
+	./infra/update-versions.sh "$$VERSION"
+
+# Start the application
+start:
+	@echo "🚀 Starting Palmr application..."
+	@docker-compose up -d
+
+# Stop the application
+stop:
+	@echo "🛑 Stopping Palmr application..."
+	@docker-compose down
+
+# Show logs
+logs:
+	@echo "📋 Showing Palmr logs..."
+	@docker-compose logs -f
+
+# Clean up containers and images
+clean:
+	@echo "🧹 Cleaning up Docker containers and images..."
+	@docker-compose down -v
+	@docker system prune -f
+	@echo "✅ Cleanup completed!"
+
+# Access container shell
+shell:
+	@echo "🐚 Accessing Palmr container shell..."
+	@docker-compose exec palmr /bin/sh

README.md

@@ -1,11 +1,22 @@
 # 🌴 Palmr. - Open-Source File Transfer
 
 <p align="center">
-  <img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1745548261/Palmr./banner_roxtph.png" alt="Palmr Logo" style="width: 100%;">
+  <img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749825361/Group_47_1_bcx8gw.png" alt="Palmr Banner" style="width: 100%;"/>
 </p>
 
 **Palmr.** is a **flexible** and **open-source** alternative to file transfer services like **WeTransfer**, **SendGB**, **Send Anywhere**, and **Files.fm**.
 
+<div align="center">
+  <div style="background: linear-gradient(135deg, #ff4757, #ff3838); padding: 20px; border-radius: 12px; margin: 20px 0; box-shadow: 0 4px 15px rgba(255, 71, 87, 0.3); border: 2px solid #ff3838;">
+    <h3 style="color: white; margin: 0 0 10px 0; font-size: 18px; font-weight: bold;">
+      ⚠️ BETA VERSION
+    </h3>
+    <p style="color: white; margin: 0; font-size: 14px; opacity: 0.95;">
+      <strong>This project is currently in beta phase.</strong><br>
+      Not recommended for production environments.
+    </p>
+  </div>
+</div>
 
 🔗 **For detailed documentation visit:** [Palmr. - Documentation](https://palmr.kyantech.com.br)
 
@@ -14,6 +25,9 @@
 - **Self-hosted** – Deploy on your own server or VPS.
 - **Full control** – No third-party dependencies, ensuring privacy and security.
 - **No artificial limits** – Share files without hidden restrictions or fees.
+- **Folder organization** – Create folders to organize and share files.
+- **Simple deployment** – SQLite database and filesystem storage for easy setup.
+- **Scalable storage** – Optional S3-compatible object storage for enterprise needs.
 
 ## 🚀 Technologies Used
 
@@ -26,8 +40,8 @@
 
 ### **Backend & API**
 - **Fastify (Node.js)** – High-performance API framework with built-in schema validation.
-- **PostgreSQL** – Reliable, secure, and scalable database solution.
-- **MinIO (Object Storage)** – AWS S3-compatible storage for high availability.
+- **SQLite** – Lightweight, reliable database with zero-configuration setup.
+- **Filesystem Storage** – Direct file storage with optional S3-compatible object storage.
 
 ### **Frontend**
 - **NextJS 15 + TypeScript + Shadcn/ui** – Modern and fast web interface.
@@ -36,9 +50,80 @@
 ## 🛠️ How It Works
 
 1. **Web Interface** → Built with Next, React and TypeScript for a seamless user experience.
-2. **Backend API** → Fastify handles requests and interacts with storage.
-3. **Database** → PostgreSQL stores metadata and transactional data.
-4. **Storage** → MinIO ensures reliable file storage and retrieval.
+2. **Backend API** → Fastify handles requests and manages file operations.
+3. **Database** → SQLite stores metadata and transactional data with zero configuration.
+4. **Storage** → Filesystem storage ensures reliable file storage with optional S3-compatible object storage for scalability.
+
+## 📸 Screenshots
+
+<table>
+  <tr>
+    <td align="center">
+      <img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824929/Login_veq6e7.png" alt="Login Page" style="width: 100%; border-radius: 8px;" />
+      <br /><strong>Login Page</strong>
+    </td>
+    <td align="center">
+      <img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824929/Home_lzvfzu.png" alt="Home Page" style="width: 100%; border-radius: 8px;" />
+      <br /><strong>Home Page</strong>
+    </td>
+  </tr>
+  <tr>
+    <td align="center">
+      <img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824928/Dashboard_uycmxb.png" alt="Dashboard" style="width: 100%; border-radius: 8px;" />
+      <br /><strong>Dashboard</strong>
+    </td>
+    <td align="center">
+      <img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824929/Profile_wvnlzw.png" alt="Profile Page" style="width: 100%; border-radius: 8px;" />
+      <br /><strong>Profile Page</strong>
+    </td>
+  </tr>
+  <tr>
+    <td align="center">
+      <img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824928/Files_List_ztwr1e.png" alt="Files List View" style="width: 100%; border-radius: 8px;" />
+      <br /><strong>Files List View</strong>
+    </td>
+    <td align="center">
+      <img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824928/Files_Cards_pwsh5e.png" alt="Files Card View" style="width: 100%; border-radius: 8px;" />
+      <br /><strong>Files Card View</strong>
+    </td>
+  </tr>
+  <tr>
+    <td align="center">
+      <img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824927/Shares_cgplgw.png" alt="Shares Management" style="width: 100%; border-radius: 8px;" />
+      <br /><strong>Shares Management</strong>
+    </td>
+    <td align="center">
+      <img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824928/Reive_Files_uhkeyc.png" alt="Receive Files" style="width: 100%; border-radius: 8px;" />
+      <br /><strong>Receive Files</strong>
+    </td>
+  </tr>
+  <tr>
+    <td align="center">
+      <img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824927/Default_Reverse_xedmhw.png" alt="Reverse Share" style="width: 100%; border-radius: 8px;" />
+      <br /><strong>Reverse Share</strong>
+    </td>
+    <td align="center">
+      <img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824928/Settings_oampxr.png" alt="Settings Panel" style="width: 100%; border-radius: 8px;" />
+      <br /><strong>Settings Panel</strong>
+    </td>
+  </tr>
+  <tr>
+    <td align="center">
+      <img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824928/User_Management_xjbfhn.png" alt="User Management" style="width: 100%; border-radius: 8px;" />
+      <br /><strong>User Management</strong>
+    </td>
+    <td align="center">
+      <img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824928/Forgot_Password_jcz9ad.png" alt="Forgot Password" style="width: 100%; border-radius: 8px;" />
+      <br /><strong>Forgot Password</strong>
+    </td>
+  </tr>
+  <tr>
+    <td align="center">
+      <img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824928/WeTransfer_Reverse_u0g7eb.png" alt="Forgot Password" style="width: 100%; border-radius: 8px;" />
+      <br /><strong>Reverse Share (WeTransfer Style)</strong>
+    </td>
+  </tr>
+</table>
 
 
 ## 👨‍💻 Core Maintainers
@@ -49,6 +134,10 @@
 
 </br>
 
+## 🤝 Supporters
+
+[<img src="https://i.ibb.co/nMN40STL/Repoflow.png" width="200px" alt="Daniel Luiz Alves" />](https://www.repoflow.io/)
+
 ## ⭐ Star History
 
   <a href="https://www.star-history.com/#kyantech/Palmr&Date">
@@ -62,3 +151,4 @@
 ## 🛠️ Contributing
 
 For contribution guidelines, please refer to the [CONTRIBUTING.md](CONTRIBUTING.md) file.
+

apps/docs/.eslintrc.json

@@ -1,3 +0,0 @@
-{
-  "extends": ["next/core-web-vitals", "next/typescript"]
-}

apps/docs/.prettierignore

@@ -0,0 +1,4 @@
+/node_modules
+/.next
+/out
+/build 

apps/docs/.prettierrc.json

@@ -0,0 +1,16 @@
+{
+  "importOrder": [
+    "^(react/(.*)$)|^(react$)",
+    "^(next/(.*)$)|^(next$)",
+    "<THIRD_PARTY_MODULES>",
+    "",
+    "^@/(.*)$",
+    "^[./]"
+  ],
+  "importOrderParserPlugins": ["typescript", "jsx", "decorators-legacy"],
+  "plugins": ["@ianvs/prettier-plugin-sort-imports", "prettier-plugin-sort-json"],
+  "printWidth": 120,
+  "singleQuote": false,
+  "tabWidth": 2,
+  "trailingComma": "es5"
+}

apps/docs/components.json

@@ -1,15 +1,5 @@
 {
   "$schema": "https://ui.shadcn.com/schema.json",
-  "style": "new-york",
-  "rsc": true,
-  "tsx": true,
-  "tailwind": {
-    "config": "",
-    "css": "src/app/global.css",
-    "baseColor": "neutral",
-    "cssVariables": true,
-    "prefix": ""
-  },
   "aliases": {
     "components": "@/components",
     "utils": "@/lib/utils",
@@ -17,5 +7,15 @@
     "lib": "@/lib",
     "hooks": "@/hooks"
   },
-  "iconLibrary": "lucide"
+  "iconLibrary": "lucide",
+  "rsc": true,
+  "style": "new-york",
+  "tailwind": {
+    "config": "",
+    "css": "src/app/global.css",
+    "baseColor": "neutral",
+    "cssVariables": true,
+    "prefix": ""
+  },
+  "tsx": true
 }

apps/docs/content/docs/1.1.7-beta/api.md

@@ -1,50 +0,0 @@
----
-title: API Endpoints
----
-
-Palmr. provides a **highly documented and typed API** that can be accessed at:  
-
-- **In a production environment:** `{your_server_domain}/docs`  
-- **In a local environment:** [http://localhost:3333/docs](http://localhost:3333/docs)  
-
-The API documentation is powered by **Scalar** ([https://scalar.com](https://scalar.com)), which offers a fully interactive interface for testing all the available requests within Palmr. Below is an example screenshot of the API documentation interface:  
-
-![Palmr API Documentation](/assets/v1/api-docs/scalar.png)  
-
----  
-
-### Accessing the API Documentation  
-
-We do **not provide an online version** of the API documentation because it may change depending on the specific version of Palmr. you are using. Therefore, we recommend checking the documentation only after starting your API service. The API service corresponds to the **server** within the official Palmr. GitHub repository.  
-
----  
-
-### Scalar-Based Documentation  
-
-We recommend using **Scalar** for querying and testing the API because the system was designed with Scalar in mind. Scalar offers an intuitive and interactive environment for exploring endpoints, sending requests, and viewing responses directly within the interface.  
-
----  
-
-### Swagger-Based Documentation  
-
-If you prefer not to use Scalar or are more comfortable with an alternative tool, a **Swagger-based version** of the documentation is also available. 
-
-![Palmr API Documentation](/assets/v1/api-docs/swagger.png)  
-
-You can access it at:  
-
-- **In a production environment:** `{your_server_domain}/swagger`  
-- **In a local environment:** [http://localhost:3333/swagger](http://localhost:3333/swagger)  
-
-Both the Scalar and Swagger versions contain the same endpoints and are documented at a level sufficient for testing and integrating with other systems.  
-
----
-
-Both options ensure that you have all the necessary tools and information to integrate Palmr. with your systems or third-party services effectively.  
-
-### Useful Links  
-
-Here are some useful links related to Palmr.'s API and its components:  
-
-- [Scalar Official Website](https://scalar.com)  
-- [Swagger Official Website](https://swagger.io)

apps/docs/content/docs/1.1.7-beta/architecture.md

@@ -1,54 +0,0 @@
----
-title: Architecture of Palmr.
----
-
-##### Overview of the core architecture components of Palmr.  
-  
-
-Understanding the architecture of Palmr. is crucial for both deploying and scaling the application. Below is a diagram illustrating the main components:
-
-![Palmr Banner](/assets/v1/general/architecture.png)
-
-## **Technologies Used**  
-
-Each component in the Palmr. architecture plays a vital role in ensuring reliability, performance, and scalability:  
-
-### **PostgreSQL**  
-Palmr. uses **PostgreSQL** as the primary database solution. It provides reliable and secure data storage, ensuring consistency and high performance for all database operations. PostgreSQL's powerful indexing, query optimization, and support for complex data types make it an ideal choice for handling large amounts of data.  
-
-### **React + TypeScript + Vite**  
-The frontend of Palmr. is built using **React** and **TypeScript**, bundled with **Vite** for fast development and optimized builds.  
-- **React** enables the creation of a dynamic and responsive user interface with a component-based architecture.  
-- **TypeScript** adds static typing, enhancing code quality and reducing runtime errors.  
-- **Vite** provides a fast and efficient development environment with hot module replacement (HMR) and optimized production builds.  
-
-### **MinIO**  
-Palmr. uses **MinIO** for object storage. MinIO is a high-performance, S3-compatible object storage solution designed for large-scale data infrastructure.  
-- Supports high-throughput file storage and retrieval.  
-- Ensures data integrity and redundancy.  
-- Compatible with AWS S3 APIs, making integration seamless.  
-
-### **Fastify**  
-The backend of Palmr. is powered by **Fastify**, a high-performance, low-overhead web framework for Node.js.  
-- Provides fast request handling with a lightweight core.  
-- Built-in schema-based validation for secure and reliable API handling.  
-- Supports plugin-based architecture for easy extensibility.  
-
-### **How It Works**  
-1. **Frontend** — React + TypeScript + Vite handle the user interface and user interactions.  
-2. **Backend** — Fastify processes requests and communicates with the database and storage layers.  
-3. **Database** — PostgreSQL stores metadata and transactional data.  
-4. **Object Storage** — MinIO stores the actual files and ensures scalable, high-performance storage.  
-
----
-
-### **Useful Links**
-- [PostgreSQL Documentation](https://www.postgresql.org/docs/)
-- [React Documentation](https://react.dev/)
-- [TypeScript Handbook](https://www.typescriptlang.org/docs/)
-- [Vite Guide](https://vitejs.dev/guide/)
-- [MinIO Documentation](https://min.io/docs/minio/container/index.html)
-- [Fastify Documentation](https://fastify.dev/docs/latest/)
-
----
-

apps/docs/content/docs/1.1.7-beta/available-languages.md

@@ -1,48 +0,0 @@
----
-title: Available languages
----
-
-The project uses i18next for internationalization (i18n) support. The language detection is handled automatically through i18next-browser-languagedetector .
-
-### Available Languages in Palmr.
-----
-
-##### 1. 🇺🇸 English (en-US)
-##### 2. 🇧🇷 Portuguese (pt-BR)
-##### 3. 🇫🇷 French (fr-FR)
-##### 4. 🇪🇸 Spanish (es-ES)
-##### 5. 🇩🇪 German (de-DE)
-##### 6. 🇷🇺 Russian (ru-RU)
-##### 7. 🇮🇳 Hindi (hi-IN)
-##### 8. 🇸🇦 Arabic (ar-SA)
-##### 9. 🇯🇵 Japanese (ja-JP)
-##### 10. 🇰🇷 Korean (ko-KR)
-##### 11. 🇹🇷 Turkish (tr-TR)
-##### 12. 🇨🇳 Chinese (zh-CN)
-
-</br>
-
-### Language Selection
-##### The language can be changed in two ways:
-
-#### 1. Automatic Detection
-   
-   - The application automatically detects the user's browser language
-   - Uses the browser's language settings as the initial language
-
-#### 2. Manual Selection
-
-![Palmr Profile Menu](/assets/v1/main/language/language-selector.png)
-   
-   - Users can manually switch languages through the language selector in the UI
-   - Language preference is saved in the browser's localStorage
-
-### Default Language
-##### English (en-US) is set as the fallback language.
-</br>
-
-### Language Detection
-The application automatically detects the user's browser language and sets it as the initial language. Users can manually change the language using the language switcher in the interface (globe icon in the navigation bar).
-
-### RTL Support
-The application includes special handling for right-to-left (RTL) languages, specifically for Arabic (ar-SA).

apps/docs/content/docs/1.1.7-beta/configuring-smtp.md

@@ -1,67 +0,0 @@
----
-title: Configuring SMTP
----
-
-For Palmr to function with all its best features, we need to configure our email server. To make this easier, there is a built-in configuration panel inside **Settings** in Palmr. However, only users with an **ADMIN** profile can access and configure these settings.
-
-## Why Configure SMTP?
-
-The main functionalities that depend on SMTP configuration are:
-- **Password Reset** – Users who forget their password and cannot access the **Settings** panel need this feature.
-- **Email Notifications** – Recipients will receive emails when new shares are sent to them.
-
-Now, let's go through the step-by-step process to configure the **SMTP Server**.
-
----
-
-## Accessing SMTP Settings
-
-To access **Settings**, an **ADMIN** user must click on the profile picture in the **header** and select **Settings** from the dropdown menu.
-
-![Dropdown Menu](/assets/v1/main/smtp/dropdown-menu.png)
-
-Once inside the **Settings** panel, click on the **Email** card to expand the SMTP configuration options.
-
-![Closed Settings Card](/assets/v1/main/smtp/closed-card.png)
-
-After expanding the card, the following SMTP configuration fields will appear:
-
-![Opened Settings Card](/assets/v1/main/smtp/opened-card.png)
-
----
-
-## Configuring SMTP Server
-
-The first step is to **enable SMTP** by selecting "Yes" in the **SMTP Enabled** field.
-
-![SMTP Enabled](/assets/v1/main/smtp/smtp-enabled.png)
-
-Once SMTP is enabled, you can configure the other necessary fields:
-
-- **Sender Name** – This will appear as the sender’s name in emails. (Example: "Palmr")
-- **Sender Email** – The email address from which notifications will be sent. (Example: "noreply@palmr.app")
-- **SMTP Server** – The SMTP server address. You can use any email service provider. For Gmail, use `smtp.gmail.com` (this is the recommended option and set as default).
-- **SMTP Port** – The server port. For Gmail, the standard port is **587**.
-- **SMTP Username** – The username for the SMTP server. For Gmail, enter your email address.
-- **SMTP Password** – The SMTP password. (Generate an App Password for Gmail)
-
-> **Important:** If using **Gmail**, you need to generate an **App Password** instead of using your standard email password.
-> For other email services, consult the official documentation of the service provider you are using. We recommend using Gmail for simplicity and limits the number of emails sent.
-
----
-
-## Generating a Gmail App Password
-
-To generate an App Password for Gmail:
-1. Go to [Google My Account](https://myaccount.google.com/).
-2. Select **Security**.
-3. Scroll down to **App Passwords**.
-4. Generate a new password specifically for Palmr.
-
-For a complete guide, refer to: **[How to set up SMTP credentials with Gmail](https://medium.com/rails-to-rescue/how-to-set-up-smtp-credentials-with-gmail-for-your-app-send-email-cf236d11087d)**.
-
----
-
-## Finalizing SMTP Configuration
-
-After entering the correct information, save the settings. Palmr is now ready to send emails for password resets and share notifications!

apps/docs/content/docs/1.1.7-beta/contribute.md

@@ -1,161 +0,0 @@
----
-title: How to Contribute
----
-
-Thank you for your interest in contributing to the **Palmr.** project! Contributions are what make the open-source community such an amazing place to learn, inspire, and create. This guide will walk you through the process of contributing to Palmr.
-
----
-
-### Step 1: Log in to GitHub
-
-Before you can contribute, you need to be logged into your GitHub account. If you don't have an account yet, you can sign up for free at **[GitHub](https://github.com/)**.
-
----
-
-### Step 2: Go to the Palmr Repository
-
-Once you're logged in, go to the Palmr repository by clicking on this link: **[https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr)**.
-
-Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **kyantech**.
-
----
-
-### Step 3: Fork the Repository
-
-To contribute to the project, you’ll need to create your own copy of the repository. This is called a **fork**. Here’s how to do it:
-1. Click the **Fork** button at the top right of the repository page.
-2. This will create a copy of the repository under your GitHub account.
-
----
-
-### Step 4: Clone Your Forked Repository
-
-Next, you’ll need to clone your forked repository to your local machine. Here’s how:
-1. On your forked repository page, click the **Code** button.
-2. Copy the repository URL (HTTPS or SSH).
-3. Open your terminal or command prompt and run the following command to clone the repository:
-
-   ```bash 
-   git clone <repository-url>
-   ```
-4. Navigate into the cloned directory:
-
-   ```bash
-   cd Palmr
-   ```
-
----
-
-### Step 5: Set Up the `next` Branch as the Base
-
-Before making changes, ensure your local repository is set up to track the `next` branch from the original Palmr repository. Here’s how:
-1. Add the original Palmr repository as a remote:
-
-   ```bash
-   git remote add upstream https://github.com/kyantech/Palmr.git
-   ```
-2. Fetch the latest changes from the `next` branch:
-
-   ```bash
-   git fetch upstream next
-   ```
-
-3. Create a new branch for your contribution based on `upstream/next`:
-
-   ```bash
-   git checkout -b your-branch-name upstream/next
-   ```
-
----
-
-### Step 6: Make Your Changes
-
-Now you’re ready to make your contributions! This could include:
-- Fixing a bug
-- Adding a new feature
-- Improving documentation
-- Writing tests
-
-Make your changes in your local repository using your preferred code editor.
-
----
-
-### Step 7: Commit Your Changes Using Conventional Commits
-
-Once you’ve made your changes, commit them to your branch using **Conventional Commits**. Conventional Commits help maintain a clean and consistent commit history. Here’s how to format your commit messages:
-
-#### Commit Message Format:
-`<type>(<scope>): <description>`
-
-#### Examples:
-- `feat: add user authentication`
-- `fix(api): resolve null pointer exception`
-- `docs: update README file`
-- `chore: update dependencies`
-
-#### Steps to Commit:
-1. Stage your changes:
-
-  ```bash
-  git add .
-  ```
-2. Commit your changes with a properly formatted message:
-
-  ```bash
-  git commit -m "feat: add new feature for user profiles"
-  ```
-
----
-
-### Step 8: Push Your Changes to GitHub
-
-After committing your changes, push them to your forked repository on GitHub:
-
-```bash
-git push origin your-branch-name
-```
-
----
-
-### Step 9: Open a Pull Request to the `next` Branch
-
-Now that your changes are on GitHub, you can open a **Pull Request (PR)** to propose your changes to the `next` branch of the Palmr repository. Here’s how:
-1. Go to your forked repository on GitHub.
-2. Click the **Pull Request** button.
-3. On the PR creation page:
-   - Set the **base repository** to `kyantech/Palmr`.
-   - Set the **base branch** to `next`.
-   - Set the **head repository** to your forked repository.
-   - Set the **compare branch** to your branch (`your-branch-name`).
-4. Fill out the PR form with a clear title and description of your changes.
-5. Click **Create Pull Request**.
-
----
-
-### Step 10: Wait for Review
-
-Once your PR is submitted, the maintainers will review your changes. They may provide feedback or request additional changes. Be sure to respond to their comments and make any necessary updates.
-
----
-
-### Tips for Contributing
-
-To ensure your contribution is accepted, follow these tips:
-- **Use Conventional Commits**: Write clear and consistent commit messages using the Conventional Commits format.
-- **Keep Your PRs Small**: Focus on one issue or feature per PR to make it easier to review.
-- **Be Patient**: Maintainers are often volunteers and may take some time to review your PR.
-
----
-
-### Why Contributing is Important
-
-Contributing to open-source projects like Palmr has many benefits:
-1. **Improves the Project**: Your contributions help make the project better for everyone.
-2. **Builds Your Skills**: You’ll gain experience working with Git, GitHub, and collaborative coding.
-3. **Supports the Community**: Open-source thrives on community contributions. Your work helps sustain the project.
-
----
-
-### Conclusion
-
-That's it! You've successfully contributed to the **🌴 Palmr.** project on GitHub. Thank you for your time and effort in making Palmr better for everyone. We appreciate your contribution! 

apps/docs/content/docs/1.1.7-beta/generate-share.md

@@ -1,128 +0,0 @@
----
-title: Creating a share
----
-
-To create a share in Palmr, the process is very intuitive and self-explanatory. There are multiple ways to create a share, but the most straightforward method is through the **Home Page**, specifically in the **Recent Shares** section.
-
-## Home Page
-
-On the home page, there is a **"Recent Shares"** section. When no shares have been created yet, this section will appear as follows:
-
-![Recent Shares Section](/assets/v1/main/shares/share-section.png)
-
-Since no shares exist yet, you will see a **"Create Share"** button prominently displayed.
-
-![Create Share Button](/assets/v1/main/shares/create-first-share.png)
-
-> **Note:** You don’t need to upload files to create a share! Yes, it’s entirely possible to create a share without adding any files. While this might not make sense in every scenario, some users and use cases find this feature highly valuable.
-
-As mentioned above, shares in Palmr are created first with their settings, and then files can be added later. You can also edit a share at any time.
-
-To create a share, simply click the **"Create Share"** button in the center of the **Recent Shares** section. Doing so will open the following **Create Share** modal:
-
-![Create Share Modal](/assets/v1/main/shares/create-share-modal.png)
-
-Fill in the required information in the modal. The fields **Expiration Date**, **Max Views**, and **Password** are optional but significantly impact how the share functions for recipients:
-- **Password:** If set, the recipient must enter the correct password to access the share.
-- **Max Views:** If the limit is reached, the share will no longer be accessible unless the creator increases or removes the limit.
-- **Expiration Date:** After the expiration date, the share will automatically be disabled unless extended by the creator.
-
-Even the **name** field is optional, but we recommend setting a name for better organization.
-
-Once a share is created, the **Recent Shares** section updates to display a table with the following fields:
-
-- **Name**
-- **Created At**
-- **Expires At**
-- **Status**
-- **Security**
-- **Files**
-- **Recipients**
-- **Actions**
-
-![Shares Table](/assets/v1/main/shares/shares-table.png)
-
-To create additional shares, a **"New Share"** button appears in the upper right corner of the **Recent Shares** section.
-
-![New Share Button](/assets/v1/main/shares/new-share-btn.png)
-
-Clicking this button will reopen the **Create Share** modal.
-
-The **Recent Shares** section displays only the **last 5 shares**. To view all created shares, click the **"View All"** button.
-
-![Shares Filled](/assets/v1/main/shares/recent-shares-filled.png)
-
-![View All Button](/assets/v1/main/shares/view-all-button.png)
-
-Clicking this redirects you to the **Shares Management** page.
-
-![Shares Management Page](/assets/v1/main/shares/my-shares-page.png)
-
-Another way to access the **Shares Management** page is by clicking the **"My Shares"** card on the home page.
-
-![My Shares Card](/assets/v1/main/shares/my-shares-card.png)
-
----
-
-## Shares Management Page
-
-The **Shares Management** page is similar to the **Uploads Management** page, but here, you can **add, remove, edit, and view all created shares** without the limitation of only displaying the last 5 shares.
-
-##### Each share has an **Actions** column with the following options:
-
-![Actions Column](/assets/v1/main/shares/actions-column.png)
-
-## Edit Share
-
-Clicking the **Edit** button allows you to modify the share details.
-
-![Edit Share Modal](/assets/v1/main/shares/edit-share-modal.png)
-
-## Manage Files
-
-Clicking the **Manage Files** button lets you add or remove files from the share.
-
-![Manage Files Modal](/assets/v1/main/shares/manage-files-modal.png)
-
-## Manage Recipients
-
-Clicking the **Manage Recipients** button lets you add or remove recipients for the share.
-
-> **Note:** Email notifications will only be sent if SMTP settings are properly configured in the system.
-
-![Manage Recipients Modal](/assets/v1/main/shares/manage-recipients-modal.png)
-
-## View Share Details
-
-Clicking **View Details** lets you see all details of a share.
-
-![View Details Modal](/assets/v1/main/shares/share-details-modal.png)
-
-## Generate Share Link
-
-Clicking the **Generate Link** button creates a shareable link, which can be customized.
-
-![Generate Link Modal](/assets/v1/main/shares/generate-share-link-modal.png)
-
-Once generated, you can view and copy the link.
-
-![Copy Link Modal](/assets/v1/main/shares/copy-link-modal.png)
-
-The generated link can be edited or copied from a dropdown menu.
-
-![Edit or Copy Link Dropdown](/assets/v1/main/shares/dropdown-with-copy.png)
-
-When the generated link is accessed, the recipient can **view and download** the shared files.
-
-![Shared Page Preview](/assets/v1/main/shares/share-screen.png)
-
-## Delete Share
-
-Clicking the **Delete** button allows you to permanently remove a share.
-![Delete Share Modal](/assets/v1/main/shares/delete-share-modal.png)
-
----
-
-## Summary
-
-Palmr’s share creation process is intuitive and flexible. You can create a share without files, edit share settings, manage recipients, and generate shareable links. The **Shares Management** page provides a full overview of all shares, ensuring you have complete control over your file-sharing process.

apps/docs/content/docs/1.1.7-beta/gh-sponsor.md

@@ -1,77 +0,0 @@
----
-title: Github Sponsors
----
-
-Sponsoring a project on GitHub is a powerful way to support its development and ensure its long-term sustainability. This tutorial will guide you through the process of sponsoring the **Palmr.** project on GitHub using GitHub Sponsors.
-
----
-
-### Step 1: Log in to GitHub
-
-Before you can star a project, you need to be logged into your GitHub account. If you don't have an account yet, you can sign up for free at [GitHub](https://github.com/).
-
----
-
-### Step 2: Go to the Palmr. Repository
-
-Once you're logged in, go to the Palmr. repository by clicking on this link: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr).
-
-Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **Kyantech**.
-
----
-
-### Step 3: Click on the "Sponsor" Button
-
-On the Palmr repository page, you'll see a "Sponsor" button at the top right corner of the page. Click this button to proceed.
-
-![Palmr Profile Menu](/assets/v1/sponsor/sponsor-btn.png)
-
----
-
-### Step 4: Choose a Custom Sponsorship Amount
-
-GitHub Sponsors allows you to sponsor the project with a **custom amount starting at $1**. Here's how to do it:
-1. On the sponsorship page, look for the option to **enter a custom amount**.
-2. Type in the amount you'd like to sponsor (e.g., $1, $5, $10, or any amount you choose).
-3. Select the billing frequency (monthly or one-time).
-
-![Palmr Profile Menu](/assets/v1/sponsor/sponsor-page.png)
-
-
----
-
-### Step 5: Complete the Sponsorship
-
-After entering your custom amount and selecting the billing frequency, you'll be prompted to enter your payment details. Follow the instructions to complete the sponsorship process. Once done, you'll officially be a sponsor of the Palmr project!
-
----
-
-### Why Sponsoring is Important for Project Development
-
-Sponsoring a project goes beyond starring—it provides direct financial support to the developers, enabling them to focus on improving and maintaining the project. Here's why sponsoring is so important:
-
-#### 1. **Supports Sustainability**
-   - Sponsoring helps ensure the long-term sustainability of the project by providing developers with the resources they need to continue their work.
-
-#### 2. **Encourages Innovation**
-   - Financial support allows developers to experiment, innovate, and add new features to the project.
-
-#### 3. **Shows Deep Appreciation**
-   - Sponsoring is a tangible way to show your appreciation for the hard work and effort that goes into maintaining and developing a project.
-
-#### 4. **Gives You Recognition**
-   - Many projects offer recognition for sponsors, such as listing your name or company on the project's README or website.
-
-#### 5. **Helps Open Source Thrive**
-   - Open-source projects like Palmr rely on community support. By sponsoring, you're contributing to the growth and success of the open-source ecosystem.
-
----
-
-### A Meaningful Way to Give Back
-Sponsoring a project is a meaningful way to give back to the developers who create the tools and software you rely on. Even a small contribution of **$1** can make a big difference. Your support ensures that Palmr continues to grow and improve. Thank you for considering sponsoring! 💖
-
----
-
-### Conclusion
-
-That's it! You've successfully sponsored the **Palmr** project on GitHub. Your contribution, no matter the amount, will help ensure the project continues to grow and improve. Thank you for your support!

apps/docs/content/docs/1.1.7-beta/gh-star.md

@@ -1,72 +0,0 @@
----
-title: Star this project on Github
----
-
- Starring a project on GitHub is a great way to show appreciation for a repository and to bookmark it for easy access later. This tutorial will guide you through the process of starring the **Palmr** project on GitHub.
-
----
-
-### Step 1: Log in to GitHub
-
-Before you can star a project, you need to be logged into your GitHub account. If you don't have an account yet, you can sign up for free at [GitHub](https://github.com/).
-
----
-
-### Step 2: Go to the Palmr. Repository
-
-Once you're logged in, go to the Palmr. repository by clicking on this link: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr).
-
-Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **Kyantech**.
-
----
-
-### Step 3: Star the Repository
-
-On the Palmr. repository page, you'll see a "Star" button at the top right corner of the page. Click this button to star the repository.
-
-![Palmr Profile Menu](/assets/v1/sponsor/star-btn.png)
-
----
-
-### Step 4: Confirm the Star
-
-After clicking the "Star" button, the button will change to "Unstar," indicating that the repository has been successfully starred. You can always unstar the repository by clicking the "Unstar" button.
-
-![Palmr Profile Menu](/assets/v1/sponsor/starred-button.png)
-
-
----
-
-### Why Starring is Important for Project Development
-
-Starring a repository on GitHub is more than just a bookmarking tool—it’s a way to support the project and its developers. Here’s why starring is so important:
-
-#### 1. **Shows Appreciation**
-   - Starring a repository is a simple way to show your appreciation for the hard work and effort that goes into maintaining and developing a project. It’s like giving a thumbs-up to the developers!
-
-#### 2. **Increases Visibility**
-   - The more stars a repository has, the more visible it becomes on GitHub. This can attract more contributors, users, and even potential sponsors, which helps the project grow.
-
-#### 3. **Encourages Developers**
-   - Seeing stars on a repository motivates developers to continue improving the project. It’s a sign that people find the project useful and valuable.
-
-#### 4. **Helps with Discovery**
-   - GitHub’s trending and recommendation algorithms often prioritize repositories with more stars. By starring Palmr, you’re helping others discover it more easily.
-
-#### 5. **Tracks Your Interests**
-   - Starring a repository adds it to your "Starred" list, making it easy for you to find and revisit the project later. It’s a great way to keep track of projects you love or want to follow.
-
-#### 6. **Supports Open Source**
-   - Open-source projects like Palmr thrive on community support. By starring the repository, you’re contributing to the open-source ecosystem and helping ensure the project’s longevity.
-
----
-
-### A Small Action with a Big Impact
-Starring a repository takes just a second, but it can have a huge impact on the project’s growth and development. Your support means a lot to the developers and the community behind Palmr. So, if you find the project useful, don’t forget to hit that **Star** button! ⭐
-
----
-
-### Conclusion
-
-That's it! You've successfully starred the **Palmr.** project on GitHub. Starring repositories is a simple yet powerful way to keep track of projects you find interesting or useful. Thank you for supporting Palmr!
-

apps/docs/content/docs/1.1.7-beta/github-architecture.md

@@ -1,80 +0,0 @@
----
-title: Github Architecture
----
-
-## Project Structure
-
-```plaintext
-├── apps/
-│   ├── web/         # Frontend application
-│   ├── server/      # Backend API service
-│   └── docs/        # Documentation site
-└── composes/        # Docker compose configurations
-configurations
- ```
-
-
-## Core Components
-### 1. Frontend Application (apps/web)
-##### Technology Stack:
-  - React 18
-  - TypeScript
-  - Vite
-  - HeroUI Components
-  - TailwindCSS
-  - i18next for internationalization
-
-
-##### The frontend follows a feature-based architecture with:
-
-- Components-based structure
-- Custom hooks for business logic
-- Route protection system
-- File management system
-- Modal system for file operations
-
-### 2. Backend Service (apps/server)
-##### Technology Stack:
-  - Fastify
-  - PostgreSQL
-  - MinIO for object storage
-  - Prisma as ORM
-
-##### Key features include:
-- User authentication/authorization
-- File management
-- Storage management
-- Share system
-
-### 3. Documentation (apps/docs)
-- Built with Astro and Starlight
-- Provides comprehensive documentation for the project
-
-### 4. Infrastructure
-- Docker-based deployment
-- Containerized services
-- Environment-specific configurations through docker-compose
-
-## Key Features
-##### 1. File Management
-   
-   - Upload/Download capabilities
-   - File preview system
-   - Share management
-   - Storage usage monitoring
-
-##### 2. User System
-   
-   - Authentication
-   - User management
-   - Profile management
-
-##### 3. Storage System
-   
-   - MinIO integration for object storage
-   - Disk space monitoring
-   - Upload size validation
-##### 4. Internationalization
-   
-   - Multi-language support
-   - Translation management

apps/docs/content/docs/1.1.7-beta/index.md

@@ -1,42 +0,0 @@
----
-title: Welcome to Palmr.
----
-
-![Palmr Banner](/assets/v1/general/banner.png) 
-
-## 🌴 What is **Palmr.** ?   
-___
-**Palmr.** is a powerful and **flexible open-source alternative** to popular file transfer services like **WeTransfer**, **SendGB**, **Send Anywhere** and **Files.fm**. The key advantage of Palmr. is that you can **host it on your own infrastructure**, such as a **dedicated server** or **VPS**, giving you full control over your files and data security — without relying on third-party services or worrying about artificial limits or high fees.  
-
-## **Why Choose Palmr.?**  
-___
-### **1. No Artificial Limits**  
-Unlike traditional services, Palmr. does not impose file size or quantity limits. The only limit is the **available storage** on your server or VPS. If you have the storage capacity, you can send files without restrictions, no premium plans, no ads, and no hidden fees.  
-
-### **2. Open Source and Free**  
-
-Palmr. is completely **open source** and free to use. You can:  
-- Deploy it on any infrastructure (VPS, dedicated server, Docker, etc.).  
-- Review and audit the code to ensure security and integrity.  
-- Contribute improvements or custom features.  
-- Adapt it for different use cases as needed.  
-
-### **3. Security and Privacy Under Your Control**  
-By hosting Palmr. on your own infrastructure, you retain **full control over your data**. Your files are not stored or processed by third parties, ensuring **privacy** and **confidentiality** of transferred information.  
-
-### **4. Highly Customizable**  
-Palmr. is fully customizable, allowing you to align it with your brand identity and user experience:  
-- Add your own **logo**.  
-- Set a **custom app name**.  
-- Configure an **SMTP server** for email notifications.  
-- Customize some text to create a unique experience for users.  
-
-### **5. Complete User and Admin Management**  
-Palmr. offers a robust user and admin management system:  
-- Create and manage multiple **administrators** .  
-- Add unlimited **users**.  
-- Control who can view, upload, and manage files.  
-- Easily monitor usage.  
-
-### **6. Fast, Lightweight, and Scalable**  
-Palmr. is designed to be lightweight and scalable, ensuring high performance even with large files or high user traffic. Its efficient architecture allows you to scale easily as your needs grow.  

apps/docs/content/docs/1.1.7-beta/installation.mdx

@@ -1,135 +0,0 @@
----
-title: Installation (Docker Compose)
----
-
-import { Tab, Tabs } from 'fumadocs-ui/components/tabs';
-
-### Quick Start with Default Docker Compose
-
-There is a default `docker-compose.yml` file in the project root that can be used for quick execution. While this provides a convenient way to get started, it's important to note that using the default passwords is **not secure**, especially if the application is exposed to public networks. Malicious users could potentially exploit known default credentials to attack your deployment.
-
-This base Docker Compose configuration works perfectly for localhost development but may require modifications when deployed to a VPS or production environment for optimal performance and security. Please consult the complete documentation for proper production deployment configurations.
-
-For a quick start using the default configuration, simply run:
-```bash
-docker compose up -d
-```
-This command will start the project using the default configuration.
-
-> ⚠️ **Important:** We strongly recommend testing your configuration locally first, especially if you've made any modifications to the Docker Compose files. Only after confirming everything works as expected locally should you proceed with deployment to a VPS or server environment.
-
-### Startup Script for Docker Compose
-
-To simplify the execution of the project and enable it to run on any machine, a **startup script** for Docker Compose was created. This script automates the generation of secure credentials and facilitates local setup. While this method provides better security than using default passwords, for maximum security, we strongly recommend moving all sensitive credentials to environment variables instead.
-
-To execute the project using this approach, you need to have **Docker** and **Docker Compose** installed on your machine. While this is the simplest way to execute the project, it is **not recommended for production environments**.  
-
----
-
-### Ways to Execute the Startup Script  
-
-First of all, download the relase v1.1.7-beta: 
-[Release version - 1.1.7-beta](https://github.com/kyantech/Palmr/releases/tag/v1.1.7-beta)
-
-There are two ways to execute the script:  
-
-<Tabs items={['Using a Makefile', 'Running the Script Directly']}>
-  <Tab >
-    To use this method, you need to have the `make` command installed on your machine.
-    
-    To generate the new `docker-compose.yml` file using a Makefile, run the following command from the project root:  
-
-    ```bash
-    make gen-compose
-    ```
-
-    This command will subcribe the `docker-compose.yml` file in the root of the project.  
-    - The script's primary function is to generate secure passwords for **MinIO** (object storage) and **Postgres** (database).  
-    - The generated `docker-compose.yml` file serves as a base and can be modified at any time.  
-    - It is configured to run locally via `localhost` and is **not intended for production** or VPS environments.  
-
-    After the file is generated, you can modify or adapt it for deployment in other environments.  
-  </Tab>
-  <Tab >
-    To generate the `docker-compose.yml` file by running the script directly, use the following commands:  
-
-    ```bash
-    chmod +x ./scripts/generate-docker-compose.sh  
-    ./scripts/generate-docker-compose.sh  
-    ```
-
-    This will have the same effect as running `make gen-compose`.  
-  </Tab>
-</Tabs>
-
----
-
-### Running the Project  
-After generating the new `docker-compose.yml` file, you can start the project by running the following command from the project root:  
-
-```bash
-docker compose up -d
-```
-
-To access Palmr. in a local environment, open your browser and visit:  
-
-[http://localhost:4173](http://localhost:4173)  
-
----
-
-### Deployment in Production  
-For production environments with high scalability and availability requirements, we recommend using **Kubernetes**, **Docker Swarm**, or a similar container orchestrator.  
-
-For homelab, personal projects, or environments where high availability and scalability are not critical, Docker Compose can be used without issues. The `docker-compose.yml` file pulls the latest Palmr. images from Docker and makes them available on specific ports, as shown below:  
-
-- **Frontend:** [http://localhost:4173](http://localhost:4173)  
-- **Backend:** [http://localhost:3333](http://localhost:3333)  
-- **MinIO API:** [http://localhost:9000](http://localhost:9000)  
-- **MinIO Console:** [http://localhost:9001](http://localhost:9001)  
-- **Postgres Database:** [http://localhost:5423](http://localhost:5423)  
-
----
-
-### Port Configuration Recommendations  
-In this version of `docker-compose.yml`, none of the ports for the frontend and backend should be modified. Consequently, none of the URLs should be changed because the frontend image contains a pre-built version configured to work on port **4173**.  
-
-> ⚠️ Due to technical limitations related to **ReactJS**, environment variables executed at runtime cannot be changed. Therefore, to ensure that the system functions correctly as designed, keep the `docker-compose.yml` file unchanged.  
-
----
-
-### Running in Development Mode  
-If you want to modify the ports in a local environment and run the project using Docker with Docker Compose, we recommend using the `docker-compose-dev.yaml` file. This file builds the project based on the files in the cloned repository.  
-
-When using `docker-compose-dev.yaml`, make sure to configure all port and URL settings correctly. Incorrect configuration will prevent Palmr. from functioning as expected.  
-
----
-
-### Docker Compose in Production Environments  
-We **do not recommend** using `docker-compose.yml` in production or VPS environments. Docker Compose is designed for development and testing purposes only, not for handling production workloads.  
-
----
-
-### Recommended Deployment for Production  
-For production environments, we recommend using **Kubernetes**. However, the repository does not include a ready-to-use Kubernetes configuration, so you will need to configure it manually.  
-
-Alternatively, you can set up the application using separate services as follows:  
-
-- **Frontend:** Host on **Vercel** or **AWS Amplify**.  
-- **Backend:** Host on **Render.com** or similar services.  
-- **MinIO:** Deploy separately on a server using Docker.  
-- **Database:** Host on a managed service like **Neon.tech**.  
-
----
-
-### Environment Variables  
-The Palmr. code is completely open-source, allowing you to adjust the deployment to meet your needs. Ensure that the environment variables are correctly configured to avoid issues during execution.  
-
----
-
-### Additional Resources
-
-- [Docker Documentation](https://docs.docker.com/)
-- [Docker Compose Documentation](https://docs.docker.com/compose/)
-- [Kubernetes Documentation](https://kubernetes.io/docs/)
-- [MinIO Documentation](https://min.io/docs/minio/container/index.html)
-- [PostgreSQL Documentation](https://www.postgresql.org/docs/)

apps/docs/content/docs/1.1.7-beta/login.md

@@ -1,104 +0,0 @@
----
-title: First Login (Admin)
----
-
-Once you have started all the services as described in the deployment instructions, you will be able to access the frontend at:  
-
-- **Production environment:** `{your_web_domain}`  
-- **Local environment:** [http://localhost:4173](http://localhost:4173)  
-
-Upon accessing the frontend, you will see a screen similar to the image below:  
-
-![Palmr Landing Page](/assets/v1/general/lp.png)  
-
-This is the **Palmr. landing page**, which provides basic information about the application. This landing page can be hidden later when you configure your app, allowing the login page to become the default home page. However, on the first execution, it is displayed by default.  
-
----
-
-## First Login  
-
-At the top of the landing page, you will see a button to log in to Palmr.:  
-
-> **But you may wonder:** 
-
-To simplify the process, Palmr. comes pre-configured with **seed data** upon the first initialization. This seed data includes a default **admin user** with full access to all settings and user management within the application.  
-
-After clicking the **Login** button, you will be redirected to the login screen, which looks like this:  
-
-![Palmr Login Page](/assets/v1/ui/login.png)  
-
-Use the following default credentials to log in for the first time:  
-
-| User       | Password   |
-|------------|------------|
-| `admin@example.com` | `admin123` |  
-
-If everything is set up correctly, you will be authenticated and redirected to Palmr.'s main dashboard, which looks like this:  
-
-![Palmr Dashboard](/assets/v1/ui/dashboard.png)  
-
-At this point, you are officially logged in and ready to start using all the features of Palmr.!  
-
----
-
-## Recommendations After First Access  
-
-Since Palmr. includes a single default admin user in the seed data, it is **highly recommended** to change the default admin credentials immediately after the first login. This is crucial for maintaining the security of your instance.  
-
-Follow these steps to update the admin credentials and secure your Palmr. instance:  
-
-### Step 1: Access the Profile Settings  
-1. Click the **user icon** located in the top right corner of the screen.  
-2. A dropdown menu will appear with several options:  
-
-![Palmr Profile Menu](/assets/v1/ui/menu.png)  
-
-3. Select **"Profile"** from the dropdown menu. This will redirect you to the profile settings page:  
-
-![Palmr Profile Page](/assets/v1/ui/profile.png)  
-
----
-
-### Step 2: Update the Admin Profile  
-On the profile settings page, you can update all the information related to the admin account.  
-
-- To update the password, enter a new secure password and confirm it.  
-- Update other details as needed based on your preferences.  
-
-**Tip:** For better security, use a strong password containing:  
-- At least 12 characters  
-- A mix of uppercase and lowercase letters  
-- Numbers and special characters  
-
----
-
-### Step 3: Update the Profile Picture  
-You can also update the profile picture for better personalization.  
-
-1. Click the **camera icon** next to the avatar.  
-2. Select an image from your local device.  
-
-![Palmr Profile Picture](/assets/v1/ui/profile_picture.png)  
-
-> **Recommendation:** Use a square image to ensure proper display.  
-
----
-
-## Troubleshooting  
-
-If you encounter any issues during the first login or profile update, please check the following:  
-- Ensure that all services (frontend, backend, MinIO, and database) are running correctly.  
-- Make sure the environment variables are properly configured.  
-- Confirm that the database seeds have been applied correctly.  
-
----
-
-## Security Best Practices  
-
-- After setting up your admin account, create separate user accounts with limited access based on roles.  
-- Use HTTPS to secure the connection between the client and the server.  
-- Regularly update the Palmr. instance to benefit from the latest security patches and improvements.  
-
----
-
-

apps/docs/content/docs/1.1.7-beta/manage-users.md

@@ -1,85 +0,0 @@
----
-title: Manage users
----
-
-Manage users to **Palmr** is a straightforward process. Below is a detailed step-by-step guide explaining how to create and manage users within the application.
-
-
-### Step 1: Accessing User Management
-
-To begin, you need to navigate to the **User Management** section:
-
-1. Click on the **user icon** located in the header of the app.
-2. A dropdown menu will appear. From the options available, select **"User Management"**
-
-![Palmr Profile Menu](/assets/v1/ui/menu.png) 
-
----
-
-### Step 2: User Management Dashboard
-
-After selecting **User Management**, you will be redirected to the **User Management Dashboard**. 
-
-- On your first access, the only user listed will be the **default Admin** user.
-- If you need to update the Admin user details, you must follow the steps outlined in the **Profile Management** section.  
-- User details for the logged-in Admin cannot be modified from the **User Management Dashboard**.
-
-![Palmr Profile Menu](/assets/v1/main/users/users-management.png) 
-
----
-
-### Step 3: Adding a New User
-
-1. To add a new user, click on the **"Add User"** button located at the top right corner of the screen.
-
-![Palmr Profile Menu](/assets/v1/main/users/add-users-btn.png) 
-
-2. A modal form will appear, allowing you to enter the new user's details:
-
-![Palmr Profile Menu](/assets/v1/main/users/add-user-modal.png) 
-
-3. After filling in the user details, click on **"Create"** to confirm.  
-   Alternatively, you can click **"Cancel"** to abort the user creation process.
-
-4. Once the user is created successfully, it will appear in the user list.
-
-![Palmr Profile Menu](/assets/v1/main/users/new-user-table.png) 
-
----
-
-### Step 4: Managing User Actions
-
-In the **User List**, under the **"Actions"** column, you will find a dropdown menu for each user.
-
-![Palmr Profile Menu](/assets/v1/main/users/add-user-actions-dropdown.png) 
-
-
-Available actions include:
-
-- **Edit User** – Opens a modal form to update user information:
-   - Change user details including role.
-   - Change the user password.
-
-![Palmr Profile Menu](/assets/v1/main/users/edit-user-modal.png) 
-
-- **Deactivate User** – Marks the user as inactive, preventing them from logging into the system.
-- **Activate User** – Reactivates a deactivated user, allowing them to log in again.
-- **Delete User** – Permanently removes the user from the system.
-
-
----
-
-### Troubleshooting
-
-#### User Creation Fails
-- Ensure all mandatory fields (name, email, role) are filled out correctly.
-- Check for duplicate emails.
-- Verify that the system has proper connectivity to the backend.
-
-#### User Cannot Log In
-- Ensure the user is marked as **Active**.
-- Verify that the correct email and password are being used.
-- Reset the user password if needed.
-
-
-

apps/docs/content/docs/1.1.7-beta/manual-installation.mdx

@@ -1,170 +0,0 @@
----
-title: Manual Installation
----
-Manual installation is a bit more complex and labor-intensive compared to installation via Docker Compose. However, by following this step-by-step guide, you can execute the project cleanly.
-
-It's worth noting that even though our frontend and backend are run manually, we will still need to use Docker or another third-party service to run Postgres and MinIO. In this tutorial, we will use Docker with Docker Compose to set up MinIO and Postgres.
-
-For this, within our `apps/server` directory, we already have a Docker Compose file that runs MinIO and Postgres, which are necessary for the application to function. However, feel free to use another service if you prefer. Once again, we are using Docker Compose to reduce the manual effort required to set up these services, especially third-party services like Postgres and MinIO.
-
-Now, let's proceed with the step-by-step guide.
-
-## Prerequisites
-
-Before we begin, we need to have the following tools installed in our environment:
-
-- Docker
-- Docker Compose
-- Node.js
-- pnpm
-- Git
-
-It's important to emphasize that the entire repository was written using the `pnpm` package manager. Therefore, it is highly recommended to use `pnpm` to run the services to avoid potential issues. However, if you prefer to use another package manager like `npm`, `yarn`, or `bun`, you may do so at your own risk. The system might work normally, but it could also present unknown and unmapped errors when using other package managers. So, we strongly recommend using `pnpm`.
-
-## Running the Application
-
-### Step 1: Clone the Repository
-
-First, clone the official repository:
-
-```bash
-git clone https://github.com/kyantech/Palmr.git
-```
-In the root of this repository, you will find a folder called apps. Inside this folder, there are three subfolders: docs, server, and web. For now, we are interested in the server and web folders, which contain our backend (written in Fastify) and frontend (written in React + Vite), respectively.
-
-### Step 2: Set Up Backend Services
-Navigate to the backend folder, where the Docker Compose file for MinIO and Postgres is located:
-
-```bash
-cd ./apps/server
-```
-Inside this folder, you can start by running:
-
-```bash
-docker compose up -d
-```
-This command will run Postgres and MinIO in the background. If you need to make any changes, the file being executed with docker compose up is located at `apps/server/docker-compose.yaml`. However, we recommend using the default settings for the first run and making changes only after you have a functional version of the base code.
-
-### Step 3: Set Up Backend
-
-With MinIO and Postgres running via Docker Compose, let's proceed to the next steps, which involve running the project itself. Here, we will build and run the project in production mode, not development mode. To do this, we need to build both the backend and frontend applications.
-
-Since we are already in the server folder, let's start with the backend.
-
-#### 3.1: Set Up Environment Variables
-
-We need some environment variables for Palmr to run successfully. For this, we will use the `.env.example` file provided in the repository as a base.
-
-Simply run:
-
-```bash
-cp .env.example .env
-```
-
-This command copies the necessary environment variables to a `.env` file in the root directory.
-
-#### 3.2: Install Dependencies
-Next, we need to initialize the database connected directly to Postgres via Prisma, our ORM. But for Prisma to work, we need to install the dependencies for our backend project. With Node and pnpm installed, run:
-
-```bash
-pnpm install
-```
-#### 3.3: Generate Prisma Client
-After the installation is complete, run the following command:
-
-```bash
-pnpm dlx prisma generate
-```
-The prisma generate command generates the Prisma client for the project. This client allows programmatic access to the database.
-
-#### 3.4: Deploy Prisma Migrations
-Once the generation is complete, run:
-
-```bash
-pnpm dlx prisma migrate deploy
-```
-The prisma migrate deploy command deploys the Prisma migration.
-
-#### 3.5: Seed the Database
-After the migration is deployed, we can seed the database to populate the initial tables with the following command:
-
-```bash
-pnpm db:seed
-```
-Now, our database is ready for the project to run.
-
-#### 3.6: Build and Run the Backend
-To run the backend, simply execute:
-
-```bash
-pnpm run build
-```
-This command builds the application for production. After the build is complete, run:
-
-```bash
-pnpm start
-```
-Following these steps, the backend will be functional. To test it, you can access:
-
-```bash
-http://localhost:3333/docs
-```
-This is the API documentation page.
-
-### Step 4: Set Up Frontend
-The frontend setup is similar to the backend, but we don't need to run any Docker containers—only the service itself.
-
-#### 4.1: Navigate to the Frontend Directory
-If you are in the server folder:
-
-```bash
-cd ../web
-```
-If you are in the root of the repository:
-
-```bash
-cd apps/web
-```
-
-#### 4.2: Set Up Environment Variables
-Once in the web directory, first run:
-
-```bash
-cp .env.example .env
-```
-This populates the environment variables, just like in the backend.
-
-#### 4.3: Install Dependencies
-Next, install the dependencies:
-
-```bash
-pnpm install
-```
-
-#### 4.4: Build and Run the Frontend
-Now, the process for the frontend is simpler. We can simply run the build with:
-
-```bash
-pnpm run build
-```
-Once the build is complete, start the service with:
-
-```bash
-pnpm preview
-```
-
-Wait for the service to start, and then you can test the entire application at:
-
-```bash
-http://localhost:4173
-```
-
-##### Conclusion
-That's it! This is the step-by-step guide to manually running a production version of Palmr.
-
-### Useful Links
-
-- [Docker Documentation](https://docs.docker.com/)
-- [Node.js Documentation](https://nodejs.org/en/docs/)
-- [pnpm Documentation](https://pnpm.io/)
-- [Prisma Documentation](https://www.prisma.io/docs/)

apps/docs/content/docs/1.1.7-beta/meta.json

@@ -1,28 +0,0 @@
-{
-  "title": "v1.1.7-beta",
-  "description": "(Deprecated)",
-  "root": true,
-  "icon": "Building2",
-  "pages": [
-    "---Introduction---",
-    "index",
-    "architecture",
-    "github-architecture",
-    "installation",
-    "manual-installation",
-    "api",
-    "---How to use Palmr.---",
-    "login",
-    "manage-users",
-    "upload",
-    "generate-share",
-    "configuring-smtp",
-    "available-languages",
-    "---Developers---",
-    "contribute",
-    "open-an-issue",
-    "---Sponsor this project---",
-    "gh-star",
-    "gh-sponsor"
-  ]
-}

apps/docs/content/docs/1.1.7-beta/open-an-issue.md

@@ -1,81 +0,0 @@
----
-title: How to open an issue
----
-
-Opening an issue on GitHub is a great way to report bugs, request features, or ask questions about a project. This tutorial will guide you through the process of opening an issue for the **Palmr.** project on GitHub.
-
----
-
-### Step 1: Log in to GitHub
-
-Before you can star a project, you need to be logged into your GitHub account. If you don't have an account yet, you can sign up for free at [GitHub](https://github.com/).
-
----
-
-### Step 2: Go to the Palmr. Repository
-
-Once you're logged in, go to the Palmr. repository by clicking on this link: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr).
-
-Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **Kyantech**.
-
----
-
-### Step 3: Navigate to the Issues Tab
-
-On the Palmr repository page, click on the **Issues** tab near the top of the page. This will take you to the issues section of the repository.
-
-![Palmr Profile Menu](/assets/v1/developers/issues-tab.png)
-
-
----
-
-### Step 4: Click on "New Issue"
-
-Once you're in the issues section, click the **New Issue** button to start creating a new issue.
-
-![Palmr Profile Menu](/assets/v1/developers/new-issue-btn.png)
-
-
----
-
-### Step 5: Fill Out the Issue Form
-
-You’ll now see a form where you can provide details about your issue. Here’s how to fill it out:
-
-1. **Title**: Write a clear and concise title that summarizes the issue.
-2. **Description**: Provide a detailed description of the issue. Include steps to reproduce the problem (if it’s a bug), expected behavior, and actual behavior. If you’re requesting a feature, explain why it would be useful.
-3. **Labels (Optional)**: Add labels to categorize your issue (e.g., `bug`, `enhancement`, `question`). This helps the maintainers organize and prioritize issues.
-4. **Attachments (Optional)**: You can attach screenshots, logs, or other files to help explain the issue.
-
-![Palmr Profile Menu](/assets/v1/developers/new-issue-form.png)
-
----
-
-### Step 6: Submit the Issue
-
-Once you’ve filled out the form, click the **Create** button. Your issue will now be visible to the project maintainers and other contributors.
-
----
-
-### Tips for Writing a Good Issue
-
-To ensure your issue is addressed quickly and effectively, follow these tips:
-- **Be Clear and Specific**: Provide as much detail as possible.
-- **Use a Descriptive Title**: A good title helps maintainers understand the issue at a glance.
-- **Include Steps to Reproduce**: If it’s a bug, explain how to reproduce it.
-- **Be Polite and Respectful**: Remember that maintainers and contributors are volunteering their time.
-
----
-
-### Why Opening Issues is Important
-
-Opening issues is a key part of contributing to open-source projects. Here’s why it matters:
-1. **Improves the Project**: Your feedback helps identify bugs and suggest new features.
-2. **Helps Maintainers**: Clear and detailed issues make it easier for maintainers to address problems.
-3. **Encourages Collaboration**: Issues can spark discussions and attract contributors to help solve problems.
-
----
-
-### Conclusion
-
-That's it! You've successfully opened an issue for the **Palmr** project on GitHub. Your contribution helps improve the project and supports the open-source community. Thank you for taking the time to share your feedback!

apps/docs/content/docs/1.1.7-beta/upload.md

@@ -1,94 +0,0 @@
----
-title: Uploading Files
----
-
-To upload a file in Palmr, the process is very simple. There are two main locations where you can upload files. 
-However, before proceeding, it’s important to highlight that the core functionality of Palmr is file sharing. 
-But for this to work, you need to first upload one or more files to share. Later, you can create a sharing session, 
-which may contain one or multiple files.
-
-Now let's focus on the file upload process. As mentioned, it is very simple, and you can upload files from two locations: 
-**the Home Page** or **the My Files Page**. We will go through both examples below, but the process is exactly the same in both cases.
-
----
-
-## Home Page
-
-On the home page, there is a **"Recent Uploads"** section. On the first initialization (when no file has been uploaded yet), 
-it will appear like this:
-
-![Recent Uploads Section](/assets/v1/main/upload/recent-uploads.png)
-
-To upload a file, simply click on the **"Upload File"** button. This will open a modal where you can select the file you want 
-to upload from your device. Some file types, such as images, audio, and video, will have a preview available.
-
-![Upload File Button](/assets/v1/main/upload/upload-file-button.png)
-
-### Example with an image:
-![Preview Example](/assets/v1/main/upload/preview-example.png)
-
-After selecting the file, you can either confirm the upload by clicking the **"Upload"** button or cancel the operation by clicking the **"Cancel"** button.
-
-![Upload and Cancel Buttons](/assets/v1/main/upload/upload-cancel-buttons.png)
-
-Once one or more files have been uploaded, the **"Recent Uploads"** section will update and look like this:
-
-![Recent Uploads with Files](/assets/v1/main/upload/recent-uploads-filled.png)
-
-To upload a new file from this screen, click the **"Upload File"** button in the upper right corner of the section, and follow the same steps as before.
-
-![New Upload Button](/assets/v1/main/upload/new-upload-button.png)
-
-This list on the home page shows only the **last 5 uploads**. To view older files or upload more, you need to go to the **"My Files"** page. 
-You can access this by clicking on the **"View All"** button in the upper right corner of the section or by clicking on the **"My Files"** card on the home page.
-
-![View All Button](/assets/v1/main/upload/view-all-button.png)
-
-Or:
-
-![My Files Card](/assets/v1/main/files/my-files-card.png)
-
----
-
-## My Files Page
-
-On the **"My Files"** page, the layout will look like this:
-
-![My Files Page](/assets/v1/main/files/my-files-page.png)
-
-Here, you have the option to **filter** your uploaded files or upload new ones by clicking the **"Upload File"** button and following the same steps explained earlier.
-
-Notice that the tables in the **"Recent Files"** section and the **"My Files"** page are the same — the only difference is the number of results shown. 
-The **"Recent Files"** section shows only the last 5 uploads, while the **"My Files"** table displays all uploads.
-
-The table fields include:
-- **Name**
-- **Description**
-- **Size**
-- **Created At**
-- **Updated At**
-- **Actions**
-
-### Actions Column
-In the **"Actions"** column, you will find an icon that opens the following dropdown:
-
-![Actions Dropdown](/assets/v1/main/files/actions-dropdown.png)
-
-Each option is self-explanatory, but let’s detail the **Edit** option:
-
-- **Edit** – Opens a modal where you can edit the file name, description, and other details.
-
-  ![Edit Modal](/assets/v1/main/files/edit-modal.png)
-
-- You can also **delete** a file directly from the dropdown by selecting the **Delete** option.
-
-The preview feature is only available for files like images, audio, PDFs and video. For other file types, 
-you can download them using the **Download** option in the dropdown.
-
----
-
-## Notes and Recommendations
-
-- For a better user experience, we recommend using optimized files for upload.  
-- Upload errors or issues are logged and can be reviewed through the admin panel.  
-- Admins can manage file access permissions.  

apps/docs/content/docs/2.0.0-beta/api.mdx

@@ -18,7 +18,6 @@ The API documentation is powered by **[Scalar](https://scalar.com/)**, which pro
 
 ![Palmr API Documentation](/assets/v2/api-docs/scalar.png)
 
-
 We have made a deliberate decision to **not provide an online version** of the API documentation, as the endpoints and functionality may vary significantly depending on the specific version of Palmr. you have deployed in your environment. To ensure you're always working with accurate and version-specific documentation, we strongly recommend accessing the documentation only after initializing your API service. It's important to note that the API service is specifically designated as the **server** component within the official Palmr. GitHub repository.
 
 We strongly recommend utilizing **Scalar** as your primary tool for querying and testing the API, as the entire documentation system has been carefully optimized and designed with Scalar integration in mind. Scalar provides developers with an exceptionally intuitive and feature-rich interactive environment that streamlines the process of exploring endpoints, constructing and sending requests, and analyzing responses directly within its sophisticated interface.

apps/docs/content/docs/2.0.0-beta/architecture.mdx

@@ -12,51 +12,50 @@ Understanding the architecture of Palmr. is crucial for both deploying and scali
 
 Each component in the Palmr. architecture plays a vital role in ensuring reliability, performance, and scalability. The stack is built with simplicity, performance, and flexibility in mind, everything is self-hosted, developer-friendly, and designed to scale without adding unnecessary complexity.
 
-
 ### 💾 PostgreSQL
+
 Palmr. uses **PostgreSQL** as the primary database solution. It's a powerful, open-source relational database that’s trusted by developers around the world. PostgreSQL is fully ACID-compliant, which means it handles transactions safely and reliably. It’s perfect for storing structured data like user accounts, file metadata, transfer logs, and anything else that requires consistency. With advanced features like full-text search, custom data types (like JSONB), and strong indexing capabilities, PostgreSQL gives us the tools to scale efficiently without giving up query performance or flexibility.
 
 - Provides reliable and secure data storage, ensuring consistency and high performance for all database operations.
 - Powerful indexing, query optimization, and support for complex data types.
 - Ideal for handling large amounts of metadata and transactional data in a predictable and scalable way.
 
-
 ### 🎨 Next.js 15 + React + TypeScript
+
 The frontend of Palmr. is built using **Next.js 15**, along with **React** and **TypeScript**, forming a modern stack that’s easy to maintain and super fast for end users. Next.js 15 brings server components, server actions, and a new app router system that makes rendering dynamic content incredibly efficient. This allows us to load only what’s needed, when it’s needed which makes the app feel snappy even under load. React provides a clean, component-based structure that makes it easy to break the UI into reusable pieces, and TypeScript helps prevent bugs before they even happen by enforcing static typing and better code navigation. Whether it's SSR, static pages, or dynamic user interactions, this trio handles it all seamlessly.
 
 - **React** enables the creation of a dynamic and responsive user interface with a component-based architecture.
 - **TypeScript** adds static typing, enhancing code quality and reducing runtime errors.
 - **Next.js 15** handles routing, server-side rendering, and server components for performance at scale.
 
-
 ### 📦 MinIO
+
 Palmr. uses **MinIO** for object storage. MinIO is a lightweight, high-performance, S3-compatible storage solution that makes file handling simple and scalable. Every file uploaded to Palmr. Whether it's a personal file transfer or a shared asset is stored in MinIO. It’s built to handle huge amounts of data and can be deployed locally, on-premise, or in the cloud. Because it speaks the same API as Amazon S3, integrating with it is straightforward and familiar to most developers. And since it’s self-hosted, we have full control over performance, redundancy, and security.
 
 - Supports high-throughput file storage and retrieval.
 - Ensures data integrity and redundancy.
 - Compatible with AWS S3 APIs, making integration seamless.
 
-
 ### ⚡ Fastify
+
 The backend of Palmr. is powered by **Fastify**, a super-fast Node.js web framework optimized for performance and low overhead. It’s designed to handle lots of concurrent requests with minimal resource usage, which is key for scalable backend services. Fastify also has a built-in schema validation system that ensures all incoming data is properly validated before reaching business logic, which helps prevent bugs and security issues. It follows a plugin-based architecture, making it easy to keep route handlers, services, and middlewares cleanly separated and easy to extend as the project grows.
 
 - Provides fast request handling with a lightweight core.
 - Built-in schema-based validation for secure and reliable API handling.
 - Supports plugin-based architecture for easy extensibility.
 
-
 ### 🔄 How It Works
+
 1. **Frontend** — React + TypeScript + Next.js 15 handle the user interface and user interactions.
 2. **Backend** — Fastify processes requests and communicates with the database and storage layers.
 3. **Database** — PostgreSQL stores metadata and transactional data.
 4. **Object Storage** — MinIO stores the actual files and ensures scalable, high-performance storage.
 
-
 ### 📚 Useful Links
+
 - [PostgreSQL Documentation](https://www.postgresql.org/docs/)
 - [Next.js Documentation](https://nextjs.org/docs)
 - [React Documentation](https://react.dev/)
 - [TypeScript Handbook](https://www.typescriptlang.org/docs/)
 - [MinIO Documentation](https://min.io/docs/minio/container/index.html)
 - [Fastify Documentation](https://fastify.dev/docs/latest/)
-

apps/docs/content/docs/2.0.0-beta/available-languages.mdx

@@ -9,7 +9,7 @@ The project leverages next-intl, a powerful and flexible internationalization (i
 ---
 
 | Language      | Code  | Description                                              | Translation |
-|----------|------|-------------|-------------|
+| ------------- | ----- | -------------------------------------------------------- | ----------- |
 | 🇺🇸 English    | en-US | Primary development language and default fallback option | 100%        |
 | 🇧🇷 Portuguese | pt-BR | Standard Brazilian Portuguese support                    | 100%        |
 | 🇫🇷 French     | fr-FR | Standard French language support                         | 100%        |

apps/docs/content/docs/2.0.0-beta/configuring-smtp.mdx

@@ -7,6 +7,7 @@ For Palmr to function with all its best features, we need to configure our email
 ## ❓ Why Configure SMTP?
 
 The main functionalities that depend on SMTP configuration are:
+
 - 🔑 **Password Reset** – Users who forget their password and cannot access the **Settings** panel need this feature.
 - 📧 **Email Notifications** – Recipients will receive emails when new shares are sent to them.
 
@@ -53,6 +54,7 @@ Once SMTP is enabled, you can configure the other necessary fields:
 ### 🔐 Generating a Gmail App Password
 
 To generate an App Password for Gmail:
+
 1. Go to [Google My Account](https://myaccount.google.com/).
 2. Select **Security**.
 3. Scroll down to **App Passwords**.

apps/docs/content/docs/2.0.0-beta/contribute.mdx

@@ -15,6 +15,7 @@ Before you can contribute, you need to be logged into your GitHub account. If yo
 ---
 
 ### 🔍 Access the Repository
+
 Once you're logged in, go to the Palmr repository by clicking on this link: **[https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr)**. The repository contains all the source code, documentation, and resources for the Palmr project. Take a moment to explore the repository structure, including the README file, which provides an overview of the project.
 
 Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **kyantech**. When searching, make sure you're looking at the official repository by checking the owner and repository name. The repository should have a description that matches the Palmr project and show recent activity from the maintainers. You can also check the number of stars, forks, and watchers to verify you're accessing the correct repository.
@@ -32,6 +33,7 @@ To contribute to the project, you'll need to create your own copy of the reposit
 5. You'll be automatically redirected to your forked repository once it's ready.
 
 The fork will maintain a connection to the original repository, allowing you to:
+
 - Keep your fork synchronized with the original repository
 - Submit pull requests from your fork to the original repository
 - Work independently on your own copy without affecting the original
@@ -41,6 +43,7 @@ The fork will maintain a connection to the original repository, allowing you to:
 ### 📥 Clone the Fork
 
 Next, you’ll need to clone your forked repository to your local machine. Here’s how:
+
 1. On your forked repository page, click the **Code** button.
 2. Copy the repository URL (HTTPS or SSH).
 3. Open your terminal or command prompt and run the following command to clone the repository:
@@ -60,6 +63,7 @@ Next, you’ll need to clone your forked repository to your local machine. Here
 ### 🔄 Set up Base Branch
 
 Before making changes, ensure your local repository is set up to track the `next` branch from the original Palmr repository. Here’s how:
+
 1. Add the original Palmr repository as a remote:
 
    ```bash
@@ -81,7 +85,9 @@ Before making changes, ensure your local repository is set up to track the `next
 ---
 
 ### ✏️ Make Local Changes
+
 Now you're ready to make your contributions! This could include:
+
 - Fixing a bug
 - Adding a new feature
 - Improving documentation
@@ -113,12 +119,14 @@ Once you’ve made your changes, commit them to your branch using **Conventional
 `<type>(<scope>): <description>`
 
 **Examples:**
+
 - `feat: add user authentication`
 - `fix(api): resolve null pointer exception`
 - `docs: update README file`
 - `chore: update dependencies`
 
 **Steps to Commit:**
+
 1. Stage your changes:
 
    ```bash
@@ -138,6 +146,7 @@ Once you’ve made your changes, commit them to your branch using **Conventional
 After committing your changes, you'll need to push them to your forked repository on GitHub. This step synchronizes your local changes with your remote repository. Here's how to do it:
 
 1. First, ensure your branch is up-to-date with any remote changes:
+
    ```bash
    git pull origin your-branch-name
    ```
@@ -148,11 +157,13 @@ After committing your changes, you'll need to push them to your forked repositor
    ```
 
 If this is the first time pushing this branch, you might need to set the upstream branch:
-   ```bash
-   git push -u origin your-branch-name
-   ```
+
+```bash
+git push -u origin your-branch-name
+```
 
 If you encounter any errors while pushing:
+
 - Make sure you have the correct permissions on your fork
 - Verify your remote URL is correct using `git remote -v`
 - Check if you need to authenticate with GitHub
@@ -162,6 +173,7 @@ If you encounter any errors while pushing:
 ### 🔀 Create Pull Request
 
 Now that your changes are on GitHub, you can open a **Pull Request (PR)** to propose your changes to the `next` branch of the Palmr repository. Here’s how:
+
 1. Go to your forked repository on GitHub.
 2. Click the **Pull Request** button.
 3. On the PR creation page:
@@ -191,6 +203,7 @@ Remember that code review is a collaborative process aimed at ensuring code qual
 ## 💡 Contribution Tips
 
 To ensure your contribution is accepted, follow these tips:
+
 - **Use Conventional Commits**: Write clear and consistent commit messages using the Conventional Commits format.
 - **Keep Your PRs Small**: Focus on one issue or feature per PR to make it easier to review.
 - **Be Patient**: Maintainers are often volunteers and may take some time to review your PR.
@@ -206,6 +219,7 @@ To ensure your contribution is accepted, follow these tips:
 ## ⭐ Why Contribute?
 
 Contributing to open-source projects like Palmr has many benefits:
+
 1. **Improves the Project**: Your contributions help make the project better for everyone.
 2. **Builds Your Skills**: You’ll gain experience working with Git, GitHub, and collaborative coding.
 3. **Supports the Community**: Open-source thrives on community contributions. Your work helps sustain the project.

apps/docs/content/docs/2.0.0-beta/generate-share.mdx

@@ -6,7 +6,7 @@ title: 🔗 Managing shares
 
 Creating a share in Palmr is designed to be a straightforward and user-friendly experience that anyone can master quickly. While the platform offers several methods for share creation, we recommend beginning with the most accessible approach: utilizing the **Home Page**, particularly through the well-organized **Recent Shares** section.
 
-___
+---
 
 ### Home Page
 
@@ -19,7 +19,6 @@ For first-time users, the interface features a prominently positioned **"Create
 ![](/assets/v1/main/shares/create-first-share.png)
 
 > Note: One of Palmr's unique features is its flexibility - you don't need to upload files to create a share! This might seem counterintuitive at first, but it's a deliberately designed feature that many users find invaluable for their specific workflows and use cases. This approach allows you to set up the sharing framework first and add content later.
-> 
 
 This design philosophy reflects Palmr's user-centric approach: you can establish your share's parameters and settings first, then populate it with files at your convenience. Furthermore, all aspects of your share remain fully editable at any time, providing maximum flexibility.
 
@@ -78,7 +77,7 @@ Each share has an **Actions** column with the following options:
 
 ![](/assets/v1/main/shares/actions-column.png)
 
-___
+---
 
 ## ✏️ Edit Share
 
@@ -88,24 +87,23 @@ The **Edit** button provides access to a comprehensive interface where you can m
 
 ## 📁 Manage Files
 
-___
+---
 
 Through the **Manage Files** button, you gain complete control over the content of your share, with the ability to both add new files and remove existing ones.
 
 ![](/assets/v1/main/shares/manage-files-modal.png)
 
-___
+---
 
 ## 👥 Manage Recipients
 
 The **Manage Recipients** button opens an interface where you can maintain your recipient list, adding or removing access as needed.
 
 > Note: For email notifications to function properly, please ensure that your system's SMTP settings are correctly configured and active.
-> 
 
 ![](/assets/v1/main/shares/manage-recipients-modal.png)
 
-___
+---
 
 ## 👀 View Share Details
 
@@ -113,7 +111,7 @@ The **View Details** option provides a comprehensive overview of all aspects and
 
 ![](/assets/v1/main/shares/share-details-modal.png)
 
-___
+---
 
 ## 🔗 Generate Share Link
 
@@ -133,7 +131,7 @@ When recipients access your generated link, they'll be able to both **view and d
 
 ![](/assets/v1/main/shares/share-screen.png)
 
-___
+---
 
 ## Delete Share
 

apps/docs/content/docs/2.0.0-beta/gh-sponsor.mdx

@@ -34,6 +34,7 @@ Once you're logged in, go to the Palmr. repository by clicking on this link: [ht
 Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **Kyantech**.
 
 You can also:
+
 - Star the repository to show your support
 - Watch it for updates
 - Fork it if you want to contribute
@@ -75,25 +76,26 @@ Once done, you'll officially be a **Palmr sponsor**! 🙌
 ### ⭐ Why Sponsoring Matters
 
 - 🧱 Supports Sustainability
-Your sponsorship helps keep the project alive and maintained long-term.
+  Your sponsorship helps keep the project alive and maintained long-term.
 
 - 🚀 Encourages Innovation
-Financial support gives developers the freedom to try new ideas and push boundaries.
+  Financial support gives developers the freedom to try new ideas and push boundaries.
 
 - 🫶 Shows Deep Appreciation
-Sponsoring is a meaningful, tangible way to thank developers for their work.
+  Sponsoring is a meaningful, tangible way to thank developers for their work.
 
 - 🏆 Earns You Recognition
-Many projects publicly thank their sponsors — you might appear in the README or on the site!
+  Many projects publicly thank their sponsors — you might appear in the README or on the site!
 
 - 🌱 Helps Open Source Thrive
-Open-source projects rely on community support. Sponsoring helps the ecosystem grow.
+  Open-source projects rely on community support. Sponsoring helps the ecosystem grow.
 
 ---
 
 ## 🎁 What Happens After Sponsoring
 
 Once you become a sponsor:
+
 1. You'll receive a confirmation email from GitHub
 2. Your name will appear in our sponsors list
 3. You'll get access to sponsor-only updates and content
@@ -107,4 +109,3 @@ Once you become a sponsor:
 That's it! You've successfully sponsored the **Palmr.** project on GitHub.  
 Your support will help ensure this open-source project continues to evolve and thrive.  
 **We appreciate you and welcome you to our community!** 🎉
-

apps/docs/content/docs/2.0.0-beta/gh-star.mdx

@@ -66,6 +66,7 @@ After clicking the "Star" button, several things will happen:
 4. The repository will be added to your starred repositories list
 
 You can access your starred repositories anytime by:
+
 - Clicking your profile picture
 - Selecting "Your stars" from the dropdown menu
 - Or visiting: https://github.com/[your-username]?tab=stars
@@ -81,22 +82,22 @@ To remove your star, simply click the "Unstar" button at any time.
 Starring a repository on GitHub is more than just a bookmarking tool—it’s a way to support the project and its developers. Here’s why starring is so important:
 
 - 🙌 Shows Appreciation
-Starring a repository is a simple way to show your appreciation for the hard work and effort that goes into maintaining and developing a project.
+  Starring a repository is a simple way to show your appreciation for the hard work and effort that goes into maintaining and developing a project.
 
 - 📈 Increases Visibility
-The more stars a repository has, the more visible it becomes on GitHub.
+  The more stars a repository has, the more visible it becomes on GitHub.
 
 - 💪 Encourages Developers
-Seeing stars motivates developers to continue improving the project.
+  Seeing stars motivates developers to continue improving the project.
 
 - 🔍 Helps with Discovery
-GitHub prioritizes repositories with more stars in trending and recommendations.
+  GitHub prioritizes repositories with more stars in trending and recommendations.
 
 - 📚 Tracks Your Interests
-Starred repositories are saved to your list for easy access later.
+  Starred repositories are saved to your list for easy access later.
 
 - 🌍 Supports Open Source
-Your stars help sustain the open-source community and the Palmr project.
+  Your stars help sustain the open-source community and the Palmr project.
 
 ---
 
@@ -119,6 +120,7 @@ Your star is more than just a number - it's a vote of confidence in our vision a
 That's it! You've successfully starred the **Palmr** project on GitHub. Thank you for supporting Palmr and becoming part of our growing community! Your support helps us continue improving and expanding the project for everyone.
 
 Feel free to explore our other ways to contribute, like:
+
 - Sharing Palmr with others
 - Reporting issues
 - Contributing code

apps/docs/content/docs/2.0.0-beta/github-architecture.mdx

@@ -2,31 +2,30 @@
 title: </> Github Architecture
 ---
 
-import { File, Folder, Files } from "fumadocs-ui/components/files";
+import { File, Files, Folder } from "fumadocs-ui/components/files";
 
 ## Project Structure
 
 <Files>
   <Folder name="apps" defaultOpen>
-    <Folder name="docs" >
+    <Folder name="docs">
       <File name="all documentation files" />
     </Folder>
-    <Folder name="server" >
+    <Folder name="server">
       <File name="all backend files" />
     </Folder>
-    <Folder name="web" >
+    <Folder name="web">
       <File name="all frontend files" />
     </Folder>
   </Folder>
   <File name="other project files" />
 </Files>
 
-
 ## Core Components
 
 ### 🖥️ Frontend Application (apps/web)
 
- **Technology Stack:**
+**Technology Stack:**
 
 - Next.js 15 (App Router)
 - React 18
@@ -52,7 +51,7 @@ The frontend is organized with:
 
 ### ⚙️ Backend Service (apps/server)
 
- **Technology Stack:**
+**Technology Stack:**
 
 - Fastify
 - PostgreSQL
@@ -76,7 +75,7 @@ Key features include:
 
 ### 📚 Documentation (apps/docs)
 
- **Technology Stack:**
+**Technology Stack:**
 
 - Fumadocs
 - MDX (Markdown + JSX)

apps/docs/content/docs/2.0.0-beta/installation.mdx

@@ -2,13 +2,12 @@
 title: 🐳 Installation (Docker Compose)
 ---
 
-
 Installation via Docker Compose is the simplest way to run the project across different environments. For it to run correctly, we need two main tools installed in our environment:
 
 - Docker ([https://docs.docker.com](https://docs.docker.com/))
 - Docker Compose ([https://docs.docker.com/compose](https://docs.docker.com/compose/))
 
-> *It's worth emphasizing that Palmr. was fully developed in a MacOS environment and extensively tested on Linux servers. Therefore, we can guarantee the best system performance in these environments. Windows and other environments have not been tested yet, and potential bugs may occur during execution. However, remember that we are still in a beta version of Palmr., and errors or bugs can occur in any operating system. If you identify any issues, we appreciate your help in notifying us through our GitHub [issues page](https://github.com/kyantech/Palmr/issues).*
+> _It's worth emphasizing that Palmr. was fully developed in a MacOS environment and extensively tested on Linux servers. Therefore, we can guarantee the best system performance in these environments. Windows and other environments have not been tested yet, and potential bugs may occur during execution. However, remember that we are still in a beta version of Palmr., and errors or bugs can occur in any operating system. If you identify any issues, we appreciate your help in notifying us through our GitHub [issues page](https://github.com/kyantech/Palmr/issues)._
 
 ---
 
@@ -25,22 +24,24 @@ Next, let's look at the content of our `docker-compose.yaml`.
 ---
 
 ## 🐳 Docker Compose Content
+
 Below is the complete content of our `docker-compose.yaml` that can be copied directly from here or from our official repository ([Docker Compose](https://github.com/kyantech/Palmr/blob/main/docker-compose.yaml)).
 
 ```yaml
 services:
-  palmr-api:
-    image: kyantech/palmr-api:v2.0.0-beta # Make sure to use the correct version (latest) of the image
-    container_name: palmr-api
+  palmr:
+    image: kyantech/palmr:latest # Make sure to use the correct version (latest) of the image
+    container_name: palmr
     depends_on:
       postgres:
         condition: "service_healthy"
       minio:
         condition: "service_healthy"
     environment:
+      # Server environment variables
       - PORT=${API_INTERNAL_PORT:-3333} # Port for the backend service
-      - DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD:-postgresRootPassword}@postgres:5432/palmr_db?schema=public # Database URL with configurable password through POSTGRES_PASSWORD env var
-      - MINIO_ENDPOINT=minio # This can change if your MinIO is at a different address
+      - DATABASE_URL=postgresql://postgres:${POSTGRESQL_PASSWORD:-postgresRootPassword}@postgres:5432/palmr_db?schema=public # Database URL with configurable password through POSTGRESQL_PASSWORD env var
+      - MINIO_ENDPOINT=${MINIO_ENDPOINT:-minio} # This can change if your MinIO is at a different address
       - MINIO_PORT=${MINIO_INTERNAL_API_PORT:-6421} # Default MinIO port (Change if yours is not the default)
       - MINIO_USE_SSL=false # MinIO uses SSL by default, but you can change it to true if needed
       - MINIO_ROOT_USER=${MINIO_ROOT_USER:-minio_root_user} # MinIO credentials can be configured through MINIO_ROOT_USER env vars
@@ -50,34 +51,31 @@ services:
       - FRONTEND_URL=${APP_URL:-http://${SERVER_IP:-localhost}:${APP_EXTERNAL_PORT:-5487}} # Frontend URL - Make sure to use the correct frontend URL, depends on where the frontend is running, its prepared for localhost, but you can change it to your frontend URL if needed
       - SERVER_IP=${SERVER_IP:-localhost} # Server IP - Make sure to use the correct server IP if you running on a cloud provider or a virtual machine. This prepared for localhost, but you can change it to your server IP if needed
       - MAX_FILESIZE=${MAX_FILESIZE:-1073741824} # Max Filesize for upload - Declared in Bytes. Default is 1GiB
-    ports:
-      - "${API_EXTERNAL_PORT:-3333}:${API_INTERNAL_PORT:-3333}" # Backend port mapping 
-    restart: unless-stopped
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:${API_INTERNAL_PORT:-3333}/health"]
-      interval: 10s
-      timeout: 5s
-      retries: 5
-      start_period: 30s
 
-  palmr-app:
-    image: kyantech/palmr-app:v2.0.0-beta # Make sure to use the correct version (latest) of the image
-    container_name: palmr-web
-    depends_on:
-      palmr-api:
-        condition: "service_healthy"
-    ports:
-      - "${APP_EXTERNAL_PORT:-5487}:5487" # Frontend port mapping
-    environment:
+      # Web environment variables
       - NODE_ENV=production
       - NEXT_TELEMETRY_DISABLED=1
-      - API_BASE_URL=http://palmr-api:${API_INTERNAL_PORT:-3333} # Here we use docker's internal network to reference the backend service (can be changed if needed)
+      - API_BASE_URL=http://palmr:${API_INTERNAL_PORT:-3333} # Using Docker service name for internal communication
+    ports:
+      - "${API_EXTERNAL_PORT:-3333}:3333" # Server port
+      - "${APP_EXTERNAL_PORT:-5487}:5487" # Web port
     restart: unless-stopped
     healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:5487"]
+      test:
+        [
+          "CMD",
+          "wget",
+          "--no-verbose",
+          "http://palmr:${API_INTERNAL_PORT:-3333}/health",
+          "&&",
+          "wget",
+          "--no-verbose",
+          "http://palmr:${APP_INTERNAL_PORT:-5487}",
+        ]
       interval: 30s
       timeout: 10s
       retries: 3
+      start_period: 60s
 
   minio:
     image: minio/minio:RELEASE.2025-03-12T18-04-18Z # Use only version RELEASE.2025-03-12T18-04-18Z to avoid compatibility issues with the backend
@@ -121,10 +119,10 @@ services:
     container_name: palmr-postgres
     environment:
       # PostgreSQL credentials configurable through environment variables
-      # POSTGRES_USER, POSTGRES_PASSWORD, and POSTGRES_DB can be set to override defaults
-      - POSTGRESQL_USERNAME=${POSTGRES_USER:-postgres}
-      - POSTGRESQL_PASSWORD=${POSTGRES_PASSWORD:-postgresRootPassword}
-      - POSTGRESQL_DATABASE=${POSTGRES_DB:-palmr_db}
+      # POSTGRESQL_USERNAME, POSTGRESQL_PASSWORD, and POSTGRES_DB can be set to override defaults
+      - POSTGRESQL_USERNAME=${POSTGRESQL_USERNAME:-postgres}
+      - POSTGRESQL_PASSWORD=${POSTGRESQL_PASSWORD:-postgresRootPassword}
+      - POSTGRESQL_DATABASE=${POSTGRES_DATABASE:-palmr_db}
     volumes:
       - postgres_data:/bitnami/postgresql
     ports:
@@ -139,7 +137,6 @@ services:
 volumes:
   minio_data:
   postgres_data:
-
 ```
 
 Notice that the `docker-compose.yaml` has several comments that help you configure your own compose to meet your environment's needs. Let's give an overview of some changes we can make.
@@ -148,12 +145,11 @@ Notice that the `docker-compose.yaml` has several comments that help you configu
 
 ### ⚙️ Services Overview
 
-Palmr. consists of five main services, each with specific responsibilities. Below, we present a detailed view of each component:
+Palmr. consists of four main services, each with specific responsibilities. Below, we present a detailed view of each component:
 
 | **Service**         | **Image**                                                                                                                                                                                         | **Exposed Ports**                   | **Main Features**                                                                                                                      |
-| --- | --- | --- | --- |
-| palmr-api (Backend) | [kyantech/palmr-api:latest](https://hub.docker.com/repository/docker/kyantech/palmr-api/tags/latest/sha256-84245d3d0012aa65c588caba56322363729c4b68c3722a08dcda912904de9d1d) | **3333** | • Main API service<br/>• Depends on services: postgres and minio<br/>• Has healthcheck to ensure availability |
-| palmr-app (Frontend) | [kyantech/palmr-app:latest](https://hub.docker.com/repository/docker/kyantech/palmr-app/tags/latest/sha256-33f568673ae8cc8529532146b6afc1acafa203387ced6c7bb3451a7ab4198a2f) | **5487** | • Web application interface<br/>• Depends on palmr-api service<br/>• Configured for production environment |
+| ------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- |
+| palmr               | [kyantech/palmr:latest](https://hub.docker.com/repository/docker/kyantech/palmr/general)                                                                                                          | **3333** (API)<br/>**5487** (Web)   | • Combined backend API and frontend service<br/>• Depends on services: postgres and minio<br/>• Has healthcheck to ensure availability |
 | minio (Storage)     | [minio/minio:RELEASE.2025-03-12T18-04-18Z](https://hub.docker.com/layers/minio/minio/RELEASE.2025-03-12T18-04-18Z/images/sha256-85f3e4cd1ca92a2711553ab79f222bcd8b75aa2c77a1a0b0ccf80d38e8ab2fe5) | **6421**(API)<br/>**6422**(Console) | • File storage service<br/>• Persistent volume for data                                                                                |
 | minio-init (Config) | [minio/mc:RELEASE.2025-03-12T17-29-24Z](https://hub.docker.com/layers/minio/mc/RELEASE.2025-03-12T17-29-24Z/images/sha256-68d8c80f43908b02daa285e55547131870a1d36b3ffe272c26d7d8f4d52d1e5c)       | N/A                                 | • Initially configures the "files" bucket<br/>• Runs only once during initialization                                                   |
 | postgres (Database) | [bitnami/postgresql:17.2.0](https://hub.docker.com/layers/bitnami/postgresql/17.2.0/images/sha256-29c614afad4f514b12b5c0f4d006f38c98fa4b18c3582732ff93b3fe9a79d875)                               | **5432**                            | • PostgreSQL database<br/>• Persistent volume for data                                                                                 |
@@ -165,7 +161,7 @@ Palmr. consists of five main services, each with specific responsibilities. Belo
 The table below shows all environment variables that can be set
 
 | **Variable**                | **Default Value**     | **Description**                                   |
-| --- | --- | --- |
+| --------------------------- | --------------------- | ------------------------------------------------- |
 | API_INTERNAL_PORT           | 3333                  | Internal API port in container                    |
 | API_EXTERNAL_PORT           | 3333                  | Exposed port on host for API                      |
 | POSTGRES_PASSWORD           | postgresRootPassword  | PostgreSQL database password                      |
@@ -182,9 +178,7 @@ The table below shows all environment variables that can be set
 | POSTGRESQL_DATABASE         | palmr_db              | Database name                                     |
 | MAX_FILESIZE                | 1073741824            | Max Uploadsize per file. Unit in Bytes            |
 
-> *All these variables can be configured through a .env file in the project root or defined directly in the environment where docker-compose will be executed. The best way to do this is up to you. But be careful to replace correctly if doing directly in the compose instead of providing an environment var.*
->
-
+> _All these variables can be configured through a .env file in the project root or defined directly in the environment where docker-compose will be executed. The best way to do this is up to you. But be careful to replace correctly if doing directly in the compose instead of providing an environment var._
 
 #### 🗂️ Persistent Volumes
 
@@ -197,16 +191,19 @@ The table below shows all environment variables that can be set
 
 In a localhost environment, there's no mystery. If you don't want to change any service exposure ports, you can simply run:
 
+```bash
+docker compose pull && docker compose up -d
+```
+
 This will execute all necessary services and give you access to the following URLs (if you haven't changed any ports):
 
 - **Frontend:** [http://localhost:5487](http://localhost:5487)
 - **Backend:** [http://localhost:3333](http://localhost:3333/)
 - **MinIO API:** [http://localhost:6421](http://localhost:6421)
 - **MinIO Console:** [http://localhost:6422](http://localhost:6422)
-- **Postgres Database:** [http://localhost:5423](http://localhost:5423/) (Connection only)
+- **Postgres Database:** [http://localhost:5432](http://localhost:5432/) (Connection only)
 
-> *If you have changed any port, simply access the URL with the port you configured.*
-> 
+> _If you have changed any port, simply access the URL with the port you configured._
 
 ---
 
@@ -226,6 +223,7 @@ To generate a .env file with just the `server_ip` configuration, you can run thi
 ```bash
 curl -fsSL https://gist.githubusercontent.com/danielalves96/5a68913d70e5e31b68b7331dc17dfa9c/raw | bash
 ```
+
 > execute this command in your server terminal, at same path of docker-compose.yaml.
 
 Basically, by paying attention to these points, you can quickly execute the project with the same command we used for localhost:
@@ -238,8 +236,7 @@ docker compose pull && docker compose up -d
 
 At this stage, if you encounter any errors, it's worth reviewing your `docker-compose.yaml` and trying again, paying close attention to the points mentioned above.
 
-> *First test without using reverse proxies like Caddy, Traefik, etc... if you plan to use them. Access the services via `server_ip:port` after confirming they work, then make the necessary routing configurations as desired.*
-> 
+> _First test without using reverse proxies like Caddy, Traefik, etc... if you plan to use them. Access the services via `server_ip:port` after confirming they work, then make the necessary routing configurations as desired._
 
 If you haven't changed the execution ports, you'll have access on your server at:
 
@@ -247,10 +244,9 @@ If you haven't changed the execution ports, you'll have access on your server at
 - **Backend:** `[server_ip]:3333`
 - **MinIO API:** `[server_ip]:6421`
 - **MinIO Console:** `[server_ip]:6422`
-- **Postgres Database:** `[server_ip]:5423` (Connection only)
+- **Postgres Database:** `[server_ip]:5432` (Connection only)
 
-> *If you've changed any port, simply access the URL with the port you configured.*
-> 
+> _If you've changed any port, simply access the URL with the port you configured._
 
 It's worth noting that this is just a quick start and we're not going into details about any of the developed services, but it's recommended for execution in any environment. However, if your focus is on using Palmr. with high availability in mind, it's recommended to use a container orchestrator prepared for this, such as Kubernetes or similar, but we don't cover this type of configuration in our documentation.
 

apps/docs/content/docs/2.0.0-beta/manual-installation.mdx

@@ -31,7 +31,6 @@ Before proceeding with the installation, it's essential to ensure that your deve
 
 ⚠️ <strong>A critical note regarding package management:</strong> This repository has been specifically developed and thoroughly tested using the pnpm package manager. While technically possible to use alternative package managers such as `npm`, `yarn`, or `bun`, we strongly advise against this approach.
 
-
 ---
 
 ## Running the Application

apps/docs/content/docs/2.0.0-beta/meta.json

@@ -1,8 +1,6 @@
 {
-  "title": "v2.0.0-beta",
-  "description": "v2.0.0-beta Documentation",
-  "root": true,
-  "icon": "Building2",
+  "description": "(Deprecated)",
+  "icon": "Trash2",
   "pages": [
     "---Introduction---",
     "index",
@@ -11,6 +9,7 @@
     "installation",
     "manual-installation",
     "api",
+    "s3-providers",
     "---How to use Palmr.---",
     "manage-users",
     "uploading-files",
@@ -24,5 +23,7 @@
     "gh-star",
     "gh-sponsor",
     "..."
-  ]
+  ],
+  "root": true,
+  "title": "v2.0.0-beta"
 }

apps/docs/content/docs/2.0.0-beta/open-an-issue.mdx

@@ -53,6 +53,7 @@ To access the issues section:
 4. You'll see a list of all existing issues, both open and closed
 
 The issues tab shows important information like:
+
 - Number of open issues
 - Issue labels and categories
 - Issue status (open/closed)
@@ -74,6 +75,7 @@ To start creating a new issue:
 5. Make sure you have all necessary information ready before starting
 
 Pro Tips:
+
 - Before creating a new issue, search existing issues to avoid duplicates
 - Review any contribution guidelines or issue templates
 - Consider adding relevant labels when creating your issue
@@ -107,6 +109,7 @@ Once you've filled out the form, click the **Create** button at the bottom of th
 ### 💡 Tips for Issues
 
 To ensure your issue is addressed quickly and effectively, follow these tips:
+
 - **Be Clear and Specific**: Provide as much detail as possible.
 - **Use a Descriptive Title**: A good title helps maintainers understand the issue at a glance.
 - **Include Steps to Reproduce**: If it’s a bug, explain how to reproduce it.
@@ -117,6 +120,7 @@ To ensure your issue is addressed quickly and effectively, follow these tips:
 ### ⭐ Why Issues Matter
 
 Opening issues is a key part of contributing to open-source projects. Here’s why it matters:
+
 1. **Improves the Project**: Your feedback helps identify bugs and suggest new features.
 2. **Helps Maintainers**: Clear and detailed issues make it easier for maintainers to address problems.
 3. **Encourages Collaboration**: Issues can spark discussions and attract contributors to help solve problems.

apps/docs/content/docs/2.0.0-beta/uploading-files.mdx

@@ -20,7 +20,6 @@ To begin the upload process, locate and click the "Upload File" button. This act
 
 ![Upload File Button](/assets/v1/main/upload/upload-file-button.png)
 
-
 **Example with an image:**
 
 ![Preview Example](/assets/v1/main/upload/preview-example.png)

apps/docs/content/docs/3.2-beta/api.mdx

@@ -0,0 +1,236 @@
+---
+title: API Endpoints
+icon: Plug
+---
+
+Palmr. provides a comprehensive, well-documented, and fully typed REST API designed for maximum developer productivity and seamless integration. Whether you're building custom applications, automating workflows, or integrating with third-party services, our API offers the flexibility and reliability you need.
+
+> **Overview:** The API is built with Fastify + Zod + TypeScript, ensuring type safety, schema validation, and excellent performance for all operations.
+
+## Prerequisites
+
+### Exposing the API port
+
+To access the API endpoints, you need to expose port **3333** in your Docker configuration. This port is where the Palmr. API server runs.
+
+**Using Docker Compose:**
+
+```yaml
+services:
+  palmr:
+    image: kyantech/palmr:latest
+    ports:
+      - "5487:5487" # Web interface
+      - "3333:3333" # API port (required for API access)
+    # ... other configuration
+```
+
+**Using Docker run command:**
+
+```bash
+docker run -d \
+  --name palmr \
+  -p 5487:5487 \
+  -p 3333:3333 \
+  -v palmr_data:/app/server \
+  --restart unless-stopped \
+  kyantech/palmr:latest
+```
+
+> **Note:** Port 3333 exposure is optional if you only need the web interface. However, it's required for direct API access, custom integrations, and accessing the interactive documentation.
+
+## Accessing the API documentation
+
+The API documentation is available through interactive interfaces that allow you to explore, test, and validate all available endpoints directly in your browser.
+
+### Documentation endpoints
+
+**Local development:**
+
+- Scalar documentation: `http://localhost:3333/docs`
+- Swagger documentation: `http://localhost:3333/swagger`
+
+**Production environment:**
+
+- Scalar documentation: `{your_domain}:3333/docs`
+- Swagger documentation: `{your_domain}:3333/swagger`
+
+> **Important:** We don't provide an online version of the API documentation because endpoints and functionality may vary between different versions of Palmr. Always access the documentation from your specific deployment to ensure accuracy.
+
+## Interactive documentation with Scalar
+
+Our primary API documentation is powered by **Scalar**, a modern documentation platform that provides an exceptional developer experience.
+
+![Palmr API Documentation](/assets/v2/api-docs/scalar.png)
+
+### Why Scalar?
+
+- **Interactive testing** - Test endpoints directly in the documentation
+- **Real-time validation** - Immediate feedback on request/response formats
+- **Modern interface** - Clean, intuitive design optimized for developer productivity
+- **Type-safe integration** - Full TypeScript support with automatic type inference
+- **Schema visualization** - Clear representation of request and response structures
+
+### Key features
+
+- **Comprehensive endpoint coverage** - All API endpoints documented with examples
+- **Authentication testing** - Built-in support for JWT token authentication
+- **Request builders** - Interactive forms for constructing API requests
+- **Response visualization** - Formatted display of API responses with syntax highlighting
+- **Code generation** - Generate client code in multiple programming languages
+
+## Alternative Swagger documentation
+
+For developers who prefer Swagger or need compatibility with existing tools, we also provide a Swagger-based documentation interface.
+
+![Palmr API Documentation](/assets/v2/api-docs/swagger.png)
+
+### When to use Swagger
+
+- **Legacy tool compatibility** - Integration with existing Swagger-based workflows
+- **Team preferences** - When your team is more familiar with Swagger interface
+- **OpenAPI specification** - Direct access to OpenAPI spec for code generation
+- **Third-party integrations** - Tools that specifically require Swagger format
+
+Both documentation formats provide identical endpoint coverage and functionality, ensuring you can choose the interface that best fits your development workflow.
+
+## API capabilities
+
+The Palmr. API provides comprehensive access to all platform features:
+
+### File operations
+
+- **Upload files** - Single and batch file uploads with progress tracking
+- **Download files** - Secure file retrieval with access control
+- **File management** - Rename, delete, and organize files
+- **Metadata access** - Retrieve file information and properties
+
+### Folder operations
+
+- **Create folders** - Build folder structures for organization
+- **Folder management** - Rename, move, delete folders
+- **Folder sharing** - Share folders with same controls as files
+
+### Share management
+
+- **Create shares** - Generate public links for file sharing
+- **Configure access** - Set passwords, expiration dates, and view limits
+- **Track usage** - Monitor share views and download statistics
+- **Manage recipients** - Add and remove share recipients
+
+### User operations
+
+- **Authentication** - Login, logout, and session management
+- **Profile management** - Update user information and preferences
+- **User administration** - Create and manage user accounts (admin only)
+
+### System integration
+
+- **Health checks** - Monitor system status and availability
+- **Configuration** - Access and modify system settings
+- **Storage operations** - Manage filesystem and S3 storage options
+
+## Authentication
+
+The API uses **HTTP-only cookies** for secure authentication. After logging in through the web interface or API, authentication is automatically handled via secure cookies:
+
+```bash
+# Login to establish authenticated session
+POST /auth/login
+{
+  "email": "user@example.com",
+  "password": "your-password"
+}
+
+# Subsequent requests automatically include authentication cookies
+# No Authorization header needed - cookies are sent automatically
+GET /api/files
+```
+
+### How authentication works
+
+1. **Login** - Use the `/auth/login` endpoint with your credentials
+2. **Cookie storage** - The server sets HTTP-only cookies containing JWT tokens
+3. **Automatic authentication** - All subsequent API requests include these cookies automatically
+4. **Session management** - Cookies handle session persistence and expiration
+
+### Security features
+
+- **HTTP-only cookies** - Tokens stored securely in HTTP-only cookies, preventing XSS attacks
+- **Secure transmission** - Cookies marked as secure and same-site for enhanced protection
+- **Token expiration** - Automatic session timeout for security
+- **Role-based access** - Different permissions for users and administrators
+- **Request validation** - All inputs validated using Zod schemas
+
+## Getting started with the API
+
+### 1. Expose the API port
+
+Ensure port 3333 is exposed in your Docker configuration to access the API endpoints.
+
+### 2. Access the documentation
+
+Visit your Palmr. instance at `:3333/docs` to explore the interactive API documentation.
+
+### 3. Authenticate
+
+Use the login endpoint to establish an authenticated session. Authentication cookies will be automatically set and included in subsequent requests.
+
+### 4. Test endpoints
+
+Use the interactive documentation to test API endpoints and understand request/response formats.
+
+### 5. Build your integration
+
+Implement your custom application using the API endpoints that match your requirements.
+
+## Integration examples
+
+The API enables powerful integrations and automation:
+
+**Workflow automation:**
+
+- Automatically upload files from CI/CD pipelines
+- Create shares for build artifacts and reports
+- Integrate with project management tools
+
+**Custom applications:**
+
+- Build mobile apps with native file management
+- Create specialized interfaces for specific use cases
+- Develop backup and sync solutions
+
+**Business integrations:**
+
+- Connect with existing document management systems
+- Automate file sharing workflows
+- Integrate with CRM and ERP systems
+
+## Best practices
+
+### Performance optimization
+
+- **Use appropriate HTTP methods** - GET for retrieval, POST for creation, etc.
+- **Implement pagination** - Handle large datasets efficiently
+- **Cache responses** - Store frequently accessed data locally
+- **Batch operations** - Group multiple operations when possible
+
+### Error handling
+
+- **Check status codes** - Handle different HTTP response codes appropriately
+- **Parse error messages** - Use detailed error information for debugging
+- **Implement retries** - Handle temporary failures gracefully
+- **Log API interactions** - Maintain audit trails for troubleshooting
+
+### Security considerations
+
+- **Use HTTPS** - Always encrypt API communications to protect authentication cookies
+- **Secure cookies** - Authentication handled automatically via HTTP-only cookies
+- **Validate inputs** - Sanitize data before sending to API
+- **Monitor usage** - Track API calls for unusual activity
+
+## Useful links
+
+- [Scalar Official Website](https://scalar.com/) - Learn more about our primary documentation platform
+- [Swagger Official Website](https://swagger.io/) - Information about the alternative documentation format
+- [JWT.io](https://jwt.io/) - Understanding JSON Web Tokens for authentication

apps/docs/content/docs/3.2-beta/architecture.mdx

@@ -0,0 +1,143 @@
+---
+title: Architecture of Palmr.
+icon: ServerCog
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+## Overview
+
+Understanding the architecture of Palmr. is crucial for both deploying and scaling the application. The platform is designed with simplicity and flexibility in mind, offering a streamlined setup that can grow with your needs.
+
+<ZoomableImage src="/assets/v3/architecture/architecture.png" alt="Palmr. Architecture" />
+
+## Technologies used
+
+Each component in the Palmr. architecture plays a vital role in ensuring reliability, performance, and scalability. The stack is built with simplicity, performance, and flexibility in mind - everything is self-hosted, developer-friendly, and designed to scale without adding unnecessary complexity.
+
+### SQLite + Prisma ORM
+
+Palmr. uses **SQLite** as the primary database solution combined with **Prisma ORM** for type-safe database operations. SQLite is a lightweight, serverless database that's perfect for getting started quickly while still being powerful enough for production use. SQLite is fully ACID-compliant, which means it handles transactions safely and reliably. Prisma provides a modern database toolkit that generates a type-safe client, handles migrations, and offers an intuitive query API. Together, they create a powerful combination that eliminates database administration complexity while providing excellent developer experience.
+
+- Provides reliable and secure data storage with zero configuration required
+- **Prisma ORM** offers type-safe queries and automatic TypeScript integration
+- Lightweight and fast, perfect for both development and production environments
+- Fully ACID-compliant with excellent performance for metadata and transactional data
+- Self-contained with no external dependencies or server processes needed
+- Easy database migrations and schema management through Prisma
+
+### Next.js 15 + React + TypeScript
+
+The frontend of Palmr. is built using **Next.js 15**, along with **React** and **TypeScript**, forming a modern stack that's easy to maintain and super fast for end users. Next.js 15 brings server components, server actions, and a new app router system that makes rendering dynamic content incredibly efficient. This allows us to load only what's needed, when it's needed - which makes the app feel snappy even under load. React provides a clean, component-based structure that makes it easy to break the UI into reusable pieces, and TypeScript helps prevent bugs before they even happen by enforcing static typing and better code navigation.
+
+- **React** enables the creation of a dynamic and responsive user interface with a component-based architecture
+- **TypeScript** adds static typing, enhancing code quality and reducing runtime errors
+- **Next.js 15** handles routing, server-side rendering, and server components for performance at scale
+
+### Filesystem storage
+
+Palmr. uses **filesystem storage** as the default storage solution, keeping things simple and efficient. Files are organized in a structured directory layout on the local filesystem, making it easy to understand, backup, and manage. This approach eliminates external dependencies and provides excellent performance for most use cases. The system also supports **S3-compatible object storage** as an optional alternative for users who need cloud storage or additional scalability features.
+
+- Simple and reliable file storage with organized directory structure
+- No external dependencies required for basic operation
+- Excellent performance for local file operations
+- Optional S3-compatible storage support for cloud deployments and scalability
+
+#### Performance Considerations with Encryption
+
+By default, filesystem storage operates without encryption for optimal performance, providing fast uploads and downloads with minimal CPU overhead. This approach is ideal for most use cases where performance is prioritized.
+
+If you need to protect sensitive files at rest, you can enable encryption by setting `DISABLE_FILESYSTEM_ENCRYPTION=false` and providing an `ENCRYPTION_KEY` in your configuration. When enabled, Palmr uses AES-256-CBC encryption, which adds CPU overhead during uploads (encryption) and downloads (decryption), particularly for large files or in resource-constrained environments like containers or low-end VMs.
+
+For optimal performance with encryption enabled, ensure your hardware supports AES-NI acceleration (check with `cat /proc/cpuinfo | grep aes` on Linux).
+
+As an alternative, consider using S3-compatible object storage (e.g., AWS S3 or MinIO), which can offload file storage from the local filesystem and potentially reduce local CPU overhead for encryption/decryption. See [S3 Providers](/docs/3.2-beta/s3-providers) for setup instructions.
+
+### Fastify + Zod + TypeScript
+
+The backend of Palmr. is powered by **Fastify**, **Zod**, and **TypeScript**, creating a robust and type-safe API layer. Fastify is a super-fast Node.js web framework optimized for performance and low overhead, designed to handle lots of concurrent requests with minimal resource usage. Zod provides runtime type validation and schema definition, ensuring all incoming data is properly validated before reaching business logic. TypeScript adds compile-time type safety throughout the entire backend codebase. This combination creates a highly reliable and maintainable backend that prevents bugs and security issues while maintaining excellent performance.
+
+- **Fastify** provides fast request handling with a lightweight core
+- **Zod** enables runtime schema validation and type inference
+- **TypeScript** ensures type safety across the entire backend codebase
+- Built-in schema-based validation for secure and reliable API handling
+- Supports plugin-based architecture for easy extensibility
+- Optimized for high performance with minimal resource usage
+
+## How it works
+
+The Palmr. architecture follows a clean separation of concerns, making it easy to understand and maintain:
+
+1. **Frontend** — React + TypeScript + Next.js 15 handle the user interface and user interactions
+2. **Backend** — Fastify + Zod + TypeScript process requests with full type safety and validation
+3. **Database** — SQLite + Prisma ORM store and manage data with type-safe operations
+4. **File Storage** — Filesystem storage handles file operations with optional S3-compatible support
+
+## API integration and extensibility
+
+One of Palmr.'s key strengths is its **open API architecture**, designed to integrate seamlessly with existing workflows and third-party services. The API can be exposed publicly, allowing for powerful integrations and custom development opportunities.
+
+### Open API endpoints
+
+Palmr. provides comprehensive REST API endpoints that can be integrated with various services and platforms:
+
+**Popular integration possibilities:**
+
+- **Zapier** - Automate file sharing workflows and connect with 5,000+ apps
+- **Microsoft Power Automate** - Create automated workflows within Microsoft ecosystem
+- **IFTTT** - Simple automation for personal and business use cases
+- **n8n** - Self-hosted workflow automation for advanced users
+- **GitHub Actions** - Integrate file sharing into CI/CD pipelines
+- **Slack/Discord Bots** - Share files directly from chat platforms
+- **Mobile Apps** - Build custom mobile applications using the API
+- **Desktop Applications** - Create native desktop clients for specific use cases
+
+### Custom development opportunities
+
+The open API architecture enables developers to:
+
+- **Build custom clients** - Create specialized interfaces for specific industries or use cases
+- **Develop integrations** - Connect Palmr. with existing business systems and workflows
+- **Create automation scripts** - Automate repetitive file management tasks
+- **Build mobile apps** - Develop native iOS/Android applications
+- **Integrate with CMS** - Connect content management systems for seamless file handling
+- **Create backup solutions** - Build automated backup and sync tools
+
+### API benefits
+
+- **RESTful design** - Standard HTTP methods and status codes for easy integration
+- **Comprehensive documentation** - Complete API reference with examples and use cases
+- **Authentication support** - Secure API access with JWT token-based authentication
+- **Schema validation** - Built-in request/response validation using Zod schemas
+- **Type safety** - Full TypeScript support for reliable integrations
+- **Bulk operations** - Efficient handling of multiple files and batch operations
+
+This open architecture makes Palmr. not just a file-sharing platform, but a **file management ecosystem** that can adapt to any workflow or business requirement. Whether you're a developer looking to integrate file sharing into your application or a business wanting to automate file workflows, Palmr.'s API provides the flexibility and power you need.
+
+## Storage flexibility
+
+Palmr. is designed to be flexible in how you handle file storage:
+
+**Default setup (Filesystem):**
+
+- Files stored directly on the local filesystem
+- Simple directory structure for easy management
+- Perfect for single-server deployments and development
+- No additional configuration required
+
+**Optional S3-compatible storage:**
+
+- Enable S3 storage by setting `ENABLE_S3=true`, look at [S3 Providers](/docs/3.2-beta/s3-providers) for more information.
+- Compatible with AWS S3, MinIO, and other S3-compatible services
+- Ideal for cloud deployments and distributed setups
+- Provides additional scalability and redundancy options
+
+## Useful links
+
+- [SQLite Documentation](https://www.sqlite.org/docs.html)
+- [Prisma Documentation](https://www.prisma.io/docs)
+- [Next.js Documentation](https://nextjs.org/docs)
+- [React Documentation](https://react.dev/)
+- [TypeScript Handbook](https://www.typescriptlang.org/docs/)
+- [Fastify Documentation](https://fastify.dev/docs/latest/)
+- [Zod Documentation](https://zod.dev/)

apps/docs/content/docs/3.2-beta/available-languages.mdx

@@ -0,0 +1,66 @@
+---
+title: Available Languages
+icon: Globe
+---
+
+The project leverages next-intl, a powerful and flexible internationalization (i18n) library, to provide comprehensive language support across the entire application. This robust solution enables seamless translation management, date/time formatting, number formatting, and pluralization rules across different locales.
+
+The integration of next-intl ensures consistent internationalization throughout the application's components, pages, and features, while maintaining optimal performance through efficient bundle splitting and lazy loading of language resources. With its TypeScript support and React Server Components compatibility, next-intl serves as the foundation for delivering a truly global and accessible user experience.
+
+## Supported languages
+
+Palmr currently supports 15 languages with complete translations across all application features and interfaces.
+
+---
+
+| Language             | Code  | Description                                              | Translation |
+| -------------------- | ----- | -------------------------------------------------------- | ----------- |
+| English              | en-US | Primary development language and default fallback option | 100%        |
+| Portuguese           | pt-BR | Standard Brazilian Portuguese support                    | 100%        |
+| French               | fr-FR | Standard French language support                         | 100%        |
+| Spanish              | es-ES | Standard Spanish language support                        | 100%        |
+| German               | de-DE | Standard German language support                         | 100%        |
+| Russian              | ru-RU | Standard Russian language support                        | 100%        |
+| Hindi                | hi-IN | Standard Hindi language support                          | 100%        |
+| Arabic               | ar-SA | Standard Arabic language support with RTL                | 100%        |
+| Japanese             | ja-JP | Standard Japanese language support                       | 100%        |
+| Korean               | ko-KR | Standard Korean language support                         | 100%        |
+| Turkish              | tr-TR | Standard Turkish language support                        | 100%        |
+| Chinese (Simplified) | zh-CN | Standard Simplified Chinese support                      | 100%        |
+| Italian              | it-IT | Standard Italian language support                        | 100%        |
+| Dutch                | nl-NL | Standard Dutch language support                          | 100%        |
+| Polish               | pl-PL | Standard Polish language support                         | 100%        |
+
+## Language selection
+
+The application provides two convenient methods for language selection, ensuring a seamless user experience across different user preferences and scenarios.
+
+### Automatic detection
+
+The application features sophisticated automatic detection of the user's preferred browser language settings. It intelligently utilizes the browser's preconfigured language preferences to set the initial application language, providing an immediate localized experience without requiring user intervention.
+
+### Manual selection
+
+![Language Selector](/assets/v3/languages/languages.png)
+
+Users have complete control to manually select their preferred language through an intuitive language selector interface in the UI. The language selector is easily accessible and provides immediate language switching capabilities.
+
+Selected language preferences are persistently stored in the browser's localStorage, ensuring a consistent experience across sessions and eliminating the need to reselect languages on subsequent visits.
+
+## Default language
+
+English (en-US) serves as the system's fallback language, ensuring consistent functionality even when language detection or selection encounters issues. This means that if a user's preferred language is not available or if there are any problems with language selection, the application will automatically default to English.
+
+This fallback mechanism is crucial for maintaining a seamless user experience and preventing any potential language-related disruptions. Additionally, all new features and updates are first implemented in English before being translated into other supported languages, ensuring that the English version always remains the most up-to-date and comprehensive.
+
+## Language detection
+
+The application employs advanced detection mechanisms to automatically identify and apply the user's browser language settings as the initial language configuration. This process analyzes the browser's language preferences and matches them against available translations.
+
+For maximum flexibility, users can easily override this automatic selection at any time using the convenient language switcher, accessible via the globe icon prominently displayed in the navigation bar.
+
+## RTL support
+
+The application incorporates comprehensive right-to-left (RTL) text handling capabilities, with particular attention paid to Arabic (ar-SA) language requirements. This includes proper text alignment, layout direction, and user interface elements that adapt to RTL reading patterns.
+
+RTL support ensures that Arabic-speaking users receive a native and intuitive experience, with all interface elements properly oriented and text flowing in the correct direction for optimal readability and usability.

apps/docs/content/docs/3.2-beta/configuring-smtp.mdx

@@ -0,0 +1,273 @@
+---
+title: Configuring SMTP
+icon: Mail
+---
+
+For Palmr to function with all its best features, you need to configure an email server. To make this process easier, there's a built-in configuration panel inside **Settings** in Palmr. However, only users with an **ADMIN** profile can access and configure these settings.
+
+This guide walks you through the complete process of setting up SMTP for your Palmr installation, ensuring that email-dependent features work seamlessly.
+
+## Why configure SMTP?
+
+Configuring SMTP is essential for enabling key email functionalities that enhance the user experience and ensure proper system operation.
+
+The main functionalities that depend on SMTP configuration are:
+
+- **Password Reset** – Users who forget their password and cannot access the **Settings** panel need this feature to regain access to their accounts.
+- **Email Notifications** – Recipients will receive email notifications when new shares are sent to them, keeping them informed about shared content.
+
+Without proper SMTP configuration, these features will not work, potentially leaving users unable to recover their accounts or stay informed about shared files.
+
+Now, let's go through the step-by-step process to configure the **SMTP Server**.
+
+---
+
+## Accessing SMTP settings
+
+To configure SMTP settings, you'll need administrative access to the Palmr settings panel.
+
+### Prerequisites
+
+Before beginning the configuration process:
+
+- Ensure you have **ADMIN** user privileges in Palmr
+- Have your SMTP server credentials ready
+- For Gmail users, prepare to generate an App Password
+
+### Navigating to settings
+
+To access **Settings**, an **ADMIN** user must click on the profile picture in the **header** and select **Settings** from the dropdown menu.
+
+Once inside the **Settings** panel, click on the **Email** card to expand the SMTP configuration options.
+
+![Closed Settings Card](/assets/v3/smtp/closed-card.png)
+
+After expanding the card, the following SMTP configuration fields will appear:
+
+![Opened Settings Card](/assets/v3/smtp/opened-card.png)
+
+---
+
+## Configuring SMTP server
+
+The SMTP configuration process involves enabling the service and configuring the necessary connection details.
+
+### Enabling SMTP
+
+The first step is to **enable SMTP** by selecting "Yes" in the **SMTP Enabled** field.
+
+![SMTP Enabled](/assets/v3/smtp/smtp-enabled.png)
+
+### Configuration fields
+
+Once SMTP is enabled, you can configure the following fields:
+
+#### Basic SMTP Configuration
+
+**SMTP Server** – The SMTP server address provided by your email service. For Gmail, use `smtp.gmail.com` (this is the recommended option and set as default).
+
+**SMTP Port** – The server port used for connections. For Gmail, the standard port is **587** (TLS encryption).
+
+**SMTP Username** – The username for authenticating with your SMTP server. For Gmail, enter your complete email address.
+
+**SMTP Password** – The password for SMTP authentication. For Gmail, you must use an **App Password** (not your regular email password).
+
+#### Email Sender Configuration
+
+**Sender Name** – This will appear as the sender's name in all outgoing emails. Use a recognizable name like "Palmr" or your organization name.
+
+**Sender Email** – The email address from which notifications will be sent. Use a professional address like "noreply@palmr.app" or "notifications@yourdomain.com".
+
+#### Advanced Configuration Options
+
+**Connection Security** – Choose the appropriate security method for your SMTP server:
+
+- **Auto (Recommended)** – Automatically selects the best security method based on the port
+- **SSL (Port 465)** – Uses SSL encryption for the entire connection
+- **STARTTLS (Port 587)** – Uses STARTTLS to upgrade a plain connection to TLS
+- **None (Insecure)** – Uses plain SMTP without encryption (only for development/testing)
+
+**No Authentication** – Enable this option for internal SMTP servers that don't require username/password authentication. When enabled, the username and password fields will be hidden.
+
+**Trust Self-Signed Certificates** – Enable this option to trust self-signed SSL/TLS certificates. This is particularly useful for development environments or internal SMTP servers with self-signed certificates.
+
+#### Field Behavior and Dependencies
+
+**Conditional Field Display**: The SMTP configuration uses intelligent field display:
+
+- **All SMTP fields** are hidden when SMTP is disabled
+- **Username and Password fields** are automatically hidden when "No Authentication" is enabled
+- **Test Connection button** only appears when SMTP is enabled
+
+**Field Validation**: The system provides real-time validation:
+
+- **Required fields** are checked before testing connections
+- **Authentication fields** are validated unless "No Authentication" is enabled
+- **Connection testing** validates all settings before saving
+
+#### Testing Configuration
+
+**Test SMTP Connection** – Use this button to test your SMTP configuration before saving. This will verify that all settings are correct and the connection works properly.
+
+**Test Button Features**:
+
+- **Real-time validation** of all required fields
+- **Informational tooltip** explaining the test process
+- **Loading state** with spinner during connection test
+- **Success/Error messages** with detailed feedback
+- **Uses form values** (not saved settings) for testing
+
+### Important security note
+
+**Important:** If using **Gmail**, you need to generate an **App Password** instead of using your standard email password. This provides better security and is required for applications like Palmr.
+
+For other email services, consult the official documentation of the service provider you are using. We recommend using Gmail for its simplicity, reliability, and reasonable email sending limits.
+
+---
+
+## Generating a Gmail App Password
+
+Gmail requires App Passwords for third-party applications to ensure account security while maintaining functionality.
+
+### Step-by-step process
+
+To generate an App Password for Gmail:
+
+1. **Access Your Account**: Go to [Google My Account](https://myaccount.google.com/)
+2. **Navigate to Security**: Select the **Security** section from the menu
+3. **Find App Passwords**: Scroll down to locate **App Passwords** (you may need to enable 2-factor authentication first)
+4. **Generate Password**: Create a new password specifically for Palmr
+5. **Save Securely**: Copy and store the generated password safely
+
+### Additional resources
+
+For a complete guide with screenshots and detailed instructions, refer to: **[How to set up SMTP credentials with Gmail](https://medium.com/rails-to-rescue/how-to-set-up-smtp-credentials-with-gmail-for-your-app-send-email-cf236d11087d)**.
+
+### Gmail configuration summary
+
+When using Gmail, your final settings should be:
+
+- **SMTP Server**: `smtp.gmail.com`
+- **SMTP Port**: `587`
+- **SMTP Username**: Your Gmail address
+- **SMTP Password**: Generated App Password (16 characters)
+- **Connection Security**: Auto (Recommended) or STARTTLS (Port 587)
+
+---
+
+## Other email provider configurations
+
+While Gmail is recommended for its simplicity, Palmr supports various email providers. Here are common configurations:
+
+### Outlook/Hotmail
+
+- **SMTP Server**: `smtp-mail.outlook.com`
+- **SMTP Port**: `587`
+- **Connection Security**: STARTTLS (Port 587)
+- **Authentication**: Username and password required
+
+### Yahoo Mail
+
+- **SMTP Server**: `smtp.mail.yahoo.com`
+- **SMTP Port**: `587` or `465`
+- **Connection Security**: STARTTLS (Port 587) or SSL (Port 465)
+- **Authentication**: App-specific password required
+
+### Custom SMTP Server
+
+- **SMTP Server**: Your server's hostname or IP address
+- **SMTP Port**: Usually `25`, `587`, or `465`
+- **Connection Security**: Choose based on your server's capabilities
+- **Authentication**: Configure according to your server's requirements
+- **Trust Self-Signed Certificates**: Enable if using self-signed certificates
+
+---
+
+## Testing your configuration
+
+After completing the configuration, it's important to verify that everything works correctly.
+
+### Using the Test Connection feature
+
+Palmr provides a built-in **Test SMTP Connection** button that allows you to verify your configuration before saving:
+
+1. **Fill in your SMTP settings** – Complete all required fields in the SMTP configuration
+2. **Click "Test Connection"** – This will attempt to connect to your SMTP server with the current settings
+3. **Review the results** – You'll see a success message if the connection works, or an error message with details if it fails
+4. **Save your settings** – Once the test is successful, save your configuration to make it permanent
+
+**Note:** The test connection uses the values currently entered in the form, not the saved settings. Make sure to save your configuration after a successful test.
+
+### Validation steps
+
+1. **Save Settings**: Apply your SMTP configuration in the Palmr interface
+2. **Test Password Reset**: Try the password reset feature with a test account to ensure emails are sent
+3. **Test Notifications**: Create a test share to verify that notification emails are delivered
+4. **Check Email Delivery**: Confirm that emails arrive in the recipient's inbox (not spam folder)
+
+### Troubleshooting common issues
+
+If emails are not being sent:
+
+- **Verify all fields are filled correctly** – Ensure all required fields have valid values
+- **For Gmail, ensure you're using the App Password** – Not your regular email password
+- **Check that your email provider allows SMTP connections** – Some providers require specific settings
+- **Confirm that port 587 is not blocked by your firewall** – Check both local and network firewall settings
+- **Verify the SMTP server address** – Double-check the hostname for typos
+- **Test with different security settings** – Try different Connection Security options if one fails
+
+### Troubleshooting self-signed certificate issues
+
+If you're using an SMTP server with self-signed certificates and encountering connection errors:
+
+1. **Enable Trust Self-Signed Certificates** – In the SMTP settings, enable the "Trust Self-Signed Certificates" option
+2. **Use Appropriate Security Method** – Choose the correct security method for your server:
+   - For servers requiring TLS: Use "STARTTLS (Port 587)" or "SSL (Port 465)"
+   - For development servers without encryption: Use "None (Insecure)"
+3. **Verify Server Configuration** – Ensure your SMTP server is properly configured to accept connections on the specified port
+4. **Test Connection** – Use the "Test Connection" button to verify your configuration before saving
+
+**Note:** The "None (Insecure)" option should only be used in development environments or with trusted internal servers, as it transmits data without encryption.
+
+### Troubleshooting authentication issues
+
+If you're experiencing authentication problems:
+
+- **Check username and password** – Ensure they are correct and match your email provider's requirements
+- **For Gmail users** – Make sure you're using an App Password, not your regular password
+- **Enable "No Authentication" if applicable** – For internal servers that don't require authentication
+- **Verify account settings** – Some providers require enabling "Less secure app access" or similar settings
+
+### Common error messages and solutions
+
+The SMTP configuration system provides specific error messages to help you troubleshoot issues:
+
+**"SMTP is not enabled. Please enable SMTP first."**
+
+- **Solution**: Enable the "SMTP Enabled" toggle before testing
+
+**"Please fill in SMTP Host and Port before testing."**
+
+- **Solution**: Ensure both SMTP Server and SMTP Port fields are filled
+
+**"Please fill in SMTP Username and Password, or enable 'No Authentication' option."**
+
+- **Solution**: Either provide authentication credentials or enable "No Authentication"
+
+**"SMTP connection failed: [specific error]"**
+
+- **Solution**: Check the specific error message for details about the connection issue
+
+---
+
+## Finalizing SMTP configuration
+
+After entering the correct information and testing the functionality, save the settings.
+
+Your Palmr installation is now ready to:
+
+- Send password reset emails to users who need account recovery
+- Deliver share notifications to recipients automatically
+- Provide a complete user experience with reliable email communication
+
+With SMTP properly configured, users can take full advantage of Palmr's email-dependent features, ensuring a smooth and professional experience when sharing files and managing their accounts.

apps/docs/content/docs/3.2-beta/contribute.mdx

@@ -0,0 +1,442 @@
+---
+title: How to Contribute
+icon: Users
+---
+
+## Introduction
+
+Thank you for your interest in contributing to the **Palmr** project! Contributions are what make the open-source community such an amazing place to learn, inspire, and create. Whether you're fixing bugs, adding new features, improving documentation, or sharing ideas, every contribution helps make Palmr better for everyone.
+
+We welcome contributors of all experience levels - from beginners to seasoned developers. This comprehensive guide will walk you through the process of contributing to Palmr, from setting up your development environment to submitting your first pull request.
+
+We're excited to have you join our community of contributors and look forward to seeing what you'll bring to the project.
+
+---
+
+## GitHub account requirements
+
+Before you can contribute, you'll need to be logged into your GitHub account. If you don't have an account yet, creating one is free and opens up the entire world of open-source collaboration.
+
+### Account setup benefits
+
+Having a GitHub account is essential as it allows you to:
+
+- Fork repositories and create your own copies
+- Submit pull requests to propose changes
+- Interact with other contributors and maintainers
+- Track issues and participate in discussions
+- Build your open-source portfolio
+
+### Security recommendations
+
+When creating your account:
+
+- Use a professional email address for your GitHub account
+- Enable two-factor authentication for enhanced security
+- Customize your profile to showcase your interests and skills
+- Explore the GitHub community to discover other projects
+
+If you need to create an account, visit [GitHub's signup page](https://github.com/signup) and follow the registration process.
+
+---
+
+## Accessing the repository
+
+Once you're logged into your GitHub account, you'll need to navigate to the Palmr repository to begin your contribution journey.
+
+### Direct access
+
+Visit the Palmr repository directly: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr)
+
+The repository contains all the source code, documentation, and resources for the Palmr project. Take time to explore the repository structure, including the README file, which provides an overview of the project.
+
+### Alternative access methods
+
+You can also find the repository by:
+
+- Searching for "Palmr" in the GitHub search bar
+- Looking for the repository owned by **kyantech**
+- Accessing it through Kyantech's organization page
+
+### Repository verification
+
+When searching, ensure you're accessing the official repository by:
+
+- Checking the owner and repository name match exactly
+- Verifying the description matches the Palmr project
+- Confirming recent activity from the maintainers
+- Reviewing the number of stars, forks, and watchers
+
+---
+
+## Forking the repository
+
+To contribute to the project, you'll need to create your own copy of the repository. This process is called **forking** and is fundamental to the GitHub collaboration workflow.
+
+### Creating your fork
+
+Here's how to fork the repository:
+
+1. **Locate the Fork Button**: Click the **Fork** button at the top right of the repository page
+2. **Select Destination**: Choose where you want to fork the repository (your personal account or an organization)
+3. **Wait for Creation**: Allow a few moments while GitHub creates your fork
+4. **Automatic Redirect**: You'll be redirected to your forked repository once it's ready
+
+### Fork benefits
+
+Your fork will maintain a connection to the original repository, allowing you to:
+
+- Keep your fork synchronized with the original repository
+- Submit pull requests from your fork to the original repository
+- Work independently on your own copy without affecting the original
+- Experiment with changes before proposing them
+
+---
+
+## Cloning your fork
+
+After forking the repository, you'll need to clone it to your local machine to begin making changes.
+
+### Clone process
+
+Follow these steps to clone your forked repository:
+
+1. **Access Clone Options**: On your forked repository page, click the **Code** button
+2. **Copy Repository URL**: Copy the repository URL (HTTPS or SSH, depending on your preference)
+3. **Open Terminal**: Open your terminal or command prompt
+4. **Execute Clone Command**: Run the following command to clone the repository:
+
+   ```bash
+   git clone <repository-url>
+   ```
+
+5. **Navigate to Directory**: Move into the cloned directory:
+
+   ```bash
+   cd Palmr
+   ```
+
+### Clone verification
+
+After cloning, verify your setup by:
+
+- Confirming all files are present in your local directory
+- Checking that you can access the project files
+- Testing that Git is properly configured for the repository
+
+---
+
+## Setting up the base branch
+
+Before making changes, ensure your local repository is properly configured to track the correct branch from the original Palmr repository.
+
+### Remote configuration
+
+Set up your repository to track the upstream repository:
+
+1. **Add Upstream Remote**: Add the original Palmr repository as a remote:
+
+   ```bash
+   git remote add upstream https://github.com/kyantech/Palmr.git
+   ```
+
+2. **Fetch Latest Changes**: Retrieve the latest changes from the `next` branch:
+
+   ```bash
+   git fetch upstream next
+   ```
+
+3. **Create Feature Branch**: Create a new branch for your contribution based on `upstream/next`:
+
+   ```bash
+   git checkout -b your-branch-name upstream/next
+   ```
+
+### Branch naming conventions
+
+When creating your branch, use descriptive names that indicate the purpose of your changes:
+
+- `feature/user-authentication` for new features
+- `fix/login-bug` for bug fixes
+- `docs/api-documentation` for documentation updates
+- `refactor/database-queries` for code improvements
+
+---
+
+## Making your changes
+
+Now you're ready to implement your contributions! This is where your creativity and technical skills come into play.
+
+### Types of contributions
+
+Your contributions could include:
+
+- **Bug Fixes**: Resolving issues and improving stability
+- **New Features**: Adding functionality that enhances the project
+- **Documentation**: Improving guides, API docs, and examples
+- **Testing**: Writing or improving test coverage
+- **Performance**: Optimizing code for better efficiency
+- **Accessibility**: Making the project more inclusive
+- **Translations**: Adding support for different languages
+- **Code Quality**: Refactoring and improving code structure
+
+### Development best practices
+
+When making changes, follow these guidelines:
+
+1. **Follow Style Guidelines**: Ensure your code adheres to the project's coding standards
+2. **Test Incrementally**: Run tests locally to catch issues early
+3. **Keep Changes Focused**: Address a single issue or feature per contribution
+4. **Document Changes**: Update or add documentation as needed
+5. **Review Your Work**: Double-check changes before committing
+
+### Development workflow
+
+Maintain a productive workflow by:
+
+- Regularly saving your work and committing small, logical changes
+- Testing your changes incrementally to identify issues quickly
+- Keeping your branch updated with the latest upstream changes
+- Seeking feedback early if you're unsure about your approach
+
+---
+
+## Using conventional commits
+
+Once you've made your changes, commit them using **Conventional Commits** format. This standard helps maintain a clean and consistent commit history that's easy to understand and automate.
+
+### Commit message format
+
+Structure your commit messages as follows:
+
+`<type>(<scope>): <description>`
+
+### Commit types and examples
+
+**Common commit types:**
+
+- `feat: add user authentication system`
+- `fix(api): resolve null pointer exception in user service`
+- `docs: update installation instructions in README`
+- `test: add unit tests for user validation`
+- `refactor: simplify database connection logic`
+- `style: fix code formatting in auth module`
+- `chore: update project dependencies`
+
+### Committing your changes
+
+Follow these steps to commit your work:
+
+1. **Stage Changes**: Add your changes to the staging area:
+
+   ```bash
+   git add .
+   ```
+
+2. **Commit with Message**: Create a commit with a properly formatted message:
+
+   ```bash
+   git commit -m "feat: add new feature for user profiles"
+   ```
+
+### Commit best practices
+
+- Write clear, concise commit messages
+- Use the imperative mood ("add" not "added")
+- Keep the first line under 50 characters
+- Include additional details in the body if necessary
+
+---
+
+## Pushing your changes
+
+After committing your changes locally, you need to push them to your forked repository on GitHub to make them available for review.
+
+### Push process
+
+Synchronize your local changes with your remote repository:
+
+1. **Check for Updates**: Ensure your branch is current with any remote changes:
+
+   ```bash
+   git pull origin your-branch-name
+   ```
+
+2. **Push Commits**: Upload your commits to your forked repository:
+
+   ```bash
+   git push origin your-branch-name
+   ```
+
+3. **Set Upstream** (first push only): If this is your first push for this branch:
+   ```bash
+   git push -u origin your-branch-name
+   ```
+
+### Troubleshooting push issues
+
+If you encounter errors while pushing:
+
+- Verify you have the correct permissions on your fork
+- Check your remote URL configuration using `git remote -v`
+- Ensure you're authenticated with GitHub properly
+- Confirm your branch name matches what you're trying to push
+
+---
+
+## Creating a pull request
+
+With your changes pushed to GitHub, you can now create a **Pull Request (PR)** to propose your changes to the main Palmr repository.
+
+### Pull request setup
+
+Create your pull request by following these steps:
+
+1. **Navigate to Your Fork**: Go to your forked repository on GitHub
+2. **Initiate PR**: Click the **Pull Request** button or **Compare & pull request** if available
+3. **Configure PR Settings**: On the PR creation page, set:
+   - **Base repository**: `kyantech/Palmr`
+   - **Base branch**: `next`
+   - **Head repository**: Your forked repository
+   - **Compare branch**: Your feature branch (`your-branch-name`)
+
+### Pull request content
+
+Fill out the PR form with comprehensive information:
+
+- **Clear Title**: Write a descriptive title that summarizes your changes
+- **Detailed Description**: Explain what your changes do and why they're needed
+- **Related Issues**: Reference any issues your PR addresses
+- **Testing Information**: Describe how you tested your changes
+- **Screenshots**: Include visual evidence if your changes affect the UI
+
+### PR checklist
+
+Before submitting, ensure your PR:
+
+- Has a clear, descriptive title
+- Includes a comprehensive description
+- References related issues
+- Follows the project's contribution guidelines
+- Includes appropriate tests
+- Updates documentation if necessary
+
+---
+
+## Awaiting review
+
+Once your PR is submitted, the project maintainers will review your changes. This collaborative process ensures code quality and project consistency.
+
+### Review process expectations
+
+During the review process:
+
+- **Monitor Notifications**: Keep an eye on GitHub notifications for comments or requests
+- **Respond Promptly**: Address feedback in a timely and professional manner
+- **Make Updates**: If changes are requested, update your branch and push new commits
+- **Ask Questions**: Don't hesitate to seek clarification if feedback is unclear
+- **Stay Patient**: Review times vary depending on maintainer availability and PR complexity
+
+### Handling feedback
+
+When receiving feedback:
+
+- Approach it as a learning opportunity
+- Ask questions if you don't understand suggestions
+- Make requested changes promptly
+- Thank reviewers for their time and input
+- Stay engaged throughout the process
+
+### Review timeline
+
+Remember that:
+
+- Maintainers are often volunteers with limited time
+- Complex changes may require multiple review rounds
+- The review process helps ensure high-quality contributions
+- Your patience and cooperation are appreciated
+
+---
+
+## Contribution best practices
+
+To maximize the chances of your contribution being accepted, follow these proven practices:
+
+### Code quality standards
+
+- **Use Conventional Commits**: Maintain consistent commit message formatting
+- **Keep PRs Focused**: Address one issue or feature per pull request
+- **Write Comprehensive Tests**: Include tests for new features and bug fixes
+- **Follow Code Style**: Adhere to the project's coding standards and guidelines
+- **Update Documentation**: Keep documentation synchronized with code changes
+
+### Collaboration guidelines
+
+- **Engage Constructively**: Participate in PR discussions with a positive attitude
+- **Review Others' Work**: Help the community by reviewing other contributors' pull requests
+- **Stay Updated**: Keep your fork synchronized with the main repository
+- **Be Patient**: Understand that maintainers balance multiple responsibilities
+- **Communicate Clearly**: Express your ideas and questions clearly and respectfully
+
+### Continuous improvement
+
+- **Learn from Feedback**: Use review comments as opportunities to improve your skills
+- **Study the Codebase**: Understand the project structure and patterns before contributing
+- **Start Small**: Begin with minor contributions to familiarize yourself with the process
+- **Build Relationships**: Engage with the community to build lasting connections
+
+---
+
+## Why contribute to open source?
+
+Contributing to open-source projects like Palmr offers numerous personal and professional benefits that extend far beyond the immediate code changes.
+
+### Personal development
+
+**Skill Building**: You'll gain hands-on experience with Git, GitHub, collaborative coding, and industry-standard development practices.
+
+**Portfolio Enhancement**: Open-source contributions demonstrate your skills to potential employers and showcase your commitment to continuous learning.
+
+**Problem-Solving**: Working on real-world projects helps you develop critical thinking and problem-solving abilities.
+
+### Community impact
+
+**Project Improvement**: Your contributions directly help make the project better for all users and contributors.
+
+**Knowledge Sharing**: By contributing, you share your expertise and learn from others in the community.
+
+**Ecosystem Support**: Open-source projects thrive on community contributions, and your work helps sustain the entire ecosystem.
+
+### Professional benefits
+
+**Networking**: Connect with developers, maintainers, and other contributors from around the world.
+
+**Recognition**: Build your reputation in the developer community through quality contributions.
+
+**Career Opportunities**: Many career opportunities arise from open-source involvement and community connections.
+
+---
+
+## Next steps
+
+Congratulations! You now have all the knowledge needed to contribute effectively to the **Palmr** project. Your contributions, whether large or small, make a meaningful difference to the project and its community.
+
+### Getting started
+
+Ready to make your first contribution? Consider starting with:
+
+- **Documentation improvements**: Fix typos, clarify instructions, or add examples
+- **Bug fixes**: Address issues reported by other users
+- **Feature enhancements**: Implement small improvements to existing functionality
+- **Test coverage**: Add tests to improve project reliability
+
+### Staying engaged
+
+Continue your involvement by:
+
+- Following the project's progress and updates
+- Participating in community discussions
+- Helping other new contributors get started
+- Sharing your experience with the broader developer community
+
+Thank you for your interest in contributing to Palmr. We look forward to seeing your contributions and welcoming you to our community of developers working together to make Palmr better for everyone.

apps/docs/content/docs/3.2-beta/download-memory-management.mdx

@@ -0,0 +1,391 @@
+---
+title: Memory Management
+icon: Download
+---
+
+import { Callout } from "fumadocs-ui/components/callout";
+import { Tab, Tabs } from "fumadocs-ui/components/tabs";
+
+Palmr implements an intelligent memory management system that prevents crashes during large file downloads (3GB+ by default), maintaining unlimited download capacity through adaptive resource control and an automatic queue system.
+
+## How It Works
+
+### Automatic Resource Detection
+
+The system automatically detects available container/system memory and configures appropriate limits based on available infrastructure:
+
+```typescript
+const totalMemoryGB = require("os").totalmem() / 1024 ** 3;
+```
+
+### System Configuration
+
+The system supports two configuration approaches that you can choose based on your needs:
+
+<Tabs items={["Manual Configuration", "Auto-scaling (Default)"]}>
+  <Tab value="Manual Configuration">
+    Manually configure all parameters for total control over the system:
+
+    ```bash
+    # Custom configuration (overrides auto-scaling)
+    DOWNLOAD_MAX_CONCURRENT=8              # Maximum simultaneous downloads
+    DOWNLOAD_MEMORY_THRESHOLD_MB=1536      # Memory threshold in MB
+    DOWNLOAD_QUEUE_SIZE=40                 # Maximum queue size
+    DOWNLOAD_AUTO_SCALE=false              # Disable auto-scaling
+    ```
+
+    <Callout>
+      Manual configuration offers total control and predictability for specific environments where you know exactly the available resources.
+    </Callout>
+
+  </Tab>
+  <Tab value="Auto-scaling (Default)">
+    Automatic configuration based on detected system memory:
+
+    | Available Memory | Concurrent Downloads | Memory Threshold | Queue Size | Recommended Use    |
+    |------------------|----------------------|-------------------|------------|--------------------|
+    | ≤ 2GB            | 1                    | 256MB            | 5          | Development        |
+    | 2GB - 4GB        | 2                    | 512MB            | 10         | Small Environment  |
+    | 4GB - 8GB        | 3                    | 1GB              | 15         | Standard Production|
+    | 8GB - 16GB       | 5                    | 2GB              | 25         | High Performance   |
+    | > 16GB           | 10                   | 4GB              | 50         | Enterprise         |
+
+    <Callout>
+      Auto-scaling automatically adapts to different environments without manual configuration, perfect for flexible deployment.
+    </Callout>
+
+  </Tab>
+</Tabs>
+
+<Callout type="info">If environment variables are configured, they take **priority** over auto-scaling.</Callout>
+
+## Download Queue System
+
+### How It Works
+
+The memory management system only activates for files larger than the configured minimum size (3GB by default). Smaller files bypass the queue system entirely and download immediately without memory management.
+
+When a user requests a download for a large file but all slots are occupied, the system automatically queues the download instead of returning a 429 error. The queue processes downloads in FIFO order (first in, first out).
+
+### Practical Example
+
+Consider a system with 8GB RAM (5 concurrent downloads, queue of 25, 3GB minimum) where users want to download files of various sizes:
+
+```bash
+# Small files (< 3GB): Bypass queue entirely
+[DOWNLOAD MANAGER] File document.pdf (0.05GB) below threshold (3.0GB), bypassing queue
+
+# Large files 1-5: Start immediately
+[DOWNLOAD MANAGER] Immediate start: 1734567890-abc123def
+[DOWNLOAD MANAGER] Starting video1.mp4 (5.2GB)
+
+# Large files 6-10: Automatically queued
+[DOWNLOAD MANAGER] Queued: 1734567891-def456ghi (Position: 1/25)
+[DOWNLOAD MANAGER] Queued file: video2.mp4 (8.1GB)
+
+# When download 1 finishes: download 6 starts automatically
+[DOWNLOAD MANAGER] Processing queue: 1734567891-def456ghi (4 remaining)
+[DOWNLOAD MANAGER] Starting queued file: video2.mp4 (8.1GB)
+```
+
+### System Benefits
+
+**User Experience**
+
+- Users don't receive errors, they simply wait in queue
+- Downloads start automatically when slots become available
+- Transparent operation without client changes
+- Fair processing order with FIFO queue
+
+**Technical Features**
+
+- Limited buffers (64KB per stream) for controlled memory usage
+- Automatic backpressure control with pipeline streams
+- Adaptive memory throttling based on usage patterns
+- Forced garbage collection after large downloads
+- Smart timeout handling (30 minutes for queued downloads)
+- Automatic cleanup of orphaned downloads every 30 seconds
+
+## Container Compatibility
+
+The system works with Docker, Kubernetes, and any containerized environment:
+
+<Tabs items={["Docker", "Kubernetes", "Docker Compose"]}>
+  <Tab value="Docker">
+
+    ```bash
+    # Example: Container with 8GB
+    docker run -m 8g palmr/server
+    # Result: 5 concurrent downloads, queue of 25, threshold 2GB
+    ```
+
+  </Tab>
+  <Tab value="Kubernetes">
+
+    ```yaml
+    apiVersion: apps/v1
+    kind: Deployment
+    spec:
+      template:
+        spec:
+          containers:
+          - name: palmr-server
+            resources:
+              limits:
+                memory: "4Gi"     # Detects 4GB
+                cpu: "2"
+              requests:
+                memory: "2Gi"
+                cpu: "1"
+    # Result: 3 concurrent downloads, queue of 15, threshold 1GB
+    ```
+
+  </Tab>
+  <Tab value="Docker Compose">
+
+    ```yaml
+    services:
+      palmr-server:
+        image: palmr/server
+        deploy:
+          resources:
+            limits:
+              memory: 16G       # Detects 16GB
+    # Result: 10 concurrent downloads, queue of 50, threshold 4GB
+    ```
+
+  </Tab>
+</Tabs>
+
+## Configuration
+
+### Environment Variables
+
+Configure the download memory management system using these environment variables:
+
+| Variable                       | Default    | Description                                           |
+| ------------------------------ | ---------- | ----------------------------------------------------- |
+| `DOWNLOAD_MAX_CONCURRENT`      | auto-scale | Maximum number of simultaneous downloads              |
+| `DOWNLOAD_MEMORY_THRESHOLD_MB` | auto-scale | Memory limit in MB before throttling                  |
+| `DOWNLOAD_QUEUE_SIZE`          | auto-scale | Maximum download queue size                           |
+| `DOWNLOAD_AUTO_SCALE`          | `true`     | Enable/disable auto-scaling based on system memory    |
+| `DOWNLOAD_MIN_FILE_SIZE_GB`    | `3.0`      | Minimum file size in GB to activate memory management |
+
+### Configuration Examples by Scenario
+
+<Tabs items={["Home Server", "Enterprise", "High Performance", "Conservative"]}>
+  <Tab value="Home Server">
+    Configuration optimized for personal use or small groups (4GB RAM):
+
+    ```bash
+    DOWNLOAD_MAX_CONCURRENT=2
+    DOWNLOAD_MEMORY_THRESHOLD_MB=1024
+    DOWNLOAD_QUEUE_SIZE=8
+    DOWNLOAD_MIN_FILE_SIZE_GB=2.0
+    DOWNLOAD_AUTO_SCALE=false
+    ```
+
+  </Tab>
+  <Tab value="Enterprise">
+    Configuration for corporate environments with multiple users (16GB RAM):
+
+    ```bash
+    DOWNLOAD_MAX_CONCURRENT=12
+    DOWNLOAD_MEMORY_THRESHOLD_MB=4096
+    DOWNLOAD_QUEUE_SIZE=60
+    DOWNLOAD_MIN_FILE_SIZE_GB=5.0
+    DOWNLOAD_AUTO_SCALE=false
+    ```
+
+  </Tab>
+  <Tab value="High Performance">
+    Configuration for maximum performance and throughput (32GB RAM):
+
+    ```bash
+    DOWNLOAD_MAX_CONCURRENT=20
+    DOWNLOAD_MEMORY_THRESHOLD_MB=8192
+    DOWNLOAD_QUEUE_SIZE=100
+    DOWNLOAD_MIN_FILE_SIZE_GB=10.0
+    DOWNLOAD_AUTO_SCALE=false
+    ```
+
+  </Tab>
+  <Tab value="Conservative">
+    For environments with limited or shared resources:
+
+    ```bash
+    DOWNLOAD_MAX_CONCURRENT=3
+    DOWNLOAD_MEMORY_THRESHOLD_MB=1024
+    DOWNLOAD_QUEUE_SIZE=15
+    DOWNLOAD_MIN_FILE_SIZE_GB=1.0
+    DOWNLOAD_AUTO_SCALE=false
+    ```
+
+  </Tab>
+</Tabs>
+
+### Additional Configuration
+
+For optimal performance with large downloads, consider these additional settings:
+
+```bash
+# Force garbage collection (recommended for large downloads)
+NODE_OPTIONS="--expose-gc"
+
+# Adjust timeout for very large downloads
+KEEP_ALIVE_TIMEOUT=300000
+REQUEST_TIMEOUT=0
+```
+
+## Monitoring and Logs
+
+### System Logs
+
+The system provides detailed logs to track operation:
+
+```bash
+[DOWNLOAD MANAGER] System Memory: 8.0GB, Max Concurrent: 5, Memory Threshold: 2048MB, Queue Size: 25
+[DOWNLOAD] Requesting slot for 1734567890-abc123def: video.mp4 (15.2GB)
+[DOWNLOAD MANAGER] Queued: 1734567890-abc123def (Position: 3/25)
+[DOWNLOAD MANAGER] Processing queue: 1734567890-abc123def (2 remaining)
+[DOWNLOAD] Starting 1734567890-abc123def: video.mp4 (15.2GB)
+[MEMORY THROTTLE] video.mp4 - Pausing stream due to high memory usage: 1843MB
+[DOWNLOAD] Applying throttling: 100ms delay for 1734567890-abc123def
+```
+
+### Configuration Validation
+
+The system automatically validates configurations at startup and provides warnings or errors:
+
+**Warnings**
+
+- `DOWNLOAD_MAX_CONCURRENT > 50`: May cause performance issues
+- `DOWNLOAD_MEMORY_THRESHOLD_MB < 128MB`: Downloads may be throttled frequently
+- `DOWNLOAD_MEMORY_THRESHOLD_MB > 16GB`: System may run out of memory
+- `DOWNLOAD_QUEUE_SIZE > 1000`: May consume significant memory
+- `DOWNLOAD_QUEUE_SIZE < DOWNLOAD_MAX_CONCURRENT`: Queue smaller than concurrent downloads
+
+**Errors**
+
+- `DOWNLOAD_MAX_CONCURRENT < 1`: Invalid value
+- `DOWNLOAD_QUEUE_SIZE < 1`: Invalid value
+
+## Queue Management APIs
+
+The system provides REST APIs to monitor and manage the download queue:
+
+### Get Queue Status
+
+```http
+GET /api/filesystem/download-queue/status
+```
+
+**Response:**
+
+```json
+{
+  "data": {
+    "queueLength": 3,
+    "maxQueueSize": 25,
+    "activeDownloads": 5,
+    "maxConcurrent": 5,
+    "queuedDownloads": [
+      {
+        "downloadId": "1734567890-abc123def",
+        "position": 1,
+        "waitTime": 45000,
+        "fileName": "video.mp4",
+        "fileSize": 16106127360
+      }
+    ]
+  },
+  "status": "success"
+}
+```
+
+### Cancel Download
+
+```http
+DELETE /api/filesystem/download-queue/{downloadId}
+```
+
+**Response:**
+
+```json
+{
+  "downloadId": "1734567890-abc123def",
+  "message": "Download cancelled successfully"
+}
+```
+
+### Clear Queue (Admin)
+
+```http
+DELETE /api/filesystem/download-queue
+```
+
+**Response:**
+
+```json
+{
+  "clearedCount": 8,
+  "message": "Download queue cleared successfully"
+}
+```
+
+## Troubleshooting
+
+### Common Issues
+
+**Downloads failing with "Download queue is full"**
+
+_Cause:_ Too many simultaneous downloads with a full queue
+
+_Solutions:_
+
+- Wait for some downloads to finish
+- Check for orphaned downloads in queue
+- Consider increasing container resources
+- Use API to clear queue if necessary
+
+**Downloads stay too long in queue**
+
+_Cause:_ Active downloads are slow or stuck
+
+_Solutions:_
+
+- Check logs for orphaned downloads
+- Use API to cancel specific downloads
+- Check client network connections
+- Monitor memory throttling
+
+**Very slow downloads**
+
+_Cause:_ Active throttling due to high memory usage
+
+_Solutions:_
+
+- Check other processes consuming memory
+- Consider increasing container resources
+- Monitor throttling logs
+- Check number of simultaneous downloads
+
+## Summary
+
+This system enables unlimited downloads (including 50TB+ files) without compromising system stability through:
+
+**Key Features**
+
+- Auto-configuration based on available resources
+- Automatic FIFO queue system for pending downloads
+- Adaptive control of simultaneous downloads
+- Intelligent throttling when needed
+
+**System Benefits**
+
+- Management APIs to monitor and control queue
+- Automatic cleanup of resources and orphaned downloads
+- Full compatibility with Docker/Kubernetes
+- Perfect user experience with no 429 errors
+
+The system maintains high performance for small/medium files while preventing crashes with gigantic files, offering a seamless experience where users never see 429 errors, they simply wait in queue until their download starts automatically.

apps/docs/content/docs/3.2-beta/gh-sponsor.mdx

@@ -0,0 +1,179 @@
+---
+title: GitHub Sponsors
+icon: Heart
+---
+
+## Introduction
+
+Sponsoring a project on GitHub is a powerful way to support its development and ensure its long-term sustainability. This guide walks you through the process of sponsoring the **Palmr** project using GitHub Sponsors.
+
+By becoming a sponsor, you directly contribute to the project's growth and help maintain its quality. Your sponsorship enables:
+
+- Continuous development and timely bug fixes
+- Implementation of new features and improvements
+- Coverage of hosting and infrastructure costs
+- Recognition of the developers' dedication and hard work
+- Building a community of supporters who value open source development
+
+---
+
+## GitHub account requirements
+
+Before you can sponsor a project, you'll need to be logged into your GitHub account. If you don't have an account yet, creating one is free and provides additional benefits beyond sponsorship.
+
+### Account benefits
+
+Having a GitHub account allows you to:
+
+- Follow project updates and releases
+- Report issues and suggest improvements
+- Contribute to project discussions
+- Access sponsor-exclusive content when available
+- Participate in the broader GitHub community
+
+If you need to create an account, visit [GitHub's signup page](https://github.com/signup) and follow the registration process.
+
+---
+
+## Accessing the repository
+
+Once you're logged into your GitHub account, navigate to the Palmr repository to begin the sponsorship process.
+
+### Direct access
+
+Visit the Palmr repository directly: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr)
+
+### Alternative methods
+
+You can also find the repository by:
+
+- Searching for "Palmr" in the GitHub search bar
+- Looking for the repository owned by **Kyantech**
+- Accessing it through Kyantech's profile page
+
+### Additional repository actions
+
+While you're on the repository page, consider:
+
+- **Starring** the repository to show your support
+- **Watching** it to receive notifications about updates
+- **Forking** it if you're interested in contributing code
+
+---
+
+## Initiating sponsorship
+
+The sponsorship process begins with locating and clicking the sponsor button on the repository page.
+
+### Finding the sponsor button
+
+On the Palmr repository page, you'll find a **Sponsor** button prominently displayed in the top section of the page. This button is typically highlighted in a distinct color to ensure visibility.
+
+![Palmr Sponsor Button](/assets/v1/sponsor/sponsor-btn.png)
+
+### Quick access
+
+**Pro Tip**: If you've previously sponsored projects, you can access your sponsorship dashboard directly through your GitHub profile under the "Sponsoring" section.
+
+---
+
+## Selecting your sponsorship level
+
+GitHub Sponsors offers flexible sponsorship options to accommodate different budgets and preferences.
+
+### Custom sponsorship options
+
+GitHub Sponsors allows you to sponsor the project with a **custom amount starting at $1**:
+
+1. **Enter Custom Amount**: Look for the option to enter a custom sponsorship amount
+2. **Choose Your Amount**: Select any amount you're comfortable with (e.g., $1, $5, $10, or higher)
+3. **Select Billing Frequency**: Choose between **monthly** recurring sponsorship or **one-time** payment
+4. **Consider Annual Options**: Some projects offer simplified annual sponsorship plans
+5. **Review Tier Benefits**: Check for any special benefits available at different sponsorship levels
+
+![Sponsor Page Example](/assets/v1/sponsor/sponsor-page.png)
+
+### Sponsorship recommendations
+
+- **Monthly Sponsorship**: Provides consistent support for ongoing development
+- **One-time Sponsorship**: Perfect for showing appreciation for specific features or releases
+- **Higher Tiers**: May include additional benefits like early access or direct communication
+
+---
+
+## Completing your sponsorship
+
+After selecting your sponsorship amount and billing preferences, you'll proceed to the payment process.
+
+### Payment process
+
+1. **Review Your Selection**: Confirm your sponsorship amount and billing frequency
+2. **Enter Payment Details**: Provide your payment information as prompted
+3. **Complete Transaction**: Follow GitHub's secure payment process
+4. **Confirmation**: Receive confirmation of your successful sponsorship
+
+Once the process is complete, you'll officially become a **Palmr sponsor** and join our community of supporters.
+
+---
+
+## The impact of your sponsorship
+
+Understanding why sponsorship matters helps illustrate the value of your contribution to the open source ecosystem.
+
+### Project sustainability
+
+**Long-term Maintenance**: Your sponsorship helps ensure the project remains actively maintained and supported over time.
+
+**Innovation Support**: Financial backing gives developers the freedom to experiment with new ideas and implement innovative features.
+
+**Meaningful Recognition**: Sponsoring represents a tangible way to express appreciation for the developers' dedication and hard work.
+
+**Community Recognition**: Many projects publicly acknowledge their sponsors, potentially featuring you in project documentation or websites.
+
+**Open Source Growth**: Your support contributes to the broader open source ecosystem, helping valuable projects thrive and grow.
+
+---
+
+## Post-sponsorship experience
+
+After becoming a sponsor, you'll gain access to additional benefits and recognition within the Palmr community.
+
+### What to expect
+
+Once your sponsorship is confirmed:
+
+1. **Email Confirmation**: You'll receive a confirmation email from GitHub detailing your sponsorship
+2. **Sponsor Recognition**: Your name will be added to our sponsors list and acknowledgments
+3. **Exclusive Content**: Access to sponsor-only updates, insights, and project information
+4. **Community Access**: Invitation to join our private Discord channel for sponsors
+5. **Early Access**: Priority access to new features and beta releases when available
+
+### Ongoing benefits
+
+As a sponsor, you become part of an exclusive community that:
+
+- Receives regular updates on project development
+- Has opportunities to provide input on project direction
+- Gets recognition for supporting open source development
+- Enjoys priority support when available
+
+---
+
+## Next steps
+
+Congratulations! You've successfully sponsored the **Palmr** project on GitHub. Your support plays a crucial role in ensuring this open source project continues to evolve and serve the community effectively.
+
+### Welcome to the community
+
+Your sponsorship means more than financial support—it represents a vote of confidence in the project's vision and future. We appreciate your contribution and welcome you to our growing community of supporters.
+
+### Staying connected
+
+Consider following the project's progress through:
+
+- Regular updates in sponsor communications
+- Participation in community discussions
+- Engagement with new features and releases
+- Sharing your experience with others who might benefit from Palmr
+
+Thank you for supporting open source development and helping make Palmr better for everyone.

apps/docs/content/docs/3.2-beta/gh-star.mdx

@@ -0,0 +1,144 @@
+---
+title: Star on GitHub
+icon: Star
+---
+
+## Introduction
+
+Starring a project on GitHub is a simple yet powerful way to show appreciation for a repository and bookmark it for future reference. This guide walks you through starring the **Palmr** project on GitHub.
+
+When you star our repository, you help increase its visibility and support the ongoing development of the project. It's a quick action that makes a meaningful difference to the project's growth.
+
+---
+
+## GitHub account setup
+
+Before you can star a project, you'll need to be logged into your GitHub account. If you don't have an account yet, creating one is free and straightforward.
+
+### Creating a New Account
+
+1. Visit [GitHub's signup page](https://github.com/signup)
+2. Enter your email address
+3. Create a strong password
+4. Choose a unique username
+5. Complete the verification process
+6. Select your preferences and finish the setup
+
+**Important**: Make sure to verify your email address after creating your account to access all GitHub features.
+
+---
+
+## Accessing the repository
+
+There are several ways to find and access the Palmr repository on GitHub:
+
+### Direct Access
+
+The quickest method is to visit the repository directly: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr)
+
+### Using GitHub Search
+
+1. Navigate to GitHub's main page
+2. Click the search bar at the top of the page
+3. Type "Palmr" in the search field
+4. Look for the repository owned by **Kyantech**
+5. Click on the repository name to access it
+
+### Through the Organization Profile
+
+1. Visit Kyantech's GitHub profile
+2. Navigate to the "Repositories" tab
+3. Find and click on "Palmr"
+
+---
+
+## Locating the star button
+
+Once you're on the Palmr repository page, you'll find the star functionality in the repository's action bar.
+
+### Finding the Button
+
+1. Look at the top section of the repository page
+2. Find the row of action buttons (Watch, Fork, Star)
+3. The Star button is prominently displayed with a star icon
+4. You'll see the current star count displayed next to the button
+
+![Palmr Profile Menu](/assets/v1/sponsor/star-btn.png)
+
+---
+
+## Starring the repository
+
+Clicking the star button is straightforward, and you'll receive immediate visual confirmation of your action.
+
+### What happens when you star
+
+After clicking the "Star" button, you'll notice several changes:
+
+1. The button text changes from "Star" to "Unstar"
+2. The star count increases by one
+3. The button becomes highlighted to indicate it's active
+4. The repository is automatically added to your starred repositories list
+
+### Accessing your starred repositories
+
+You can view all your starred repositories anytime by:
+
+- Clicking your profile picture in the top-right corner
+- Selecting "Your stars" from the dropdown menu
+- Or visiting directly: `https://github.com/[your-username]?tab=stars`
+
+**Note**: To remove your star later, simply click the "Unstar" button at any time.
+
+![Palmr Profile Menu](/assets/v1/sponsor/starred-button.png)
+
+---
+
+## Why your star matters
+
+Starring a repository goes beyond simple bookmarking—it's a meaningful way to support the project and its development team.
+
+### Impact on the Project
+
+**Shows Appreciation**: Starring demonstrates your appreciation for the hard work and effort invested in maintaining and developing the project.
+
+**Increases Visibility**: Repositories with more stars gain higher visibility on GitHub, appearing more prominently in search results and recommendations.
+
+**Motivates Developers**: Seeing stars encourages the development team to continue improving and expanding the project.
+
+**Improves Discoverability**: GitHub's algorithm prioritizes repositories with higher star counts in trending sections and discovery features.
+
+**Personal Benefits**: Starred repositories are saved to your personal list for easy access whenever you need them.
+
+**Supports Open Source**: Your participation helps sustain the open-source ecosystem and the continued development of Palmr.
+
+---
+
+## The bigger picture
+
+While starring takes only a moment, its impact on project growth and development is significant. Here's what your star represents:
+
+- **Project Momentum**: Each star contributes to building momentum and community interest
+- **Community Growth**: Stars encourage more developers to discover and participate in the project
+- **Valuable Feedback**: Star counts provide insight into the project's value and community reception
+- **Development Goals**: Higher star counts help the team set ambitious goals and secure resources
+- **Sustainable Development**: Community support through stars helps maintain long-term project sustainability
+
+Your star represents more than a number—it's a vote of confidence in our vision and directly influences Palmr's future development.
+
+---
+
+## Next steps
+
+Congratulations! You've successfully starred the **Palmr** project on GitHub. Thank you for joining our community and supporting the project's growth.
+
+### Additional Ways to Contribute
+
+Consider exploring other ways to engage with the Palmr community:
+
+- **Share the Project**: Tell others about Palmr and help expand our community
+- **Report Issues**: Help improve the project by reporting bugs or suggesting enhancements
+- **Contribute Code**: Submit pull requests to directly contribute to development
+- **Join Discussions**: Participate in community discussions and provide feedback
+
+Every form of engagement helps make Palmr better for everyone in the community.

apps/docs/content/docs/3.2-beta/github-architecture.mdx

@@ -0,0 +1,144 @@
+---
+title: GitHub Architecture
+icon: Github
+---
+
+import { File, Files, Folder } from "fumadocs-ui/components/files";
+
+This guide provides a comprehensive overview of Palmr.'s GitHub repository structure, explaining how the different components are organized in the codebase. Understanding this architecture will help you navigate the repository, contribute effectively, and understand how the project is structured.
+
+> **Overview:** Palmr. uses a monorepo architecture with clear separation between frontend, backend, and documentation components.
+
+## Project structure
+
+<Files>
+  <Folder name="apps" defaultOpen>
+    <Folder name="docs">
+      <File name="all documentation files" />
+    </Folder>
+    <Folder name="server">
+      <File name="all backend files" />
+    </Folder>
+    <Folder name="web">
+      <File name="all frontend files" />
+    </Folder>
+  </Folder>
+  <File name="other project files" />
+</Files>
+
+## Core components
+
+### Frontend application (apps/web)
+
+**Technology stack:**
+
+- Next.js 15 (App Router)
+- React 18
+- TypeScript
+- TailwindCSS
+- shadcn/ui components
+- next-intl for internationalization
+
+Palmr.'s frontend is built with **Next.js 15**, using the App Router and Server Components for performance, scalability, and flexibility. The structure is modular and feature-based, keeping things easy to evolve as the product grows. UI logic runs on **React 18**, and **TypeScript** adds type safety that prevents a lot of silent bugs. Styles are handled with **TailwindCSS**, letting us build clean, responsive interfaces quickly. For components, we rely on **shadcn/ui**, a headless component library built with Radix UI and Tailwind, it's fast, accessible, and fully customizable.
+
+Internationalization is handled by **next-intl**, which integrates perfectly with Next.js routing. It supports locale-aware routes, per-page translation loading, and plural rules, all without any extra client-side bloat. It's flexible, lightweight, and great for apps with multilingual audiences.
+
+The frontend is organized with:
+
+- A **components-based architecture** for modular UI
+- **Custom hooks** to isolate logic and side effects
+- A **route protection system** using session cookies and middleware
+- A **file management interface** integrated with the backend
+- **Folder support** for organizing files hierarchically
+- A **reusable modal system** used for file actions, confirmations, and more
+- **Dynamic, locale-aware routing** using next-intl
+
+### Backend service (apps/server)
+
+**Technology stack:**
+
+- Fastify
+- SQLite
+- Filesystem storage (with S3-compatible object storage support)
+- Prisma ORM
+
+The backend is built on **Fastify**, a blazing-fast web framework for Node.js. It's lightweight, modular, and optimized for high performance. Every route is validated using JSON schema, which helps keep the API consistent and secure. Auth flows are built using JWTs stored in HTTP-only cookies, and everything from file uploads to token-based sharing goes through this layer.
+
+Data is stored in **SQLite**, which handles user info, file metadata, session tokens, and more. For file storage, the system uses **filesystem storage** by default, keeping files organized in the local file system. The architecture also supports **S3-compatible object storage** as an alternative storage option for scalability. We use **Prisma** as our ORM to simplify database access, it gives us type-safe queries and easy-to-read code.
+
+Key features include:
+
+- **Authentication/authorization** with JWT + cookie sessions
+- **File management logic** including uploads, deletes, renames, and folders
+- **Storage operations** to handle file organization, usage tracking, and cleanup
+- A **share system** that generates tokenized public file links
+- Schema-based request validation for all endpoints
+- Prisma models that keep the database logic predictable and type-safe
+
+### Documentation (apps/docs)
+
+**Technology stack:**
+
+- Fumadocs
+- MDX (Markdown + JSX)
+- React-based components
+
+The docs are built using **Fumadocs**, a modern documentation system built on top of Next.js. It uses **MDX**, so you can mix Markdown with interactive React components, perfect for developer tools and open-source projects. Pages are fast, versionable, and easy to customize. The goal is to keep the documentation as close to the codebase as possible, using shared components where needed and reusing UI patterns directly from the app.
+
+It supports sidebar navigation, keyboard shortcuts, dark mode, and even interactive demos or UI previews. The file tree you see above, for example, is powered by a real React component from the docs.
+
+- Built with **Fumadocs**, powered by Next.js
+- Supports **MDX** and full React component embedding
+- Ideal for technical docs and live code samples
+- Styled using the same Tailwind setup from the main app
+
+### Infrastructure
+
+Palmr. is fully containerized using **Docker**, which means every service: frontend, backend, database, storage, runs in its own isolated environment. With `docker-compose`, the whole stack spins up locally with a single command. It's also easy to deploy to services like Fly.io, Render, or your own VPS.
+
+Volumes are used to persist data locally, and containers are networked together so that all services can talk to each other securely.
+
+- **Docker-first architecture** with all services containerized
+- Configurable through `.env` and compose overrides
+- Local volumes and named networks
+- Easy to deploy and scale on any container-compatible infra
+
+## Key features
+
+### File management
+
+Files are at the heart of Palmr. Users can upload files via the frontend, and they're stored directly in the filesystem. Users can also create folders to organize files. The backend handles metadata (name, size, type, ownership), and also handles deletion, renaming, and public sharing. Every file operation is tracked, and all actions can be scoped per user.
+
+- Upload/download with instant feedback
+- Create and organize files in folders
+- File previews, type validation, and size limits
+- Token-based sharing system
+- Disk usage tracking by user
+
+### User system
+
+Authentication is done through secure JWTs, stored in HTTP-only cookies for safety. Signup and login flows are simple and fast, and user info is kept in sync across the frontend and backend.
+
+- Cookie-based session management
+- Role support and future admin access
+- Profile updates and password reset flows
+- Logged-in user state handled via custom hooks
+
+### Storage system
+
+The system uses **filesystem storage** for all file operations by default. It's simple, fast, and reliable for most use cases. The architecture also supports **S3-compatible object storage** as an alternative for users who need cloud storage or additional scalability. The backend tracks usage, handles cleanup of orphaned files, and ensures that every file on disk has a matching database record.
+
+- Filesystem-based storage with organized directory structure
+- Optional S3-compatible object storage support
+- Upload validation and automatic cleanup
+- Usage tracking and quotas (per user or global)
+- Secure access to stored files with proper permissions
+
+### Internationalization
+
+Palmr. supports multiple languages using **next-intl**, which is deeply integrated into the routing system. It loads only the necessary translations per route, supports nested namespaces, and makes it easy to keep things organized even at scale.
+
+- Per-locale localstorage (`en-US`, `pt-BR`, etc.)
+- Translation loading by namespace/page
+- Full pluralization and formatting support
+- Easy translation management via JSON files

apps/docs/content/docs/3.2-beta/index.mdx

@@ -0,0 +1,50 @@
+---
+title: Welcome to Palmr.
+icon: TreePalm
+---
+
+import { Ban, Palette, Shield, Star, Users, Zap } from "lucide-react";
+
+![Palmr Banner](/assets/v2.1/general/banner.png)
+
+**Palmr.** is your go-to **open-source alternative** for file sharing, standing tall against services like **WeTransfer**, **SendGB**, **Send Anywhere**, and **Files.fm**. What sets Palmr. apart? You get to **host it on your own infrastructure** be it a **dedicated server** or **VPS** putting you in the driver’s seat for data security and file control. No more third-party dependencies or worrying about pesky limits and steep fees!
+
+## Why Palmr. Rocks?
+
+### No limits, seriously
+
+Forget about arbitrary caps on file sizes or numbers. With Palmr., the only limit is your **server’s storage space**. Got the capacity? Then transfer files of any size or quantity without a hitch. No premium plans to unlock, no annoying ads to dodge, and definitely no hidden fees sneaking up on you. Your file sharing freedom is tied to your infrastructure, not artificial restrictions.
+
+### Open source & totally free
+
+Palmr. is 100% **open source** and free no licenses, subscriptions, or surprise costs. This transparency means you’ve got full control over how you use it. Here’s what that looks like:
+
+- Deploy anywhere **VPS**, **dedicated server**, **Docker**, or any cloud platform you fancy.
+- Peek under the hood by reviewing the **codebase** to ensure it’s secure and meets your standards.
+- Pitch in with **improvements** or custom features to make Palmr. even better.
+- Tweak it for any use case, from personal sharing to business needs or niche applications.
+
+### Your data, your rules
+
+Host Palmr. on your own setup and keep **full control over your data**. By managing storage and transfers yourself, you cut out third-party risks. Your files stay in your environment no external services touching or storing them ensuring top-notch **privacy** and **confidentiality**. Set up security measures that fit your needs, and rest easy knowing no one else is in the loop. Palmr. hands you the reins for ultimate peace of mind, perfect for organizations needing strict data control or regulatory compliance.
+
+### Make it yours
+
+Palmr. is a canvas for customization, letting you shape every detail to match your **brand** and **user experience**:
+
+- Slap on your **logo** for consistent branding across the platform.
+- Pick a **custom app name** that screams your identity.
+- Hook up an **SMTP server** for seamless email notifications about transfers or updates.
+- Rewrite **interface text** to vibe with your audience and keep your brand’s voice.
+
+### Manage users like a pro
+
+Take charge of your file-sharing world with Palmr.’s robust **user and admin management** system:
+
+- Set up multiple **admins** to share the load and keep things running smoothly.
+- Add as many **users** as you need, from small crews to huge teams.
+- Keep tabs on **storage usage** with handy analytics for smarter resource planning.
+
+### Lightning fast & feather light
+
+Palmr. is built for speed with a sleek, scalable design that handles big file transfers and busy user loads without breaking a sweat. It keeps transfer speeds high and adapts to growing demands effortlessly. Thanks to smart resource use and polished code, you get a snappy experience that scales with your needs while staying rock-solid and stable.

apps/docs/content/docs/3.2-beta/manual-installation.mdx

@@ -0,0 +1,282 @@
+---
+title: Manual Installation
+icon: Cog
+---
+
+Hey there! Looking to run **Palmr.** your way, with complete control over every piece of the stack? This manual installation guide is for you. No Docker, no pre-built containers just the raw source code to tweak, customize, and deploy as you see fit.
+
+> **Prefer a quicker setup?** If this hands-on approach feels like overkill, check out our [**Quick Start (Docker)**](/docs/3.2-beta/quick-start) guide for a fast, containerized deployment. This manual path is tailored for developers who want to dive deep, modify the codebase, or integrate custom services.
+
+Here's what you'll do at a glance:
+
+1. **Clone** the repository to get the code.
+2. **Configure** `.env` files for backend and frontend.
+3. **Install** JavaScript dependencies using `pnpm`.
+4. **Generate** the Prisma client and run database migrations.
+5. **Seed** the database with initial Palmr. data.
+6. **Build & start** the backend (Fastify API).
+7. **Build & serve** the frontend (Next.js app).
+
+We've broken down each step below feel free to jump to the section you're working on!
+
+## Before you start
+
+Let's make sure your environment is ready to roll. Check that you've got these tools installed and set up on your system:
+
+- <span style={{ color: "#16a34a" }}>Node.js</span> *(Powers our JavaScript/TypeScript apps)*
+- <span style={{ color: "#16a34a" }}>pnpm</span> *(Our go-to package manager)*
+- <span style={{ color: "#16a34a" }}>Git</span> *(For cloning and managing the repo)*
+
+⚠️ **Heads Up on Package Managers**: Palmr. was built and tested with `pnpm`. While you _could_ try `npm`, `yarn`, or `bun`, we strongly recommend sticking with `pnpm` to avoid compatibility headaches.
+
+---
+
+### System requirements
+
+- **Operating System**: MacOS or Linux (recommended for best results)
+  - Windows works but hasn't been thoroughly tested.
+- **Memory**: At least 4GB RAM is suggested.
+- **Storage**: Depends on how much file storage you'll need.
+- **CPU**: 2+ cores for smooth performance.
+
+---
+
+## Let's Get Palmr. Running
+
+### Step 1: Clone the repository
+
+First things first, grab a local copy of the Palmr. codebase. Run this command to clone the official repo:
+
+```bash
+git clone https://github.com/kyantech/Palmr.git
+```
+
+Once it's done, you'll have a new directory with the project structure. Inside, the `apps` folder holds the key pieces: `docs`, `server`, and `web`. For this guide, we're focusing on `server` (our Fastify backend) and `web` (our Next.js frontend).
+
+---
+
+### Step 2: Set up the backend
+
+Let's get the backend up and running. Start by navigating to the server directory:
+
+```bash
+cd ./apps/server
+```
+
+#### Configure environment variables
+
+Before anything else, we need to set up the environment variables Palmr. relies on. We've included a handy template file called `.env.example` to get you started. Create your own `.env` file with this command:
+
+```bash
+cp .env.example .env
+```
+
+This copies the template into a new `.env` file with all the necessary settings. Open it up if you need to tweak anything specific to your setup.
+
+#### Install dependencies
+
+Next, let's install the backend dependencies. With Node.js and `pnpm` ready, run:
+
+```bash
+pnpm install
+```
+
+This pulls in everything needed for the backend, including Prisma, our database ORM.
+
+#### Generate Prisma client
+
+Now, generate the Prisma client tailored for Palmr. with:
+
+```bash
+pnpm dlx prisma generate
+```
+
+This sets up the interface for smooth database interactions.
+
+#### Deploy Prisma migrations
+
+With the client ready, apply the database schema using:
+
+```bash
+pnpm dlx prisma migrate deploy
+```
+
+This ensures your database structure is set up with all the required migrations.
+
+#### Seed the database
+
+Let's populate the database with some initial data. Run the seeding script:
+
+```bash
+pnpm db:seed
+```
+
+This adds the baseline data Palmr. needs to function properly.
+
+#### Build and run the backend
+
+Finally, build the backend app:
+
+```bash
+pnpm run build
+```
+
+Once the build is complete, start the service:
+
+```bash
+pnpm start
+```
+
+To confirm everything's working, check out the API documentation at:
+
+```bash
+http://localhost:3333/docs
+```
+
+This page lists all available API endpoints and how to use them.
+
+---
+
+### Step 3: Set up the frontend
+
+With the backend humming, let's tackle the frontend setup.
+
+#### Navigate to the Frontend Directory
+
+If you're in the `server` folder, move to `web` with:
+
+```bash
+cd ../web
+```
+
+Or, from the repo root, use:
+
+```bash
+cd apps/web
+```
+
+#### Configure environment variables
+
+Just like the backend, set up the frontend environment variables:
+
+```bash
+cp .env.example .env
+```
+
+This creates a `.env` file with the necessary configurations for the frontend.
+
+##### Upload Configuration
+
+Palmr. supports configurable chunked uploading for large files. You can customize the chunk size by setting the following environment variable in your `.env` file:
+
+```bash
+NEXT_PUBLIC_UPLOAD_CHUNK_SIZE_MB=100
+```
+
+**How it works:**
+
+- If `NEXT_PUBLIC_UPLOAD_CHUNK_SIZE_MB` is set, Palmr. will use this value (in megabytes) as the chunk size for all file uploads that exceed this threshold.
+- If not set or left empty, Palmr. automatically calculates optimal chunk sizes based on file size:
+  - Files ≤ 100MB: uploaded without chunking
+  - Files > 100MB and ≤ 1GB: 75MB chunks
+  - Files > 1GB: 150MB chunks
+
+**When to configure:**
+
+- **Default (not set):** Recommended for most use cases. Palmr. will intelligently determine the best chunk size.
+- **Custom value:** Set this if you have specific network conditions or want to optimize for your infrastructure (e.g., slower connections may benefit from smaller chunks like 50MB, while fast networks can handle larger chunks like 200MB, or the upload size per payload may be limited by a proxy like Cloudflare)
+
+#### Install dependencies
+
+Install all the frontend dependencies:
+
+```bash
+pnpm install
+```
+
+#### Build and run the frontend
+
+Build the production version of the frontend:
+
+```bash
+pnpm run build
+```
+
+Once that's done, serve it up:
+
+```bash
+pnpm serve
+```
+
+Now, open your browser and head to:
+
+```bash
+http://localhost:3000
+```
+
+You should see the full Palmr. application ready to go!
+
+---
+
+## Quick notes
+
+This guide sets up Palmr. using the local file system for storage. Want to use an S3-compatible object storage instead? You can configure that in the `.env` file. Check the Palmr. documentation for details on setting up S3 storage just update the environment variables, then build and run as shown here.
+
+### Custom Installation Paths and Symlinks
+
+If you're using a custom installation setup with symlinks (for example, `/opt/palmr_data/uploads -> /mnt/data/uploads`), you might encounter issues with disk space detection. Palmr. includes a `CUSTOM_PATH` environment variable to handle these scenarios:
+
+```bash
+# In your .env file (apps/server/.env)
+CUSTOM_PATH=/opt/palmr_data
+```
+
+This tells Palmr. to check your custom path first when determining available disk space, ensuring proper detection even when using symlinks or non-standard directory structures.
+
+---
+
+## Command cheat sheet
+
+Here's a quick reference for all the commands we've covered perfect for copy-pasting once you're familiar with the steps:
+
+```bash
+# --- Backend (Fastify API) ---
+cd apps/server
+pnpm install
+pnpm dlx prisma generate
+pnpm dlx prisma migrate deploy
+pnpm db:seed
+pnpm run build
+pnpm start
+
+# --- Frontend (Next.js) ---
+cd apps/web
+pnpm install
+pnpm run build
+pnpm serve
+```
+
+> **Tip**: Keep this handy in your clipboard for your first setup run.
+
+---
+
+## What's next?
+
+Palmr. is now up and running locally . Here are some suggested next steps:
+
+- **Manage Users**: Dive into the [Users Management](/docs/3.2-beta/manage-users) guide.
+- **Switch to Object Storage**: Update `.env` variables to use an S3-compatible bucket (see Quick Notes above).
+- **Secure Your Instance**: Put Palmr. behind a reverse proxy like **Nginx** or **Caddy** and enable HTTPS.
+- **Learn the Internals**: Explore how everything connects in the [Architecture](/docs/3.2-beta/architecture) overview.
+
+Jump into whichever area fits your needs our docs are designed for exploration in any order.
+
+## Wrapping up
+
+Congrats! You've successfully set up a production-ready instance of Palmr. through this detailed manual process. From cloning the repo to deploying the app, you've tackled every step like a pro.
+
+## Helpful resources
+
+- [Node.js Documentation](https://nodejs.org/en/docs/)
+- [pnpm Documentation](https://pnpm.io/)
+- [Prisma Documentation](https://www.prisma.io/docs/)

apps/docs/content/docs/3.2-beta/meta.json

@@ -0,0 +1,34 @@
+{
+  "description": "Latest version",
+  "icon": "Sparkles",
+  "pages": [
+    "---Introduction---",
+    "index",
+    "quick-start",
+    "installation",
+    "manual-installation",
+    "screenshots",
+    "s3-providers",
+    "---Configuration---",
+    "configuring-smtp",
+    "available-languages",
+    "uid-gid-configuration",
+    "reverse-proxy-configuration",
+    "download-memory-management",
+    "password-reset-without-smtp",
+    "oidc-authentication",
+    "troubleshooting",
+    "---Developers---",
+    "architecture",
+    "github-architecture",
+    "api",
+    "translation-management",
+    "contribute",
+    "open-an-issue",
+    "---Sponsor this project---",
+    "gh-star",
+    "gh-sponsor"
+  ],
+  "root": true,
+  "title": "v3.2-beta"
+}

apps/docs/content/docs/3.2-beta/oidc-authentication/auth0.mdx

@@ -0,0 +1,370 @@
+---
+title: Auth0
+icon: Lock
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Auth0 is one of Palmr's officially supported OIDC providers, offering enterprise-grade authentication through Auth0's identity platform. This integration allows users to sign in to Palmr using Auth0's comprehensive authentication system, making it perfect for enterprise organizations, applications requiring advanced security features, and teams that need centralized identity management.
+
+<ZoomableImage src="/assets/v3/oidc/auth0/sign-in-with-auth0.png" alt="Sign in with Auth0" />
+
+## Why use Auth0 authentication?
+
+Auth0 authentication provides several advantages for enterprise and security-focused organizations:
+
+- **Enterprise-grade security** - Advanced security features like MFA, adaptive authentication, and threat detection
+- **Centralized identity management** - Single platform to manage users across multiple applications
+- **Flexible authentication options** - Support for social logins, enterprise SSO, and custom databases
+- **Compliance ready** - Built-in compliance with SOC 2, GDPR, HIPAA, and other standards
+- **Advanced customization** - Rules, hooks, and custom branding capabilities
+
+---
+
+## Prerequisites
+
+Before configuring Auth0 authentication, ensure you have:
+
+- **Auth0 account** - Ability to create applications and manage tenants
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+- **Domain configuration** - For production deployments with custom domains
+
+> **Note:** Auth0 is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up Auth0 Application
+
+### Creating an Auth0 application
+
+To get started with Auth0 authentication, you'll need to create an application in your Auth0 Dashboard.
+
+1. **Navigate to Auth0 Dashboard**: Go to [manage.auth0.com](https://manage.auth0.com)
+
+<ZoomableImage src="/assets/v3/oidc/auth0/auth0-dashboard.png" alt="Auth0 Dashboard" />
+
+2. **Create new application**: Click **"Applications"** in the left sidebar, then click **"+ Create Application"**
+
+<ZoomableImage src="/assets/v3/oidc/auth0/create-application.png" alt="Auth0 Create Application" />
+
+3. **Select application type**: Choose **"Single Page Application"** for web-based Palmr instances
+
+<ZoomableImage
+  src="/assets/v3/oidc/auth0/application-type.png"
+  alt="Auth0 Application Type Selection"
+  legend="This is a fake application, you have to use your own."
+/>
+
+4. **Enter application details**:
+   - **Name**: Enter a descriptive name like "Palmr File Sharing"
+
+5. **Create application**: Click **"Create"** to generate your Auth0 application
+
+### Configuring application settings
+
+After creating your application, you'll need to configure the settings that Palmr will use. Navigate to the application page and click on the **"Settings"** tab.
+
+<ZoomableImage
+  src="/assets/v3/oidc/auth0/application-settings.png"
+  alt="Auth0 Application Settings"
+  legend="This is a fake application, you have to use your own."
+/>
+
+1. **Configure application URLs**:
+
+You'll need to configure several URLs in your Auth0 application settings. Here's what to add for each environment:
+
+### Application Login URIs
+
+| Environment | URL                                 |
+| ----------- | ----------------------------------- |
+| Production  | `https://yourdomain.com/login`      |
+| Development | Don't add anything here             |
+| Custom Port | `https://yourdomain.com:5487/login` |
+
+### Allowed Logout URLs
+
+| Environment | URL                           |
+| ----------- | ----------------------------- |
+| Production  | `https://yourdomain.com`      |
+| Development | `http://localhost:3000`       |
+| Custom Port | `https://yourdomain.com:5487` |
+
+### Allowed Web Origins
+
+| Environment | URL                           |
+| ----------- | ----------------------------- |
+| Production  | `https://yourdomain.com`      |
+| Development | `http://localhost:3000`       |
+| Custom Port | `https://yourdomain.com:5487` |
+
+### Allowed Callback URLs
+
+| Environment | URL                                                             |
+| ----------- | --------------------------------------------------------------- |
+| Production  | `https://yourdomain.com/api/auth/providers/auth0/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/auth0/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/auth0/callback` |
+
+> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+
+<ZoomableImage
+  src="/assets/v3/oidc/auth0/config-urls.png"
+  alt="Auth0 Application URLs Configuration"
+  legend="This is a fake application, you have to use your own."
+/>
+
+2. **Save changes**: Click **"Save"** to apply your configuration
+
+### Getting OAuth credentials
+
+Now you'll get the credentials that Palmr will use to authenticate with Auth0.
+
+1. **Copy Domain**: Note your Auth0 domain (e.g., `your-tenant.auth0.com`) add `https://` at the beginning
+
+2. **Copy Client ID**: The Client ID is displayed in the **"Client ID"** field
+
+3. **Generate Client Secret**: Click **"Show"** next to Client Secret to reveal it
+
+<ZoomableImage
+  src="/assets/v3/oidc/auth0/oauth-credentials.png"
+  alt="Auth0 OAuth Credentials"
+  legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from Auth0."
+/>
+
+4. **Save credentials**: Copy the **Domain**, **Client ID**, and **Client Secret** for later use
+
+> **Important:** Replace `yourdomain.com` with your actual domain. You can add multiple callback URLs for different environments (development, staging, production).
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure Auth0 authentication in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling Auth0 provider
+
+Auth0 comes pre-configured as an official provider, so the setup process is streamlined.
+
+1. **Locate Auth0 provider**: Find Auth0 in the list of available providers
+
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/auth0/enabled-auth0.png" alt="Palmr Auth0 Provider Enabled" />
+
+After enabling the provider, click on the pen icon to configure the provider.
+
+3. **Configure credentials**:
+   - **Provider URL**: Paste your Auth0 domain (e.g., `https://your-tenant.auth0.com`) remember to add the `https://` at the beginning
+   - **Client ID**: Paste the Client ID from Auth0 application
+   - **Client Secret**: Paste the Client Secret from Auth0 application
+   - **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`.
+
+<ZoomableImage
+  src="/assets/v3/oidc/auth0/edit-auth0.png"
+  alt="Edit Auth0 Provider"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Sort Order**: Control where the Auth0 login button appears relative to other authentication providers.
+
+**Icon**: you can choose the icon you want to use for the Auth0 login button (default is `SiAuth0`).
+
+<ZoomableImage src="/assets/v3/oidc/auth0/auth0-icon.png" alt="Auth0 Icon" />
+
+> **Enterprise tip:** Auth0 authentication works great for enterprise organizations requiring advanced security features and centralized identity management.
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their Auth0 email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their Auth0 account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+Auth0's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 with OIDC Discovery
+Issuer URL: https://your-tenant.auth0.com
+Authorization Endpoint: /authorize
+Token Endpoint: /oauth/token
+UserInfo Endpoint: /userinfo
+Scopes: openid profile email
+```
+
+### Field mappings
+
+Palmr automatically maps Auth0 user information to local user accounts:
+
+- **User ID**: Maps from Auth0's `sub` field
+- **Email**: Maps from Auth0's `email` field
+- **Full Name**: Maps from Auth0's `name` field
+- **First Name**: Maps from Auth0's `given_name` field
+- **Last Name**: Maps from Auth0's `family_name` field
+- **Avatar**: Maps from Auth0's `picture` field
+- **Username**: Maps from Auth0's `nickname` field
+
+### Auth0-specific features
+
+- **Custom Claims**: Can include custom user metadata and app metadata
+- **Connection Support**: Works with database, social, and enterprise connections
+- **Rules and Hooks**: Can customize authentication flow with custom logic
+- **Multi-factor Authentication**: Supports Auth0's MFA features
+- **Enterprise SSO**: Integrates with SAML, LDAP, and other enterprise systems
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring Auth0 authentication, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Auth0" button appears
+
+2. **Test authentication flow**: Click the Auth0 sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. **User clicks "Sign in with Auth0"**: The browser redirects to Auth0's authorization page
+2. **User authenticates**: User completes authentication through Auth0 (login, MFA, etc.)
+3. **Auth0 redirects back to Palmr**: User returns to Palmr with authentication tokens
+4. **Palmr creates or updates user**: User account is automatically managed with Auth0 information
+5. **User accesses Palmr**: User is logged in with their Auth0 identity
+
+---
+
+## Troubleshooting common issues
+
+### Redirect URI mismatch error
+
+**Error message**: `invalid_redirect_uri`
+
+**Cause**: The redirect URI in your request doesn't match what's configured in Auth0 application.
+
+**Solution**:
+
+1. Check the exact URL in the error message
+2. Add this exact URL to your Auth0 application's callback URLs
+3. Ensure you include the correct protocol (http/https) and port
+4. Remove any trailing slashes unless they're in the callback URL
+
+### Access denied error
+
+**Error message**: `access_denied`
+
+**Cause**: User denied permissions or the application isn't properly configured.
+
+**Solution**:
+
+1. Verify that your Auth0 application requests the correct scopes
+2. Check that users are granting permissions during the authorization flow
+3. Ensure your application is not restricted or disabled
+4. Verify the application has proper permissions set up
+
+### Invalid client error
+
+**Error message**: `invalid_client`
+
+**Cause**: Incorrect Client ID, Client Secret, or Domain.
+
+**Solution**:
+
+1. Double-check that you've copied the credentials correctly from Auth0
+2. Ensure there are no extra spaces or characters in the credentials
+3. Verify you're using the correct domain format (e.g., `your-tenant.auth0.com`)
+4. Generate a new Client Secret if necessary
+
+### Domain configuration issues
+
+**Error message**: Domain not found or invalid
+
+**Cause**: Incorrect Auth0 domain or tenant configuration.
+
+**Solution**:
+
+1. Verify your Auth0 domain is correct (e.g., `your-tenant.auth0.com`)
+2. Check that your Auth0 tenant is active and not suspended
+3. Ensure you're using the correct region for your tenant
+4. Verify DNS resolution for your Auth0 domain
+
+### Custom claims not available
+
+**Cause**: Custom claims not properly configured in Auth0 rules or actions.
+
+**Solution**:
+
+1. Check Auth0 rules and actions for custom claim configuration
+2. Verify that custom claims are included in the ID token
+3. Ensure the claims are properly formatted and accessible
+4. Test with a user that has the expected custom claims
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
+- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
+- **Use environment variables**: Store sensitive configuration in environment variables, not config files
+- **Monitor access logs**: Regularly review authentication logs for suspicious activity
+
+### Scope and permission management
+
+- **Minimal scopes**: Only request `openid`, `profile`, and `email` scopes as required by Palmr
+- **User consent**: Ensure users understand what permissions they're granting
+- **Regular audits**: Review which users have connected their Auth0 accounts
+- **Access reviews**: Periodically check user access and remove inactive accounts
+
+### Production considerations
+
+- **Use HTTPS**: Always use HTTPS in production environments
+- **Configure proper domains**: Use production domains in Auth0 application settings
+- **Test thoroughly**: Verify the complete authentication flow before going live
+- **Plan for failures**: Have fallback authentication methods available
+
+---
+
+## Next steps
+
+With Auth0 authentication configured, you might want to:
+
+- **Configure additional providers**: Set up other OIDC providers for more authentication options
+- **Customize user management**: Fine-tune auto-registration and admin assignment rules
+- **Review security settings**: Ensure your authentication setup meets your security requirements
+- **Monitor usage**: Keep track of authentication patterns and user activity
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
+
+## Useful resources
+
+- [Auth0 Documentation](https://auth0.com/docs)
+- [Auth0 OAuth 2.0 Guide](https://auth0.com/docs/protocols/oauth2)
+- [Auth0 OpenID Connect](https://auth0.com/docs/protocols/openid-connect)
+- [Auth0 Dashboard](https://manage.auth0.com)

apps/docs/content/docs/3.2-beta/oidc-authentication/authentik.mdx

@@ -0,0 +1,384 @@
+---
+title: Authentik
+icon: Key
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Authentik is one of Palmr's officially supported OIDC providers, offering enterprise-grade authentication through Authentik's identity platform. This integration allows users to sign in to Palmr using Authentik's comprehensive authentication system, making it perfect for enterprise organizations, applications requiring advanced security features, and teams that need centralized identity management with complete control over their authentication infrastructure.
+
+<ZoomableImage src="/assets/v3/oidc/authentik/sign-in-with-authentik.png" alt="Sign in with Authentik" />
+
+## Why use Authentik authentication?
+
+Authentik authentication provides several advantages for enterprise and security-focused organizations:
+
+- **Complete self-hosted control** - Full control over your authentication infrastructure and data
+- **Enterprise-grade security** - Advanced security features like MFA, adaptive authentication, and threat detection
+- **Centralized identity management** - Single platform to manage users across multiple applications
+- **Compliance ready** - Built-in compliance with GDPR, SOC 2, and other enterprise standards
+- **Advanced customization** - Policies, flows, and custom branding capabilities
+
+---
+
+## Prerequisites
+
+Before configuring Authentik authentication, ensure you have:
+
+- **Authentik instance** - Self-hosted Authentik installation running and accessible
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+- **Domain configuration** - For production deployments with custom domains
+
+> **Note:** Authentik is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up Authentik OAuth2/OpenID Provider
+
+### Creating an Authentik OAuth2/OpenID Provider
+
+To get started with Authentik authentication, you'll need to create an OAuth2/OpenID Provider in your Authentik Admin Interface.
+
+1. **Navigate to Authentik Admin Interface**: Go to your Authentik instance URL (e.g., `https://your-authentik-domain.com`)
+
+<ZoomableImage src="/assets/v3/oidc/authentik/authentik-admin.png" alt="Authentik Admin Interface" />
+
+2. **Create new OAuth2/OpenID Provider**: Click **"Applications"** in the left sidebar, then click **"Providers"** and click **"+ Create"**
+
+<ZoomableImage src="/assets/v3/oidc/authentik/create-provider.png" alt="Authentik Create Provider" />
+
+3. **Select provider type**: Choose **"OAuth2/OpenID Provider"** for OIDC authentication and click on **"Next"** button.
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/provider-type.png"
+  alt="Authentik Provider Type Selection"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Configuring provider settings
+
+1. **Enter provider details**:
+   - **Name**: Enter a descriptive name like "Palmr File Sharing"
+   - **Authorization Flow**: select **default-provider-authorization-explicit-consent (Authorize Application)**
+   - **Protocol Settings (Client type)**: select **Confidential**
+   - **Protocol Settings (Client ID)**: Copy the Client ID from Authentik field (You can edit it if you want) - `(Copy this value and save it for later use)`
+   - **Protocol Settings (Client Secret)**: Copy the Client Secret from Authentik field (You can edit it if you want) - `(Copy this value and save it for later use)`
+   - **Protocol Settings (Redirect URIs/Origins (RegEx))**: Select 'Strict' and add the redirect URI for your application (e.g. `https://your-palmr-domain.com/api/auth/providers/authentik/callback`) you can see below the field the example of the redirect URI.
+   - **Protocol Settings (Signing key)**: select **"authentik Self-signed Certificate"**
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/provider-settings-1.png"
+  alt="Authentik Provider Settings"
+  legend="This is a fake application, you have to use your own."
+/>
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/provider-settings-2.png"
+  alt="Authentik Provider Settings"
+  legend="This is a fake application, you have to use your own."
+/>
+
+2. **Configure provider URLs**:
+
+You'll need to configure several URLs in your Authentik provider settings. Here's what to add for each environment:
+
+### Redirect URIs
+
+| Environment | URL                                                                 |
+| ----------- | ------------------------------------------------------------------- |
+| Production  | `https://yourdomain.com/api/auth/providers/authentik/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/authentik/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/authentik/callback` |
+
+> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
+
+**Save changes**: Click **"Finish"** to apply your configuration.
+
+> **Note:** You can configure other settings for provider if you want, but the necessary settings are already configured in this step.
+
+After clicking on **"Finish"** you will see your provider listed in the provider list, but with an warning message like this: ' Warning: Provider not assigned to any application.'.
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/warning-message.png"
+  alt="Authentik Provider Warning Message"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Creating application with created provider
+
+After creating your provider, you need to create an application with the created provider. To do this, you need to click on the **"Applications"** in the left sidebar, then click on **"+ Create"**.
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/applications-page.png"
+  alt="Authentik Applications Page"
+  legend="This is a fake application, you have to use your own."
+/>
+
+1. **Configure application**:
+
+- **Name**: Enter a descriptive name like "Palmr File Sharing"
+- **Slug**: Enter a unique identifier (e.g., `palmr-file-sharing`)
+- **Provider**: Select the provider you just created from the list of providers.
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/application-modal.png"
+  alt="Authentik Application Modal"
+  legend="This is a fake application, you have to use your own."
+/>
+
+The other fields are not important for now, you can leave them as they are. But if you want to change something, you can change them.
+
+2. **Save application**: Click on **"Create"** to save the application.
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/application-modal.png"
+  alt="Authentik Application Modal"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Final Authentik step
+
+The last step in Authentik is grab your instance URL. You can find it clicking on the **"providers"** in the side menu on tab **"overview"**.
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/provider-overview.png"
+  alt="Authentik Instance URL"
+  legend="This is a fake application, you have to use your own."
+/>
+
+You don't need copy the complete URL, just the domain name and protocol and port if you are using a custom port.
+For example: `https://your-authentik-domain.com`.
+
+> **Note:** In Authentik we finish the configuration. Let's go to Palmr to configure the provider. Remember you need `Client ID`, `Client Secret` and `Instance URL` to configure the provider in Palmr.
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure Authentik authentication in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling Authentik provider
+
+Authentik comes pre-configured as an official provider, so the setup process is streamlined.
+
+1. **Locate Authentik provider**: Find Authentik in the list of available providers
+
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/authentik/enabled-authentik.png" alt="Palmr Authentik Provider Enabled" />
+
+After enabling the provider, click on the pen icon to configure the provider.
+
+3. **Configure credentials**:
+   - **Provider URL**: Paste your Authentik instance URL (e.g., `https://your-authentik-domain.com`)
+   - **Client ID**: Paste the Client ID from Authentik provider
+   - **Client Secret**: Paste the Client Secret from Authentik provider
+   - **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`. You don't need change this if you are not sure.
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/edit-authentik.png"
+  alt="Edit Authentik Provider"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Sort Order**: Control where the Authentik login button appears relative to other authentication providers.
+
+**Icon**: you can choose the icon you want to use for the Authentik login button (default is `FaShieldAlt`).
+
+<ZoomableImage src="/assets/v3/oidc/authentik/authentik-icon.png" alt="Authentik Icon" />
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their Authentik email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their Authentik account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+Authentik's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 with OIDC Discovery
+Issuer URL: https://your-authentik-domain.com
+Authorization Endpoint: /application/o/authorize
+Token Endpoint: /application/o/token
+UserInfo Endpoint: /application/o/userinfo
+Scopes: openid profile email
+```
+
+### Field mappings
+
+Palmr automatically maps Authentik user information to local user accounts:
+
+- **User ID**: Maps from Authentik's `sub` field
+- **Email**: Maps from Authentik's `email` field
+- **Full Name**: Maps from Authentik's `name` field
+- **First Name**: Maps from Authentik's `given_name` field
+- **Last Name**: Maps from Authentik's `family_name` field
+- **Avatar**: Maps from Authentik's `picture` field
+- **Username**: Maps from Authentik's `preferred_username` field
+
+### Authentik-specific features
+
+- **Custom Claims**: Can include custom user metadata and app metadata
+- **Policies Support**: Can customize authentication flow with custom policies
+- **Multi-factor Authentication**: Supports Authentik's MFA features
+- **Enterprise SSO**: Integrates with SAML, LDAP, and other enterprise systems
+- **Self-hosted Only**: Complete control over your authentication infrastructure
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring Authentik authentication, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Authentik" button appears
+
+2. **Test authentication flow**: Click the Authentik sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. **User clicks "Sign in with Authentik"**: The browser redirects to Authentik's authorization page
+2. **User authenticates**: User completes authentication through Authentik (login, MFA, etc.)
+3. **Authentik redirects back to Palmr**: User returns to Palmr with authentication tokens
+4. **Palmr creates or updates user**: User account is automatically managed with Authentik information
+5. **User accesses Palmr**: User is logged in with their Authentik identity
+
+---
+
+## Troubleshooting common issues
+
+### Redirect URI mismatch error
+
+**Error message**: `invalid_redirect_uri`
+
+**Cause**: The redirect URI in your request doesn't match what's configured in Authentik provider.
+
+**Solution**:
+
+1. Check the exact URL in the error message
+2. Add this exact URL to your Authentik provider's redirect URIs
+3. Ensure you include the correct protocol (http/https) and port
+4. Remove any trailing slashes unless they're in the callback URL
+
+### Access denied error
+
+**Error message**: `access_denied`
+
+**Cause**: User denied permissions or the provider isn't properly configured.
+
+**Solution**:
+
+1. Verify that your Authentik provider requests the correct scopes
+2. Check that users are granting permissions during the authorization flow
+3. Ensure your provider is not restricted or disabled
+4. Verify the provider has proper permissions set up
+
+### Invalid client error
+
+**Error message**: `invalid_client`
+
+**Cause**: Incorrect Client ID, Client Secret, or Instance URL.
+
+**Solution**:
+
+1. Double-check that you've copied the credentials correctly from Authentik
+2. Ensure there are no extra spaces or characters in the credentials
+3. Verify you're using the correct instance URL format
+4. Generate a new Client Secret if necessary
+
+### Instance URL configuration issues
+
+**Error message**: Instance not found or invalid
+
+**Cause**: Incorrect Authentik instance URL or instance configuration.
+
+**Solution**:
+
+1. Verify your Authentik instance URL is correct
+2. Check that your Authentik instance is active and accessible
+3. Ensure you're using the correct protocol (https://)
+4. Verify DNS resolution for your Authentik instance
+
+### Self-hosted connectivity issues
+
+**Cause**: Network connectivity problems with self-hosted Authentik instance.
+
+**Solution**:
+
+1. Check server firewall and network connectivity
+2. Verify DNS resolution from your server to the Authentik instance
+3. Ensure the Authentik instance is properly configured and running
+4. Check SSL certificate validity for the Authentik instance
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
+- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
+- **Use environment variables**: Store sensitive configuration in environment variables, not config files
+- **Monitor access logs**: Regularly review authentication logs for suspicious activity
+
+### Scope and permission management
+
+- **Minimal scopes**: Only request `openid`, `profile`, and `email` scopes as required by Palmr
+- **User consent**: Ensure users understand what permissions they're granting
+- **Regular audits**: Review which users have connected their Authentik accounts
+- **Access reviews**: Periodically check user access and remove inactive accounts
+
+### Production considerations
+
+- **Use HTTPS**: Always use HTTPS in production environments
+- **Configure proper domains**: Use production domains in Authentik provider settings
+- **Test thoroughly**: Verify the complete authentication flow before going live
+- **Plan for failures**: Have fallback authentication methods available
+
+---
+
+## Next steps
+
+With Authentik authentication configured, you might want to:
+
+- **Configure additional providers**: Set up other OIDC providers for more authentication options
+- **Customize user management**: Fine-tune auto-registration and admin assignment rules
+- **Review security settings**: Ensure your authentication setup meets your security requirements
+- **Monitor usage**: Keep track of authentication patterns and user activity
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
+
+## Useful resources
+
+- [Authentik Documentation](https://goauthentik.io/docs)
+- [Authentik OAuth2/OpenID Provider](https://goauthentik.io/docs/providers/oauth2)
+- [Authentik Installation Guide](https://goauthentik.io/docs/installation)
+- [Authentik Admin Interface](https://goauthentik.io/docs/administration)

apps/docs/content/docs/3.2-beta/oidc-authentication/discord.mdx

@@ -0,0 +1,342 @@
+---
+title: Discord
+icon: MessageSquare
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Discord is one of Palmr's officially supported OIDC providers, offering secure authentication through Discord OAuth 2.0. This integration allows users to sign in to Palmr using their existing Discord accounts, making it perfect for gaming communities, developer teams, and organizations already using Discord.
+
+<ZoomableImage src="/assets/v3/oidc/discord/sign-in-with-discord.png" alt="Sign in with Discord" />
+
+## Why use Discord authentication?
+
+Discord authentication provides several advantages for community-focused organizations and teams:
+
+- **Community integration** - Perfect for gaming communities and Discord-centric organizations
+- **Familiar experience** - Users already trust and use Discord daily
+- **Rich user profiles** - Access to Discord usernames, avatars, and global names
+- **Developer-friendly** - Great for technical teams and open-source projects
+- **No additional accounts** - Users can access Palmr without creating new credentials
+
+---
+
+## Prerequisites
+
+Before configuring Discord authentication, ensure you have:
+
+- **Discord Developer Portal access** - Ability to create applications on Discord
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+- **Server ownership or permissions** - If integrating with a Discord server
+
+> **Note:** Discord is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up Discord Developer Portal
+
+### Creating a Discord application
+
+To get started with Discord authentication, you'll need to create an application in Discord Developer Portal.
+
+1. **Navigate to Discord Developer Portal**: Go to [discord.com/developers/applications](https://discord.com/developers/applications)
+
+<ZoomableImage src="/assets/v3/oidc/discord/developer-portal-home.png" alt="Discord Developer Portal Home" />
+
+2. **Create new application**: Click **"New Application"** button
+3. **Enter application details**:
+   - **Name**: Enter a descriptive name like "Palmr File Sharing"
+   - **Accept Terms of Service and Developer Policy**: Check the box
+
+<ZoomableImage src="/assets/v3/oidc/discord/create-application-modal.png" alt="Discord Create Application Modal" />
+
+4. **Create application**: Click **"Create"** to generate your application
+
+### Configuring application settings
+
+After creating your application, you'll need to configure basic settings and branding.
+
+1. **Update application information**:
+   - **Description**: Add a clear description of your Palmr instance
+   - **Icon**: Upload your organization's logo or Palmr-related icon
+   - **Cover Image**: Optional banner image for better branding
+
+<ZoomableImage
+  src="/assets/v3/oidc/discord/application-settings.png"
+  alt="Discord Application Settings"
+  legend="This is a fake application, you have to use your own."
+/>
+
+2. **Configure application details**:
+   - **Tags**: Add relevant tags (optional)
+   - **Privacy Policy URL**: Add your privacy policy URL if required
+   - **Terms of Service URL**: Add your terms of service URL if required
+
+### Setting up OAuth2 configuration
+
+Now you'll configure the OAuth2 settings that Palmr will use to authenticate users.
+
+1. **Navigate to OAuth2**: In the left sidebar, click **"OAuth2"**
+
+<ZoomableImage src="/assets/v3/oidc/discord/oauth2-general.png" alt="Discord OAuth2 General Settings" />
+
+2. **Configure OAuth2 settings**:
+   - **Client Secret**: Click **"Reset Secret"** to generate a new client secret
+   - **Copy credentials**: Save both **Client ID** and **Client Secret** for later use
+
+3. **Add redirect URIs**: In the **"Redirects"** section, add your Palmr callback URLs:
+
+You'll need to configure several URLs in your Discord application settings. Here's what to add for each environment:
+
+### Redirect URIs
+
+| Environment | URL                                                               |
+| ----------- | ----------------------------------------------------------------- |
+| Production  | `https://yourdomain.com/api/auth/providers/discord/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/discord/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/discord/callback` |
+
+> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
+
+4. **Select required scopes**:
+   - **`identify`** - Access to user's basic account information (required)
+   - **`email`** - Access to user's email address (required for Palmr)
+
+5. **Save changes**: Click **"Save Changes"** to apply your configuration
+
+<ZoomableImage
+  src="/assets/v3/oidc/discord/required-scopes.png"
+  alt="Discord Required Scopes"
+  legend="This is a fake application, you have to use your own."
+/>
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure Discord authentication in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling Discord provider
+
+Discord comes pre-configured as an official provider, so the setup process is streamlined.
+
+1. **Locate Discord provider**: Find Discord in the list of available providers
+
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/discord/palmr-enabled-discord.png" alt="Palmr Discord Provider Enabled" />
+
+After enabling the provider, click on the pen icon to configure the provider.
+
+3. **Configure credentials**:
+   - **Client ID**: Paste the Client ID from Discord Developer Portal
+   - **Client Secret**: Paste the Client Secret from Discord Developer Portal
+   - **Scopes**: Add the scopes you want to use. The default scopes are `identify` and `email`.
+
+<ZoomableImage
+  src="/assets/v3/oidc/discord/edit-discord.png"
+  alt="Edit Discord Provider"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Admin Email Domains**: Specify domains that should automatically receive admin privileges. This is less common with Discord since users often use personal emails.
+
+**Sort Order**: Control where the Discord login button appears relative to other authentication providers.
+
+**Icon**: you can choose the icon you want to use for the Discord login button (default is `FaDiscord`).
+
+<ZoomableImage src="/assets/v3/oidc/discord/discord-icon.png" alt="Discord Icon" />
+
+> **Community tip:** Discord authentication works great for gaming communities and development teams. Consider enabling auto-registration for trusted Discord communities.
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their Discord email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their Discord account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+Discord's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 (No OIDC Discovery)
+Issuer URL: https://discord.com
+Authorization Endpoint: /oauth2/authorize
+Token Endpoint: /api/oauth2/token
+UserInfo Endpoint: /api/users/@me
+Scopes: identify email
+```
+
+### Field mappings
+
+Palmr automatically maps Discord user information to local user accounts:
+
+- **User ID**: Maps from Discord's `id` field
+- **Email**: Maps from Discord's `email` field
+- **Display Name**: Maps from Discord's `global_name` or falls back to `username`
+- **Username**: Maps from Discord's `username` field
+- **Avatar**: Maps from Discord's `avatar` field (processed as Discord CDN URL)
+
+### Discord-specific features
+
+- **Global Names**: Supports Discord's new global name system while maintaining compatibility with legacy usernames
+- **Avatar Processing**: Automatically constructs Discord CDN URLs for user avatars
+- **No Discovery**: Uses manually configured endpoints for better reliability
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring Discord authentication, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Discord" button appears
+
+2. **Test authentication flow**: Click the Discord sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. **User clicks "Sign in with Discord"**: The browser redirects to Discord's authorization page
+2. **User authorizes application**: User grants permissions for `identify` and `email` scopes
+3. **Discord redirects back to Palmr**: User returns to Palmr with authentication tokens
+4. **Palmr creates or updates user**: User account is automatically managed with Discord information
+5. **User accesses Palmr**: User is logged in with their Discord identity
+
+---
+
+## Troubleshooting common issues
+
+### Invalid redirect URI error
+
+**Error message**: `invalid_redirect_uri`
+
+**Cause**: The redirect URI in your request doesn't match what's configured in Discord Developer Portal.
+
+**Solution**:
+
+1. Check the exact URL in the error message
+2. Add this exact URL to your Discord application's redirect URIs
+3. Ensure you include the correct protocol (http/https) and port
+4. Remove any trailing slashes unless they're in the callback URL
+
+### Access denied error
+
+**Error message**: `access_denied`
+
+**Cause**: User denied permissions or the application doesn't have required scopes.
+
+**Solution**:
+
+1. Verify that your Discord application requests `identify` and `email` scopes
+2. Check that users are granting permissions during the authorization flow
+3. Ensure your application is not restricted or disabled in Discord Developer Portal
+4. Verify the application has proper permissions set up
+
+### Invalid client error
+
+**Error message**: `invalid_client`
+
+**Cause**: Incorrect Client ID or Client Secret.
+
+**Solution**:
+
+1. Double-check that you've copied the credentials correctly from Discord Developer Portal
+2. Ensure there are no extra spaces or characters in the credentials
+3. Generate a new Client Secret if necessary
+4. Verify you're using the correct application in Discord Developer Portal
+
+### Missing email scope error
+
+**Error message**: Email not provided or scope missing
+
+**Cause**: Discord application not configured with email scope or user's email is not verified.
+
+**Solution**:
+
+1. Verify that your Discord application requests the `email` scope
+2. Check that users have verified their email addresses on Discord
+3. Ensure the scope configuration matches what Palmr expects
+4. Test with a Discord account that has a verified email
+
+### User information not displaying correctly
+
+**Cause**: Discord username/global name mapping issues.
+
+**Solution**:
+
+1. Check that the user has set a global name in Discord (new feature)
+2. Verify field mappings are working correctly in Palmr logs
+3. Test with different Discord accounts (some may have legacy usernames)
+4. Update user information manually through Palmr admin interface if needed
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
+- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
+- **Use environment variables**: Store sensitive configuration in environment variables, not config files
+- **Monitor access logs**: Regularly review authentication logs for suspicious activity
+
+### Scope and permission management
+
+- **Minimal scopes**: Only request `identify` and `email` scopes as required by Palmr
+- **User consent**: Ensure users understand what permissions they're granting
+- **Regular audits**: Review which users have connected their Discord accounts
+- **Access reviews**: Periodically check user access and remove inactive accounts
+
+### Production considerations
+
+- **Use HTTPS**: Always use HTTPS in production environments
+- **Configure proper domains**: Use production domains in Discord redirect URIs
+- **Test thoroughly**: Verify the complete authentication flow before going live
+- **Plan for failures**: Have fallback authentication methods available
+
+---
+
+## Next steps
+
+With Discord authentication configured, you might want to:
+
+- **Configure additional providers**: Set up other OIDC providers for more authentication options
+- **Customize user management**: Fine-tune auto-registration and admin assignment rules
+- **Review security settings**: Ensure your authentication setup meets your security requirements
+- **Monitor usage**: Keep track of authentication patterns and user activity
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
+
+## Useful resources
+
+- [Discord Developer Documentation](https://discord.com/developers/docs)
+- [Discord OAuth2 Guide](https://discord.com/developers/docs/topics/oauth2)
+- [Discord Applications](https://discord.com/developers/applications)
+- [Discord API Reference](https://discord.com/developers/docs/reference)

apps/docs/content/docs/3.2-beta/oidc-authentication/frontegg.mdx

@@ -0,0 +1,324 @@
+---
+title: Frontegg
+icon: Egg
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Frontegg is one of Palmr's officially supported OIDC providers, offering enterprise-grade authentication through Frontegg's identity platform. This integration allows users to sign in to Palmr using Frontegg's comprehensive authentication system, making it perfect for enterprise organizations, applications requiring advanced security features, and teams that need centralized identity management with modern developer experience.
+
+<ZoomableImage src="/assets/v3/oidc/frontegg/sign-in-with-frontegg.png" alt="Sign in with Frontegg" />
+
+## Why use Frontegg authentication?
+
+Frontegg authentication provides several advantages for enterprise and developer-focused organizations:
+
+- **Modern developer experience** - Clean APIs, comprehensive SDKs, and developer-friendly tools
+- **Enterprise-grade security** - Advanced security features like MFA, adaptive authentication, and threat detection
+- **Centralized identity management** - Single platform to manage users across multiple applications
+- **Compliance ready** - Built-in compliance with GDPR, SOC 2, and other enterprise standards
+- **Advanced customization** - Themes, flows, and custom branding capabilities
+
+---
+
+## Prerequisites
+
+Before configuring Frontegg authentication, ensure you have:
+
+- **Frontegg account** - Ability to create applications and manage tenants
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+- **Domain configuration** - For production deployments with custom domains
+
+> **Note:** Frontegg is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up Frontegg Application
+
+### Creating a Frontegg application
+
+To get started with Frontegg authentication, you'll need to create an application in your Frontegg Admin Portal.
+
+1. **Navigate to Frontegg Admin Portal**: Go to [https://portal.frontegg.com/development/applications](https://portal.frontegg.com/development/applications) for example. (Development environment) for production environment you need to go to [https://portal.frontegg.com/production/applications](https://portal.frontegg.com/production/applications) - This can change depending on your environment.
+
+<ZoomableImage src="/assets/v3/oidc/frontegg/frontegg-admin.png" alt="Frontegg Admin Portal" />
+
+2. **Create new application**: Click **"Create new"**
+
+3. **Fill application details**:
+   - **Name**: Enter a descriptive name like "Palmr File Sharing"
+   - **Description**: Add a clear description of your Palmr instance
+   - **Type**: Choose **"Web"** for web-based Palmr instances
+   - **Frontend stack**: Choose **"React"** for web-based Palmr instances
+   - **App URL**: Add the URL of your Palmr instance, see table below for the example of the URL.
+
+   | Environment | URL                                                                |
+   | ----------- | ------------------------------------------------------------------ |
+   | Production  | `https://yourdomain.com/api/auth/providers/frontegg/callback`      |
+   | Development | `http://localhost:3000/api/auth/providers/frontegg/callback`       |
+   | Custom Port | `https://yourdomain.com:5487/api/auth/providers/frontegg/callback` |
+
+   > **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+
+<ZoomableImage
+  src="/assets/v3/oidc/frontegg/application-details.png"
+  alt="Frontegg Application Details"
+  legend="This is a fake application, you have to use your own."
+/>
+
+5. **Create application**: Click **"Create"** to generate your Frontegg application
+
+### Configuring application settings
+
+After creating your application, you'll need to get the settings that Palmr will use. You gonna be redirected to the application page, where you can see the application details.
+
+<ZoomableImage
+  src="/assets/v3/oidc/frontegg/application-page.png"
+  alt="Frontegg Application Page"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Getting OAuth credentials
+
+Now you'll get the credentials that Palmr will use to authenticate with Frontegg.
+
+1. **Copy Domain**: Note your Frontegg domain (e.g., `your-tenant.frontegg.com`) - You can find it in the application page at field **"Login URL"**. But copy just the domain, without the path.
+
+2. **Copy Client ID**: You can find it in the application page at field **"ID"** in the application page.
+
+3. **Copy Client Secret**: You can find it in the application page at field **"API key"** in the application page.
+
+In Frontegg we finished the configuration, but we need to configure Palmr to use it.
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure Frontegg authentication in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling Frontegg provider
+
+Frontegg comes pre-configured as an official provider, so the setup process is streamlined.
+
+1. **Locate Frontegg provider**: Find Frontegg in the list of available providers
+
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/frontegg/enabled-frontegg.png" alt="Palmr Frontegg Provider Enabled" />
+
+After enabling the provider, click on the pen icon to configure the provider.
+
+3. **Configure credentials**:
+   - **Provider URL**: Paste your Frontegg domain (e.g., `https://your-tenant.frontegg.com`) - It's the same **"Login URL"** you copied in the previous step.
+   - **Client ID**: Paste the Client ID from Frontegg application - It's the same **"ID"** you copied in the previous step.
+   - **Client Secret**: Paste the Client Secret from Frontegg application - It's the same **"API key"** you copied in the previous step.
+   - **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`. You don't need to change this, but you can if you want.
+
+<ZoomableImage
+  src="/assets/v3/oidc/frontegg/edit-frontegg.png"
+  alt="Edit Frontegg Provider"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Sort Order**: Control where the Frontegg login button appears relative to other authentication providers.
+
+**Icon**: you can choose the icon you want to use for the Frontegg login button (default is `TbEggs`).
+
+<ZoomableImage src="/assets/v3/oidc/frontegg/frontegg-icon.png" alt="Frontegg Icon" />
+
+> **Developer tip:** Frontegg authentication works great for organizations requiring modern developer experience and enterprise-grade security features.
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their Frontegg email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their Frontegg account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+Frontegg's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 with OIDC Discovery
+Issuer URL: https://your-tenant.frontegg.com
+Authorization Endpoint: /oauth/authorize
+Token Endpoint: /oauth/token
+UserInfo Endpoint: /oauth/userinfo
+Scopes: openid profile email
+```
+
+### Field mappings
+
+Palmr automatically maps Frontegg user information to local user accounts:
+
+- **User ID**: Maps from Frontegg's `sub` field
+- **Email**: Maps from Frontegg's `email` field
+- **Full Name**: Maps from Frontegg's `name` field
+- **First Name**: Maps from Frontegg's `given_name` field
+- **Last Name**: Maps from Frontegg's `family_name` field
+- **Avatar**: Maps from Frontegg's `picture` field
+- **Username**: Maps from Frontegg's `preferred_username` field
+
+### Frontegg-specific features
+
+- **Custom Claims**: Can include custom user metadata and app metadata
+- **Themes Support**: Can customize authentication UI with custom themes
+- **Multi-factor Authentication**: Supports Frontegg's MFA features
+- **Enterprise SSO**: Integrates with SAML, LDAP, and other enterprise systems
+- **Modern APIs**: Clean REST APIs and comprehensive SDKs
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring Frontegg authentication, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Frontegg" button appears
+
+2. **Test authentication flow**: Click the Frontegg sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. **User clicks "Sign in with Frontegg"**: The browser redirects to Frontegg's authorization page
+2. **User authenticates**: User completes authentication through Frontegg (login, MFA, etc.)
+3. **Frontegg redirects back to Palmr**: User returns to Palmr with authentication tokens
+4. **Palmr creates or updates user**: User account is automatically managed with Frontegg information
+5. **User accesses Palmr**: User is logged in with their Frontegg identity
+
+---
+
+## Troubleshooting common issues
+
+### Redirect URI mismatch error
+
+**Error message**: `invalid_redirect_uri`
+
+**Cause**: The redirect URI in your request doesn't match what's configured in Frontegg application.
+
+**Solution**:
+
+1. Check the exact URL in the error message
+2. Add this exact URL to your Frontegg application's redirect URIs
+3. Ensure you include the correct protocol (http/https) and port
+4. Remove any trailing slashes unless they're in the callback URL
+
+### Access denied error
+
+**Error message**: `access_denied`
+
+**Cause**: User denied permissions or the application isn't properly configured.
+
+**Solution**:
+
+1. Verify that your Frontegg application requests the correct scopes
+2. Check that users are granting permissions during the authorization flow
+3. Ensure your application is not restricted or disabled
+4. Verify the application has proper permissions set up
+
+### Invalid client error
+
+**Error message**: `invalid_client`
+
+**Cause**: Incorrect Client ID, Client Secret, or Domain.
+
+**Solution**:
+
+1. Double-check that you've copied the credentials correctly from Frontegg
+2. Ensure there are no extra spaces or characters in the credentials
+3. Verify you're using the correct domain format (e.g., `your-tenant.frontegg.com`)
+4. Generate a new Client Secret if necessary
+
+### Domain configuration issues
+
+**Error message**: Domain not found or invalid
+
+**Cause**: Incorrect Frontegg domain or tenant configuration.
+
+**Solution**:
+
+1. Verify your Frontegg domain is correct (e.g., `your-tenant.frontegg.com`)
+2. Check that your Frontegg tenant is active and not suspended
+3. Ensure you're using the correct region for your tenant
+4. Verify DNS resolution for your Frontegg domain
+
+### Custom claims not available
+
+**Cause**: Custom claims not properly configured in Frontegg.
+
+**Solution**:
+
+1. Check Frontegg custom claims configuration
+2. Verify that custom claims are included in the ID token
+3. Ensure the claims are properly formatted and accessible
+4. Test with a user that has the expected custom claims
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
+- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
+- **Use environment variables**: Store sensitive configuration in environment variables, not config files
+- **Monitor access logs**: Regularly review authentication logs for suspicious activity
+
+### Scope and permission management
+
+- **Minimal scopes**: Only request `openid`, `profile`, and `email` scopes as required by Palmr
+- **User consent**: Ensure users understand what permissions they're granting
+- **Regular audits**: Review which users have connected their Frontegg accounts
+- **Access reviews**: Periodically check user access and remove inactive accounts
+
+### Production considerations
+
+- **Use HTTPS**: Always use HTTPS in production environments
+- **Configure proper domains**: Use production domains in Frontegg application settings
+- **Test thoroughly**: Verify the complete authentication flow before going live
+- **Plan for failures**: Have fallback authentication methods available
+
+---
+
+## Next steps
+
+With Frontegg authentication configured, you might want to:
+
+- **Configure additional providers**: Set up other OIDC providers for more authentication options
+- **Customize user management**: Fine-tune auto-registration and admin assignment rules
+- **Review security settings**: Ensure your authentication setup meets your security requirements
+- **Monitor usage**: Keep track of authentication patterns and user activity
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
+
+## Useful resources
+
+- [Frontegg Documentation](https://docs.frontegg.com)
+- [Frontegg OAuth 2.0 Guide](https://docs.frontegg.com/oauth2)
+- [Frontegg OpenID Connect](https://docs.frontegg.com/openid-connect)
+- [Frontegg Admin Portal](https://admin.frontegg.com)

apps/docs/content/docs/3.2-beta/oidc-authentication/github.mdx

@@ -0,0 +1,305 @@
+---
+title: GitHub
+icon: Github
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+GitHub is one of Palmr's officially supported OIDC providers, offering secure authentication through GitHub OAuth 2.0. This integration allows users to sign in to Palmr using their existing GitHub accounts, making it perfect for developer teams, open-source projects, and organizations already using GitHub for version control and collaboration.
+
+<ZoomableImage src="/assets/v3/oidc/github/sign-in-with-github.png" alt="Sign in with GitHub" />
+
+## Why use GitHub authentication?
+
+GitHub authentication provides several advantages for developer-focused organizations and teams:
+
+- **Developer-friendly** - Perfect for teams already using GitHub for development
+- **Open-source integration** - Ideal for open-source projects and communities
+- **Rich developer profiles** - Access to GitHub usernames, avatars, and organization memberships
+- **Repository access** - Can leverage GitHub's permission system for additional features
+- **No additional accounts** - Developers can access Palmr with their existing GitHub credentials
+
+---
+
+## Prerequisites
+
+Before configuring GitHub authentication, ensure you have:
+
+- **GitHub account** - Ability to create OAuth Apps on GitHub
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+
+> **Note:** GitHub is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up GitHub OAuth App
+
+### Creating a GitHub OAuth App
+
+To get started with GitHub authentication, you'll need to create an OAuth App in your GitHub Developer Settings.
+
+1. **Navigate to GitHub Developer Settings**: Go to [github.com/settings/developers](https://github.com/settings/developers)
+
+2. **Create new OAuth App**: Click **"New OAuth App"** button
+
+<ZoomableImage src="/assets/v3/oidc/github/developer-settings.png" alt="GitHub Developer Settings" />
+
+3. **Enter application details**:
+   - **Application name**: Enter a descriptive name like "Palmr File Sharing"
+   - **Homepage URL**: Enter your Palmr instance URL (e.g., `https://yourdomain.com`)
+   - **Application description**: Add a clear description of your Palmr instance
+   - **Authorization callback URL**: Enter your callback URL (see below)
+
+<ZoomableImage
+  src="/assets/v3/oidc/github/oauth-app-details.png"
+  alt="GitHub OAuth App Details"
+  legend="This is a fake application, you have to use your own."
+/>
+
+**Set up callback URLs**: In the **"Authorization callback URL"** field, add your Palmr callback URL:
+
+You'll need to configure several URLs in your GitHub OAuth App settings. Here's what to add for each environment:
+
+### Authorization Callback URLs
+
+| Environment | URL                                                              |
+| ----------- | ---------------------------------------------------------------- |
+| Production  | `https://yourdomain.com/api/auth/providers/github/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/github/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/github/callback` |
+
+> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+> **Note:** You can add multiple callback URLs for different environments (development, staging, production).
+
+4. **Create application**: Click **"Register application"** to generate your OAuth App
+
+### Getting OAuth credentials
+
+Now you'll get the credentials that Palmr will use to authenticate with GitHub.
+
+1. **Copy Client ID**: The Client ID is displayed on your OAuth App page
+
+2. **Generate Client Secret**: Click **"Generate a new client secret"** to create a new secret
+
+<ZoomableImage
+  src="/assets/v3/oidc/github/oauth-credentials.png"
+  alt="GitHub OAuth Credentials"
+  legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from GitHub."
+/>
+
+3. **Save credentials**: Copy both the **Client ID** and **Client Secret** for later use
+
+> **Important:** Replace `yourdomain.com` with your actual domain. You can add multiple callback URLs for different environments (development, staging, production) by creating separate OAuth Apps.
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure GitHub authentication in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling GitHub provider
+
+GitHub comes pre-configured as an official provider, so the setup process is streamlined.
+
+1. **Locate GitHub provider**: Find GitHub in the list of available providers
+
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/github/enabled-github.png" alt="Palmr GitHub Provider Enabled" />
+
+After enabling the provider, click on the pen icon to configure the provider.
+
+3. **Configure credentials**:
+   - **Client ID**: Paste the Client ID from GitHub OAuth App
+   - **Client Secret**: Paste the Client Secret from GitHub OAuth App
+   - **Scopes**: Add the scopes you want to use. The default scopes are `user:email`.
+
+<ZoomableImage
+  src="/assets/v3/oidc/github/edit-github.png"
+  alt="Edit GitHub Provider"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Admin Email Domains**: Specify domains that should automatically receive admin privileges. For example, entering `yourcompany.com` will grant admin access to anyone with an email from that domain.
+
+**Sort Order**: Control where the GitHub login button appears relative to other authentication providers.
+
+**Icon**: you can choose the icon you want to use for the GitHub login button (default is `SiGithub`).
+
+<ZoomableImage src="/assets/v3/oidc/github/github-icon.png" alt="GitHub Icon" />
+
+> **Developer tip:** GitHub authentication works great for development teams and open-source projects.
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their GitHub email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their GitHub account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+GitHub's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 with OIDC Discovery
+Issuer URL: https://github.com
+Authorization Endpoint: /login/oauth/authorize
+Token Endpoint: /login/oauth/access_token
+UserInfo Endpoint: https://api.github.com/user
+Scopes: user:email
+```
+
+### Field mappings
+
+Palmr automatically maps GitHub user information to local user accounts:
+
+- **User ID**: Maps from GitHub's `id` field
+- **Email**: Maps from GitHub's `email` field (from user:email scope)
+- **Full Name**: Maps from GitHub's `name` field
+- **Username**: Maps from GitHub's `login` field
+- **Avatar**: Maps from GitHub's `avatar_url` field
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring GitHub authentication, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with GitHub" button appears
+
+2. **Test authentication flow**: Click the GitHub sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. **User clicks "Sign in with GitHub"**: The browser redirects to GitHub's authorization page
+2. **User authorizes application**: User grants permissions for the requested scopes
+3. **GitHub redirects back to Palmr**: User returns to Palmr with authentication tokens
+4. **Palmr creates or updates user**: User account is automatically managed with GitHub information
+5. **User accesses Palmr**: User is logged in with their GitHub identity
+
+---
+
+## Troubleshooting common issues
+
+### Redirect URI mismatch error
+
+**Error message**: `The redirect_uri MUST match the registered callback URL for this application`
+
+**Cause**: The redirect URI in your request doesn't match what's configured in GitHub OAuth App.
+
+**Solution**:
+
+1. Check the exact URL in the error message
+2. Add this exact URL to your GitHub OAuth App's callback URL
+3. Ensure you include the correct protocol (http/https) and port
+4. Remove any trailing slashes unless they're in the callback URL
+
+### Access denied error
+
+**Error message**: `access_denied`
+
+**Cause**: User denied permissions or the OAuth App isn't properly configured.
+
+**Solution**:
+
+1. Verify that your GitHub OAuth App requests the correct scopes
+2. Check that users are granting permissions during the authorization flow
+3. Ensure your OAuth App is not restricted or disabled
+4. Verify the application has proper permissions set up
+
+### Invalid client error
+
+**Error message**: `invalid_client`
+
+**Cause**: Incorrect Client ID or Client Secret.
+
+**Solution**:
+
+1. Double-check that you've copied the credentials correctly from GitHub
+2. Ensure there are no extra spaces or characters in the credentials
+3. Generate a new Client Secret if necessary
+4. Verify you're using the correct OAuth App in GitHub
+
+### Email not available error
+
+**Error message**: Email not provided or scope missing
+
+**Cause**: GitHub OAuth App not configured with `user:email` scope or user's email is private.
+
+**Solution**:
+
+1. Verify that your GitHub OAuth App requests the `user:email` scope
+2. Check that users have public email addresses or have granted email access
+3. Ensure the scope configuration matches what Palmr expects
+4. Test with a GitHub account that has a public email address
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
+- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
+- **Use environment variables**: Store sensitive configuration in environment variables, not config files
+- **Monitor access logs**: Regularly review authentication logs for suspicious activity
+
+### Scope and permission management
+
+- **Minimal scopes**: Only request `user:email` scopes as required by Palmr
+- **User consent**: Ensure users understand what permissions they're granting
+- **Regular audits**: Review which users have connected their GitHub accounts
+- **Access reviews**: Periodically check user access and remove inactive accounts
+
+### Production considerations
+
+- **Use HTTPS**: Always use HTTPS in production environments
+- **Configure proper domains**: Use production domains in GitHub OAuth App
+- **Test thoroughly**: Verify the complete authentication flow before going live
+- **Plan for failures**: Have fallback authentication methods available
+
+---
+
+## Next steps
+
+With GitHub authentication configured, you might want to:
+
+- **Configure additional providers**: Set up other OIDC providers for more authentication options
+- **Customize user management**: Fine-tune auto-registration and admin assignment rules
+- **Review security settings**: Ensure your authentication setup meets your security requirements
+- **Monitor usage**: Keep track of authentication patterns and user activity
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
+
+## Useful resources
+
+- [GitHub OAuth Apps Documentation](https://docs.github.com/en/apps/oauth-apps)
+- [GitHub OAuth Scopes](https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps)
+- [GitHub Developer Settings](https://github.com/settings/developers)
+- [GitHub API Documentation](https://docs.github.com/en/rest)

apps/docs/content/docs/3.2-beta/oidc-authentication/google.mdx

@@ -0,0 +1,335 @@
+---
+title: Google
+icon: Chrome
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Google is one of Palmr's officially supported OIDC providers, offering secure and reliable authentication through Google OAuth 2.0. This integration allows users to sign in to Palmr using their existing Google accounts, providing a seamless single sign-on experience.
+
+<ZoomableImage src="/assets/v3/oidc/google/sign-in-with-google.png" alt="Sign in with Google" />
+
+## Why use Google authentication?
+
+Google authentication provides several advantages for both administrators and users:
+
+- **Seamless login experience** - Users can access Palmr with their existing Google accounts
+- **Enhanced security** - Leverage Google's robust security infrastructure and two-factor authentication
+- **Reduced password fatigue** - No need to create and remember additional passwords
+- **Enterprise integration** - Perfect for organizations already using Google Workspace
+- **Automatic user provisioning** - New users are created automatically upon first login
+
+---
+
+## Prerequisites
+
+Before configuring Google authentication, ensure you have:
+
+- **Google Cloud Console access** - Ability to create and manage projects
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+- **Domain ownership** - For production deployments with custom domains
+
+> **Note:** Google is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up Google Cloud Console
+
+### Creating a Google Cloud project
+
+To get started with Google authentication, you'll need to set up a project in Google Cloud Console.
+
+1. **Navigate to Google Cloud Console**: Go to [console.cloud.google.com](https://console.cloud.google.com/)
+
+<ZoomableImage src="/assets/v3/oidc/google/cloud-console-home.png" alt="Google Cloud Console Home" />
+
+2. **Create or select a project**: Choose an existing project or create a new one for your Palmr installation
+
+<ZoomableImage src="/assets/v3/oidc/google/select-project-modal.png" alt="Google Cloud Console Select Project Modal" />
+
+3. **Enable the project**: Ensure the project is active and selected
+
+### Configuring OAuth consent screen
+
+The OAuth consent screen is what users see when they authenticate with Google.
+
+1. **Access OAuth consent screen**: Navigate to **APIs & Services** > **OAuth consent screen**
+
+<ZoomableImage
+  src="/assets/v3/oidc/google/oauth-consent-dropdown.png"
+  alt="Google Cloud Console OAuth Consent Dropdown"
+/>
+
+2. **Choose user type**:
+   - **Internal** - For Google Workspace organizations (users within your domain only)
+   - **External** - For public use (any Google user can authenticate)
+
+<ZoomableImage src="/assets/v3/oidc/google/user-type-select.png" alt="Google Cloud Console User Type Select" />
+
+3. **Fill required information**:
+   - **Application name**: Enter a descriptive name like "Palmr File Sharing"
+   - **User support email**: Provide a valid support email address
+   - **Developer contact information**: Add your contact email for Google communications
+
+> **Tip:** For business use, choose "Internal" if you have Google Workspace. This restricts access to your organization's users and simplifies the approval process.
+
+### Creating OAuth 2.0 credentials
+
+Now you'll create the actual credentials that Palmr will use to authenticate with Google.
+
+1. **Navigate to Credentials**: Go to **APIs & Services** > **Credentials**
+
+<ZoomableImage src="/assets/v3/oidc/google/credentials-select.png" alt="Google Cloud Console Credentials select" />
+
+2. **Create OAuth client**: Click **+ CREATE CREDENTIALS** > **OAuth client ID**
+
+<ZoomableImage
+  src="/assets/v3/oidc/google/create-oauth-client-id.png"
+  alt="Google Cloud Console Create OAuth Client ID"
+/>
+
+3. **Select application type**: Choose **Web application**
+
+<ZoomableImage src="/assets/v3/oidc/google/web-app-select.png" alt="Google Cloud Console Web App Select" />
+
+4. **Configure authorized URIs and authorized redirect URIs**:
+
+You'll need to configure several URLs in your Google Cloud Console credentials. Here's what to add for each environment:
+
+### Authorized URIs
+
+| Environment | URL                           |
+| ----------- | ----------------------------- |
+| Production  | `https://yourdomain.com`      |
+| Development | `http://localhost:3000`       |
+| Custom Port | `https://yourdomain.com:5487` |
+
+### Authorized Redirect URIs
+
+| Environment | URL                                                              |
+| ----------- | ---------------------------------------------------------------- |
+| Production  | `https://yourdomain.com/api/auth/providers/google/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/google/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/google/callback` |
+
+> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
+
+<ZoomableImage src="/assets/v3/oidc/google/allowed-urls.png" alt="Google Cloud Console Allowed URLs" />
+
+5. **Create and save credentials**: Click **Create** and copy both the **Client ID** and **Client Secret**
+
+<ZoomableImage
+  src="/assets/v3/oidc/google/oauth-client-created.png"
+  alt="Google Cloud Console Client ID and Client Secret"
+  legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from Google Cloud Console."
+/>
+
+> **Important:** Replace `yourdomain.com` with your actual domain. You can add multiple URIs for different environments (development, staging, production).
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure Google authentication in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling Google provider
+
+Google comes pre-configured as an official provider, so the setup process is streamlined.
+
+1. **Locate Google provider**: Find Google in the list of available providers
+
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/google/palmr-enabled-google.png" alt="Palmr Authentication Providers" />
+
+After enabling the provider, click on the pen icon to configure the provider.
+
+3. **Configure credentials**:
+   - **Client ID**: Paste the Client ID from Google Cloud Console
+   - **Client Secret**: Paste the Client Secret from Google Cloud Console
+   - **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`.
+
+<ZoomableImage src="/assets/v3/oidc/google/edit-google.png" alt="Edit Google Provider" />
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Admin Email Domains**: Specify domains that should automatically receive admin privileges. For example, entering `yourcompany.com` will grant admin access to anyone with an email from that domain.
+
+**Sort Order**: Control where the Google login button appears relative to other authentication providers.
+
+**Icon**: you can choose the icon you want to use for the Google login button (default is `FcGoogle`).
+
+<ZoomableImage src="/assets/v3/oidc/google/google-icon.png" alt="Google Icon" />
+
+> **Security consideration:** Be cautious with auto-registration and admin domains. Only enable these if you trust the user base or have domain restrictions in place.
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their Google email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their Google account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+Google's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 with OIDC Discovery
+Issuer URL: https://accounts.google.com
+Authorization Endpoint: /o/oauth2/v2/auth
+Token Endpoint: /o/oauth2/token
+UserInfo Endpoint: https://www.googleapis.com/oauth2/v3/userinfo
+Scopes: openid profile email
+```
+
+### Field mappings
+
+Palmr automatically maps Google user information to local user accounts:
+
+- **User ID**: Maps from Google's `sub` field
+- **Email**: Maps from Google's `email` field
+- **Full Name**: Maps from Google's `name` field
+- **First Name**: Maps from Google's `given_name` field
+- **Last Name**: Maps from Google's `family_name` field
+- **Avatar**: Maps from Google's `picture` field
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring Google authentication, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Google" button appears
+
+2. **Test authentication flow**: Click the Google sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. **User clicks "Sign in with Google"**: The browser redirects to Google's authentication page
+2. **User authenticates with Google**: User enters their Google credentials or confirms existing session
+3. **Google redirects back to Palmr**: User returns to Palmr with authentication tokens
+4. **Palmr creates or updates user**: User account is automatically managed based on your configuration
+5. **User accesses Palmr**: User is logged in and can use all features according to their permissions
+
+---
+
+## Troubleshooting common issues
+
+### Redirect URI mismatch error
+
+**Error message**: `Error 400: redirect_uri_mismatch`
+
+**Cause**: The redirect URI in your request doesn't match what's configured in Google Cloud Console.
+
+**Solution**:
+
+1. Check the exact URL in the error message
+2. Add this exact URL to your Google Cloud Console credentials
+3. Ensure you include the correct protocol (http/https) and port
+4. Remove any trailing slashes unless they're in the error message
+
+### Access denied error
+
+**Error message**: `Error 403: access_denied`
+
+**Cause**: User denied permissions or the OAuth consent screen isn't properly configured.
+
+**Solution**:
+
+1. Verify the OAuth consent screen is published (for External user type)
+2. Check that required scopes are correctly configured
+3. For Internal applications, ensure the user belongs to your Google Workspace organization
+4. Review and simplify the permissions you're requesting
+
+### Invalid client error
+
+**Error message**: `Error 401: invalid_client`
+
+**Cause**: Incorrect Client ID or Client Secret.
+
+**Solution**:
+
+1. Double-check that you've copied the credentials correctly from Google Cloud Console
+2. Ensure there are no extra spaces or characters in the credentials
+3. Regenerate credentials if necessary
+4. Verify you're using the correct project in Google Cloud Console
+
+### Discovery endpoint issues
+
+**Cause**: Network connectivity problems or DNS resolution issues.
+
+**Solution**:
+
+1. Check server firewall and network connectivity
+2. Verify DNS resolution from your server
+3. Consider proxy or CDN configurations that might block the request
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
+- **Rotate credentials regularly**: Generate new credentials periodically for enhanced security
+- **Use environment variables**: Store sensitive configuration in environment variables, not config files
+- **Monitor access logs**: Regularly review authentication logs for suspicious activity
+
+### Domain and user restrictions
+
+- **Limit admin domains**: Only add trusted domains to the admin list
+- **Review auto-registration**: Consider disabling auto-registration if you need manual user approval
+- **Use Internal OAuth**: For organizations with Google Workspace, use Internal OAuth consent screen
+- **Regular access reviews**: Periodically review user access and remove inactive accounts
+
+### Production considerations
+
+- **Use HTTPS**: Always use HTTPS in production environments
+- **Configure proper domains**: Use production domains in Google Cloud Console
+- **Test thoroughly**: Verify the complete authentication flow before going live
+- **Plan for failures**: Have fallback authentication methods available
+
+---
+
+## Next steps
+
+With Google authentication configured, you might want to:
+
+- **Configure additional providers**: Set up other OIDC providers for more authentication options
+- **Customize user management**: Fine-tune auto-registration and admin assignment rules
+- **Review security settings**: Ensure your authentication setup meets your security requirements
+- **Monitor usage**: Keep track of authentication patterns and user activity
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
+
+## Useful resources
+
+- [Google Identity Platform Documentation](https://developers.google.com/identity)
+- [OAuth 2.0 for Web Server Applications](https://developers.google.com/identity/protocols/oauth2/web-server)
+- [OpenID Connect](https://developers.google.com/identity/protocols/oauth2/openid-connect)
+- [Google Cloud Console](https://console.cloud.google.com/apis/credentials)

apps/docs/content/docs/3.2-beta/oidc-authentication/index.mdx

@@ -0,0 +1,86 @@
+---
+title: Introduction
+icon: IdCard
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Palmr supports OpenID Connect (OIDC) authentication, allowing users to sign in using external identity providers such as Google, Zitadel, Auth0, and other OIDC-compliant services. This feature provides seamless single sign-on (SSO) capabilities and centralized user management.
+
+OIDC authentication in Palmr is built using the industry-standard OpenID Connect protocol. The implementation supports automatic user provisioning, and flexible configuration options.
+
+## Why use OIDC authentication?
+
+OIDC authentication provides several advantages for organizations and users:
+
+**Centralized Authentication**: Users can authenticate using their existing organizational credentials without creating separate accounts for Palmr.
+
+**Enhanced Security**: OIDC provides robust security features including token-based authentication, PKCE flow, and standardized protocols.
+
+**Single Sign-On**: Users can access Palmr. seamlessly if they're already authenticated with their identity provider.
+
+**User Management**: Administrators can manage user access centrally through their existing identity provider.
+
+**Compliance**: OIDC helps meet organizational security and compliance requirements by leveraging existing identity infrastructure.
+
+---
+
+## Prerequisites
+
+Before configuring OIDC authentication, ensure you have:
+
+- **Administrative Access**: ADMIN privileges in Palmr. to configure OIDC settings
+- **Identity Provider**: An OIDC-compliant identity provider (Google, Zitadel, Auth0, etc.)
+- **Application Registration**: Your Palmr. application registered with your identity provider
+- **OIDC Credentials**: Client ID, Client Secret, and Issuer URL from your identity provider
+
+### Supported identity providers
+
+Palmr's OIDC implementation is compatible with any OpenID Connect compliant provider, including as official providers:
+
+- **[Google](/docs/3.2-beta/oidc-authentication/google)**
+- **[Discord](/docs/3.2-beta/oidc-authentication/discord)**
+- **[Github](/docs/3.2-beta/oidc-authentication/github)**
+- **[Zitadel](/docs/3.2-beta/oidc-authentication/zitadel)**
+- **[Auth0](/docs/3.2-beta/oidc-authentication/auth0)**
+- **[Authentik](/docs/3.2-beta/oidc-authentication/authentik)**
+- **[Frontegg](/docs/3.2-beta/oidc-authentication/frontegg)**
+- **[Kinde Auth](/docs/3.2-beta/oidc-authentication/kinde-auth)**
+
+Although these are the official providers (internally tested with 100% success), you can connect any OIDC provider by providing your credentials and connection URL. We've developed a practical way to integrate virtually all OIDC providers available in the market. In this documentation, you can consult how to configure each of the official providers, as well as include other providers not listed as official. Just below, you will find instructions on how to access the OIDC provider configuration. For specific details about configuring each provider, select the desired option in the sidebar, in the "OIDC Authentication" section.
+
+<ZoomableImage
+  src="/assets/v3/oidc/all-providers.png"
+  alt="All OIDC Providers"
+  legend="You can use how many providers you want, but we recommend using at least 2 providers to ensure the best user experience."
+/>
+
+---
+
+## Configuring OIDC settings
+
+OIDC configuration is managed through Palmr's administrative settings panel, accessible only to users with ADMIN privileges.
+
+### Accessing OIDC configuration
+
+To configure OIDC authentication:
+
+1. **Access Settings**: Click on your profile picture in the header and select **Settings**
+2. **Navigate to Authentication**: Find the **Authentication Providers** configuration section
+3. **Enable OIDC**: Toggle the OIDC authentication option to enable it
+
+> **Note:** Consult the documentation of each provider to configure it.
+
+<ZoomableImage
+  src="/assets/v3/oidc/auth-providers.png"
+  alt="OIDC Settings"
+  legend="Consult the documentation of each provider to configure it."
+/>
+
+---
+
+## Next steps
+
+Select one of the cards below to continue configuring your authentication provider.
+
+<OIDCProviderCards />

apps/docs/content/docs/3.2-beta/oidc-authentication/kinde-auth.mdx

@@ -0,0 +1,369 @@
+---
+title: Kinde Auth
+icon: Users
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Kinde Auth is one of Palmr's officially supported OIDC providers, offering modern authentication through Kinde's developer-friendly identity platform. This integration allows users to sign in to Palmr using Kinde's comprehensive authentication system, making it perfect for developers, startups, and organizations that need a modern, scalable authentication solution with excellent developer experience.
+
+<ZoomableImage src="/assets/v3/oidc/kinde/sign-in-with-kinde.png" alt="Sign in with Kinde" />
+
+## Why use Kinde Auth authentication?
+
+Kinde Auth authentication provides several advantages for modern applications and development teams:
+
+- **Developer-first experience** - Clean APIs, comprehensive SDKs, and excellent documentation
+- **Modern authentication** - Built with modern web standards and best practices
+- **Scalable infrastructure** - Enterprise-grade reliability with startup-friendly pricing
+- **Compliance ready** - Built-in compliance with GDPR, SOC 2, and other standards
+- **Advanced features** - Multi-factor authentication, social logins, and custom branding
+
+---
+
+## Prerequisites
+
+Before configuring Kinde Auth authentication, ensure you have:
+
+- **Kinde account** - Ability to create applications and manage tenants
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+- **Domain configuration** - For production deployments with custom domains
+
+> **Note:** Kinde Auth is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up Kinde Auth Application
+
+### Creating a Kinde application
+
+To get started with Kinde Auth authentication, you'll need to create an application in your Kinde Dashboard.
+
+1. **Navigate to Kinde Dashboard**: Go to [your-tenant.kinde.com/admin](https://your-tenant.kinde.com/admin)
+
+<ZoomableImage src="/assets/v3/oidc/kinde/kinde-dashboard.png" alt="Kinde Dashboard" />
+
+2. **Create new application**: Click **"Add application"** button in the center of the page.
+
+3. **Select application type**: Choose **"Back-end web"** for web-based Palmr instances
+
+4. **Enter application details**:
+   - **Name**: Enter a descriptive name like "Palmr File Sharing"
+
+<ZoomableImage src="/assets/v3/oidc/kinde/application-type.png" alt="Kinde Application Type Selection" />
+
+5. **Create application**: Click **"Save"** to generate your Kinde application
+
+### Configuring application settings
+
+After creating your application, you'll be redirected to the application page.
+
+<ZoomableImage src="/assets/v3/oidc/kinde/application-page.png" alt="Kinde Application Page" />
+
+Click on the **"Details"** tab on the sidebar to configure the application settings and get the OAuth credentials.
+
+<ZoomableImage
+  src="/assets/v3/oidc/kinde/application-details.png"
+  alt="Kinde Application Details"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Getting OAuth credentials
+
+Now you'll get the credentials that Palmr will use to authenticate with Kinde.
+
+1. **Copy Domain**: Note your Kinde domain (e.g., `your-tenant.kinde.com`)
+
+2. **Copy Client ID**: The Client ID is displayed in the **"Client ID"** field
+
+3. **Copy Client Secret**: The Client Secret is displayed in the **"Client secret"** field
+
+<ZoomableImage
+  src="/assets/v3/oidc/kinde/oauth-credentials.png"
+  alt="Kinde OAuth Credentials"
+  legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from Kinde."
+/>
+
+4. **Save credentials**: Copy the **Domain**, **Client ID**, and **Client Secret** for later use
+
+> **Note:** For now you only need this configuration, you can come back here later to configure the application as you want.
+
+###**Configure application URLs**:
+
+You'll need to configure several URLs in your Kinde application settings. Here's what to add for each environment:
+
+#### Allowed callback URLs
+
+| Environment | URL                                                             |
+| ----------- | --------------------------------------------------------------- |
+| Production  | `https://yourdomain.com/api/auth/providers/kinde/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/kinde/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/kinde/callback` |
+
+#### Application homepage URI
+
+| Environment | URL                           |
+| ----------- | ----------------------------- |
+| Production  | `https://yourdomain.com`      |
+| Development | `http://localhost:3000`       |
+| Custom Port | `https://yourdomain.com:5487` |
+
+#### Application login URI
+
+| Environment | URL                                 |
+| ----------- | ----------------------------------- |
+| Production  | `https://yourdomain.com/login`      |
+| Development | `http://localhost:3000/login`       |
+| Custom Port | `https://yourdomain.com:5487/login` |
+
+#### Allowed logout redirect URLs
+
+| Environment | URL                           |
+| ----------- | ----------------------------- |
+| Production  | `https://yourdomain.com`      |
+| Development | `http://localhost:3000`       |
+| Custom Port | `https://yourdomain.com:5487` |
+
+> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
+
+<ZoomableImage
+  src="/assets/v3/oidc/kinde/config-urls.png"
+  alt="Kinde Application URLs Configuration"
+  legend="This is a fake application, you have to use your own."
+/>
+
+2. **Save changes**: Click **"Save"** on the top right corner to apply your configuration
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure Kinde Auth authentication in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling Kinde Auth provider
+
+Kinde Auth comes pre-configured as an official provider, so the setup process is streamlined.
+
+1. **Locate Kinde Auth provider**: Find Kinde Auth in the list of available providers
+
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/kinde/enabled-kinde.png" alt="Palmr Kinde Auth Provider Enabled" />
+
+After enabling the provider, click on the pen icon to configure the provider.
+
+3. **Configure credentials**:
+   - **Provider URL**: Paste your Kinde domain (e.g., `https://your-tenant.kinde.com`)
+   - **Client ID**: Paste the Client ID from Kinde application
+   - **Client Secret**: Paste the Client Secret from Kinde application
+   - **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`. You don't need change this if you are not sure.
+
+<ZoomableImage
+  src="/assets/v3/oidc/kinde/edit-kinde.png"
+  alt="Edit Kinde Auth Provider"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Sort Order**: Control where the Kinde Auth login button appears relative to other authentication providers.
+
+**Icon**: you can choose the icon you want to use for the Kinde Auth login button (default is `FaKey`).
+
+<ZoomableImage src="/assets/v3/oidc/kinde/kinde-icon.png" alt="Kinde Auth Icon" />
+
+> **Developer tip:** Kinde Auth authentication works great for modern applications requiring excellent developer experience and scalable authentication infrastructure.
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their Kinde Auth email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their Kinde Auth account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+Kinde Auth's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 with OIDC Discovery
+Issuer URL: https://your-tenant.kinde.com
+Authorization Endpoint: /oauth2/auth
+Token Endpoint: /oauth2/token
+UserInfo Endpoint: /oauth2/user_profile
+Scopes: openid profile email
+```
+
+### Field mappings
+
+Palmr automatically maps Kinde Auth user information to local user accounts:
+
+- **User ID**: Maps from Kinde's `id` field
+- **Email**: Maps from Kinde's `preferred_email` field
+- **Full Name**: Maps from Kinde's `first_name` and `last_name` fields
+- **First Name**: Maps from Kinde's `first_name` field
+- **Last Name**: Maps from Kinde's `last_name` field
+- **Avatar**: Maps from Kinde's `picture` field
+- **Username**: Maps from Kinde's `preferred_username` field
+
+### Kinde Auth-specific features
+
+- **Custom Claims**: Can include custom user metadata and app metadata
+- **Social Logins**: Supports integration with various social providers
+- **Multi-factor Authentication**: Supports Kinde's MFA features
+- **Modern APIs**: Clean REST APIs and comprehensive SDKs
+- **Developer Tools**: Excellent documentation and developer experience
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring Kinde Auth authentication, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Kinde" button appears
+
+2. **Test authentication flow**: Click the Kinde Auth sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. **User clicks "Sign in with Kinde"**: The browser redirects to Kinde's authorization page
+2. **User authenticates**: User completes authentication through Kinde (login, MFA, etc.)
+3. **Kinde redirects back to Palmr**: User returns to Palmr with authentication tokens
+4. **Palmr creates or updates user**: User account is automatically managed with Kinde information
+5. **User accesses Palmr**: User is logged in with their Kinde identity
+
+---
+
+## Troubleshooting common issues
+
+### Redirect URI mismatch error
+
+**Error message**: `invalid_redirect_uri`
+
+**Cause**: The redirect URI in your request doesn't match what's configured in Kinde application.
+
+**Solution**:
+
+1. Check the exact URL in the error message
+2. Add this exact URL to your Kinde application's redirect URIs
+3. Ensure you include the correct protocol (http/https) and port
+4. Remove any trailing slashes unless they're in the callback URL
+
+### Access denied error
+
+**Error message**: `access_denied`
+
+**Cause**: User denied permissions or the application isn't properly configured.
+
+**Solution**:
+
+1. Verify that your Kinde application requests the correct scopes
+2. Check that users are granting permissions during the authorization flow
+3. Ensure your application is not restricted or disabled
+4. Verify the application has proper permissions set up
+
+### Invalid client error
+
+**Error message**: `invalid_client`
+
+**Cause**: Incorrect Client ID, Client Secret, or Domain.
+
+**Solution**:
+
+1. Double-check that you've copied the credentials correctly from Kinde
+2. Ensure there are no extra spaces or characters in the credentials
+3. Verify you're using the correct domain format (e.g., `your-tenant.kinde.com`)
+4. Generate a new Client Secret if necessary
+
+### Domain configuration issues
+
+**Error message**: Domain not found or invalid
+
+**Cause**: Incorrect Kinde domain or tenant configuration.
+
+**Solution**:
+
+1. Verify your Kinde domain is correct (e.g., `your-tenant.kinde.com`)
+2. Check that your Kinde tenant is active and not suspended
+3. Ensure you're using the correct region for your tenant
+4. Verify DNS resolution for your Kinde domain
+
+### Custom claims not available
+
+**Cause**: Custom claims not properly configured in Kinde.
+
+**Solution**:
+
+1. Check Kinde custom claims configuration
+2. Verify that custom claims are included in the ID token
+3. Ensure the claims are properly formatted and accessible
+4. Test with a user that has the expected custom claims
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
+- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
+- **Use environment variables**: Store sensitive configuration in environment variables, not config files
+- **Monitor access logs**: Regularly review authentication logs for suspicious activity
+
+### Scope and permission management
+
+- **Minimal scopes**: Only request `openid`, `profile`, and `email` scopes as required by Palmr
+- **User consent**: Ensure users understand what permissions they're granting
+- **Regular audits**: Review which users have connected their Kinde Auth accounts
+- **Access reviews**: Periodically check user access and remove inactive accounts
+
+### Production considerations
+
+- **Use HTTPS**: Always use HTTPS in production environments
+- **Configure proper domains**: Use production domains in Kinde application settings
+- **Test thoroughly**: Verify the complete authentication flow before going live
+- **Plan for failures**: Have fallback authentication methods available
+
+---
+
+## Next steps
+
+With Kinde Auth authentication configured, you might want to:
+
+- **Configure additional providers**: Set up other OIDC providers for more authentication options
+- **Customize user management**: Fine-tune auto-registration and admin assignment rules
+- **Review security settings**: Ensure your authentication setup meets your security requirements
+- **Monitor usage**: Keep track of authentication patterns and user activity
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
+
+## Useful resources
+
+- [Kinde Documentation](https://kinde.com/docs)
+- [Kinde OAuth 2.0 Guide](https://kinde.com/docs/developer-tools/oauth2)
+- [Kinde OpenID Connect](https://kinde.com/docs/developer-tools/openid-connect)
+- [Kinde Dashboard](https://app.kinde.com)

apps/docs/content/docs/3.2-beta/oidc-authentication/meta.json

@@ -0,0 +1,18 @@
+{
+  "defaultOpen": false,
+  "icon": "Key",
+  "pages": [
+    "index",
+    "google",
+    "discord",
+    "github",
+    "zitadel",
+    "auth0",
+    "authentik",
+    "frontegg",
+    "kinde-auth",
+    "pocket-id",
+    "other"
+  ],
+  "title": "OIDC Authentication"
+}

apps/docs/content/docs/3.2-beta/oidc-authentication/other.mdx

@@ -0,0 +1,467 @@
+---
+title: Other Providers
+icon: Settings
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Palmr supports custom OIDC (OpenID Connect) and OAuth 2.0 providers, allowing you to integrate with any identity provider that follows these standards. This flexibility enables organizations to use their existing identity infrastructure, whether it's a custom authentication system, enterprise SSO solution, or any other OIDC-compliant provider.
+
+<ZoomableImage src="/assets/v3/oidc/custom/custom-provider-login.png" alt="Custom OIDC Providers" />
+
+## Why use custom OIDC providers?
+
+Custom OIDC providers offer several advantages for organizations with specific authentication requirements:
+
+- **Flexibility** - Integrate with any OIDC-compliant identity provider
+- **Enterprise integration** - Connect with existing enterprise SSO systems
+- **Custom authentication flows** - Support for specialized authentication requirements
+- **No vendor lock-in** - Use your preferred identity provider
+- **Compliance** - Meet specific security and compliance requirements
+
+---
+
+## Prerequisites
+
+Before configuring a custom OIDC provider, ensure you have:
+
+- **OIDC/OAuth 2.0 provider** - A working identity provider that supports OIDC or OAuth 2.0
+- **Admin privileges in Palmr** - Required to configure authentication settings
+- **Provider documentation** - Access to your provider's OIDC configuration details
+
+> **Note:** The configuration process requires technical knowledge of OIDC/OAuth 2.0 standards. You'll need to obtain the necessary credentials and endpoints from your identity provider.
+
+---
+
+## Understanding OIDC Configuration
+
+### Configuration Methods
+
+Palmr supports two methods for configuring custom providers:
+
+#### 1. Auto Discovery
+
+For providers that support OIDC Discovery, Palmr can automatically discover the required endpoints using the issuer URL.
+
+**Requirements:**
+
+- Provider must support OIDC Discovery
+- Issuer URL must be accessible
+- Provider must expose a `.well-known/openid_configuration` endpoint
+
+#### 2. Manual Endpoint Configuration (Recommended)
+
+For providers that don't support OIDC Discovery or require custom endpoints.
+
+**Required endpoints:**
+
+- Authorization endpoint
+- Token endpoint
+- User info endpoint
+
+### Required Information
+
+You'll need the following information from your identity provider:
+
+- **Provider URL/Issuer URL** - The base URL of your identity provider
+- **Client ID** - The OAuth client identifier
+- **Client Secret** - The OAuth client secret
+- **Scopes** - The OAuth scopes required for authentication
+- **Endpoints** (if using manual configuration):
+  - Authorization endpoint
+  - Token endpoint
+  - User info endpoint
+
+---
+
+## Configuring Palmr
+
+### Accessing Authentication Settings
+
+To configure a custom OIDC provider in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Adding a Custom Provider
+
+1. **Add new provider**: Click the **"Add Provider"** button in the Authentication Providers section
+
+<ZoomableImage src="/assets/v3/oidc/custom/add-provider.png" alt="Add Provider" />
+
+2. **Configure basic information**:
+   - **Provider Name**: Enter a unique identifier (e.g., `custom-provider`)
+   - **Display Name**: Enter the name users will see (e.g., `Custom SSO`)
+   - **Type**: Select `OIDC` for OpenID Connect or `OAuth2` for OAuth 2.0
+   - **Icon**: Choose an appropriate icon for the login button
+
+<ZoomableImage src="/assets/v3/oidc/custom/provider-basic-info.png" alt="Provider Basic Info" />
+
+### Configuration Method Selection
+
+Choose between auto discovery and manual endpoint configuration:
+
+#### Auto Discovery Configuration
+
+1. **Select Auto Discovery**: Choose the "Auto Discovery" option
+2. **Provider URL**: Enter your identity provider's issuer URL (e.g., `https://your-provider.com`)
+3. **Palmr will try to automatically discover**:
+   - Authorization endpoint
+   - Token endpoint
+   - User info endpoint
+   - Supported scopes
+
+> **Note:** If the auto discovery fails, you can switch to manual endpoint configuration and fill the endpoints manually (recommended).
+
+#### Manual Endpoint Configuration
+
+1. **Select Manual Endpoints**: Choose the "Manual Endpoints" option
+2. **Provider URL**: Enter your identity provider's base URL
+3. **Configure endpoints**:
+   - **Authorization Endpoint**: The OAuth authorization endpoint
+   - **Token Endpoint**: The OAuth token endpoint
+   - **User Info Endpoint**: The user information endpoint
+
+<ZoomableImage src="/assets/v3/oidc/custom/manual-endpoints.png" alt="Manual Endpoints" />
+
+> **Note:** `User info endpoint` can be a full URL or a relative path. (e.g. `/userinfo` or `https://other-any-url.com/userinfo`)
+> **Note:** `Token endpoint` and `Authorization endpoint` must be just the path. (e.g. `/oauth/token` or `/oauth/authorize`), Palmr will automatically add the base URL to the endpoints based on the `Provider URL` you provided.
+
+### OAuth Credentials
+
+Configure the OAuth credentials obtained from your identity provider:
+
+1. **Client ID**: Enter the OAuth client identifier
+2. **Client Secret**: Enter the OAuth client secret
+3. **Scopes**: Configure the required OAuth scopes
+
+**Common OIDC scopes:**
+
+- `openid` - Required for OIDC
+- `profile` - Access to user profile information
+- `email` - Access to user email address
+
+**Common OAuth 2.0 scopes:**
+
+- `profile` - Access to user profile information
+- `email` - Access to user email address
+
+### Advanced Configuration
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Admin Email Domains**: Specify domains that should automatically receive admin privileges. For example, entering `yourcompany.com` will grant admin access to anyone with an email from that domain.
+
+**Sort Order**: Control where the custom provider login button appears relative to other authentication providers.
+
+---
+
+## Callback URL Configuration
+
+Palmr will display the required callback URL that you need to configure in your identity provider:
+
+### Callback URL Format
+
+```
+https://yourdomain.com/api/auth/providers/{provider-name}/callback
+```
+
+### Environment-specific URLs
+
+| Environment | Callback URL                                                              |
+| ----------- | ------------------------------------------------------------------------- |
+| Production  | `https://yourdomain.com/api/auth/providers/custom-provider/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/custom-provider/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/custom-provider/callback` |
+
+> **Important:** Replace `yourdomain.com` with your actual domain and `custom-provider` with your actual provider name.
+
+### Final Considerations
+
+> **Note:** Don't forget enable your provider in the `Authentication Providers` section after add it.
+
+After configuring your custom provider, it will be available in the `Authentication Providers` section.
+
+<ZoomableImage src="/assets/v3/oidc/custom/enabled-provider.png" alt="Enabled Provider" />
+
+---
+
+## Testing the Configuration
+
+### Verifying the Setup
+
+After configuring your custom provider, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify your custom provider button appears
+
+2. **Test authentication flow**: Click the custom provider sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Troubleshooting
+
+Common issues and solutions:
+
+**"Invalid redirect URI" error:**
+
+- Verify the callback URL is correctly configured in your identity provider
+- Ensure the provider name in the callback URL matches your configured provider name
+
+**"Invalid client credentials" error:**
+
+- Verify the Client ID and Client Secret are correct
+- Ensure the credentials are for the correct application/environment
+
+**"Invalid scope" error:**
+
+- Verify the configured scopes are supported by your identity provider
+- Check that required scopes (like `openid` for OIDC) are included
+
+**"User info endpoint error":**
+
+- Verify the user info endpoint URL is correct
+- Ensure the endpoint returns the expected user information format
+
+---
+
+## Security Considerations
+
+When configuring custom OIDC providers, consider the following security best practices:
+
+### Credential Security
+
+- **Secure storage**: Ensure Client Secrets are stored securely
+- **Regular rotation**: Rotate Client Secrets periodically
+- **Environment separation**: Use different credentials for development and production
+
+### Provider Security
+
+- **HTTPS only**: Ensure all endpoints use HTTPS in production
+- **Valid certificates**: Verify SSL certificates are valid and trusted
+- **Access controls**: Implement appropriate access controls on your identity provider
+
+### Palmr Configuration
+
+- **Admin access**: Restrict access to authentication settings to authorized administrators
+- **Audit logging**: Monitor authentication events and user access
+- **Regular testing**: Periodically test the authentication flow
+
+---
+
+## Account Linking
+
+By default, if a user is already registered in Palmr with their email address, they will be automatically linked to their account when they authenticate through your custom provider.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their custom provider account, you need to delete the user from Palmr.
+
+---
+
+## Technical Configuration
+
+### OIDC Discovery
+
+If your provider supports OIDC Discovery, Palmr will automatically fetch the configuration from:
+
+```
+{issuer-url}/.well-known/openid_configuration
+```
+
+This endpoint should return a JSON document containing:
+
+```json
+{
+  "authorization_endpoint": "https://your-provider.com/oauth/authorize",
+  "grant_types_supported": ["authorization_code"],
+  "issuer": "https://your-provider.com",
+  "response_types_supported": ["code"],
+  "scopes_supported": ["openid", "profile", "email"],
+  "token_endpoint": "https://your-provider.com/oauth/token",
+  "userinfo_endpoint": "https://your-provider.com/oauth/userinfo"
+}
+```
+
+### Manual Configuration
+
+For manual endpoint configuration, ensure your endpoints follow OAuth 2.0/OIDC standards:
+
+- **Authorization Endpoint**: Handles user authentication and authorization
+- **Token Endpoint**: Exchanges authorization codes for access tokens
+- **User Info Endpoint**: Returns user information using the access token
+
+---
+
+## Support and Troubleshooting
+
+If you encounter issues with your custom OIDC provider configuration:
+
+1. **Check provider documentation**: Verify your configuration against your provider's documentation
+2. **Review logs**: Check Palmr server logs for detailed error messages
+3. **Test endpoints**: Verify all endpoints are accessible and return expected responses
+4. **Community support**: Seek help from the Palmr community or your provider's support team
+
+> **Note:** Custom provider configurations require technical expertise in OIDC/OAuth 2.0. Ensure you have access to your provider's technical documentation and support resources.
+
+## Requesting Provider Support
+
+If you've successfully configured a custom OIDC provider and would like to request it to be added as an officially supported provider in Palmr, you can open a detailed issue with all the necessary configuration information.
+
+### Why Request Official Support?
+
+Having your provider officially supported offers several benefits:
+
+- **Easier setup** - Pre-configured providers require minimal configuration
+- **Better documentation** - Official setup guides and troubleshooting
+- **Community support** - Others can benefit from your configuration
+- **Maintenance** - The Palmr team maintains and updates the provider
+
+### Before Opening an Issue
+
+Ensure you have:
+
+- **Working configuration** - Your provider must be fully functional and tested
+- **Complete documentation** - All setup steps and requirements documented
+- **Provider information** - All necessary URLs, endpoints, and configuration details
+- **Testing completed** - Thoroughly tested authentication flow and user management
+
+### Issue Template
+
+Use the following template when opening your issue. Copy and paste it, then fill in all the required information:
+
+```markdown
+## Provider Support Request: [Provider Name]
+
+### Provider Information
+
+**Provider Name:** [e.g., CustomOIDC, EnterpriseSSO, CompanyAuth]
+**Provider Type:** [OIDC / OAuth 2.0]
+**Provider Website:** [URL to provider's website]
+**Provider Documentation:** [URL to OIDC/OAuth documentation]
+
+### Configuration Details
+
+#### Basic Information
+
+- **Provider URL/Issuer:** `https://your-provider.com`
+- **Client ID:** [Your OAuth client ID]
+- **Client Secret:** [Your OAuth client secret]
+- **Scopes:** `openid profile email` [List all required scopes]
+
+#### Endpoints
+
+- **Authorization Endpoint:** `/oauth/authorize` [or full URL if different]
+- **Token Endpoint:** `/oauth/token` [or full URL if different]
+- **User Info Endpoint:** `/oauth/userinfo` [or full URL if different]
+- **Discovery Endpoint:** `/.well-known/openid_configuration` [if supported]
+
+#### OIDC Discovery Information
+
+**Does your provider support OIDC Discovery?** [Yes/No]
+**Discovery URL:** `https://your-provider.com/.well-known/openid_configuration` [if yes]
+
+### Setup Instructions
+
+#### Prerequisites
+
+- [List any required software, accounts, or permissions]
+- [Any specific requirements for the provider]
+
+#### Step-by-Step Configuration
+
+1. [Detailed step 1]
+2. [Detailed step 2]
+3. [Detailed step 3]
+4. [Continue with all necessary steps]
+
+#### Palmr Configuration
+
+**Provider Name:** `custom-provider` [suggested internal name]
+**Display Name:** `Custom SSO` [name users will see]
+**Icon:** [suggested icon or describe what icon to use]
+
+### Testing Information
+
+#### Tested Environments
+
+- **Operating Systems:** [Windows, macOS, Linux, etc.]
+- **Browsers:** [Chrome, Firefox, Safari, Edge, etc.]
+- **Palmr Version:** [Version you tested with]
+
+#### Authentication Flow
+
+- [ ] User can successfully authenticate
+- [ ] User account is created automatically (if enabled)
+- [ ] Admin domain restrictions work correctly
+- [ ] User profile information is retrieved correctly
+- [ ] Account linking works with existing users
+
+#### Known Issues
+
+[List any known limitations, restrictions, or special considerations]
+
+### Screenshots
+
+**Provider Login Page:** [Screenshot of the provider's login page]
+**Palmr Configuration:** [Screenshot of your Palmr provider configuration]
+**Authentication Flow:** [Screenshots of the authentication process]
+
+### Additional Information
+
+#### Special Requirements
+
+[Any special configuration requirements, custom headers, or unique settings]
+
+#### Security Considerations
+
+[Any security-specific requirements or recommendations]
+
+#### Performance Notes
+
+[Any performance implications or recommendations]
+
+### Contact Information
+
+**Your Name:** [Optional - for follow-up questions]
+**Email:** [Optional - for follow-up questions]
+**GitHub Username:** [Your GitHub username]
+
+### Checklist
+
+Before submitting this issue, please ensure:
+
+- [ ] All required information is provided
+- [ ] Configuration has been tested and works
+- [ ] Screenshots are included (if applicable)
+- [ ] Setup instructions are complete and accurate
+- [ ] No sensitive information (like actual client secrets) is included
+```
+
+### What Happens Next?
+
+1. **Issue Review** - The Palmr team will review your request
+2. **Additional Questions** - You may be asked for more information
+3. **Implementation** - If approved, the provider will be added to Palmr
+4. **Documentation** - Official documentation will be created
+5. **Release** - The provider will be available in the next release
+
+### Tips for a Successful Request
+
+- **Be thorough** - Include all necessary information
+- **Test everything** - Ensure your configuration works completely
+- **Provide screenshots** - Visual aids help with implementation
+- **Document clearly** - Write clear, step-by-step instructions
+- **Check existing providers** - Make sure your provider isn't already supported
+
+### Need Help?
+
+If you need assistance with your request:
+
+- **Check existing issues** - Review other provider requests for examples
+- **Join the community** - Participate in discussions and ask questions
+- **Read the documentation** - Ensure you understand the OIDC/OAuth requirements

apps/docs/content/docs/3.2-beta/oidc-authentication/pocket-id.mdx

@@ -0,0 +1,279 @@
+---
+title: Pocket ID
+icon: IdCardLanyard
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Pocket ID is one of Palmr's officially supported OIDC providers, offering a robust and flexible identity management solution. This integration allows users to sign in to Palmr using Pocket ID's authentication system, making it perfect for organizations that need a self-hosted identity provider with OIDC support.
+
+<ZoomableImage src="/assets/v3/oidc/pocket-id/sign-in-with-pocket-id.png" alt="Sign in with Pocket ID" />
+
+## Why use Pocket ID authentication?
+
+Pocket ID authentication provides several advantages for organizations seeking a self-hosted identity solution:
+
+- **Self-hosted control** - Full control over your authentication infrastructure and data
+- **OIDC compliance** - Standard OpenID Connect implementation for seamless integration
+- **Flexible deployment** - Deploy on any infrastructure that suits your needs
+- **Automatic discovery** - Supports OIDC discovery for streamlined configuration
+- **Simple configuration** - Intuitive setup process with minimal complexity
+- **Data sovereignty** - Keep all authentication data within your infrastructure
+- **Cost-effective** - No per-user pricing, perfect for growing organizations
+
+---
+
+## Prerequisites
+
+Before configuring Pocket ID authentication, ensure you have:
+
+- **Pocket ID instance** - A running Pocket ID server accessible via HTTPS
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+- **Domain configuration** - For production deployments with custom domains
+
+> **Note:** Pocket ID is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up Pocket ID Application
+
+### Creating a Pocket ID application
+
+To get started with Pocket ID authentication, you'll need to create an application in your Pocket ID admin interface.
+
+1. **Navigate to Pocket ID Admin**: Go to your Pocket ID instance URL (e.g., `https://your-pocket-id.domain.com`)
+
+<ZoomableImage src="/assets/v3/oidc/pocket-id/pocket-id-console.png" alt="Pocket ID Console" />
+
+2. **Navigate to OIDC Clients**: Click **"OIDC Clients"** in the applications in the left sidebar, you will be redirected to the OIDC Clients page
+
+<ZoomableImage src="/assets/v3/oidc/pocket-id/oidc-clients.png" alt="OIDC Clients" />
+
+3. **Create a new OIDC Client**: Click **"Add OIDC Client"** button in the OIDC Clients page
+
+<ZoomableImage src="/assets/v3/oidc/pocket-id/create-oidc-client-button.png" alt="Create OIDC Client Button" />
+
+Configure the following settings:
+
+- **Name**: "Palmr File Sharing" (or your preferred name)
+- **Public Client**: "Diasabled"
+- **PKCE**: "Disabled"
+- **Logo**: "Upload a logo image"
+
+<ZoomableImage src="/assets/v3/oidc/pocket-id/create-oidc-client.png" alt="Create OIDC Client" />
+
+### Configuring application URLs
+
+You'll need to configure several URLs in your Pocket ID application settings. Here's what to add for each environment:
+
+### Redirect URIs
+
+| Environment | URL                                                                |
+| ----------- | ------------------------------------------------------------------ |
+| Production  | `https://yourdomain.com/api/auth/providers/pocketid/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/pocketid/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/pocketid/callback` |
+
+### Post Logout Redirect URIs
+
+| Environment | URL                           |
+| ----------- | ----------------------------- |
+| Production  | `https://yourdomain.com`      |
+| Development | `http://localhost:3000`       |
+| Custom Port | `https://yourdomain.com:5487` |
+
+> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
+
+<ZoomableImage src="/assets/v3/oidc/pocket-id/config-urls.png" alt="Pocket ID Application URLs Configuration" />
+
+### Getting OAuth credentials
+
+After creating your application, you'll receive your OAuth credentials:
+
+<ZoomableImage
+  src="/assets/v3/oidc/pocket-id/credentials.png"
+  alt="Pocket ID OAuth Credentials"
+  legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from Pocket ID."
+/>
+
+Save these credentials securely - you'll need them to configure Palmr:
+
+- Client ID
+- Client Secret
+- Provider URL (your Pocket ID instance URL)
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure Pocket ID authentication in Palmr:
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling Pocket ID provider
+
+1. **Locate Pocket ID**: Find Pocket ID in the list of available providers
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/pocket-id/enabled-pocket-id.png" alt="Palmr Pocket ID Provider Enabled" />
+
+3. **Configure credentials**:
+   - **Provider URL**: Your Pocket ID server URL (e.g., `https://auth.yourdomain.com`)
+   - **Client ID**: Paste the Client ID from your Pocket ID application
+   - **Client Secret**: Paste the Client Secret from your Pocket ID application
+
+<ZoomableImage
+  src="/assets/v3/oidc/pocket-id/edit-pocket-id.png"
+  alt="Edit Pocket ID Provider"
+  legend="This is a fake application, you have to use your own credentials."
+/>
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable to automatically create user accounts when someone authenticates for the first time.
+
+**Sort Order**: Control where the Pocket ID login button appears relative to other authentication providers.
+
+**Icon**: Choose a custom icon for the Pocket ID login button (default is `Key`).
+
+<ZoomableImage src="/assets/v3/oidc/pocket-id/pocket-id-icon.png" alt="Pocket ID Icon" />
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their Pocket ID email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their Pocket ID account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+Pocket ID's technical configuration is handled automatically through OIDC discovery, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 with OIDC Discovery
+Issuer URL: https://your-pocket-id.domain.com
+Authorization Endpoint: /authorize
+Token Endpoint: /api/oidc/token
+UserInfo Endpoint: /api/oidc/userinfo
+Scopes: openid profile email
+```
+
+### Field mappings
+
+Palmr automatically maps Pocket ID user information to local user accounts:
+
+- **User ID**: Maps from Pocket ID's `sub` field
+- **Email**: Maps from Pocket ID's `email` field
+- **Name**: Maps from Pocket ID's `name` field, falls back to `preferred_username`
+- **First Name**: Maps from Pocket ID's `given_name` field
+- **Last Name**: Maps from Pocket ID's `family_name` field
+- **Avatar**: Maps from Pocket ID's `picture` field
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring Pocket ID authentication, test the integration:
+
+1. **Check login page**: Verify the "Sign in with Pocket ID" button appears
+2. **Test authentication flow**: Click the button and complete authentication
+3. **Verify user creation**: Confirm new user account creation (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. User clicks "Sign in with Pocket ID"
+2. User is redirected to Pocket ID login page
+3. User authenticates with their credentials
+4. Pocket ID redirects back to Palmr
+5. Palmr creates or updates the user account
+6. User gains access to Palmr
+
+---
+
+## Troubleshooting common issues
+
+### Redirect URI mismatch
+
+**Error**: `invalid_redirect_uri`
+
+**Solution**:
+
+1. Verify the exact callback URL in your Pocket ID application
+2. Check for protocol mismatches (http vs https)
+3. Ensure no trailing slashes unless specified
+4. Add development URLs if testing locally
+
+### Authentication failures
+
+**Error**: `access_denied` or `unauthorized_client`
+
+**Solution**:
+
+1. Verify Client ID and Secret are correct
+2. Check if the application is enabled in Pocket ID
+3. Ensure required scopes are configured
+4. Verify the user has necessary permissions
+
+### Discovery endpoint issues
+
+**Error**: Cannot fetch OIDC configuration
+
+**Solution**:
+
+1. Verify your Pocket ID server is accessible
+2. Check if the discovery endpoint (`/.well-known/openid-configuration`) is available
+3. Ensure SSL certificates are valid
+4. Check network connectivity and firewall rules
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Secure storage**: Keep Client Secret secure and never commit to version control
+- **Regular rotation**: Periodically rotate Client Secret
+- **Environment variables**: Store credentials in environment variables
+- **Access monitoring**: Regular review of authentication logs
+
+### Production considerations
+
+- **HTTPS required**: Always use HTTPS in production
+- **Valid certificates**: Ensure SSL certificates are valid
+- **Regular updates**: Keep Pocket ID server updated
+- **Backup strategy**: Regular backups of Pocket ID configuration
+
+---
+
+## Next steps
+
+After configuring Pocket ID authentication:
+
+- **Monitor usage**: Track authentication patterns
+- **Configure MFA**: Set up multi-factor authentication if needed
+- **User management**: Review auto-registration settings
+- **Backup verification**: Test backup and restore procedures
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
+
+## Useful resources
+
+- [Pocket ID Documentation](https://docs.pocket-id.org)
+- [OIDC Specification](https://openid.net/specs/openid-connect-core-1_0.html)
+- [Palmr OIDC Overview](/docs/3.2-beta/oidc-authentication)

apps/docs/content/docs/3.2-beta/oidc-authentication/zitadel.mdx

@@ -0,0 +1,423 @@
+---
+title: Zitadel
+icon: Shield
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Zitadel is one of Palmr's officially supported OIDC providers, offering enterprise-grade authentication through Zitadel's identity platform. This integration allows users to sign in to Palmr using Zitadel's comprehensive authentication system, making it perfect for enterprise organizations, applications requiring advanced security features, and teams that need centralized identity management with both cloud and self-hosted deployment options.
+
+<ZoomableImage src="/assets/v3/oidc/zitadel/sign-in-with-zitadel.png" alt="Sign in with Zitadel" />
+
+## Why use Zitadel authentication?
+
+Zitadel authentication provides several advantages for enterprise and security-focused organizations:
+
+- **Enterprise-grade security** - Advanced security features like MFA, adaptive authentication, and threat detection
+- **Flexible deployment** - Choose between cloud-hosted or self-hosted deployment options
+- **Centralized identity management** - Single platform to manage users across multiple applications
+- **Compliance ready** - Built-in compliance with GDPR, SOC 2, and other enterprise standards
+- **Advanced customization** - Actions, flows, and custom branding capabilities
+
+---
+
+## Prerequisites
+
+Before configuring Zitadel authentication, ensure you have:
+
+- **Zitadel instance** - Either cloud-hosted or self-hosted Zitadel installation
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+- **Domain configuration** - For production deployments with custom domains
+
+> **Note:** Zitadel is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up Zitadel Application
+
+### Creating a Zitadel application
+
+To get started with Zitadel authentication, you'll need to create an application in your Zitadel Console.
+
+1. **Navigate to Zitadel Console**: Go to your Zitadel instance URL (e.g., `your-instance.zitadel.cloud` for cloud or `your self-hosted URL`)
+
+<ZoomableImage src="/assets/v3/oidc/zitadel/zitadel-console.png" alt="Zitadel Console" />
+
+2. **Create new application**: Click **"Create Application"** button in the home screen.
+3. **Enter application details**:
+
+- Enter a descriptive name like "Palmr File Sharing" for your project, ou select an existing project.
+- Select Framework: Select "`Other (OIDC, SAML, API)`"
+
+<ZoomableImage src="/assets/v3/oidc/zitadel/create-application.png" alt="Zitadel Create Application" />
+
+4. **Create application**: Click **"Create"** to generate your Zitadel application
+
+After creating your application, you'll be redirected to the application configuration page step-by-step. in this page you can configure your application.
+
+### Configuring application settings
+
+5. **Select application type**: in the first step:
+
+- Choose **"Web"** for web-based Palmr instances
+- Add a descriptive name for your application (e.g. "Palmr File Sharing")
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/step-1.png"
+  alt="Zitadel Application Type Selection"
+  legend="This is a fake application, you have to use your own."
+/>
+
+click on **"Continue"** to advance to the next step.
+
+6. **Select application type**: in the second step:
+
+- Choose **"CODE"** for authentication method and click on **"Continue"** to advance to the next step.
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/step-2.png"
+  alt="Zitadel Application Authentication Method Selection"
+  legend="This is a fake application, you have to use your own."
+/>
+
+7. **Configure application URLs**:
+
+You'll need to configure several URLs in your Zitadel application settings. Here's what to add for each environment:
+
+### Redirect URIs
+
+| Environment | URL                                                               |
+| ----------- | ----------------------------------------------------------------- |
+| Production  | `https://yourdomain.com/api/auth/providers/zitadel/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/zitadel/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/zitadel/callback` |
+
+### Post Logout Redirect URIs
+
+| Environment | URL                           |
+| ----------- | ----------------------------- |
+| Production  | `https://yourdomain.com`      |
+| Development | `http://localhost:3000`       |
+| Custom Port | `https://yourdomain.com:5487` |
+
+> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+> **Note:** If you using http:// (not https://) in your redirect URIs, you need to enable `Development mode` switch.
+> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/config-urls.png"
+  alt="Zitadel Application URLs Configuration"
+  legend="This is a fake application, you have to use your own."
+/>
+
+Click on **"Continue"** to advance to the last step. That is just a summary of the configuration you have done.
+
+8. **Save changes**: Click **"Save"** to apply your configuration
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/config-overview.png"
+  alt="Zitadel Application Summary"
+  legend="This is a fake application, you have to use your own."
+/>
+
+You can click on **"Create"** to create your application.
+
+### Getting OAuth credentials
+
+After creating your application, a modal will appear with the credentials that Palmr will use to authenticate with Zitadel.
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/credentials-modal.png"
+  alt="Zitadel OAuth Credentials"
+  legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from Zitadel."
+/>
+
+you can copy the credentials and save them in a safe place for later use.
+
+### Final Zitadel configuration
+
+**Confirm the Zitadel application configuration**:
+
+After closing the modal, you'll be redirected to the Zitadel application page.
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/application-page.png"
+  alt="Zitadel Application Page"
+  legend="This is a fake application, you have to use your own."
+/>
+
+Confirm the application configuration fields:
+
+- **Application Type**: The Application Type has been set to **"Web"**
+- **Response Type**: The Response Type has been set to **"Code"**
+- **Authentication Method**: The Authentication Method has been set to **"Basic"**
+- **Grant Types**: The Grant Types has been set to **"Authorization Code"**
+- **Refresh Token**: The Refresh Token has been set to **"Disabled"**
+
+You can edit the application configuration if you want to change something and click on **"Save"** to save the application configuration.
+
+> **Note:** If you edit your client ID, you need to update the credentials that you saved in the previous step.
+
+Select the **"Token Settings"** section in the side menu, you can configure the token settings for your application.
+
+The default Auth Token Type is **"Bearer"** and you can change it to **"JWT"** and click on **"Save"** to save the token settings.
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/token-settings.png"
+  alt="Zitadel Auth Token Settings"
+  legend="This is a fake application, you have to use your own."
+/>
+
+Click on **Redirect Settings** section in the side menu, you can configure the redirect settings for your application. Just confirm the previous URLs you have configured in the previous step. If you want to add more redirect URLs, you can add them by clicking on **"+"** button. If you need to edit the redirect URLs, you can edit them by clicking on the pen icon.
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/redirect-settings-page.png"
+  alt="Zitadel Redirect Settings"
+  legend="This is a fake application, you have to use your own."
+/>
+
+The last step in Zitadel is grab your instance URL. You can find it clicking on the **"URLs"** in the side menu.
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/urls-page.png"
+  alt="Zitadel Instance URL"
+  legend="This is a fake application, you have to use your own."
+/>
+
+You dont need copy the complete URL, just the domain name and protocol and port if you are using a custom port.
+For example: `https://palmr-zaxijp.us1.zitadel.cloud` (image bellow case) or `https://zitadel.yourdomain.com` or `https://zitadel.yourdomain.com:5487` if you are using a custom port.
+
+> **Note:** In Zitadel we finish the configuration. Let's go to Palmr to configure the provider. Remember you need `Client ID`, `Client Secret` and `Instance URL` to configure the provider in Palmr.
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure Zitadel authentication in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling Zitadel provider
+
+Zitadel comes pre-configured as an official provider, so the setup process is streamlined.
+
+1. **Locate Zitadel provider**: Find Zitadel in the list of available providers
+
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/zitadel/enabled-zitadel.png" alt="Palmr Zitadel Provider Enabled" />
+
+After enabling the provider, click on the pen icon to configure the provider.
+
+3. **Configure credentials**:
+   - **Provider URL**: Paste your Zitadel instance URL (e.g., `https://your-instance.zitadel.cloud`)
+   - **Client ID**: Paste the Client ID from Zitadel application
+   - **Client Secret**: Paste the Client Secret from Zitadel application
+   - **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`. You don't need change this if you are not sure.
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/edit-zitadel.png"
+  alt="Edit Zitadel Provider"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Sort Order**: Control where the Zitadel login button appears relative to other authentication providers.
+
+**Icon**: you can choose the icon you want to use for the Zitadel login button (default is `FaShieldAlt`).
+
+<ZoomableImage src="/assets/v3/oidc/zitadel/zitadel-icon.png" alt="Zitadel Icon" />
+
+> **Enterprise tip:** Zitadel authentication works great for enterprise organizations requiring advanced security features and centralized identity management with deployment flexibility.
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their Zitadel email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their Zitadel account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+Zitadel's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 with OIDC Discovery
+Issuer URL: https://your-instance.zitadel.cloud
+Authorization Endpoint: /oauth/v2/authorize
+Token Endpoint: /oauth/v2/token
+UserInfo Endpoint: /oidc/v1/userinfo
+Scopes: openid profile email
+```
+
+### Field mappings
+
+Palmr automatically maps Zitadel user information to local user accounts:
+
+- **User ID**: Maps from Zitadel's `sub` field
+- **Email**: Maps from Zitadel's `email` field
+- **Full Name**: Maps from Zitadel's `name` field
+- **First Name**: Maps from Zitadel's `given_name` field
+- **Last Name**: Maps from Zitadel's `family_name` field
+- **Avatar**: Maps from Zitadel's `picture` field
+- **Username**: Maps from Zitadel's `preferred_username` field
+
+### Zitadel-specific features
+
+- **Custom Claims**: Can include custom user metadata and app metadata
+- **Actions Support**: Can customize authentication flow with custom actions
+- **Multi-factor Authentication**: Supports Zitadel's MFA features
+- **Enterprise SSO**: Integrates with SAML, LDAP, and other enterprise systems
+- **Self-hosted Support**: Full functionality with self-hosted Zitadel instances
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring Zitadel authentication, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Zitadel" button appears
+
+2. **Test authentication flow**: Click the Zitadel sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. **User clicks "Sign in with Zitadel"**: The browser redirects to Zitadel's authorization page
+2. **User authenticates**: User completes authentication through Zitadel (login, MFA, etc.)
+3. **Zitadel redirects back to Palmr**: User returns to Palmr with authentication tokens
+4. **Palmr creates or updates user**: User account is automatically managed with Zitadel information
+5. **User accesses Palmr**: User is logged in with their Zitadel identity
+
+---
+
+## Troubleshooting common issues
+
+### Redirect URI mismatch error
+
+**Error message**: `invalid_redirect_uri`
+
+**Cause**: The redirect URI in your request doesn't match what's configured in Zitadel application.
+
+**Solution**:
+
+1. Check the exact URL in the error message
+2. Add this exact URL to your Zitadel application's redirect URIs
+3. Ensure you include the correct protocol (http/https) and port
+4. Remove any trailing slashes unless they're in the callback URL
+
+### Access denied error
+
+**Error message**: `access_denied`
+
+**Cause**: User denied permissions or the application isn't properly configured.
+
+**Solution**:
+
+1. Verify that your Zitadel application requests the correct scopes
+2. Check that users are granting permissions during the authorization flow
+3. Ensure your application is not restricted or disabled
+4. Verify the application has proper permissions set up
+
+### Invalid client error
+
+**Error message**: `invalid_client`
+
+**Cause**: Incorrect Client ID, Client Secret, or Instance URL.
+
+**Solution**:
+
+1. Double-check that you've copied the credentials correctly from Zitadel
+2. Ensure there are no extra spaces or characters in the credentials
+3. Verify you're using the correct instance URL format
+4. Generate a new Client Secret if necessary
+
+### Instance URL configuration issues
+
+**Error message**: Instance not found or invalid
+
+**Cause**: Incorrect Zitadel instance URL or instance configuration.
+
+**Solution**:
+
+1. Verify your Zitadel instance URL is correct
+2. Check that your Zitadel instance is active and accessible
+3. Ensure you're using the correct protocol (https://)
+4. Verify DNS resolution for your Zitadel instance
+
+### Self-hosted connectivity issues
+
+**Cause**: Network connectivity problems with self-hosted Zitadel instance.
+
+**Solution**:
+
+1. Check server firewall and network connectivity
+2. Verify DNS resolution from your server to the Zitadel instance
+3. Ensure the Zitadel instance is properly configured and running
+4. Check SSL certificate validity for the Zitadel instance
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
+- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
+- **Use environment variables**: Store sensitive configuration in environment variables, not config files
+- **Monitor access logs**: Regularly review authentication logs for suspicious activity
+
+### Scope and permission management
+
+- **Minimal scopes**: Only request `openid`, `profile`, and `email` scopes as required by Palmr
+- **User consent**: Ensure users understand what permissions they're granting
+- **Regular audits**: Review which users have connected their Zitadel accounts
+- **Access reviews**: Periodically check user access and remove inactive accounts
+
+### Production considerations
+
+- **Use HTTPS**: Always use HTTPS in production environments
+- **Configure proper domains**: Use production domains in Zitadel application settings
+- **Test thoroughly**: Verify the complete authentication flow before going live
+- **Plan for failures**: Have fallback authentication methods available
+
+---
+
+## Next steps
+
+With Zitadel authentication configured, you might want to:
+
+- **Configure additional providers**: Set up other OIDC providers for more authentication options
+- **Customize user management**: Fine-tune auto-registration and admin assignment rules
+- **Review security settings**: Ensure your authentication setup meets your security requirements
+- **Monitor usage**: Keep track of authentication patterns and user activity
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
+
+## Useful resources
+
+- [Zitadel Documentation](https://zitadel.com/docs)
+- [Zitadel OAuth 2.0 Guide](https://zitadel.com/docs/apis/openidoauth)
+- [Zitadel OpenID Connect](https://zitadel.com/docs/apis/openidoauth/oidc)
+- [Zitadel Console](https://cloud.zitadel.com)

apps/docs/content/docs/3.2-beta/open-an-issue.mdx

@@ -0,0 +1,333 @@
+---
+title: How to Open an Issue
+icon: Ticket
+---
+
+## Introduction
+
+Opening an issue on GitHub is an essential way to report bugs, request features, or ask questions about a project. This guide walks you through the process of creating an issue for the **Palmr** project on GitHub.
+
+Issues serve as a vital communication tool in open source development, helping track bugs, feature requests, and general questions. They create a transparent record of project discussions and improvements, fostering collaboration between users and maintainers.
+
+Whether you've discovered a bug that needs fixing, have an idea for a new feature, or need clarification about functionality, creating an issue is the first step to getting your voice heard and contributing to the project's improvement.
+
+---
+
+## GitHub account requirements
+
+Before you can open an issue, you'll need to be logged into your GitHub account. If you don't have an account yet, creating one is free and provides access to the entire GitHub ecosystem.
+
+### Account benefits
+
+Having a GitHub account allows you to:
+
+- Create and manage issues across all repositories
+- Comment on existing issues and participate in discussions
+- Receive notifications about updates and responses
+- Collaborate with developers and maintainers
+- Track your contributions and engagement history
+
+### Getting started
+
+If you need to create an account:
+
+1. Visit [GitHub's signup page](https://github.com/signup)
+2. Complete the registration process
+3. Verify your email address
+4. Log in to your new account
+
+Make sure you're logged in before proceeding to the next steps.
+
+---
+
+## Accessing the repository
+
+There are several convenient ways to access the Palmr repository and begin the issue creation process.
+
+### Direct access
+
+The quickest method is to visit the repository directly: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr)
+
+### Alternative access methods
+
+You can also find the repository through:
+
+**GitHub Search**:
+
+- Click the search bar at the top of any GitHub page
+- Type "Palmr" or "kyantech/Palmr" for more specific results
+- Look for the repository owned by **Kyantech**
+- Click on the repository name to access it
+
+**Organization Profile**:
+
+- Visit [Kyantech's GitHub profile](https://github.com/kyantech)
+- Navigate to the "Repositories" tab
+- Find and click on "Palmr" in the repository list
+
+### Repository verification
+
+When accessing the repository, verify you're in the correct location by checking:
+
+- The repository owner is **kyantech**
+- The repository name is **Palmr**
+- The description matches the project you're looking for
+- Recent activity indicates an active project
+
+---
+
+## Navigating to issues
+
+Once you're on the repository page, you'll need to access the issues section to create your new issue.
+
+### Finding the issues tab
+
+To access the issues section:
+
+1. **Locate Navigation Bar**: Look at the navigation bar near the top of the repository page
+2. **Find Issues Tab**: The **Issues** tab is typically located between "Code" and "Pull requests"
+3. **Click Issues**: Click on the **Issues** tab to open the issues section
+4. **Review Existing Issues**: You'll see a list of all existing issues, both open and closed
+
+### Understanding the issues interface
+
+The issues tab displays important information including:
+
+- **Issue Count**: Number of open and closed issues
+- **Labels and Categories**: Color-coded labels for organization
+- **Issue Status**: Visual indicators for open/closed status
+- **Recent Activity**: Timeline of recent issue updates
+- **Assigned Contributors**: Who's working on specific issues
+- **Search and Filter Options**: Tools to find specific issues
+
+![Palmr Profile Menu](/assets/v1/developers/issues-tab.png)
+
+---
+
+## Creating a new issue
+
+With the issues section open, you can now create your new issue to report a bug, request a feature, or ask a question.
+
+### Initiating issue creation
+
+To start creating your issue:
+
+1. **Locate New Issue Button**: Look for the green **New Issue** button, typically on the right side of the issues page
+2. **Click to Create**: Click the button to open the issue creation interface
+3. **Select Template**: If multiple issue templates are available, choose the most appropriate one for your needs
+4. **Review Requirements**: Take time to read through any template requirements or guidelines
+
+### Pre-creation checklist
+
+Before creating your issue, consider these important steps:
+
+- **Search Existing Issues**: Check if your issue has already been reported to avoid duplicates
+- **Review Guidelines**: Read any contribution guidelines or issue templates provided
+- **Gather Information**: Collect all necessary details, screenshots, or error messages
+- **Consider Labels**: Think about which labels might be appropriate for your issue
+- **Reference Related Items**: Note any related issues or pull requests that might be relevant
+
+### Best practices for issue creation
+
+- **Use Clear Language**: Write in a way that's easy for others to understand
+- **Be Specific**: Provide concrete details rather than vague descriptions
+- **Include Context**: Explain the circumstances surrounding your issue
+- **Add Visual Evidence**: Screenshots or recordings can be very helpful
+- **Format Properly**: Use markdown formatting to improve readability
+
+![Palmr Profile Menu](/assets/v1/developers/new-issue-btn.png)
+
+---
+
+## Completing the issue form
+
+The issue creation form is your opportunity to provide comprehensive information about your bug report, feature request, or question.
+
+### Essential form fields
+
+You'll encounter several key fields that need your attention:
+
+**Issue Title**:
+
+- Write a clear, concise title that summarizes the issue
+- Use descriptive language that helps others understand the problem at a glance
+- Avoid vague titles like "Bug" or "Problem"
+- Include key terms that others might search for
+
+**Issue Description**:
+
+- Provide a detailed explanation of your issue
+- For bugs: Include steps to reproduce, expected behavior, and actual behavior
+- For features: Explain the functionality you'd like and why it would be valuable
+- For questions: Be specific about what you need clarification on
+
+### Additional form options
+
+**Labels (Optional)**:
+
+- Add relevant labels to categorize your issue (e.g., `bug`, `enhancement`, `question`)
+- Labels help maintainers organize and prioritize issues effectively
+- Choose labels that accurately represent your issue type and priority
+
+**Attachments (Optional)**:
+
+- Include screenshots to illustrate visual problems or desired features
+- Attach log files or error messages for technical issues
+- Add mockups or diagrams for feature requests
+- Include any relevant documentation or examples
+
+### Writing effective descriptions
+
+For **Bug Reports**, include:
+
+- Clear steps to reproduce the issue
+- Expected vs. actual behavior
+- System information (OS, browser, version)
+- Error messages or console output
+- Screenshots or screen recordings
+
+For **Feature Requests**, include:
+
+- Detailed description of the desired functionality
+- Use cases and benefits
+- Potential implementation suggestions
+- Examples from other projects (if applicable)
+
+For **Questions**, include:
+
+- Specific area of confusion
+- What you've already tried
+- Relevant code snippets or configurations
+- Context about your use case
+
+![Palmr Profile Menu](/assets/v1/developers/new-issue-form.png)
+
+---
+
+## Submitting your issue
+
+After carefully completing the issue form, you're ready to submit your contribution to the project.
+
+### Final review
+
+Before submitting, take a moment to:
+
+- **Review Content**: Read through your title and description for clarity
+- **Check Formatting**: Ensure proper markdown formatting and readability
+- **Verify Attachments**: Confirm all screenshots and files are properly attached
+- **Validate Information**: Double-check that all details are accurate and complete
+
+### Submission process
+
+1. **Click Submit**: Click the **Create** button at the bottom of the form
+2. **Confirmation**: Your issue will be created and assigned a unique number
+3. **Visibility**: The issue becomes immediately visible to maintainers and contributors
+4. **Notifications**: You'll receive notifications for any updates or responses
+
+### Post-submission expectations
+
+After submitting your issue:
+
+- **Track Progress**: Monitor your issue for responses and updates
+- **Stay Engaged**: Participate in any follow-up discussions
+- **Provide Clarification**: Be ready to answer questions or provide additional information
+- **Be Patient**: Remember that maintainers may need time to review and respond
+
+---
+
+## Issue management best practices
+
+To ensure your issue receives appropriate attention and contributes effectively to the project, follow these proven practices.
+
+### Communication guidelines
+
+**Be Clear and Specific**: Provide comprehensive details that help others understand your issue without ambiguity.
+
+**Use Descriptive Titles**: Craft titles that immediately convey the nature and scope of your issue.
+
+**Include Reproduction Steps**: For bugs, provide step-by-step instructions that others can follow to reproduce the problem.
+
+**Maintain Professional Tone**: Remember that maintainers and contributors are often volunteers dedicating their time to help.
+
+### Technical best practices
+
+**Provide System Information**: Include relevant details about your environment, versions, and configuration.
+
+**Format Code Properly**: Use markdown code blocks for any code snippets, error messages, or configuration files.
+
+**Update Regularly**: Keep your issue current with new information or changes in status.
+
+**Reference Related Issues**: Link to related issues or pull requests when relevant.
+
+### Community engagement
+
+**Respond Promptly**: When maintainers ask questions or request clarification, respond in a timely manner.
+
+**Help Others**: If you see similar issues, share your experience or solutions.
+
+**Follow Up**: Update the issue if you find a solution or workaround independently.
+
+**Express Gratitude**: Thank contributors and maintainers for their time and assistance.
+
+---
+
+## The importance of quality issues
+
+Understanding why well-crafted issues matter helps you contribute more effectively to the open source ecosystem.
+
+### Project improvement
+
+**Bug Identification**: Your detailed bug reports help identify and fix problems that affect all users.
+
+**Feature Development**: Thoughtful feature requests guide project development and prioritization.
+
+**Documentation Enhancement**: Questions about unclear functionality often lead to improved documentation.
+
+### Maintainer support
+
+**Efficient Triage**: Clear, detailed issues help maintainers quickly understand and categorize problems.
+
+**Reduced Back-and-forth**: Comprehensive initial reports minimize the need for follow-up questions.
+
+**Priority Assessment**: Well-documented issues help maintainers assess impact and urgency.
+
+### Community collaboration
+
+**Knowledge Sharing**: Issues create a searchable knowledge base for future users with similar problems.
+
+**Contributor Attraction**: Interesting issues often attract new contributors who want to help solve problems.
+
+**Discussion Platform**: Issues provide a space for community members to collaborate on solutions.
+
+---
+
+## Next steps
+
+Congratulations on creating your issue for the **Palmr** project! Your contribution is valuable and helps make the project better for the entire community.
+
+### Staying engaged
+
+After creating your issue, consider these ways to remain involved:
+
+- **Monitor Progress**: Keep track of responses and updates to your issue
+- **Participate Actively**: Engage in discussions and provide additional information when requested
+- **Help Others**: Assist other community members with similar issues when possible
+- **Share Knowledge**: Document any solutions or workarounds you discover
+
+### Expanding your contribution
+
+Beyond issue creation, you can contribute to the project in other ways:
+
+- **Code Contributions**: Consider submitting pull requests to fix bugs or implement features
+- **Documentation**: Help improve project documentation based on your experience
+- **Community Support**: Answer questions and help other users in issues and discussions
+- **Project Promotion**: Share Palmr with others who might benefit from the project
+
+### Building relationships
+
+- **Follow the Project**: Star the repository to show support and stay updated
+- **Connect with Contributors**: Engage respectfully with maintainers and other contributors
+- **Join Discussions**: Participate in broader project discussions and planning
+- **Spread Awareness**: Help others discover and benefit from the Palmr project
+
+Thank you for being part of the open source community and contributing to making Palmr better for everyone. Your participation, whether through issues, code, or community engagement, helps drive the project forward and benefits users worldwide.

apps/docs/content/docs/3.2-beta/password-reset-without-smtp.mdx

@@ -0,0 +1,180 @@
+---
+title: Password Reset Without SMTP
+icon: Lock
+---
+
+This guide provides detailed instructions on how to reset a user password directly inside the Docker container for Palmr, without requiring SMTP configuration. This method is particularly useful for administrators who do not have email services set up or need to regain access to accounts in emergency situations.
+
+## When and why to use this method
+
+Resetting a password without SMTP is an alternative approach for specific scenarios where the standard email-based reset is not feasible. Consider using this method if:
+
+- An admin user is locked out and cannot access their email for a password reset.
+- SMTP services are not configured or are experiencing issues.
+- You need to perform emergency system recovery and restore access quickly.
+- You are setting up an initial environment and need to configure accounts.
+- You are conducting controlled testing in a development setup.
+
+> **Warning:** This process bypasses the normal email-based password reset mechanism, which could pose a security risk if not handled properly. Use this method only when necessary, ensure it is performed by trusted administrators, and always document the reason for the reset.
+
+## How the password reset works
+
+Palmr provides a CLI script that allows administrators to reset passwords directly within the Docker container. This script is designed to maintain security by enforcing interactive confirmation at every step, validating input data, and securely encrypting the new password using bcrypt with 10 salt rounds (consistent with the system's security standards). The script does not send email notifications, log invalid login attempts, or alter other user settings—it focuses solely on password reset.
+
+## Step-by-step instructions
+
+Follow these steps to reset a user password using the provided script. Ensure you have access to the Docker container before proceeding.
+
+### 1. List Docker containers and identify the correct one
+
+Before accessing the Palmr container, you need to identify its name or ID. Open a terminal on your host machine and list all running Docker containers by running the following command:
+
+```bash
+docker ps
+```
+
+This command will display a list of active containers, including their names, IDs, images, and other details. Look for the container running the Palmr application. If you used a specific name when setting up the container (e.g., `palmr-app`), it will appear under the `NAMES` column. If no name was specified, note the `CONTAINER ID` (a short string of characters) for the container associated with the Palmr image (likely something like `palmr` or a custom image name).
+
+> **Note:** If you don't see the Palmr container, ensure it is running. You can start it using `docker start <container_name_or_id>` if it's stopped. If you're unsure about the setup, refer to the Palmr installation guide.
+
+### 2. Access the Docker container
+
+Once you've identified the correct container, access it by running the following command:
+
+```bash
+docker exec -it <container_name_or_id> /bin/sh
+```
+
+Replace `<container_name_or_id>` with the name or ID of your Palmr container. This command opens an interactive shell session inside the container, allowing you to execute commands directly.
+
+### 3. Navigate to the application directory
+
+Once inside the container, navigate to the application directory where the reset script is located:
+
+```bash
+cd /app/palmr-app
+```
+
+This directory contains the necessary scripts and configurations for managing Palmr's backend operations.
+
+### 4. Run the password reset script
+
+Execute the password reset script to start the interactive process:
+
+```bash
+./reset-password.sh
+```
+
+The script will prompt you to enter the email address of the user whose password you wish to reset. It will then display the user's information for verification, ask for confirmation to proceed, and request a new password (minimum 8 characters) which must be entered twice to ensure accuracy. Each step requires explicit confirmation to prevent accidental changes.
+
+> **Note:** If you need to see a list of all users in the system before proceeding, you can run `./reset-password.sh --list`. For additional help, use `./reset-password.sh --help`.
+
+### Example session
+
+Below is an example of how the interactive session might look when running the script:
+
+```
+$ ./reset-password.sh
+
+Palmr Password Reset Tool
+===============================
+This script allows you to reset a user's password directly from the Docker terminal.
+WARNING: This bypasses normal security checks. Use only when necessary!
+
+Enter user email: user@example.com
+
+User found:
+   Name: John Smith
+   Username: john.smith
+   Email: user@example.com
+   Status: Active
+   Admin: No
+
+Do you want to reset the password for this user? (y/n): y
+
+Enter new password requirements:
+   - Minimum 8 characters
+
+Enter new password: ********
+Confirm new password: ********
+
+Hashing password...
+Updating password in database...
+Cleaning up existing password reset tokens...
+
+Password reset successful!
+   User: John Smith (user@example.com)
+   The user can now login with the new password.
+
+Security Note: The password has been encrypted using bcrypt with 10 salt rounds.
+```
+
+## Troubleshooting common issues
+
+If you encounter issues while running the script, refer to the following solutions to resolve common problems:
+
+- **Error: "tsx is not available"**  
+  This error indicates missing dependencies. The script will attempt to install them automatically, but if it fails, manually install them by running:
+
+  ```bash
+  pnpm install
+  # or
+  npm install
+  ```
+
+- **Error: "Prisma client not found"**  
+  This error occurs if the Prisma client is not generated. The script should handle this automatically, but if it fails, generate it manually with:
+
+  ```bash
+  npx prisma generate
+  ```
+
+- **Error: "Database connection failed"**  
+  If the script cannot connect to the database, check the following:
+  - Ensure the database service is running within the container.
+  - Confirm that the `prisma/palmr.db` file exists and has the correct permissions.
+  - Verify that the container has access to the database volume.
+
+- **Error: "Script must be run from application directory"**  
+  This error appears if you are not in the correct directory. Navigate to the application directory with:
+
+  ```bash
+  cd /app/palmr-app
+  ```
+
+- **Error: "User not found"**  
+  If the email provided does not match any user, double-check the email address. You can list all users to find the correct one by running:
+
+  ```bash
+  ./reset-password.sh --list
+  ```
+
+  Ensure the user exists in the system before attempting the reset.
+
+- **Error: "Password does not meet requirements"**  
+  The new password must be at least 8 characters long. Ensure it meets this requirement and re-enter it carefully, confirming it matches the second entry.
+
+- **Error: "Confirmation does not match"**  
+  If the two password entries do not match, the script will prompt you to try again. Ensure both entries are identical.
+
+- **General Script Failure or Unexpected Behavior**  
+  If the script fails for an unknown reason, check the error message for details. Ensure your Palmr installation is up to date, and consider restarting the container if there are transient issues. If problems persist, consult the Palmr documentation or community for additional support.
+
+## Security and best practices
+
+To maintain the integrity and security of your Palmr instance while using this password reset method, adhere to the following guidelines:
+
+- **Interactive Confirmation:** The script enforces interactive mode, requiring explicit confirmation at each step to prevent unauthorized or accidental resets. There are no shortcuts or automated options.
+- **Access Restriction:** Only administrators with direct access to the Docker container can use this script, ensuring that unauthorized users cannot reset passwords.
+- **Password Encryption:** New passwords are encrypted using bcrypt with 10 salt rounds, matching Palmr's standard security practices.
+- **Documentation and Notification:** Always document the date, time, and reason for performing a password reset. Notify the affected user through alternative means (if possible) to inform them of the change.
+- **Backup Recommendation:** Before using this script in a production environment, consider backing up your database to prevent data loss in case of an error.
+- **Post-Reset Actions:** After resetting a password, verify that the user can log in successfully and check system logs for any unusual activity related to the reset.
+- **Limit Usage:** Use this method sparingly and only in situations where SMTP-based reset is not an option. It is not intended for routine password management.
+- **Secure Environment:** Ensure that access to the Docker container and host machine is secured with strong passwords, restricted permissions, and, if possible, two-factor authentication to prevent unauthorized access to administrative tools.
+
+> **Tip:** Treat this method as a last resort. Whenever possible, configure SMTP to enable the standard email-based password reset process, which provides an additional layer of security and user verification.
+
+## Security philosophy
+
+This script is built with a strong focus on security, prioritizing mandatory interactivity, multiple confirmations, and strict input validation. There are no "quick modes" or bypass options—every password reset requires careful and deliberate action from the administrator to ensure accountability and minimize risks.

apps/docs/content/docs/3.2-beta/quick-start.mdx

@@ -0,0 +1,409 @@
+---
+title: Quick Start (Docker)
+icon: "Rocket"
+---
+
+import { Callout } from "fumadocs-ui/components/callout";
+import { Tab, Tabs } from "fumadocs-ui/components/tabs";
+
+import { Card, CardGrid } from "@/components/ui/card";
+
+Welcome to the fastest way to deploy <span className="font-bold">Palmr.</span> - your secure, self-hosted file sharing solution. This guide will have you up and running in minutes, whether you're new to self-hosting or an experienced developer.
+
+Palmr. offers flexible deployment options to match your infrastructure needs. This guide focuses on Docker deployment with our recommended filesystem storage, perfect for most use cases.
+
+## Prerequisites
+
+Before you begin, make sure you have:
+
+- **Docker** - Container runtime ([installation guide](https://docs.docker.com/get-docker/))
+- **Docker Compose** - Multi-container orchestration ([installation guide](https://docs.docker.com/compose/install/))
+- **2GB+ available disk space** for the application and your files
+- **Port 5487** available for the web interface
+- **Port 3333** available for API access (optional)
+
+<Callout>
+  **Platform Support**: Palmr. is developed on macOS and extensively tested on Linux servers. While we haven't formally
+  tested other platforms, Docker's cross-platform nature should ensure compatibility. Report any issues on our [GitHub
+  repository](https://github.com/kyantech/Palmr/issues).
+</Callout>
+
+## Storage Options
+
+Palmr. supports two storage approaches for persistent data:
+
+- **Named Volumes (Recommended)** - Docker-managed storage with optimal performance and no permission issues
+- **Bind Mounts** - Direct host filesystem access, ideal for development and direct file management
+
+## Deployment Options
+
+Choose your storage method based on your needs:
+
+<Tabs items={['Named Volumes (Recommended)', 'Bind Mounts']}>
+  <Tab value="Named Volumes (Recommended)">
+    Docker-managed storage that provides the best balance of performance, security, and ease of use:
+
+    - **No Permission Issues**: Docker handles all permission management automatically
+    - **Performance**: Optimized for container workloads with better I/O performance
+    - **Production Ready**: Recommended for production deployments
+
+    ### Configuration
+
+    Create a `docker-compose.yml` file:
+
+    ```yaml
+    services:
+      palmr:
+        image: kyantech/palmr:latest
+        container_name: palmr
+        restart: unless-stopped
+        ports:
+          - "5487:5487" # Web interface
+          # - "3333:3333" # API (optional)
+        environment:
+          # Optional: Uncomment and configure as needed (if you don`t use, you can remove)
+          # - ENABLE_S3=true # Set to true to enable S3-compatible storage
+          # - DISABLE_FILESYSTEM_ENCRYPTION=true # Set to false to enable file encryption
+          # - ENCRYPTION_KEY=your-secure-key-min-32-chars # Required only if encryption is enabled
+          # - PALMR_UID=1000 # UID for the container processes (default is 1000)
+          # - PALMR_GID=1000 # GID for the container processes (default is 1000)
+          # - SECURE_SITE=false # Set to true if you are using a reverse proxy
+          # - DEFAULT_LANGUAGE=en-US # Default language for the application (optional, defaults to en-US)
+          # - PRESIGNED_URL_EXPIRATION=3600 # Duration in seconds for presigned URL expiration (optional, defaults to 3600 seconds / 1 hour)
+          # - DOWNLOAD_MAX_CONCURRENT=5 # Maximum simultaneous downloads (auto-scales if not set)
+          # - DOWNLOAD_MEMORY_THRESHOLD_MB=2048 # Memory threshold in MB before throttling (auto-scales if not set)
+          # - DOWNLOAD_QUEUE_SIZE=25 # Maximum queue size for pending downloads (auto-scales if not set)
+          # - DOWNLOAD_MIN_FILE_SIZE_GB=3.0 # Minimum file size in GB to activate memory management (default: 3.0)
+          # - DOWNLOAD_AUTO_SCALE=true # Enable auto-scaling based on system memory (default: true)
+          # - NODE_OPTIONS=--expose-gc # Enable garbage collection for large downloads (recommended for production)
+          # - NEXT_PUBLIC_UPLOAD_CHUNK_SIZE_MB=100 # Chunk size in MB for large file uploads (OPTIONAL - auto-calculates if not set)
+        volumes:
+          - palmr_data:/app/server
+
+    volumes:
+      palmr_data:
+    ```
+
+    <Callout type="info">
+      **Having upload or permission issues?** Add `PALMR_UID=1000` and `PALMR_GID=1000` to your environment variables. Check our [UID/GID Configuration](/docs/3.2-beta/uid-gid-configuration) guide for more details.
+    </Callout>
+
+    ### Deploy
+
+    ```bash
+    docker-compose up -d
+    ```
+
+  </Tab>
+  <Tab value="Bind Mounts">
+    Direct mapping to host filesystem directories, providing direct file access:
+
+    - **Direct Access**: Files are directly accessible from your host system
+    - **Development Friendly**: Easy to inspect, modify, or backup files manually
+    - **Platform Dependent**: May require UID/GID configuration, especially on NAS systems
+
+    ### Configuration
+
+    Create a `docker-compose.yml` file:
+
+    ```yaml
+    services:
+      palmr:
+        image: kyantech/palmr:latest
+        container_name: palmr
+        restart: unless-stopped
+        ports:
+          - "5487:5487" # Web interface
+          # - "3333:3333" # API (optional)
+        environment:
+          # Optional: Uncomment and configure as needed (if you don`t use, you can remove)
+          # - ENABLE_S3=true # Set to true to enable S3-compatible storage
+          # - DISABLE_FILESYSTEM_ENCRYPTION=false # Set to false to enable file encryption
+          # - ENCRYPTION_KEY=your-secure-key-min-32-chars # Required only if encryption is enabled
+          # - PALMR_UID=1000 # UID for the container processes (default is 1000)
+          # - PALMR_GID=1000 # GID for the container processes (default is 1000)
+          # - SECURE_SITE=false # Set to true if you are using a reverse proxy
+          # - DEFAULT_LANGUAGE=en-US # Default language for the application (optional, defaults to en-US)
+          # - PRESIGNED_URL_EXPIRATION=3600 # Duration in seconds for presigned URL expiration (optional, defaults to 3600 seconds / 1 hour)
+          # - DOWNLOAD_MAX_CONCURRENT=5 # Maximum simultaneous downloads (auto-scales if not set)
+          # - DOWNLOAD_MEMORY_THRESHOLD_MB=2048 # Memory threshold in MB before throttling (auto-scales if not set)
+          # - DOWNLOAD_QUEUE_SIZE=25 # Maximum queue size for pending downloads (auto-scales if not set)
+          # - DOWNLOAD_MIN_FILE_SIZE_GB=3.0 # Minimum file size in GB to activate memory management (default: 3.0)
+          # - DOWNLOAD_AUTO_SCALE=true # Enable auto-scaling based on system memory (default: true)
+          # - NODE_OPTIONS=--expose-gc # Enable garbage collection for large downloads (recommended for production)
+        volumes:
+          - ./data:/app/server
+    ```
+
+    <Callout type="info">
+      **Having upload or permission issues?** Add `PALMR_UID=1000` and `PALMR_GID=1000` to your environment variables. Check our [UID/GID Configuration](/docs/3.2-beta/uid-gid-configuration) guide for more details.
+    </Callout>
+
+    ### Deploy
+
+    ```bash
+    docker-compose up -d
+    ```
+
+  </Tab>
+</Tabs>
+
+## Configuration
+
+Customize Palmr's behavior with these environment variables:
+
+| Variable                           | Default        | Description                                                                                                                           |
+| ---------------------------------- | -------------- | ------------------------------------------------------------------------------------------------------------------------------------- |
+| `ENABLE_S3`                        | `false`        | Enable S3-compatible storage backends                                                                                                 |
+| `S3_ENDPOINT`                      | -              | S3 server endpoint URL (required when using S3)                                                                                       |
+| `S3_PORT`                          | -              | S3 server port (optional when using S3)                                                                                               |
+| `S3_USE_SSL`                       | -              | Enable SSL for S3 connections (optional when using S3)                                                                                |
+| `S3_ACCESS_KEY`                    | -              | S3 access key for authentication (required when using S3)                                                                             |
+| `S3_SECRET_KEY`                    | -              | S3 secret key for authentication (required when using S3)                                                                             |
+| `S3_REGION`                        | -              | S3 region configuration (optional when using S3)                                                                                      |
+| `S3_BUCKET_NAME`                   | -              | S3 bucket name for file storage (required when using S3)                                                                              |
+| `S3_FORCE_PATH_STYLE`              | `false`        | Force path-style S3 URLs (optional when using S3)                                                                                     |
+| `S3_REJECT_UNAUTHORIZED`           | `true`         | Enable strict SSL certificate validation for S3 (set to `false` for self-signed certificates)                                         |
+| `ENCRYPTION_KEY`                   | -              | **Required when encryption is enabled**: 32+ character key for file encryption                                                        |
+| `DISABLE_FILESYSTEM_ENCRYPTION`    | `true`         | Disable file encryption for better performance (set to `false` to enable encryption)                                                  |
+| `PRESIGNED_URL_EXPIRATION`         | `3600`         | Duration in seconds for presigned URL expiration (applies to both filesystem and S3 storage)                                          |
+| `CUSTOM_PATH`                      | -              | Custom base path for disk space detection in manual installations with symlinks                                                       |
+| `SECURE_SITE`                      | `false`        | Enable secure cookies for HTTPS/reverse proxy deployments                                                                             |
+| `DEFAULT_LANGUAGE`                 | `en-US`        | Default application language ([see available languages](/docs/3.2-beta/available-languages))                                          |
+| `PALMR_UID`                        | `1000`         | User ID for container processes (helps with file permissions)                                                                         |
+| `PALMR_GID`                        | `1000`         | Group ID for container processes (helps with file permissions)                                                                        |
+| `NODE_OPTIONS`                     | -              | Node.js options (recommended: `--expose-gc` for garbage collection in production)                                                     |
+| `DOWNLOAD_MAX_CONCURRENT`          | auto-scale     | Maximum number of simultaneous downloads (see [Download Memory Management](/docs/3.2-beta/download-memory-management))                |
+| `DOWNLOAD_MEMORY_THRESHOLD_MB`     | auto-scale     | Memory threshold in MB before throttling                                                                                              |
+| `DOWNLOAD_QUEUE_SIZE`              | auto-scale     | Maximum queue size for pending downloads                                                                                              |
+| `DOWNLOAD_MIN_FILE_SIZE_GB`        | `3.0`          | Minimum file size in GB to activate memory management                                                                                 |
+| `NEXT_PUBLIC_UPLOAD_CHUNK_SIZE_MB` | auto-calculate | Chunk size in MB for large file uploads (see [Chunked Upload Configuration](/docs/3.2-beta/quick-start#chunked-upload-configuration)) |
+| `DOWNLOAD_AUTO_SCALE`              | `true`         | Enable auto-scaling based on system memory                                                                                            |
+
+<Callout type="info">
+  **Performance First**: Palmr runs without encryption by default for optimal speed and lower resource usage—perfect for
+  most use cases.
+</Callout>
+
+<Callout type="warn">
+  **Encryption Notice**: To enable encryption, set `DISABLE_FILESYSTEM_ENCRYPTION=false` and provide a 32+ character
+  `ENCRYPTION_KEY`. **Important**: This choice is permanent—switching encryption modes after uploading files will break
+  access to existing uploads.
+</Callout>
+
+<Callout>
+  **Using a Reverse Proxy?** Set `SECURE_SITE=true` and check our [Reverse Proxy
+  Configuration](/docs/3.2-beta/reverse-proxy-configuration) guide for proper HTTPS setup.
+</Callout>
+
+### Generate Encryption Keys (Optional)
+
+Need file encryption? Generate a secure key:
+
+<KeyGenerator />
+
+> **Pro Tip**: Only enable encryption if you're handling sensitive data. For most users, the default unencrypted mode provides better performance.
+
+## Access Your Instance
+
+Once deployed, open Palmr in your browser:
+
+- **Web Interface**: `http://localhost:5487` (local) or `http://YOUR_SERVER_IP:5487` (remote)
+- **API Documentation**: `http://localhost:3333/docs` (if port 3333 is exposed)
+
+<Callout type="info">
+  **Learn More**: For complete API documentation, authentication, and integration examples, see our [API
+  Reference](/docs/3.2-beta/api) guide
+</Callout>
+
+<Callout type="warn">
+  **Production Ready?** Configure HTTPS with a valid SSL certificate for secure production deployments.
+</Callout>
+
+---
+
+## Docker CLI Alternative
+
+Prefer Docker commands over Compose? Here are the equivalent commands:
+
+<Tabs items={["Named Volume", "Bind Mount"]}>
+  <Tab value="Named Volume">
+
+    ```bash
+    docker run -d \
+      --name palmr \
+      # Optional: Uncomment and configure as needed (if you don`t use, you can remove)
+      # -e ENABLE_S3=true \ # Set to true to enable S3-compatible storage (OPTIONAL - default is false)
+      # -e DISABLE_FILESYSTEM_ENCRYPTION=false \ # Set to false to enable file encryption (ENCRYPTION_KEY becomes required) | (OPTIONAL - default is true)
+      # -e ENCRYPTION_KEY=your-secure-key-min-32-chars # Required only if encryption is enabled
+      # -e PALMR_UID=1000 # UID for the container processes (default is 1000)
+      # -e PALMR_GID=1000 # GID for the container processes (default is 1000)
+      # -e SECURE_SITE=false # Set to true if you are using a reverse proxy
+      # -e DEFAULT_LANGUAGE=en-US # Default language for the application (optional, defaults to en-US)
+      -p 5487:5487 \
+      -p 3333:3333 \
+      -v palmr_data:/app/server \
+      --restart unless-stopped \
+      kyantech/palmr:latest
+    ```
+
+
+    <Callout type="info">
+      **Permission Issues?** Add `-e PALMR_UID=1000 -e PALMR_GID=1000` to the command above. See our [UID/GID Configuration](/docs/3.2-beta/uid-gid-configuration) guide for details.
+    </Callout>
+
+  </Tab>
+
+  <Tab value="Bind Mount">
+
+    ```bash
+    docker run -d \
+      --name palmr \
+      # Optional: Uncomment and configure as needed (if you don`t use, you can remove)
+      # -e ENABLE_S3=true \ # Set to true to enable S3-compatible storage (OPTIONAL - default is false)
+      # -e DISABLE_FILESYSTEM_ENCRYPTION=true \ # Set to false to enable file encryption (ENCRYPTION_KEY becomes required) | (OPTIONAL - default is true)
+      # -e ENCRYPTION_KEY=your-secure-key-min-32-chars # Required only if encryption is enabled
+      # -e PALMR_UID=1000 # UID for the container processes (default is 1000)
+      # -e PALMR_GID=1000 # GID for the container processes (default is 1000)
+      # -e SECURE_SITE=false # Set to true if you are using a reverse proxy
+      # -e DEFAULT_LANGUAGE=en-US # Default language for the application (optional, defaults to en-US)
+      -p 5487:5487 \
+      -p 3333:3333 \
+      -v $(pwd)/data:/app/server \
+      --restart unless-stopped \
+      kyantech/palmr:latest
+    ```
+
+    <Callout type="info">
+      **Permission Issues?** Add `-e PALMR_UID=1000 -e PALMR_GID=1000` to the command above. See our [UID/GID Configuration](/docs/3.2-beta/uid-gid-configuration) guide for details.
+    </Callout>
+
+  </Tab>
+</Tabs>
+
+---
+
+## Common Configuration Options
+
+### Presigned URL Expiration
+
+Palmr. uses temporary URLs (presigned URLs) for secure file access. These URLs expire after a configurable time period to enhance security.
+
+**Default:** 1 hour (3600 seconds)
+
+You can customize this for all storage types (filesystem or S3) by adding:
+
+```yaml
+environment:
+  - PRESIGNED_URL_EXPIRATION=7200 # 2 hours
+```
+
+**When to adjust:**
+
+- **Shorter time (1800 = 30 min):** Higher security, but users may need to refresh download links
+- **Longer time (7200-21600 = 2-6 hours):** Better for large file transfers, but URLs stay valid longer
+- **Default (3600 = 1 hour):** Good balance for most use cases
+
+### File Encryption
+
+For filesystem storage, you can enable file encryption:
+
+```yaml
+environment:
+  - DISABLE_FILESYSTEM_ENCRYPTION=false
+  - ENCRYPTION_KEY=your-secure-32-character-key-here
+```
+
+**Note:** S3 storage handles encryption through your S3 provider's encryption features.
+
+### Chunked Upload Configuration
+
+Palmr supports configurable chunked uploading for large files. You can customize the chunk size by setting the following environment variable:
+
+```yaml
+environment:
+  - NEXT_PUBLIC_UPLOAD_CHUNK_SIZE_MB=100 # Chunk size in MB
+```
+
+**How it works:**
+
+- If `NEXT_PUBLIC_UPLOAD_CHUNK_SIZE_MB` is set, Palmr will use this value (in megabytes) as the chunk size for all file uploads that exceed this threshold.
+- If not set or left empty, Palmr automatically calculates optimal chunk sizes based on file size:
+  - Files ≤ 100MB: uploaded without chunking
+  - Files > 100MB and ≤ 1GB: 75MB chunks
+  - Files > 1GB: 150MB chunks
+
+**When to configure:**
+
+- **Default (not set):** Recommended for most use cases. Palmr will intelligently determine the best chunk size.
+- **Custom value:** Set this if you have specific network conditions or want to optimize for your infrastructure (e.g., slower connections may benefit from smaller chunks like 50MB, while fast networks can handle larger chunks like 200MB, or the upload size per payload may be limited by a proxy like Cloudflare)
+
+---
+
+## Maintenance
+
+### Updates
+
+Keep Palmr up to date with the latest features and security patches:
+
+```bash
+docker-compose pull
+docker-compose up -d
+```
+
+### Backup Your Data
+
+**Named Volumes:**
+
+```bash
+docker run --rm -v palmr_data:/data -v $(pwd):/backup alpine tar czf /backup/palmr-backup.tar.gz -C /data .
+```
+
+**Bind Mounts:**
+
+```bash
+tar czf palmr-backup.tar.gz ./data
+```
+
+### Restore From Backup
+
+**Named Volumes:**
+
+```bash
+docker-compose down
+docker run --rm -v palmr_data:/data -v $(pwd):/backup alpine tar xzf /backup/palmr-backup.tar.gz -C /data
+docker-compose up -d
+```
+
+**Bind Mounts:**
+
+```bash
+docker-compose down
+tar xzf palmr-backup.tar.gz
+docker-compose up -d
+```
+
+---
+
+## What's Next?
+
+Your Palmr instance is ready! Here's what you can explore:
+
+### Advanced Configuration
+
+- **[UID/GID Configuration](/docs/3.2-beta/uid-gid-configuration)** - Configure user permissions for NAS systems and custom environments
+- **[Download Memory Management](/docs/3.2-beta/download-memory-management)** - Configure large file download handling and queue system
+- **[S3 Storage](/docs/3.2-beta/s3-configuration)** - Scale with Amazon S3 or compatible storage providers
+- **[Manual Installation](/docs/3.2-beta/manual-installation)** - Manual installation and custom configurations
+
+### Integration & Development
+
+- **[API Reference](/docs/3.2-beta/api)** - Integrate Palmr. with your applications
+
+<Callout type="info">
+  **Need help?** Check our [Troubleshooting Guide](/docs/3.2-beta/troubleshooting) for common issues and solutions.
+</Callout>
+
+---
+
+**Questions?** Visit our [GitHub Issues](https://github.com/kyantech/Palmr/issues) or join the community discussions.

apps/docs/content/docs/3.2-beta/reverse-proxy-configuration.mdx

@@ -0,0 +1,199 @@
+---
+title: Reverse Proxy Configuration
+icon: "Shield"
+---
+
+When deploying **Palmr.** behind a reverse proxy (like Traefik, Nginx, or Cloudflare), you need to configure secure cookie settings to ensure proper authentication. This guide covers the `SECURE_SITE` environment variable and related proxy configurations.
+
+## Overview
+
+Reverse proxies terminate SSL/TLS connections and forward requests to Palmr., which can cause authentication issues if cookies aren't configured properly for HTTPS environments. The `SECURE_SITE` environment variable controls cookie security settings to handle these scenarios.
+
+## The SECURE_SITE Environment Variable
+
+The `SECURE_SITE` variable configures how Palmr. handles authentication cookies based on your deployment environment:
+
+### Configuration Options
+
+| Value   | Cookie Settings                       | Use Case                            |
+| ------- | ------------------------------------- | ----------------------------------- |
+| `true`  | `secure: true`, `sameSite: "lax"`     | HTTPS/Production with reverse proxy |
+| `false` | `secure: false`, `sameSite: "strict"` | HTTP/Development (default)          |
+
+### When to Use SECURE_SITE=true
+
+Set `SECURE_SITE=true` in the following scenarios:
+
+- ✅ **Reverse Proxy with HTTPS**: Traefik, Nginx, HAProxy with SSL termination
+- ✅ **Cloud Providers**: Cloudflare, AWS ALB, Azure Application Gateway
+- ✅ **CDN with HTTPS**: Any CDN that terminates SSL
+- ✅ **Production Deployments**: When users access via HTTPS
+
+### When to Use SECURE_SITE=false
+
+Keep `SECURE_SITE=false` (default) for:
+
+- ✅ **Local Development**: Running on `http://localhost`
+- ✅ **Direct HTTP Access**: No reverse proxy involved
+- ✅ **Testing Environments**: When using HTTP
+- ✅ **HTTP Reverse Proxy**: Nginx, Apache, etc. without SSL termination
+
+---
+
+## HTTP Reverse Proxy Setup
+
+**Docker Compose for HTTP Nginx:**
+
+```yaml
+environment:
+  - SECURE_SITE=false # HTTP = false
+```
+
+> **⚠️ HTTP Security**: Remember that HTTP transmits data in plain text. Consider using HTTPS in production environments.
+
+---
+
+## Troubleshooting Authentication Issues
+
+### Common Symptoms
+
+If you experience authentication issues behind a reverse proxy:
+
+- ❌ Login appears successful but redirects to login page
+- ❌ "No Authorization was found in request.cookies" errors
+- ❌ API requests return 401 Unauthorized
+- ❌ User registration fails silently
+
+### Diagnostic Steps
+
+1. **Check Browser Developer Tools**:
+   - Look for cookies in Application/Storage tab
+   - Verify cookie has `Secure` flag when using HTTPS
+   - Check if `SameSite` attribute is appropriate
+
+2. **Verify Environment Variables**:
+
+   ```bash
+   docker exec -it palmr env | grep SECURE_SITE
+   ```
+
+3. **Test Cookie Settings**:
+   - With `SECURE_SITE=false`: Should work on HTTP
+   - With `SECURE_SITE=true`: Should work on HTTPS
+
+### Common Fixes
+
+**Problem**: Authentication fails with reverse proxy
+
+**Solution**: Set `SECURE_SITE=true` and ensure proper headers:
+
+```yaml
+environment:
+  - SECURE_SITE=true
+```
+
+**Problem**: Mixed content errors
+
+**Solution**: Ensure proxy passes correct headers:
+
+```yaml
+# Traefik
+- "traefik.http.middlewares.palmr-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
+
+# Nginx
+proxy_set_header X-Forwarded-Proto $scheme;
+```
+
+**Problem**: Authentication fails with HTTP reverse proxy
+
+**Solution**: Use `SECURE_SITE=false` and ensure proper cookie headers:
+
+```yaml
+environment:
+  - SECURE_SITE=false # For HTTP proxy
+```
+
+```nginx
+# Nginx - Add these headers for cookie handling
+proxy_set_header Cookie $http_cookie;
+proxy_pass_header Set-Cookie;
+```
+
+**Problem**: SQLite "readonly database" error with bind mounts
+
+**Solution**: Configure proper UID/GID permissions:
+
+```yaml
+environment:
+  - PALMR_UID=1000 # Your host UID (check with: id)
+  - PALMR_GID=1000 # Your host GID
+  - DISABLE_FILESYSTEM_ENCRYPTION=true # Set to false to enable file encryption
+  # - ENCRYPTION_KEY=your-key-here # Required only if encryption is enabled
+```
+
+> **💡 Note**: Check your host UID/GID with `id` command and use those values. See [UID/GID Configuration](/docs/3.2-beta/uid-gid-configuration) for detailed setup.
+
+---
+
+## Security Considerations
+
+> **⚠️ Important**: Always use HTTPS in production environments. The `SECURE_SITE=true` setting ensures cookies are only sent over encrypted connections.
+
+---
+
+## Advanced Configuration
+
+### Multiple Domains
+
+If serving Palmr. on multiple domains, ensure consistent cookie settings:
+
+```yaml
+environment:
+  - SECURE_SITE=true # Use for all HTTPS domains
+```
+
+### Development vs Production
+
+Use environment-specific configurations:
+
+**Development (HTTP):**
+
+```yaml
+environment:
+  - SECURE_SITE=false
+```
+
+**Production (HTTPS):**
+
+```yaml
+environment:
+  - SECURE_SITE=true
+```
+
+### Health Checks
+
+Add health checks to ensure proper proxy configuration:
+
+```yaml
+services:
+  palmr:
+    # ... other config
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:5487/api/health"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+```
+
+---
+
+## Need Help?
+
+If you're still experiencing issues after following this guide:
+
+1. **Check the Logs**: `docker logs palmr`
+2. **Verify Headers**: Use browser dev tools or `curl -I`
+3. **Test Direct Access**: Try accessing Palmr. directly (bypassing proxy)
+4. **Open an Issue**: [Report bugs on GitHub](https://github.com/kyantech/Palmr/issues)
+
+> **💡 Pro Tip**: When reporting issues, include your reverse proxy configuration and any relevant error messages from both Palmr. and your proxy logs.

apps/docs/content/docs/3.2-beta/s3-providers.mdx

@@ -0,0 +1,375 @@
+---
+title: S3 Providers
+icon: Package
+---
+
+This guide provides comprehensive configuration instructions for integrating Palmr. with various S3-compatible storage providers. Whether you're using cloud services like AWS S3 or self-hosted solutions like MinIO, this guide will help you set up reliable object storage for your files.
+
+> **Overview:** Palmr. supports any S3-compatible storage provider, giving you flexibility to choose the solution that best fits your needs and budget.
+
+> **Note:** Some configuration options (like presigned URL expiration) apply to **all storage types**, including filesystem storage. These are marked accordingly in the documentation.
+
+## When to use S3-compatible storage
+
+Consider using S3-compatible storage when you need:
+
+- **Cloud storage** for distributed deployments
+- **Scalability** beyond local filesystem limitations
+- **Redundancy** and backup capabilities
+- **CDN integration** for faster file delivery
+- **Multi-region** file distribution
+
+## Environment variables
+
+### General configuration (applies to all storage types)
+
+| Variable                   | Description                                      | Required | Default         |
+| -------------------------- | ------------------------------------------------ | -------- | --------------- |
+| `PRESIGNED_URL_EXPIRATION` | Duration in seconds for presigned URL expiration | No       | `3600` (1 hour) |
+
+### S3-specific configuration
+
+To enable S3-compatible storage, set `ENABLE_S3=true` and configure the following environment variables:
+
+| Variable                 | Description                              | Required | Default           |
+| ------------------------ | ---------------------------------------- | -------- | ----------------- |
+| `S3_ENDPOINT`            | S3 provider endpoint URL                 | Yes      | -                 |
+| `S3_PORT`                | Connection port                          | No       | Based on protocol |
+| `S3_USE_SSL`             | Enable SSL/TLS encryption                | Yes      | `true`            |
+| `S3_ACCESS_KEY`          | Access key for authentication            | Yes      | -                 |
+| `S3_SECRET_KEY`          | Secret key for authentication            | Yes      | -                 |
+| `S3_REGION`              | Storage region                           | Yes      | -                 |
+| `S3_BUCKET_NAME`         | Bucket/container name                    | Yes      | -                 |
+| `S3_FORCE_PATH_STYLE`    | Use path-style URLs                      | No       | `false`           |
+| `S3_REJECT_UNAUTHORIZED` | Enable strict SSL certificate validation | No       | `true`            |
+
+## Provider configurations
+
+Below are tested configurations for popular S3-compatible providers. Replace the example values with your actual credentials and settings.
+
+> **Security Note:** Never commit real credentials to version control. Use environment files or secure secret management systems.
+
+### AWS S3
+
+Amazon S3 is the original S3 service, offering global availability and extensive features.
+
+```bash
+ENABLE_S3=true
+S3_ENDPOINT=s3.amazonaws.com
+S3_USE_SSL=true
+S3_ACCESS_KEY=your-access-key-id
+S3_SECRET_KEY=your-secret-access-key
+S3_REGION=us-east-1
+S3_BUCKET_NAME=your-bucket-name
+S3_FORCE_PATH_STYLE=false
+# PRESIGNED_URL_EXPIRATION=3600  # Optional: 1 hour (default)
+```
+
+**Getting credentials:**
+
+1. Go to AWS IAM Console
+2. Create a new user with S3 permissions
+3. Generate access keys for programmatic access
+
+### MinIO (Self-hosted)
+
+MinIO is perfect for self-hosted deployments and development environments.
+
+```bash
+ENABLE_S3=true
+S3_ENDPOINT=localhost
+S3_PORT=9000
+S3_USE_SSL=false
+S3_ACCESS_KEY=your-minio-access-key
+S3_SECRET_KEY=your-minio-secret-key
+S3_REGION=us-east-1
+S3_BUCKET_NAME=your-bucket-name
+S3_FORCE_PATH_STYLE=true
+```
+
+**Setup notes:**
+
+- Use `S3_FORCE_PATH_STYLE=true` for MinIO
+- Default MinIO port is 9000
+- SSL can be disabled for local development
+
+**For MinIO with self-signed SSL certificates:**
+
+```bash
+ENABLE_S3=true
+S3_ENDPOINT=your-minio-domain.com
+S3_PORT=9000
+S3_USE_SSL=true
+S3_ACCESS_KEY=your-minio-access-key
+S3_SECRET_KEY=your-minio-secret-key
+S3_REGION=us-east-1
+S3_BUCKET_NAME=your-bucket-name
+S3_FORCE_PATH_STYLE=true
+S3_REJECT_UNAUTHORIZED=false  # Allows self-signed certificates
+```
+
+### Google Cloud Storage
+
+Google Cloud Storage offers competitive pricing and global infrastructure.
+
+```bash
+ENABLE_S3=true
+S3_ENDPOINT=storage.googleapis.com
+S3_USE_SSL=true
+S3_ACCESS_KEY=your-hmac-access-id
+S3_SECRET_KEY=your-hmac-secret
+S3_REGION=us-central1
+S3_BUCKET_NAME=your-bucket-name
+S3_FORCE_PATH_STYLE=false
+```
+
+**Getting credentials:**
+
+1. Enable Cloud Storage API in Google Cloud Console
+2. Create HMAC keys for S3 compatibility
+3. Use the generated access ID and secret
+
+### DigitalOcean Spaces
+
+DigitalOcean Spaces provides simple, scalable object storage.
+
+```bash
+ENABLE_S3=true
+S3_ENDPOINT=nyc3.digitaloceanspaces.com
+S3_USE_SSL=true
+S3_ACCESS_KEY=your-spaces-access-key
+S3_SECRET_KEY=your-spaces-secret-key
+S3_REGION=nyc3
+S3_BUCKET_NAME=your-space-name
+S3_FORCE_PATH_STYLE=false
+```
+
+**Available regions:**
+
+- `nyc3` (New York)
+- `ams3` (Amsterdam)
+- `sgp1` (Singapore)
+- `fra1` (Frankfurt)
+
+### Backblaze B2
+
+Backblaze B2 offers cost-effective storage with S3-compatible API.
+
+```bash
+ENABLE_S3=true
+S3_ENDPOINT=s3.us-west-002.backblazeb2.com
+S3_USE_SSL=true
+S3_ACCESS_KEY=your-key-id
+S3_SECRET_KEY=your-application-key
+S3_REGION=us-west-002
+S3_BUCKET_NAME=your-bucket-name
+S3_FORCE_PATH_STYLE=false
+# PRESIGNED_URL_EXPIRATION=7200  # Optional: 2 hours for large files
+```
+
+**Cost advantage:**
+
+- Significantly lower storage costs
+- Free egress to Cloudflare CDN
+- Pay-as-you-go pricing model
+
+### Wasabi
+
+Wasabi provides hot cloud storage with predictable pricing.
+
+```bash
+ENABLE_S3=true
+S3_ENDPOINT=s3.wasabisys.com
+S3_USE_SSL=true
+S3_ACCESS_KEY=your-access-key
+S3_SECRET_KEY=your-secret-key
+S3_REGION=us-east-1
+S3_BUCKET_NAME=your-bucket-name
+S3_FORCE_PATH_STYLE=false
+```
+
+**Benefits:**
+
+- No egress fees
+- Fast performance
+- Simple pricing structure
+
+### Azure Blob Storage
+
+Azure Blob Storage with S3-compatible API for Microsoft ecosystem integration.
+
+```bash
+ENABLE_S3=true
+S3_ENDPOINT=your-account.blob.core.windows.net
+S3_USE_SSL=true
+S3_ACCESS_KEY=your-access-key
+S3_SECRET_KEY=your-secret-key
+S3_REGION=eastus
+S3_BUCKET_NAME=your-container-name
+S3_FORCE_PATH_STYLE=false
+```
+
+**Setup requirements:**
+
+- Enable S3-compatible API in Azure
+- Use container name as bucket name
+- Configure appropriate access policies
+
+## Presigned URL configuration
+
+Palmr. uses presigned URLs to provide secure, temporary access to files stored in **both S3-compatible storage and filesystem storage**. These URLs have a configurable expiration time to balance security and usability.
+
+> **Note:** This configuration applies to **all storage types** (S3, filesystem, etc.), not just S3-compatible storage.
+
+### Understanding presigned URLs
+
+Presigned URLs are temporary URLs that allow direct access to files without exposing storage credentials or requiring authentication. They automatically expire after a specified time period, enhancing security by limiting access duration.
+
+**How it works:**
+
+- **S3 Storage:** URLs are signed by AWS/S3-compatible provider credentials
+- **Filesystem Storage:** URLs use temporary tokens that are validated by Palmr server
+
+**Default behavior:**
+
+- Upload URLs: 1 hour (3600 seconds)
+- Download URLs: 1 hour (3600 seconds)
+
+### Configuring expiration time
+
+You can customize the expiration time using the `PRESIGNED_URL_EXPIRATION` environment variable:
+
+```bash
+# Set URLs to expire after 2 hours (7200 seconds)
+PRESIGNED_URL_EXPIRATION=7200
+
+# Set URLs to expire after 30 minutes (1800 seconds)
+PRESIGNED_URL_EXPIRATION=1800
+
+# Set URLs to expire after 6 hours (21600 seconds)
+PRESIGNED_URL_EXPIRATION=21600
+```
+
+### Choosing the right expiration time
+
+**Shorter expiration (15-30 minutes):**
+
+- [+] Higher security
+- [+] Reduced risk of unauthorized access
+- [-] May interrupt long uploads/downloads
+- [-] Users may need to refresh links more often
+
+**Longer expiration (2-6 hours):**
+
+- [+] Better user experience for large files
+- [+] Fewer interruptions during transfers
+- [-] Longer exposure window if URLs are compromised
+- [-] Potential for increased storage costs if users leave downloads incomplete
+
+**Recommended settings:**
+
+- **High security environments:** 1800 seconds (30 minutes)
+- **Standard usage:** 3600 seconds (1 hour) - default
+- **Large file transfers:** 7200-21600 seconds (2-6 hours)
+
+### Example configurations
+
+**For Backblaze B2 with extended expiration:**
+
+```bash
+ENABLE_S3=true
+S3_ENDPOINT=s3.us-west-002.backblazeb2.com
+S3_USE_SSL=true
+S3_ACCESS_KEY=your-key-id
+S3_SECRET_KEY=your-application-key
+S3_REGION=us-west-002
+S3_BUCKET_NAME=your-bucket-name
+S3_FORCE_PATH_STYLE=false
+PRESIGNED_URL_EXPIRATION=7200  # 2 hours for large file transfers
+```
+
+**For high-security environments:**
+
+```bash
+ENABLE_S3=true
+S3_ENDPOINT=s3.amazonaws.com
+S3_USE_SSL=true
+S3_ACCESS_KEY=your-access-key-id
+S3_SECRET_KEY=your-secret-access-key
+S3_REGION=us-east-1
+S3_BUCKET_NAME=your-bucket-name
+S3_FORCE_PATH_STYLE=false
+PRESIGNED_URL_EXPIRATION=1800  # 30 minutes for enhanced security
+```
+
+## Configuration best practices
+
+### Security considerations
+
+- **Use IAM policies** to limit access to specific buckets and operations
+- **Enable encryption** at rest and in transit
+- **Rotate credentials** regularly
+- **Monitor access logs** for unusual activity
+- **Use HTTPS** for all connections (`S3_USE_SSL=true`)
+
+### Performance optimization
+
+- **Choose regions** close to your users or server location
+- **Configure CDN** for faster file delivery
+- **Use appropriate bucket policies** for public file access
+- **Monitor bandwidth** usage and costs
+
+### Troubleshooting common issues
+
+**Connection errors:**
+
+- Verify endpoint URL and port settings
+- Check firewall and network connectivity
+- Ensure SSL/TLS settings match provider requirements
+
+**SSL certificate errors (self-signed certificates):**
+
+If you encounter errors like `unable to verify the first certificate` or `UNABLE_TO_VERIFY_LEAF_SIGNATURE`, you're likely using self-signed SSL certificates. This is common with self-hosted MinIO or other S3-compatible services.
+
+**Solution:**
+Set `S3_REJECT_UNAUTHORIZED=false` in your environment variables to allow self-signed certificates:
+
+```bash
+S3_REJECT_UNAUTHORIZED=false
+```
+
+**Note:** SSL certificate validation is enabled by default (`true`) for security. Set it to `false` only when using self-hosted S3 services with self-signed certificates.
+
+**Authentication failures:**
+
+- Confirm access key and secret key are correct
+- Verify IAM permissions for bucket operations
+- Check if credentials have expired
+
+**Bucket access issues:**
+
+- Ensure bucket exists and is accessible
+- Verify region settings match bucket location
+- Check bucket policies and ACL settings
+
+## Testing your configuration
+
+After configuring your S3 provider, test the connection by:
+
+1. **Upload a test file** through the Palmr. interface
+2. **Verify file appears** in your S3 bucket
+3. **Download the file** to confirm retrieval works
+4. **Check file permissions** and access controls
+
+> **Tip:** Start with a development bucket to test your configuration before using production storage.
+
+## Switching between providers
+
+To switch from filesystem to S3 storage or between S3 providers:
+
+1. **Backup existing files** if switching from filesystem storage
+2. **Update environment variables** with new provider settings
+3. **Restart the Palmr. container** to apply changes
+4. **Test file operations** to ensure everything works correctly
+
+Remember that existing files won't be automatically migrated when switching storage providers.

apps/docs/content/docs/3.2-beta/screenshots.mdx

@@ -0,0 +1,130 @@
+---
+title: Screenshots
+icon: Image
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Here you can find a collection of screenshots showcasing various features and interfaces of the Palmr. web application. These images provide a visual overview of the user experience, highlighting key functionalities such as file sharing, user management, and settings configuration. Explore the screenshots below to get a better understanding of how Palmr works and what to expect from the platform.
+
+> **Note:** All screenshots shown are taken in dark mode, but Palmr. also offers a light mode theme for users who prefer brighter interfaces.
+
+## Authentication & Access
+
+### Home page
+
+The main landing page where users can access the platform and learn about Palmr.'s features.
+
+<ZoomableImage src="/assets/v3/screenshots/home.png" alt="Home Page - Main landing page of Palmr" />
+
+### Login page
+
+Secure authentication interface where users enter their credentials to access their Palmr account.
+
+<ZoomableImage src="/assets/v3/screenshots/login.png" alt="Login Page - User authentication interface" />
+
+### Forgot password
+
+Password recovery interface that allows users to reset their passwords when they can't access their accounts.
+
+<ZoomableImage src="/assets/v3/screenshots/forgot-password.png" alt="Forgot Password - Password recovery interface" />
+
+## Main Application Interface
+
+### Dashboard
+
+The central hub after login, providing an overview of recent activity, quick actions, and system status.
+
+<ZoomableImage
+  src="/assets/v3/screenshots/dashboard.png"
+  alt="Dashboard - Main application hub with overview and quick actions"
+/>
+
+## File Management
+
+### Files list view
+
+Comprehensive file browser displaying all uploaded files in a detailed list format with metadata, actions, sorting options, and folder navigation.
+
+<ZoomableImage
+  src="/assets/v3/screenshots/files-list.png"
+  alt="Files List View - Detailed file browser with metadata and actions"
+/>
+
+### Files card view
+
+Alternative file browser layout showing files as visual cards, perfect for quick browsing, visual file identification, and folder navigation.
+
+<ZoomableImage
+  src="/assets/v3/screenshots/files-card.png"
+  alt="Files Card View - Visual card-based file browser layout"
+/>
+
+### Receive files
+
+File upload interface where users can drag and drop or select files to upload to their Palmr storage.
+
+<ZoomableImage
+  src="/assets/v3/screenshots/receive-files.png"
+  alt="Receive Files - File upload interface with drag and drop functionality"
+/>
+
+## Sharing & Collaboration
+
+### Shares page
+
+Management interface for all shared files and folders, showing share status, permissions, and access controls for both individual files and folders.
+
+<ZoomableImage
+  src="/assets/v3/screenshots/shares.png"
+  alt="Shares Page - Share management with permissions and access controls"
+/>
+
+## User & System Management
+
+### User management
+
+Administrative interface for managing user accounts, permissions, roles, and system access controls.
+
+<ZoomableImage
+  src="/assets/v3/screenshots/user-management.png"
+  alt="User Management - Administrative interface for user accounts and permissions"
+/>
+
+### Profile settings
+
+Personal account management where users can update their profile information, preferences, and account settings.
+
+<ZoomableImage
+  src="/assets/v3/screenshots/profile.png"
+  alt="Profile Settings - Personal account management and preferences"
+/>
+
+### System settings
+
+Comprehensive system configuration interface for administrators to manage platform settings, integrations, and system behavior.
+
+<ZoomableImage
+  src="/assets/v3/screenshots/settings.png"
+  alt="System Settings - Administrative configuration interface"
+/>
+
+## Reverse share page themes
+
+### WeTransfer theme
+
+Special sharing interface with WeTransfer-inspired design, providing a familiar experience for file sharing with custom theming.
+
+<ZoomableImage
+  src="/assets/v3/screenshots/wetransfer.png"
+  alt="WeTransfer Theme - WeTransfer-inspired sharing interface with custom theming"
+/>
+
+### Default reverse theme
+
+Alternative dark theme interface showing Palmr's theming capabilities and customization options for different user preferences.
+
+<ZoomableImage
+  src="/assets/v3/screenshots/default-reverse.png"
+  alt="Default Reverse Theme - Dark theme interface showcasing customization options"
+/>

apps/docs/content/docs/3.2-beta/translation-management.mdx

@@ -0,0 +1,438 @@
+---
+title: Translation Management
+icon: Languages
+---
+
+import { Callout } from "fumadocs-ui/components/callout";
+import { Tab, Tabs } from "fumadocs-ui/components/tabs";
+
+Palmr includes a comprehensive translation key management system that automates synchronization and validation of the application's internationalization files.
+
+## Overview
+
+The translation management system consists of Python scripts that help maintain consistency across all supported languages:
+
+- **Synchronization**: Automatically add missing translation keys
+- **Validation**: Check translation status and completeness
+- **Key Management**: Manage translation keys structure and consistency
+- **Reporting**: Generate detailed translation reports
+
+## Quick Start
+
+<Tabs items={['npm/pnpm', 'Python Direct']}>
+  <Tab value="npm/pnpm">
+    ```bash
+    # Complete workflow (recommended)
+    pnpm run translations
+
+    # Check translation status
+    pnpm run translations:check
+
+    # Synchronize missing keys
+    pnpm run translations:sync
+
+    # Test workflow without changes (dry run)
+    pnpm run translations:dry-run
+
+    # Show help
+    pnpm run translations:help
+    ```
+
+  </Tab>
+  <Tab value="Python Direct">
+    ```bash
+    cd apps/web/scripts
+
+    # Complete workflow (recommended)
+    python3 run_translations.py all
+
+    # Individual commands
+    python3 run_translations.py check
+    python3 run_translations.py sync
+    python3 run_translations.py all --dry-run
+    python3 run_translations.py help
+    ```
+
+  </Tab>
+</Tabs>
+
+## Available Scripts
+
+### Main Commands (npm/pnpm)
+
+| Command                         | Description                               |
+| ------------------------------- | ----------------------------------------- |
+| `pnpm run translations`         | Complete workflow: sync + check           |
+| `pnpm run translations:check`   | Check translation status and completeness |
+| `pnpm run translations:sync`    | Synchronize missing keys from en-US.json  |
+| `pnpm run translations:dry-run` | Test workflow without making changes      |
+| `pnpm run translations:help`    | Show detailed help and examples           |
+
+## Workflow
+
+### 1. Adding New Translation Keys
+
+When you add new text to the application:
+
+1. **Add to English**: Update `apps/web/messages/en-US.json` with your new keys
+2. **Sync translations**: Run `pnpm run translations:sync` to add missing keys to all languages
+3. **Manual translation**: Translate strings marked with `[TO_TRANSLATE]` manually
+4. **Test in UI**: Verify translations work correctly in the application interface
+
+<Callout type="important">
+  **Manual translation required**: All strings marked with `[TO_TRANSLATE]` must be manually translated by native
+  speakers or professional translators for accuracy.
+</Callout>
+
+### 2. Checking Translation Status
+
+<Callout>Always run `pnpm run translations:check` before releases to ensure completeness.</Callout>
+
+```bash
+# Generate detailed translation report
+pnpm run translations:check
+```
+
+The report shows:
+
+- **Completeness percentage** for each language
+- **Untranslated strings** marked with `[TO_TRANSLATE]`
+- **Identical strings** that may need localization
+- **Missing keys** compared to English reference
+
+### 3. Manual Translation Process
+
+For all translation strings:
+
+1. **Find untranslated strings**: Look for `[TO_TRANSLATE] Original text` in language files
+2. **Replace with translation**: Remove the prefix and add proper translation
+3. **Validate**: Run `pnpm run translations:check` to verify completeness
+
+## File Structure
+
+```
+apps/web/
+├── messages/           # Translation files
+│   ├── en-US.json     # Reference language (English)
+│   ├── pt-BR.json     # Portuguese (Brazil)
+│   ├── es-ES.json     # Spanish
+│   └── ...            # Other languages
+│
+└── scripts/           # Management scripts
+    ├── run_translations.py     # Main wrapper
+    ├── sync_translations.py    # Synchronization
+    ├── check_translations.py   # Status checking
+    └── clean_translations.py   # Cleanup utilities
+```
+
+## Prerequisites
+
+- **Python 3.6 or higher** - Required for running the translation scripts
+- **No external dependencies** - Scripts use only Python standard libraries
+- **UTF-8 support** - Ensure your terminal supports UTF-8 for proper display of translations
+
+## Script Details
+
+### Main Wrapper (`run_translations.py`)
+
+The main script provides a unified interface for all translation operations:
+
+#### Available Commands
+
+- `check` - Check translation status and generate reports
+- `sync` - Synchronize missing keys from reference language
+- `all` - Run complete workflow (sync + check)
+- `help` - Show detailed help with examples
+
+#### How it Works
+
+1. Validates parameters and working directory
+2. Calls appropriate individual scripts with passed parameters
+3. Provides unified error handling and progress reporting
+4. Supports all parameters from individual scripts
+
+### Synchronization Script (`sync_translations.py`)
+
+Maintains consistency across all language files:
+
+#### Process
+
+1. **Load reference**: Reads `en-US.json` as source of truth
+2. **Scan languages**: Finds all `*.json` files in messages directory
+3. **Compare keys**: Identifies missing keys in each language file
+4. **Add missing keys**: Copies structure from reference with `[TO_TRANSLATE]` prefix
+5. **Save updates**: Maintains JSON formatting and UTF-8 encoding
+
+#### Key Features
+
+- **Recursive key detection**: Handles nested JSON objects
+- **Safe updates**: Preserves existing translations
+- **Consistent formatting**: Maintains proper JSON structure
+- **Progress reporting**: Shows detailed sync results
+
+### Status Check Script (`check_translations.py`)
+
+Provides comprehensive translation analysis:
+
+#### Generated Reports
+
+- **Completion percentage**: How much of each language is translated
+- **Untranslated count**: Strings still marked with `[TO_TRANSLATE]`
+- **Identical strings**: Text identical to English (may need localization)
+- **Missing keys**: Keys present in reference but not in target language
+
+#### Analysis Features
+
+- **Visual indicators**: Icons show completion status (✅ 🟡 🔴)
+- **Detailed breakdowns**: Per-language analysis with specific keys
+- **Quality insights**: Identifies potential translation issues
+- **Export friendly**: Output can be redirected to files for reports
+
+## Advanced Usage
+
+### Custom Parameters
+
+You can pass additional parameters to the underlying Python scripts for more control:
+
+#### Synchronization Parameters (`sync`)
+
+```bash
+# Sync without marking new keys as [TO_TRANSLATE]
+python3 scripts/run_translations.py sync --no-mark-untranslated
+
+# Use a different reference file (default: en-US.json)
+python3 scripts/run_translations.py sync --reference pt-BR.json
+
+# Specify custom messages directory
+python3 scripts/run_translations.py sync --messages-dir /path/to/messages
+
+# Dry run mode - see what would be changed
+python3 scripts/run_translations.py sync --dry-run
+```
+
+#### Check Parameters (`check`)
+
+```bash
+# Use different reference file for comparison
+python3 scripts/run_translations.py check --reference pt-BR.json
+
+# Check translations in custom directory
+python3 scripts/run_translations.py check --messages-dir /path/to/messages
+```
+
+### Parameter Reference
+
+| Parameter                | Commands        | Description                                   |
+| ------------------------ | --------------- | --------------------------------------------- |
+| `--dry-run`              | `sync`, `all`   | Preview changes without modifying files       |
+| `--messages-dir`         | All             | Custom directory containing translation files |
+| `--reference`            | `sync`, `check` | Reference file to use (default: en-US.json)   |
+| `--no-mark-untranslated` | `sync`          | Don't add [TO_TRANSLATE] prefix to new keys   |
+
+### Dry Run Mode
+
+Always test changes first:
+
+```bash
+# Test complete workflow (recommended)
+pnpm run translations:dry-run
+
+# Alternative: Direct Python commands
+python3 scripts/run_translations.py all --dry-run
+python3 scripts/run_translations.py sync --dry-run
+```
+
+### Common Use Cases
+
+#### Scenario 1: Adding Keys Without Marking for Translation
+
+```bash
+# Sync new keys without auto-marking for translation
+python3 scripts/run_translations.py sync --no-mark-untranslated
+
+# Manually mark specific keys that need translation
+# Edit files to add [TO_TRANSLATE] prefix where needed
+```
+
+#### Scenario 2: Custom Project Structure
+
+```bash
+# Work with translations in different directory
+python3 scripts/run_translations.py all --messages-dir ../custom-translations
+```
+
+#### Scenario 3: Quality Assurance
+
+```bash
+# Use different language as reference for comparison
+python3 scripts/run_translations.py check --reference pt-BR.json
+
+# This helps identify inconsistencies when you have high-quality translations
+```
+
+## Translation Keys Format
+
+Translation files use nested JSON structure:
+
+```json
+{
+  "common": {
+    "actions": {
+      "save": "Save",
+      "cancel": "Cancel",
+      "delete": "Delete"
+    },
+    "messages": {
+      "success": "Operation completed successfully",
+      "error": "An error occurred"
+    }
+  },
+  "dashboard": {
+    "title": "Dashboard",
+    "welcome": "Welcome to Palmr"
+  }
+}
+```
+
+## Manual Translation
+
+<Callout type="warning">
+  **Professional translation recommended**: For production applications, consider using professional translation
+  services or native speakers to ensure high-quality, culturally appropriate translations.
+</Callout>
+
+The system marks strings that need translation with the `[TO_TRANSLATE]` prefix:
+
+```json
+{
+  "key": "[TO_TRANSLATE] Original English text"
+}
+```
+
+After manual translation:
+
+```json
+{
+  "key": "Texto original em inglês"
+}
+```
+
+### Translation Review Process
+
+1. **Identify**: Use `pnpm run translations:check` to find untranslated strings
+2. **Translate**: Replace `[TO_TRANSLATE]` strings with proper translations
+3. **Review**: Check each translation for:
+   - **Context accuracy**: Does it make sense in the UI?
+   - **Technical terms**: Are they correctly translated?
+   - **Tone consistency**: Matches the application's voice?
+   - **Cultural appropriateness**: Suitable for target audience?
+4. **Test**: Verify translations in the actual application interface
+5. **Document**: Note any translation decisions for future reference
+
+### Common Review Points
+
+- **Button labels**: Ensure they fit within UI constraints
+- **Error messages**: Must be clear and helpful to users
+- **Navigation items**: Should be intuitive in target language
+- **Technical terms**: Some may be better left in English
+- **Placeholders**: Maintain formatting and variable names
+
+## Development Guidelines
+
+<Callout type="important">
+  **Primary Language**: Always use `en-US.json` as the parent language for development. All new translation keys must be
+  added to English first.
+</Callout>
+
+### Translation Workflow for Development
+
+1. **English First**: Add all new text to `apps/web/messages/en-US.json`
+2. **Sync keys**: Use scripts to generate key structure for other languages
+3. **Manual translation**: All strings must be manually translated for accuracy
+4. **Quality Check**: Run translation validation before merging PRs
+
+### Why English as Parent Language?
+
+- **Consistency**: Ensures all languages have the same keys structure
+- **Reference**: English serves as the source of truth for meaning
+- **Key management**: Scripts use English as source for key synchronization
+- **Documentation**: Most technical documentation is in English
+
+## Best Practices
+
+### For Developers
+
+1. **Always use English as reference**: Add new keys to `en-US.json` first - never add keys directly to other languages
+2. **Use semantic key names**: `dashboard.welcome` instead of `text1`
+3. **Test key sync**: Run `pnpm run translations:dry-run` before committing
+4. **Coordinate with translators**: Ensure translation team is aware of new keys
+5. **Maintain consistency**: Use existing patterns for similar UI elements
+
+### For Translators
+
+1. **Focus on [TO_TRANSLATE] strings**: These need immediate attention
+2. **Check identical strings**: May need localization even if identical to English
+3. **Use proper formatting**: Maintain HTML tags and placeholders
+4. **Test in context**: Verify translations work in the actual UI
+5. **Maintain glossary**: Keep consistent terminology across translations
+
+## Troubleshooting
+
+### Common Issues
+
+**Python not found**: Ensure Python 3.6+ is installed and in PATH
+
+**Permission errors**: Ensure write permissions to message files
+
+**Encoding issues**: Ensure your terminal supports UTF-8
+
+### Getting Help
+
+- Run `pnpm run translations:help` for detailed command examples
+- Review generated translation reports for specific issues
+- Check the official documentation for complete reference
+
+## Output Examples
+
+### Synchronization Output
+
+```
+Loading reference file: en-US.json
+Reference file contains 980 keys
+Processing 14 translation files...
+
+Processing: pt-BR.json
+  🔍 Found 12 missing keys
+  ✅ Updated successfully (980/980 keys)
+
+============================================================
+SUMMARY
+============================================================
+✅ ar-SA.json      - 980/980 keys
+🔄 pt-BR.json      - 980/980 keys (+12 added)
+```
+
+### Translation Status Report
+
+```
+📊 TRANSLATION REPORT
+Reference: en-US.json (980 strings)
+================================================================================
+LANGUAGE        COMPLETENESS STRINGS         UNTRANSLATED    POSSIBLE MATCHES
+--------------------------------------------------------------------------------
+✅ pt-BR         100.0%       980/980         0 (0.0%)        5
+⚠️  fr-FR         100.0%       980/980         12 (2.5%)       3
+🟡 de-DE         95.2%        962/980         0 (0.0%)        8
+================================================================================
+```
+
+## Contributing
+
+When contributing translations:
+
+1. **Follow the workflow**: Use the provided scripts for consistency
+2. **Test thoroughly**: Run complete checks before submitting
+3. **Document changes**: Note any significant translation decisions
+4. **Maintain quality**: Ensure manual translations are accurate and appropriate
+
+The translation management system ensures consistency and makes it easy to maintain high-quality localization across all supported languages.

apps/docs/content/docs/3.2-beta/troubleshooting.mdx

@@ -0,0 +1,381 @@
+---
+title: Troubleshooting
+icon: "Bug"
+---
+
+Common issues and solutions for Palmr. deployment and usage.
+
+## 🚨 Permission Denied Errors
+
+**Most common issue**: Permission denied when uploading files or accessing data directories.
+
+### Quick Diagnosis
+
+```bash
+# Check if this is a permission issue
+docker-compose logs palmr | grep -i "permission\|denied\|eacces"
+
+# Common error messages:
+# EACCES: permission denied, open '/app/server/uploads/file.txt'
+# Error: EACCES: permission denied, mkdir '/app/server/temp-uploads'
+```
+
+### The Root Cause
+
+**Palmr. defaults**: UID 1001, GID 1001  
+**Linux standard**: UID 1000, GID 1000
+
+When using bind mounts, your host directories may have different ownership than Palmr's default UID/GID.
+
+### Solution 1: Environment Variables (Recommended)
+
+Set Palmr. to use your host system's UID/GID:
+
+```bash
+# Find your UID/GID
+id
+# Output: uid=1000(user) gid=1000(group) groups=1000(group),27(sudo)
+```
+
+Add to your `docker-compose.yaml`:
+
+```yaml
+services:
+  palmr:
+    environment:
+      - PALMR_UID=1000 # Your UID
+      - PALMR_GID=1000 # Your GID
+    # ... rest of config
+```
+
+Restart the container:
+
+```bash
+docker-compose down && docker-compose up -d
+```
+
+### Solution 2: Change Host Directory Ownership
+
+If you prefer to keep Palmr's defaults:
+
+```bash
+# For single data directory
+chown -R 1001:1001 ./data
+
+# For separate upload/temp directories
+mkdir -p uploads temp-uploads
+chown -R 1001:1001 uploads temp-uploads
+```
+
+### Solution 3: Docker Volume (Avoid the Issue)
+
+Use Docker named volumes instead of bind mounts:
+
+```yaml
+volumes:
+  - palmr_data:/app/server  # Named volume (no permission issues)
+  # Instead of:
+  # - ./data:/app/server    # Bind mount (permission issues)
+
+volumes:
+  palmr_data:
+```
+
+---
+
+## 🐳 Container Issues
+
+### Container Won't Start
+
+**Check logs first:**
+
+```bash
+docker-compose logs palmr
+```
+
+**Common issues:**
+
+1. **Port already in use**
+
+   ```bash
+   # Check what's using port 5487
+   sudo lsof -i :5487
+
+   # Or change port in docker-compose.yaml
+   ports:
+     - "5488:5487"  # Use different host port
+   ```
+
+2. **Invalid encryption key**
+
+   ```bash
+   # Error: Encryption key must be at least 32 characters (only if encryption is enabled)
+   # Fix: Either disable encryption or provide a valid key
+   environment:
+     - DISABLE_FILESYSTEM_ENCRYPTION=true  # Disable encryption (default)
+     # OR enable encryption with:
+     # - DISABLE_FILESYSTEM_ENCRYPTION=false
+     # - ENCRYPTION_KEY=your-very-long-secure-key-at-least-32-characters
+   ```
+
+3. **Missing environment variables**
+   ```bash
+   # Check variables are set (encryption is optional)
+   docker exec palmr env | grep -E "DISABLE_FILESYSTEM_ENCRYPTION|ENCRYPTION_KEY|DATABASE_URL"
+   ```
+
+### Container Starts But App Doesn't Load
+
+```bash
+# Check if services are running inside container
+docker exec palmr ps aux
+
+# Check if ports are bound correctly
+docker port palmr
+
+# Test API directly
+curl http://localhost:3333/health
+```
+
+---
+
+## 📁 File Upload Issues
+
+### Files Not Uploading
+
+1. **Check disk space:**
+
+   ```bash
+   df -h
+   # Ensure you have enough space in upload directory
+   ```
+
+2. **Check file permissions in container:**
+
+   ```bash
+   docker exec palmr ls -la /app/server/uploads/
+   # Should show ownership by palmr user (UID 1001)
+   ```
+
+3. **Check upload limits:**
+   - Default max file size is configurable
+   - Check browser network tab for 413 errors
+
+### Files Upload But Can't Be Downloaded
+
+```bash
+# Check file exists and is readable
+docker exec palmr ls -la /app/server/uploads/
+
+# Check file ownership
+docker exec palmr stat /app/server/uploads/your-file.txt
+```
+
+---
+
+## 🔑 Authentication Issues
+
+### Can't Login to Admin Account
+
+1. **Reset admin password:**
+
+   ```bash
+   # Using the built-in reset script
+   docker exec -it palmr /app/palmr-app/reset-password.sh
+   ```
+
+2. **Check database permissions:**
+   ```bash
+   docker exec palmr ls -la /app/server/prisma/
+   # palmr.db should be writable by palmr user (UID 1001)
+   ```
+
+### OIDC Authentication Not Working
+
+See our [OIDC Configuration Guide](/docs/3.0-beta/oidc-authentication) for detailed setup.
+
+---
+
+## 🌐 Network Issues
+
+### Can't Access Web Interface
+
+1. **From localhost:**
+
+   ```bash
+   # Test if container is responding
+   curl http://localhost:5487
+
+   # Check if port is bound
+   docker port palmr 5487
+   ```
+
+2. **From external network:**
+
+   ```bash
+   # Check firewall
+   sudo ufw status
+
+   # Test from external IP
+   curl http://YOUR_SERVER_IP:5487
+   ```
+
+### API Not Accessible
+
+```bash
+# Check if API port is exposed
+docker port palmr 3333
+
+# Test API health
+curl http://localhost:3333/health
+
+# Check API documentation
+curl http://localhost:3333/docs
+```
+
+---
+
+## 💾 Database Issues
+
+### Database Connection Errors
+
+```bash
+# Check database file exists and is writable
+docker exec palmr ls -la /app/server/prisma/palmr.db
+
+# Check database logs
+docker-compose logs palmr | grep -i database
+
+# Verify Prisma schema (run from palmr-app directory)
+docker exec palmr sh -c "cd /app/palmr-app && npx prisma db push"
+```
+
+### Database Corruption
+
+```bash
+# Stop container
+docker-compose down
+
+# Backup existing database
+cp ./data/prisma/palmr.db ./data/prisma/palmr.db.backup
+
+# Let Palmr recreate database on startup
+rm ./data/prisma/palmr.db
+
+# Start container (will recreate database)
+docker-compose up -d
+```
+
+---
+
+## 🚀 Performance Issues
+
+### Slow File Uploads
+
+1. **Check available disk space:**
+
+   ```bash
+   df -h
+   ```
+
+2. **Monitor container resources:**
+
+   ```bash
+   docker stats palmr
+   ```
+
+3. **Check temp directory permissions:**
+   ```bash
+   docker exec palmr ls -la /app/server/temp-uploads/
+   ```
+
+### High Memory Usage
+
+```bash
+# Check container memory usage
+docker stats palmr
+
+# Check Node.js memory usage
+docker exec palmr ps aux | grep node
+```
+
+---
+
+## 🔍 Diagnostic Commands
+
+### Complete Health Check
+
+```bash
+#!/bin/bash
+echo "=== Palmr. Health Check ==="
+
+echo "1. Container Status:"
+docker ps | grep palmr
+
+echo "2. Container Logs (last 20 lines):"
+docker-compose logs --tail=20 palmr
+
+echo "3. Port Status:"
+docker port palmr
+
+echo "4. File Permissions:"
+docker exec palmr ls -la /app/server/
+
+echo "5. Application Files:"
+docker exec palmr ls -la /app/palmr-app/
+
+echo "6. Environment Variables:"
+docker exec palmr env | grep -E "PALMR_|DISABLE_FILESYSTEM_ENCRYPTION|ENCRYPTION_|DATABASE_"
+
+echo "7. API Health:"
+curl -s http://localhost:3333/health || echo "API not accessible"
+
+echo "8. Web Interface:"
+curl -s -o /dev/null -w "%{http_code}" http://localhost:5487 || echo "Web interface not accessible"
+
+echo "9. Disk Space:"
+df -h
+
+echo "=== End Health Check ==="
+```
+
+### Log Analysis
+
+```bash
+# Check for common errors
+docker-compose logs palmr 2>&1 | grep -E "error|Error|ERROR|failed|Failed|FAILED"
+
+# Check permission issues
+docker-compose logs palmr 2>&1 | grep -E "permission|denied|EACCES"
+
+# Check startup sequence
+docker-compose logs palmr 2>&1 | grep -E "🌴|🔧|🚀|✅"
+```
+
+---
+
+## 📞 Getting Help
+
+If none of these solutions work:
+
+1. **Gather diagnostic information:**
+
+   ```bash
+   # Run the complete health check above
+   # Save the output to a file
+   ```
+
+2. **Check our documentation:**
+   - [UID/GID Configuration](/docs/3.0-beta/uid-gid-configuration)
+   - [Quick Start Guide](/docs/3.0-beta/quick-start)
+   - [API Reference](/docs/3.0-beta/api)
+
+3. **Open an issue on GitHub:**
+   - Include your `docker-compose.yaml`
+   - Include relevant log output
+   - Describe your system (OS, Docker version, etc.)
+   - [GitHub Issues](https://github.com/kyantech/Palmr/issues)
+
+4. **Check existing issues:**
+   - Search [closed issues](https://github.com/kyantech/Palmr/issues?q=is%3Aissue+is%3Aclosed) for similar problems
+   - Look for recent [discussions](https://github.com/kyantech/Palmr/discussions)

apps/docs/content/docs/3.2-beta/uid-gid-configuration.mdx

@@ -0,0 +1,339 @@
+---
+title: UID/GID Configuration
+icon: "Users"
+---
+
+Configure user and group permissions for seamless bind mount compatibility across different host systems, particularly NAS environments.
+
+## Overview
+
+Palmr. supports runtime UID/GID configuration to resolve permission conflicts when using bind mounts. This eliminates the need for manual permission management on your host system.
+
+**⚠️ Important**: Palmr uses **UID 1000, GID 1000** by default, which matches the standard Linux convention. However, some systems may use different UID/GID values, which can cause permission issues with bind mounts.
+
+## The Permission Problem
+
+### Why This Happens
+
+- **Palmr Default**: UID 1000, GID 1000 (container)
+- **Linux Standard**: UID 1000, GID 1000 (most host systems)
+- **Result**: Usually compatible, but some systems may use different values
+
+### Common Error Scenarios
+
+```bash
+# When you see errors like:
+EACCES: permission denied, open '/app/server/uploads/file.txt'
+```
+
+```bash
+# Or when checking permissions:
+$ ls -la uploads/
+drwxr-xr-x 2 user user 4096 Jan 15 10:00 uploads/
+# Container tries to write with different UID/GID than directory owner
+```
+
+## Quick Fix
+
+### Option 1: Set Palmr to Use Standard UID/GID (Recommended)
+
+Add these environment variables to your `docker-compose.yaml`:
+
+```yaml
+services:
+  palmr:
+    image: kyantech/palmr:latest
+    container_name: palmr
+    environment:
+      - PALMR_UID=1000
+      - PALMR_GID=1000
+    ports:
+      - "5487:5487"
+    volumes:
+      - ./uploads:/app/server/uploads:rw
+      - ./temp-uploads:/app/server/temp-uploads:rw
+    restart: unless-stopped
+```
+
+### Option 2: Change Host Directory Permissions
+
+If you prefer to keep Palmr's defaults:
+
+```bash
+# Create directories with correct ownership
+mkdir -p uploads temp-uploads
+chown -R 1001:1001 uploads temp-uploads
+```
+
+## Environment Variables
+
+Configure permissions using these optional environment variables:
+
+| Variable    | Description                      | Default | Example |
+| ----------- | -------------------------------- | ------- | ------- |
+| `PALMR_UID` | User ID for container processes  | `1001`  | `1000`  |
+| `PALMR_GID` | Group ID for container processes | `1001`  | `1000`  |
+
+---
+
+## Finding Your Host UID/GID
+
+Determine your host system's user and group IDs:
+
+```bash
+# Check current user
+id
+
+# Output example
+uid=1000(user) gid=1000(group) groups=1000(group),27(sudo)
+```
+
+Use the `uid` and `gid` values for your `PALMR_UID` and `PALMR_GID` configuration.
+
+---
+
+## Configuration Examples
+
+### Standard Linux System (Most Common)
+
+```yaml
+services:
+  palmr:
+    image: kyantech/palmr:latest
+    container_name: palmr
+    environment:
+      - PALMR_UID=1000
+      - PALMR_GID=1000
+    ports:
+      - "5487:5487"
+    volumes:
+      - ./data:/app/server
+    restart: unless-stopped
+```
+
+### Synology NAS
+
+```yaml
+services:
+  palmr:
+    image: kyantech/palmr:latest
+    container_name: palmr
+    environment:
+      - PALMR_UID=1026
+      - PALMR_GID=100
+    ports:
+      - "5487:5487"
+    volumes:
+      - /volume1/docker/palmr:/app/server
+    restart: unless-stopped
+```
+
+### QNAP NAS
+
+```yaml
+services:
+  palmr:
+    image: kyantech/palmr:latest
+    container_name: palmr
+    environment:
+      - PALMR_UID=1000
+      - PALMR_GID=100
+    ports:
+      - "5487:5487"
+    volumes:
+      - /share/Container/palmr:/app/server
+    restart: unless-stopped
+```
+
+---
+
+## Troubleshooting
+
+### Common Permission Errors
+
+**Error**: `EACCES: permission denied`
+
+```bash
+# 1. Check your current UID/GID
+id
+
+# 2. Check directory ownership
+ls -la uploads/ temp-uploads/
+
+# 3. Fix via environment variables (preferred)
+# Add to docker-compose.yaml:
+# - PALMR_UID=1000
+# - PALMR_GID=1000
+
+# 4. Or fix via chown (alternative)
+chown -R 1001:1001 uploads temp-uploads
+```
+
+**Error**: Container starts but files aren't accessible
+
+```bash
+# Check container's UID/GID configuration
+docker-compose logs palmr | grep -E "🔧|Runtime UID/GID"
+
+# Check file ownership inside container
+docker exec palmr ls -la /app/server/
+```
+
+### Verification Commands
+
+Verify UID/GID settings are applied correctly:
+
+```bash
+# View startup logs for UID/GID configuration
+docker-compose logs palmr | head -20
+
+# Check file ownership in container
+docker exec palmr ls -la /app/server/
+
+# Verify process is running with correct UID/GID
+docker exec palmr ps aux | grep node
+
+# Check environment variables
+docker exec palmr env | grep PALMR
+```
+
+### Advanced Troubleshooting
+
+**NAS-specific debugging:**
+
+```bash
+# Synology - Check mount point ownership
+ls -la /volume1/docker/palmr/
+
+# QNAP - Check mount point ownership
+ls -la /share/Container/palmr/
+
+# Check NAS user configuration
+cat /etc/passwd | grep -v nobody
+```
+
+**Docker bind mount issues:**
+
+```bash
+# Check if directories exist and are writable
+test -w uploads && echo "uploads writable" || echo "uploads NOT writable"
+test -w temp-uploads && echo "temp-uploads writable" || echo "temp-uploads NOT writable"
+
+# Create directories with correct permissions
+mkdir -p uploads temp-uploads
+sudo chown -R $(id -u):$(id -g) uploads temp-uploads
+```
+
+---
+
+## When to Configure
+
+UID/GID configuration is **required** when:
+
+- ✅ Using bind mounts (most common case)
+- ✅ Encountering "permission denied" errors
+- ✅ Deploying on NAS systems (Synology, QNAP, etc.)
+- ✅ Host system uses different default UID/GID values
+- ✅ Running multiple containers that need to share files
+
+UID/GID configuration is **optional** when:
+
+- ❌ Using Docker named volumes (Docker manages permissions)
+- ❌ Not using bind mounts
+- ❌ No permission errors occurring
+
+---
+
+## Migration Guide
+
+### Existing Installations
+
+To add UID/GID configuration to running installations:
+
+1. **Stop the container**
+
+   ```bash
+   docker-compose down
+   ```
+
+2. **Backup your data**
+
+   ```bash
+   cp -r ./data ./data-backup
+   # or
+   cp -r ./uploads ./uploads-backup
+   cp -r ./temp-uploads ./temp-uploads-backup
+   ```
+
+3. **Check your UID/GID**
+
+   ```bash
+   id
+   ```
+
+4. **Update configuration**
+   Add UID/GID variables to your `docker-compose.yaml`:
+
+   ```yaml
+   environment:
+     - PALMR_UID=1000
+     - PALMR_GID=1000
+   ```
+
+5. **Restart with new configuration**
+   ```bash
+   docker-compose up -d
+   ```
+
+---
+
+## Implementation Details
+
+The UID/GID configuration process:
+
+1. **Detection** - Environment variables are read during container startup
+2. **Ownership Update** - File permissions are adjusted to match target UID/GID
+3. **Privilege Drop** - Application runs with specified user permissions via `su-exec`
+4. **Logging** - Configuration changes are logged for verification
+
+This approach provides automatic permission management without user creation or system modification.
+
+---
+
+## Build-Time Configuration
+
+For custom base images with different default values:
+
+```bash
+docker build \
+  --build-arg PALMR_UID=2000 \
+  --build-arg PALMR_GID=2000 \
+  -t palmr:custom .
+```
+
+Runtime environment variables override build-time defaults.
+
+---
+
+## Benefits
+
+- **Zero Configuration** - Works automatically when environment variables are set
+- **Universal Compatibility** - Supports any valid UID/GID combination
+- **NAS Optimized** - Tested with major NAS platforms
+- **Backward Compatible** - Existing deployments continue without modification
+- **Performance Optimized** - Lightweight implementation using `su-exec`
+
+## Summary
+
+For most users experiencing permission issues with bind mounts:
+
+1. **Find your UID/GID**: Run `id` command
+2. **Add to docker-compose.yaml**:
+   ```yaml
+   environment:
+     - PALMR_UID=1000
+     - PALMR_GID=1000
+   ```
+3. **Restart**: `docker-compose down && docker-compose up -d`
+
+This ensures compatibility between Palmr's UID/GID and your host system's file ownership.

apps/docs/content/docs/meta.json

@@ -1,3 +1,3 @@
 {
-	"pages": ["2.0.0-beta", "1.1.7-beta"]
+  "pages": ["3.2-beta", "2.0.0-beta"]
 }

apps/docs/eslint.config.mjs

@@ -0,0 +1,67 @@
+/* eslint-disable import/no-anonymous-default-export */
+import path from "node:path";
+import { fileURLToPath } from "node:url";
+import { FlatCompat } from "@eslint/eslintrc";
+import js from "@eslint/js";
+import typescriptEslintEslintPlugin from "@typescript-eslint/eslint-plugin";
+import tsParser from "@typescript-eslint/parser";
+import prettier from "eslint-plugin-prettier";
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+const compat = new FlatCompat({
+  baseDirectory: __dirname,
+  recommendedConfig: js.configs.recommended,
+  allConfig: js.configs.all,
+});
+
+export default [
+  ...compat.extends("next", "next/core-web-vitals", "prettier"),
+  {
+    plugins: {
+      prettier,
+    },
+    rules: {
+      "prettier/prettier": "error",
+      camelcase: "off",
+      "import/prefer-default-export": "off",
+      "react/jsx-filename-extension": "off",
+      "react/jsx-props-no-spreading": "off",
+      "react/no-unused-prop-types": "off",
+      "react/require-default-props": "off",
+      "react/no-unescaped-entities": "off",
+      "@next/next/no-img-element": "off",
+      "import/extensions": [
+        "error",
+        "ignorePackages",
+        {
+          ts: "never",
+          tsx: "never",
+          js: "never",
+          jsx: "never",
+        },
+      ],
+    },
+  },
+  {
+    files: ["**/*.+(ts|tsx)"],
+    plugins: {
+      "@typescript-eslint": typescriptEslintEslintPlugin,
+    },
+    languageOptions: {
+      parser: tsParser,
+    },
+    rules: {
+      "@typescript-eslint/explicit-function-return-type": "off",
+      "@typescript-eslint/explicit-module-boundary-types": "off",
+      "no-use-before-define": [0],
+      "@typescript-eslint/no-use-before-define": [1],
+      "@typescript-eslint/no-explicit-any": "off",
+      "@typescript-eslint/no-var-requires": "off",
+    },
+  },
+  // Ignore ESLint errors in @/ui directory
+  {
+    ignores: ["src/components/ui/**/*", "src/components/magicui/**/*"],
+  },
+];

apps/docs/next.config.mjs

@@ -1,4 +1,4 @@
-import { createMDX } from 'fumadocs-mdx/next';
+import { createMDX } from "fumadocs-mdx/next";
 
 const withMDX = createMDX();
 
@@ -15,15 +15,15 @@ const config = {
     qualities: [100],
     remotePatterns: [
       {
-        protocol: 'https',
-        hostname: '**'
+        protocol: "https",
+        hostname: "**",
       },
       {
-        protocol: 'http',
-        hostname: '**'
-      }
-    ]
-  }
+        protocol: "http",
+        hostname: "**",
+      },
+    ],
+  },
 };
 
 export default withMDX(config);

apps/docs/package.json

@@ -1,36 +1,64 @@
 {
-  "name": "docs-v2",
-  "version": "0.0.0",
+  "name": "palmr-docs",
+  "version": "3.2.3-beta",
+  "description": "Docs for Palmr",
   "private": true,
+  "author": "Daniel Luiz Alves <daniel@kyantech.com.br>",
+  "keywords": [
+    "palmr",
+    "docs",
+    "documentation",
+    "mdx",
+    "nextjs",
+    "react",
+    "typescript"
+  ],
+  "license": "BSD-2-Clause",
+  "packageManager": "pnpm@10.6.0",
   "scripts": {
     "build": "next build",
-    "dev": "next dev --turbo",
+    "dev": "next dev -p 3001",
     "start": "next start",
-    "postinstall": "fumadocs-mdx"
+    "postinstall": "fumadocs-mdx",
+    "lint": "eslint \"src/**/*.+(ts|tsx)\"",
+    "lint:fix": "eslint \"src/**/*.+(ts|tsx)\" --fix",
+    "format": "prettier . --write",
+    "format:check": "prettier . --check",
+    "type-check": "npx tsc --noEmit",
+    "validate": "pnpm lint && pnpm type-check"
   },
   "dependencies": {
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
     "fumadocs-core": "15.2.7",
-    "fumadocs-mdx": "11.6.0",
+    "fumadocs-mdx": "11.6.10",
     "fumadocs-ui": "15.2.7",
-    "lucide-react": "^0.488.0",
-    "motion": "^12.9.1",
-    "next": "15.3.0",
+    "lucide-react": "^0.525.0",
+    "motion": "^12.23.0",
+    "next": "15.3.4",
     "react": "^19.1.0",
     "react-dom": "^19.1.0",
     "tailwind-merge": "^3.2.0"
   },
   "devDependencies": {
-    "@tailwindcss/postcss": "^4.1.3",
+    "@eslint/eslintrc": "3.3.1",
+    "@eslint/js": "9.30.0",
+    "@ianvs/prettier-plugin-sort-imports": "4.4.2",
+    "@tailwindcss/postcss": "^4.1.11",
     "@types/mdx": "^2.0.13",
     "@types/node": "22.14.0",
-    "@types/react": "^19.1.0",
-    "@types/react-dom": "^19.1.2",
-    "eslint": "^8",
-    "eslint-config-next": "15.3.0",
-    "postcss": "^8.5.3",
-    "tailwindcss": "^4.1.3",
+    "@types/react": "^19.1.8",
+    "@types/react-dom": "^19.1.6",
+    "@typescript-eslint/eslint-plugin": "8.35.1",
+    "@typescript-eslint/parser": "8.35.1",
+    "eslint": "9.30.0",
+    "eslint-config-next": "15.3.4",
+    "eslint-config-prettier": "9.1.0",
+    "eslint-plugin-prettier": "5.5.1",
+    "postcss": "^8.5.6",
+    "prettier": "3.6.2",
+    "prettier-plugin-sort-json": "4.1.1",
+    "tailwindcss": "^4.1.11",
     "tw-animate-css": "^1.2.8",
     "typescript": "^5.8.3"
   }

apps/docs/postcss.config.mjs

@@ -1,5 +1,5 @@
 export default {
   plugins: {
-    '@tailwindcss/postcss': {},
+    "@tailwindcss/postcss": {},
   },
 };