Compare commits

..

362 Commits

Author SHA1 Message Date
copilot-swe-agent[bot]
f7d38b3e70 docs: enhance SECURE_SITE documentation across all files
- Update docker-compose files with clearer SECURE_SITE description
- Add Safari cross-site tracking compatibility note to all SECURE_SITE comments
- Improve quick-start.mdx environment variable table description
- Update all Docker Compose and Docker run examples with enhanced comments

Co-authored-by: danielalves96 <62755605+danielalves96@users.noreply.github.com>
2025-10-21 18:47:41 +00:00
copilot-swe-agent[bot]
1eeafaf377 Add Safari cross-site tracking documentation
- Update reverse-proxy-configuration.mdx with new sameSite behavior
- Add Safari-specific troubleshooting section
- Document SECURE_SITE=true requirement for cross-domain deployments

Co-authored-by: danielalves96 <62755605+danielalves96@users.noreply.github.com>
2025-10-21 17:24:06 +00:00
copilot-swe-agent[bot]
f9f20462ef Fix Safari cross-site tracking cookie blocking
- Set sameSite='none' for secure cookies to allow cross-origin requests
- Update auth controller and auth-providers controller cookie settings
- Document SECURE_SITE env var in .env.example
- Fixes file rendering and download issues on Safari with cross-site tracking prevention enabled

Co-authored-by: danielalves96 <62755605+danielalves96@users.noreply.github.com>
2025-10-21 17:20:39 +00:00
copilot-swe-agent[bot]
07f4485ddf Initial plan 2025-10-21 17:13:36 +00:00
Daniel Luiz Alves
cb4ed3f581 version: update package versions from 3.2.4-beta to 3.2.5-beta across all packages 2025-10-21 11:24:11 -03:00
Copilot
148676513d fix: issue with OIDC Google auto-registration for users (#314)
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: danielalves96 <62755605+danielalves96@users.noreply.github.com>
2025-10-21 11:15:48 -03:00
Copilot
42a5b7a796 feat: add functionality to embed uploaded images with BBCode or HTML (#296) 2025-10-21 11:14:46 -03:00
Daniel Luiz Alves
59fccd9a93 feat: implement file download and preview features with improved URL handling (#315) 2025-10-21 10:00:13 -03:00
Daniel Luiz Alves
91a5a24c8b fix: update license from BSD-2-Clause to Apache-2.0 in package.json files 2025-10-20 14:17:54 -03:00
Daniel Luiz Alves
ff83364870 version: update package versions from 3.2.3-beta to 3.2.4-beta across all packages 2025-10-20 14:15:58 -03:00
Copilot
df31b325f6 fix: issue allowing multiple files with the same name - auto-rename on upload and rename operations (#309) 2025-10-20 14:13:51 -03:00
Copilot
cce9847242 feat: add preview feature for social media sharing (#293) 2025-10-20 10:56:19 -03:00
Copilot
39dc94b7f8 fix: file upload failure for utf8 names over 100MiB (#290) 2025-10-20 10:50:37 -03:00
Copilot
ab5ea156a3 fix(server): Remove RFC 2616 separator chars from Content-Disposition filename (#291) 2025-10-20 10:49:46 -03:00
Copilot
4ff1eb28d9 chore: upgrade Node.js from v20 to v24 for extended LTS support (#298) 2025-10-20 10:48:16 -03:00
Copilot
17080e4465 feat: add option to hide Palmr version in footer (#297) 2025-10-20 10:42:06 -03:00
Copilot
c798c1bb1d fix: drag-and-drop file upload to save in correct directory (#288) 2025-10-20 10:31:30 -03:00
Copilot
0d7f9ca2b3 fix: downloading multiple files from Receive Files (#287) 2025-10-20 10:28:22 -03:00
Copilot
f78ecab2ed fix: update mobile responsive layout - buttons overflowing viewport (#283) 2025-10-20 10:17:42 -03:00
Copilot
fcc877738f fix(web): paste functionality in input fields except password inputs (#286)
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: danielalves96 <62755605+danielalves96@users.noreply.github.com>
2025-10-09 11:32:26 -03:00
Copilot
92722692f9 Add comprehensive GitHub Copilot instructions (#285) 2025-10-09 11:31:00 -03:00
Daniel Luiz Alves
95ac0f195b chore: bump version to 3.2.3-beta for all packages 2025-10-02 10:18:37 -03:00
Daniel Luiz Alves
d6c9b0d7d2 docs: add configurable upload chunk size option to environment variables and docs 2025-10-02 10:14:37 -03:00
Hakim Bawa
59f9e19ffb feat: make upload chunk size configurable (#273) 2025-10-02 10:04:52 -03:00
Daniel Stefani
6086d2a0ac feat: add fallback mechanism when fs.rename is unsupported (#272) 2025-10-02 10:01:06 -03:00
Daniel Luiz Alves
6b979a22fb docs: add beta version warning to README 2025-09-25 15:00:39 -03:00
Daniel Luiz Alves
e4bae380c9 chore: bump version to 3.2.2-beta for all packages 2025-09-25 14:30:01 -03:00
Tommy Johnston
3117904009 fix: share auth for download url endpoint (#254)
Co-authored-by: Daniel Luiz Alves <daniel.xcoders@gmail.com>
2025-09-10 08:40:17 -03:00
Daniel Luiz Alves
b078e94189 UPDATE LICENCE (#251) 2025-09-09 18:27:59 -03:00
Daniel Luiz Alves
bd4212b44c chore: bump version to 3.2.1-beta 2025-09-09 16:09:40 -03:00
Daniel Luiz Alves
b699bffb5b feat: improve file download response handling (#249) 2025-09-09 15:48:17 -03:00
Daniel Luiz Alves
a755c5324f feat: improve file download response handling
- Integrated `detectMimeTypeWithFallback` utility to determine the correct content type based on server response and content disposition.
- Enhanced response headers to include content length, accept ranges, content range, and content disposition when available, improving file download accuracy.
2025-09-09 15:44:03 -03:00
Daniel Luiz Alves
9072e7e866 feat: enhance reverse share modal data mapping (#248) 2025-09-09 15:14:55 -03:00
Daniel Luiz Alves
d3d1057ba8 feat: enhance reverse share modal data mapping
- Updated the mapping function to reflect the actual properties of reverseShare, including expiration, file limits, field requirements, and password status.
- Improved the handling of optional fields to ensure accurate form data representation.
2025-09-09 15:13:32 -03:00
Daniel Luiz Alves
24eda85fdc feat: add CUSTOM_PATH environment variable for dynamic storage paths (#247) 2025-09-09 14:46:24 -03:00
Daniel Luiz Alves
d49d15ac9b feat: add CUSTOM_PATH environment variable for dynamic storage paths
- Introduced CUSTOM_PATH as an optional environment variable to allow dynamic configuration of storage paths in the StorageService.
- Updated the _getDiskSpaceMultiplePaths method to utilize CUSTOM_PATH, enhancing flexibility in file storage management.
2025-09-09 14:43:51 -03:00
Daniel Luiz Alves
e7b2062764 feat: implement dynamic upload timeout based on file size across components (#246) 2025-09-09 10:40:01 -03:00
Daniel Luiz Alves
f21f972825 feat: implement dynamic upload timeout based on file size across components
- Added a calculateUploadTimeout function to determine upload timeout based on file size in FileUploadSection, GlobalDropZone, and UploadFileModal components.
- Updated axios upload requests to use the calculated timeout, improving upload handling for larger files.
2025-09-09 09:40:08 -03:00
Daniel Luiz Alves
4f4e4a079e chore: update documentation formatting and structure 2025-09-09 09:33:01 -03:00
Daniel Luiz Alves
6fbb9aa9da chore: update Footer link to point to GitHub (#245) 2025-09-09 09:26:28 -03:00
Daniel Luiz Alves
0e610d002c Fix table formatting in docs (#244) 2025-09-09 09:11:28 -03:00
Tommy Johnston
abd8366e94 feat: add folder system (#241) 2025-09-09 09:07:07 -03:00
Gintautas Kazlauskas
5d8c243125 Update quick-start.mdx
Fixed table formatting
2025-09-09 14:19:46 +03:00
Daniel Luiz Alves
d23af700da chore: refine quick-start documentation (#230) 2025-08-21 17:48:21 -03:00
Daniel Luiz Alves
494161eb47 chore: refine quick-start documentation for S3 configuration (#229) 2025-08-21 16:59:56 -03:00
Daniel Luiz Alves
6a9728be4b chore: refine quick-start documentation for S3 configuration
- Removed outdated comments regarding download memory management.
- Added detailed environment variable configurations for S3 storage, including required and optional parameters.
- Updated the presigned URL expiration variable description to clarify its application across storage types.
2025-08-21 16:50:22 -03:00
Daniel Luiz Alves
5e889956c7 chore: update documentation links and references to 3.2-beta (#227) 2025-08-21 13:35:50 -03:00
Daniel Luiz Alves
5afc6ea271 chore: update documentation links and references to 3.2-beta
- Updated meta.json to include "3.2-beta" in the pages list.
- Revised documentation links across various files to point to the new 3.2-beta version, ensuring consistency in references for OIDC authentication, installation guides, and other related content.
- Adjusted layout and routing to default to the 3.2-beta documentation.
2025-08-21 13:34:06 -03:00
Daniel Luiz Alves
cc368377c2 feat: add comprehensive documentation for v3.2-beta (#226) 2025-08-21 13:07:51 -03:00
Daniel Luiz Alves
51764be7d4 feat: add comprehensive documentation for v3.2-beta 2025-08-21 12:26:35 -03:00
Daniel Luiz Alves
fe598b4a30 [Release] v3.2.0-beta (#225) 2025-08-21 11:40:02 -03:00
Daniel Luiz Alves
80286e57d9 chore: update package versions to 3.2.0-beta across all apps 2025-08-21 11:35:09 -03:00
Daniel Luiz Alves
9f36a48d15 Merge branch 'next' of github.com:kyantech/Palmr into next 2025-08-21 11:32:00 -03:00
Daniel Luiz Alves
94286e8452 feat: implement download memory management system
- Introduced a comprehensive download memory management system to handle large file downloads efficiently, preventing crashes and optimizing resource usage.
- Added configuration options for maximum concurrent downloads, memory thresholds, and queue sizes, allowing for adaptive scaling based on system resources.
- Implemented new API endpoints for managing the download queue, including status checks and cancellation of queued downloads.
- Updated documentation to include details on the new memory management features and their configuration.
- Enhanced user experience by integrating download queue indicators in the UI, providing real-time feedback on download status and estimated wait times.
2025-08-21 11:31:46 -03:00
Daniel Luiz Alves
0ce2d6a998 Fixes translation (#220) 2025-08-20 21:15:54 -03:00
Anthony Veaudry
9e15fd7d2e fixes translation 2025-08-20 11:07:06 +03:00
Daniel Luiz Alves
736348ebe8 feat: enhance content type handling (#222) 2025-08-19 10:08:58 -03:00
Daniel Luiz Alves
ddb981cba2 fix: reorder imports in FilesystemController for clarity
- Moved the ChunkManager and ChunkMetadata imports to improve code organization and readability in the FilesystemController file.
2025-08-19 10:05:39 -03:00
Daniel Luiz Alves
724452fb40 feat: enhance content type handling in filesystem and S3 storage providers
- Updated the FilesystemController to dynamically set the Content-Type header using the getContentType utility based on the file name.
- Modified the S3StorageProvider to include the ResponseContentType in the presigned URL generation, improving the handling of file types in responses.
2025-08-19 10:04:38 -03:00
Daniel Luiz Alves
a2ac6a6268 feat: add PRESIGNED_URL_EXPIRATION configuration option (#221) 2025-08-19 09:23:46 -03:00
Daniel Luiz Alves
aecda25b25 feat: add PRESIGNED_URL_EXPIRATION configuration option
- Introduced the PRESIGNED_URL_EXPIRATION environment variable across multiple configuration files to allow users to customize the expiration time for presigned URLs.
- Updated documentation to include details on the new variable, its default value, and guidance on choosing appropriate expiration times based on security and usability needs.
- Refactored relevant code to utilize the new configuration option for generating presigned URLs in the file and reverse share services.
2025-08-19 09:18:52 -03:00
Daniel Luiz Alves
0f22b0bb23 feat: implement public configuration retrieval (#218) 2025-08-18 20:35:02 -03:00
Daniel Luiz Alves
edf6d70d69 fix: correct formatting of sensitiveKeys array in AppService
- Removed unnecessary whitespace and added a trailing comma for consistency in the sensitiveKeys array within the getPublicConfigs method.
2025-08-18 20:32:34 -03:00
Daniel Luiz Alves
a2ecd2e221 fix: add missing newline at end of route.ts file 2025-08-18 20:31:39 -03:00
Daniel Luiz Alves
2f022cae5d feat: implement public configuration retrieval and update API
- Added a new endpoint to fetch public configurations, excluding sensitive data such as SMTP credentials.
- Updated the AppController and AppService to support the new functionality.
- Introduced a corresponding route in the web application to access public configurations securely.
- Refactored hooks to utilize the new public configuration retrieval method, enhancing security by avoiding exposure of sensitive data.
2025-08-18 20:30:30 -03:00
Daniel Luiz Alves
bb3669f5b2 feat: add placeholders in multiple languages (#217) 2025-08-18 17:47:34 -03:00
Daniel Luiz Alves
87fd8caf2c feat: add bulk delete confirmation and description placeholders in multiple languages
- Introduced new translation keys for bulk delete confirmation and description placeholders across various language files, enhancing user experience by providing clearer instructions.
- Updated the file and share modals to utilize the new translation keys for improved consistency and localization.
2025-08-18 17:41:33 -03:00
Daniel Luiz Alves
e8087a7c01 refactor: improve ReceivedFilesModal layout (#216) 2025-08-18 16:37:42 -03:00
Daniel Luiz Alves
4075a7df29 refactor: improve ReceivedFilesModal layout and remove unused ScrollArea component
- Updated the layout of the ReceivedFilesModal to enhance responsiveness and usability by replacing the ScrollArea with a div that manages overflow.
- Removed the unused ScrollArea import to clean up the codebase.
2025-08-18 16:24:59 -03:00
Daniel Luiz Alves
c081b6f764 feat: Add S3_REJECT_UNAUTHORIZED environment variable (#215) 2025-08-18 16:06:06 -03:00
Daniel Luiz Alves
ecaa6d0321 feat: add S3_REJECT_UNAUTHORIZED environment variable for self-signed certificate support
- Introduced the S3_REJECT_UNAUTHORIZED variable across multiple configuration files to allow users to disable strict SSL certificate validation for self-signed certificates.
- Updated documentation to reflect the new variable and its usage in various contexts, including examples for MinIO and S3-compatible services.
- Enhanced server configuration to handle the new variable appropriately, ensuring compatibility with self-hosted S3 solutions.
2025-08-18 16:03:50 -03:00
Daniel Luiz Alves
e7ae7833ad [RELEASE] v3.1.8-beta (#187) 2025-08-01 10:15:20 -03:00
Daniel Luiz Alves
22f34f6f81 chore: increment version numbers to 3.1.8-beta across all package.json files 2025-08-01 10:04:06 -03:00
Daniel Luiz Alves
29efe0a10e refactor: format public paths in RedirectHandler for improved readability
- Reformatted the publicPaths array in the RedirectHandler component for better code clarity and maintainability.
2025-08-01 10:02:52 -03:00
Daniel Luiz Alves
965c64b468 feat: update public paths in RedirectHandler for enhanced routing
- Added new public paths ("/s/" and "/r/") to the RedirectHandler component to support additional routes for unauthenticated users.
2025-08-01 10:01:59 -03:00
Daniel Luiz Alves
ce57cda672 feat: enhance authentication flow and user redirection (#183) 2025-07-30 02:03:19 -03:00
Daniel Luiz Alves
a59857079e feat: add QR code modal translations for multiple languages
- Introduced translations for the QR code sharing modal in various languages including Arabic, German, Spanish, French, Hindi, Italian, Japanese, Korean, Dutch, Polish, Portuguese, Russian, Turkish, and Chinese.
- Removed duplicate QR code modal entries from the respective language files to maintain consistency.
2025-07-30 01:31:44 -03:00
Daniel Luiz Alves
9ae2a0c628 feat: enhance authentication flow and user redirection
- Updated the getCurrentUser method to return null for unauthorized access instead of error messages.
- Modified API documentation to reflect changes in the response structure for the current user endpoint.
- Introduced a RedirectHandler component to manage user redirection based on authentication status.
- Enhanced home and login pages to handle loading states and redirect users appropriately based on authentication.
- Improved the useHome hook to manage visibility of the home page based on user authentication status.
2025-07-30 01:29:16 -03:00
Daniel Luiz Alves
f2c514cd82 refactor: remove demo functionality and related components (#182) 2025-07-30 00:43:03 -03:00
Daniel Luiz Alves
6755230c53 refactor: remove demo functionality and related components
- Deleted the demo page and its associated client component to streamline the application.
- Removed demo-related button from the home page.
- Updated environment variable configuration by removing the DEMO_MODE setting.
- Simplified file controller and storage service logic by eliminating demo mode checks.
2025-07-30 00:40:57 -03:00
Daniel Luiz Alves
f2a0e60f20 [RELEASE] v3.1.7-beta (#181) 2025-07-29 22:54:19 -03:00
Daniel Luiz Alves
6cb21e95c4 chore: increment version numbers to 3.1.7-beta across all package.json files 2025-07-29 22:20:56 -03:00
Daniel Luiz Alves
868add68a5 feat: enhance localization with new placeholders and error messages
- Added "namePlaceholder" to share creation modals across multiple languages for improved user guidance.
- Updated error messages in various languages to maintain consistency and clarity.
- Introduced "filesQueued" message for better user feedback during file uploads in multiple languages.
2025-07-29 22:16:07 -03:00
Daniel Luiz Alves
307148d951 fix: enhance reset-password script and update navbar responsiveness
- Updated reset-password.sh to set DATABASE_URL if not already defined and ensure the database directory exists.
- Improved navbar component responsiveness by adjusting visibility classes for navigation items and added a new sponsor link.
2025-07-29 18:37:22 -03:00
Daniel Luiz Alves
9cb4235550 [Release] v3.1.6-beta (#174) 2025-07-22 19:28:55 -03:00
Daniel Luiz Alves
6014b3e961 chore: update environment variable configurations and documentation
- Updated docker-compose files to provide clearer environment variable options for S3 and filesystem encryption.
- Removed default values for ENABLE_S3 and DISABLE_FILESYSTEM_ENCRYPTION in favor of commented guidance for user customization.
- Incremented version numbers to 3.1.6-beta across all relevant package.json files.
- Enhanced documentation to reflect changes in configuration and deployment instructions, including UID/GID handling and storage options.
2025-07-22 18:53:54 -03:00
Daniel Luiz Alves
32f0a891ba refactor: update filesystem encryption handling and configuration
refactor: simplify server startup script and move provider/config checks to separate files

docs: update documentation to reflect encryption changes and default UID/GID values

- Changed default behavior to disable filesystem encryption for improved performance.
- Updated environment variable handling for DISABLE_FILESYSTEM_ENCRYPTION and ENCRYPTION_KEY across multiple configuration files.
- Added new scripts and configuration files for managing application settings and providers.
- Adjusted Dockerfile and server start scripts to reflect changes in UID/GID handling and file management.
- Enhanced documentation to clarify encryption options and their implications.
2025-07-22 16:02:44 -03:00
Daniel Luiz Alves
124ac46eeb [Release] v3.1.5-beta (#172) 2025-07-22 01:09:27 -03:00
Daniel Luiz Alves
d3e76c19bf chore: update package versions to 3.1.5-beta across all apps 2025-07-22 00:36:11 -03:00
Daniel Luiz Alves
dd1ce189ae refactor: improve file download handling and memory management (#171) 2025-07-22 00:28:43 -03:00
Daniel Luiz Alves
82e43b06c6 refactor(filesystem): improve file download handling and memory management
- Replace separate large/small file download methods with unified stream handling
- Add memory usage tracking and garbage collection for download operations
- Implement proper stream cleanup and error handling
- Remove redundant comments and simplify interval configuration
2025-07-22 00:24:47 -03:00
Daniel Luiz Alves
aab4e6d9df [Release] v3.1.4-beta (#169) 2025-07-21 18:42:28 -03:00
Daniel Luiz Alves
1f097678ce chore: add monorepo version update to the update-versions script 2025-07-21 18:11:19 -03:00
Daniel Luiz Alves
96cb4a04ec chore: update package versions to 3.1.4-beta across all apps 2025-07-21 18:07:03 -03:00
Daniel Luiz Alves
b7c4b37e89 Feat: Implement disable password authentication (#168) 2025-07-21 18:02:39 -03:00
Daniel Luiz Alves
952cf27ecb refactor: streamline authentication and password handling
- Removed unnecessary parameters from the GET request in the auth config route.
- Adjusted import order in the forgot password hook for consistency.
- Cleaned up password validation logic in the login schema for better readability.
2025-07-21 17:59:40 -03:00
Daniel Luiz Alves
765810e4e5 feat: implement disable password authentication configuration and validation
- Added a new configuration option for enabling/disabling password authentication.
- Implemented validation to prevent disabling password authentication if no other authentication providers are active.
- Updated authentication and login services to handle scenarios based on the password authentication setting.
- Enhanced the UI to reflect the password authentication status and provide user feedback accordingly.
- Added translations and error messages for better user experience across multiple languages.
2025-07-21 17:43:54 -03:00
Daniel Luiz Alves
36d09a7679 Feat: Enhance email sharing functionality (#166) 2025-07-21 15:26:13 -03:00
Daniel Luiz Alves
c6d6648942 feat: implement batch file upload notifications in reverse share service
- Added functionality to send email notifications upon batch file uploads to reverse shares.
- Integrated EmailService to handle email sending with a structured HTML template for notifications.
- Enhanced ReverseShareService to manage upload sessions and trigger notifications after file uploads.
2025-07-21 15:24:16 -03:00
Daniel Luiz Alves
54ca7580b0 feat: enhance email sharing functionality with sender information and improved HTML template
- Updated the sendShareNotification method to include senderName as an optional parameter.
- Enhanced the email template with a more structured HTML layout for better presentation.
- Integrated user service to retrieve sender information based on user ID, improving the personalization of share notifications.
2025-07-21 14:11:42 -03:00
Daniel Luiz Alves
4e53d239bb Feat: Add system information endpoint and integrate s3 support (#165) 2025-07-21 11:57:40 -03:00
Daniel Luiz Alves
6491894f0e fix: update dependency in GlobalDropZone to include S3 status 2025-07-21 11:52:09 -03:00
Daniel Luiz Alves
93e05dd913 feat: add system information endpoint and integrate S3 support
- Implemented a new endpoint to retrieve system information, including the active storage provider and S3 status.
- Updated the AppService to fetch system information and return relevant data.
- Integrated system information fetching in the FileUploadSection, GlobalDropZone, and UploadFileModal components to adjust upload behavior based on S3 availability.
- Enhanced chunked upload logic to conditionally use chunked uploads based on the storage provider.
2025-07-21 11:50:13 -03:00
Daniel Luiz Alves
2efe69e50b Feat: improve file download handling with streaming support (#163) 2025-07-21 10:32:29 -03:00
Daniel Luiz Alves
761865a6a3 feat: improve file download handling with streaming support
- Replaced buffer-based file downloads with streaming for large files in FilesystemController.
- Added createDecryptedReadStream method in FilesystemStorageProvider to facilitate streaming decryption.
- Updated chunk download method to use streams, enhancing performance and memory efficiency.
2025-07-21 10:30:59 -03:00
Daniel Luiz Alves
25fed8db61 v3.1.3-beta (#160) 2025-07-18 12:55:29 -03:00
Daniel Luiz Alves
de42e1ca47 chore: bump version to 3.1.3-beta for all packages
- Updated version number in package.json files for apps/docs, apps/server, and apps/web to reflect the new beta release.
2025-07-18 11:43:53 -03:00
Daniel Luiz Alves
138e20d36d fix: update button and status messages for consistency
- Capitalized the "Activate" and "Deactivate" status messages for improved readability.
- Adjusted the button component in the users header to remove unnecessary margin from the icon, enhancing layout consistency.
2025-07-18 11:41:14 -03:00
Daniel Luiz Alves
433610286c Feat: QR Code implementation (#159) 2025-07-18 11:19:02 -03:00
Daniel Luiz Alves
236f94247a feat: add QR code download functionality to share modals
- Integrated QR code generation and download options in both ShareFileModal and ShareMultipleFilesModal.
- Updated UI components to include a download button for QR codes, enhancing user experience.
- Improved icon usage by adding download functionality alongside existing share options.
2025-07-18 11:14:56 -03:00
Daniel Luiz Alves
1a5c1de510 feat: enhance share functionality with QR code support across multiple languages
- Added new translations for QR code interactions in various languages.
- Updated share link details to include options for viewing and downloading QR codes.
- Enhanced user experience by providing clear instructions and descriptions related to QR code usage.
- Improved consistency in UI components for QR code visibility and actions.
2025-07-18 02:09:00 -03:00
Daniel Luiz Alves
6fb55005d4 feat: enhance reverse share functionality with QR code support
- Added QR code viewing and downloading capabilities in the reverse shares section.
- Updated UI components to include QR code options in share details and cards.
- Introduced new state management for handling QR code visibility.
- Enhanced translations for QR code interactions across multiple languages.
2025-07-18 01:50:33 -03:00
Daniel Luiz Alves
4779671323 feat: add QR code functionality for share links
- Introduced a new QrCodeModal component to display and download QR codes for shared links.
- Updated share management to include functionality for viewing QR codes.
- Enhanced the GenerateShareLinkModal to include QR code generation and download options.
- Updated UI components to support QR code viewing and downloading in share details and recent shares sections.
- Added translations and improved user experience for share link generation and QR code interactions.
2025-07-18 01:17:54 -03:00
Daniel Luiz Alves
e7876739e7 docs: enhance encryption documentation and performance considerations
- Added a section on performance implications of filesystem encryption in the architecture documentation.
- Updated the quick-start guide to link to the new performance considerations section, emphasizing the impact of encryption on resource usage and file access strategies.
2025-07-17 18:22:24 -03:00
Daniel Luiz Alves
e699e30af3 chore: add DEFAULT_LANGUAGE environment variable support (#158) 2025-07-17 17:27:51 -03:00
Daniel Luiz Alves
7541a2b085 chore: add DEFAULT_LANGUAGE environment variable support
- Updated docker-compose files to include a commented-out DEFAULT_LANGUAGE variable for setting the default application language.
- Modified the Dockerfile to export NEXT_PUBLIC_DEFAULT_LANGUAGE with a fallback to 'en-US'.
- Enhanced documentation in the quick-start guide to reflect the new DEFAULT_LANGUAGE variable and its usage.
- Updated i18n request handling to support multiple locales based on the DEFAULT_LANGUAGE environment variable.
2025-07-17 17:24:51 -03:00
Daniel Luiz Alves
24aa605973 chore: remove deprecated docker-compose-synology-test.yaml file 2025-07-17 14:22:34 -03:00
Daniel Luiz Alves
fd28445680 chore: standardize package version format to remove 'v' prefix (#154) 2025-07-15 16:59:13 -03:00
Daniel Luiz Alves
19b7448c3a chore: standardize package version format to remove 'v' prefix in docs, server, and web applications 2025-07-15 16:51:52 -03:00
Daniel Luiz Alves
53c39135af fix: fix suspense fallback (#153) 2025-07-15 16:40:41 -03:00
Daniel Luiz Alves
b9147038e6 style(demo): add empty line after "use client" directive 2025-07-15 16:39:37 -03:00
Daniel Luiz Alves
9a0b7f5c55 refactor(demo): extract demo logic into separate component for better maintainability 2025-07-15 16:37:35 -03:00
Daniel Luiz Alves
2a5f9f03ae v3.1.2-beta (#152) 2025-07-15 15:50:28 -03:00
Daniel Luiz Alves
78f6e36fc9 chore: update package versions to v3.1.2-beta for docs, server, and web applications 2025-07-15 15:22:12 -03:00
Daniel Luiz Alves
8e7aadd183 docs(demo): implement live demo functionality and demo page
- Added a Live Demo button to the home page that generates a unique demo ID and token, storing them in session storage.
- Created a new DemoPage component to validate access using the demo ID and token, and to manage demo creation and status checking.
- Introduced BackgroundLights component for visual effects on the demo page.
- Enhanced user experience with loading states and error handling during demo generation.
2025-07-15 15:21:00 -03:00
Daniel Luiz Alves
794a2782ac feat(demo): add DEMO_MODE environment variable and storage limits
- Introduced a new DEMO_MODE environment variable to toggle demo functionality.
- Updated FileController and ReverseShareService to limit user storage to 200MB when DEMO_MODE is enabled.
- Enhanced StorageService to reflect demo storage limits in disk space calculations.
- Added missing authentication providers in the settings form and server start script for better provider management.
2025-07-15 13:45:46 -03:00
Daniel Luiz Alves
383f26e777 Merge branch 'next' of github.com:kyantech/Palmr into next 2025-07-14 17:25:53 -03:00
Daniel Luiz Alves
2db88d3902 chore: add DISABLE_FILESYSTEM_ENCRYPTION option
- Enhanced comments in docker-compose files to clarify the purpose of environment variables, including optional settings for UID, GID, and filesystem encryption.
- Introduced DISABLE_FILESYSTEM_ENCRYPTION variable to allow users to disable file encryption, making the ENCRYPTION_KEY optional.
- Updated documentation in quick-start guide to reflect changes in environment variable usage and security warnings.
2025-07-14 17:25:27 -03:00
Daniel Luiz Alves
5e96633a1e Fix docker-compose.yaml (#147) 2025-07-11 12:34:24 -03:00
Daniel Luiz Alves
6c80ad8b2a Fix docker-compose.yaml (#146) 2025-07-11 12:33:09 -03:00
GeorgH93
96bd39eb25 Fix docker-compose.yaml
Move PALMR_UID, PALMR_GID and SECURE_SITE into environment, to fix the compose file
2025-07-11 16:15:17 +02:00
Daniel Luiz Alves
b4bf227603 v3.1.1-beta (#145) 2025-07-11 10:20:52 -03:00
Daniel Luiz Alves
90c0300d77 chore: update package versions to v3.1.1-beta for docs, server, and web applications 2025-07-11 09:53:00 -03:00
Daniel Luiz Alves
a5a22ca5c4 feat(profile): implement image editing functionality with cropping and zooming
- Added a new ImageEditModal component for cropping and adjusting images.
- Integrated image editing capabilities into the ProfilePicture component, allowing users to edit their profile images.
- Updated translations for image editing features in multiple languages.
- Introduced a Skeleton component for loading states during image processing.
- Enhanced file upload handling with chunked uploads for better performance.
2025-07-11 01:03:45 -03:00
Daniel Luiz Alves
f1ef32b5d4 refactor(auth): remove unused import in useLogin hook
- Cleaned up the useLogin hook by removing the unused getAppInfo import, streamlining the code for better readability and maintainability.
2025-07-11 00:21:13 -03:00
Daniel Luiz Alves
a4bc5ec015 feat(auth): improve user data fetching on authentication
- Updated AuthCallbackPage to fetch user data after successful authentication and set user context.
- Removed redundant initialization logic in useLogin hook and streamlined user data retrieval post-login.
- Enhanced error handling for user data fetching to improve user experience during authentication.
2025-07-11 00:19:48 -03:00
Daniel Luiz Alves
2e56b7e59f feat(auth): enhance client header handling in proxy requests
- Introduced a new utility function `getClientHeaders` to extract real client IP and user agent from requests.
- Updated authentication routes to utilize the new utility for improved header management.
- Refactored `getClientInfo` method in AuthController to support additional proxy headers.
2025-07-10 23:57:49 -03:00
Daniel Luiz Alves
5672d25bce Merge branch 'feat/chunked-uploads' into next 2025-07-10 18:03:29 -03:00
Daniel Luiz Alves
edf20e6190 Feat: Add trusted device support for 2FA (#138) 2025-07-10 00:11:26 -03:00
Daniel Luiz Alves
dc3da45c2d fix: update dependencies in hooks for improved functionality 2025-07-09 23:45:43 -03:00
Daniel Luiz Alves
f3f792e053 feat(auth): enhance trusted device management for 2FA
- Added lastUsedAt timestamp to the TrustedDevice model for tracking device usage.
- Implemented new endpoints for retrieving and removing trusted devices.
- Updated AuthService to manage trusted devices, including methods for getting and removing devices.
- Enhanced the user interface to support trusted device management, including modals for removing devices.
- Added translations for new messages related to trusted devices in multiple languages.
2025-07-09 23:43:57 -03:00
Daniel Luiz Alves
ad689bd6d9 feat(auth): add trusted device support for 2FA
implement remember device option for two-factor authentication
add trusted device service to manage device trust
update login flow to check for trusted devices
2025-07-09 00:34:56 -03:00
Daniel Luiz Alves
ffd5005c8b feat: Add Pocket ID as a new OIDC provider (#133) 2025-07-08 18:31:19 -03:00
Daniel Luiz Alves
e9ae414a6e feat: add Pocket ID as a new OIDC provider
- Updated the OIDC authentication meta.json to include Pocket ID in the list of supported pages.
- Created a new documentation file for Pocket ID authentication, detailing setup, configuration, and troubleshooting.
- Added relevant images to support the Pocket ID documentation.
- Updated the OIDC provider cards to display Pocket ID.
- Configured Pocket ID in the server's authentication provider settings, including necessary endpoints and metadata.
- Enhanced provider patterns and scopes to support Pocket ID integration.
2025-07-08 18:27:55 -03:00
Daniel Luiz Alves
a3389b8b0d feat: implement chunked file upload and progress tracking
- Introduced a new ChunkManager class to handle chunked uploads, including methods for processing chunks, tracking upload progress, and cleaning up temporary files.
- Updated the FilesystemController to support chunked uploads and provide endpoints for checking upload progress and canceling uploads.
- Added a ChunkedUploader utility to manage chunked uploads on the client side, optimizing file uploads based on size.
- Enhanced the API with new routes for upload progress and cancellation, improving user experience during file uploads.
- Updated frontend components to utilize chunked upload functionality, ensuring efficient handling of large files.
2025-07-08 15:40:25 -03:00
Daniel Luiz Alves
199dd9ffd4 chore: add .eslintignore file and update TypeScript configuration
- Created a new .eslintignore file to exclude Next.js build artifacts and node_modules from linting.
- Modified the TypeScript configuration to skip library checks and refined the exclude/include patterns for better clarity and performance.
2025-07-08 09:31:13 -03:00
Daniel Luiz Alves
233ea0da41 fix: update ESLint configuration to include .next directory in ignores
- Added ".next/**/*" to the ignores array in the ESLint configuration to prevent linting of build artifacts, improving the linting process.
2025-07-08 09:26:42 -03:00
Daniel Luiz Alves
1134beb6a6 fix: update French translations for file sharing feature
- Changed the title from "Receber Arquivos" to "Recevoir des Fichiers" and updated the description to "Créez des liens pour que d'autres puissent vous envoyer des fichiers" for better localization accuracy.
2025-07-08 09:22:46 -03:00
Daniel Luiz Alves
b26450d277 Feat: Add 2FA/TOPT Support (#130) 2025-07-08 00:51:42 -03:00
Daniel Luiz Alves
61255b5e19 fix: update translation key for backup codes instructions in two-factor form
- Changed the translation key from "backupCodes.instructions" to "twoFactor.backupCodes.instructions" to ensure consistency with the new localization structure.
2025-07-08 00:43:23 -03:00
Daniel Luiz Alves
e4bdfb8432 fix: update translations and clean up imports in various components
- Translated SMTP connection test messages in French and Polish for better localization.
- Removed unused icon imports in the two-factor verification and profile components to streamline the code.
- Simplified user data extraction in the login hook for clarity and consistency.
2025-07-08 00:40:26 -03:00
Daniel Luiz Alves
7f76d48314 feat: implement two-factor authentication (2FA) functionality
- Added two-factor authentication support to the login process, enhancing security for user accounts.
- Introduced new routes and services for managing 2FA setup, verification, and backup codes.
- Updated user model to include fields for 2FA status and backup codes.
- Enhanced login and profile pages to accommodate 2FA input and management.
- Added translations for 2FA-related messages in multiple languages.
- Integrated QR code generation for 2FA setup, improving user experience during authentication.
2025-07-08 00:23:50 -03:00
Daniel Luiz Alves
4d101fbdeb feat: add LogoInput component to settings input for app logo configuration
- Integrated LogoInput component into the SettingsInput to allow users to upload and manage the application logo.
- Updated the renderInput function to handle the new appLogo configuration, enhancing the settings interface.
2025-07-07 16:38:25 -03:00
Daniel Luiz Alves
008f19b8b0 Release: v3.1.0-beta (#128) 2025-07-07 12:02:00 -03:00
Daniel Luiz Alves
1294329083 docs: update PALMR_UID and PALMR_GID comments in quick-start documentation for consistency
- Revised comments for PALMR_UID and PALMR_GID environment variables in the quick-start guide to align with recent changes in Docker Compose files, ensuring clarity on their purpose and usage.
- Removed outdated comments to streamline the documentation and improve user understanding of UID and GID settings.
2025-07-07 10:56:05 -03:00
Daniel Luiz Alves
1999949129 Merge branch 'feat/multi-oidc-providers' into next 2025-07-07 10:55:47 -03:00
Daniel Luiz Alves
f1cb7a6216 fix: remove --force-reset option from prisma db push commands in server-start.sh
- Updated the database schema push commands to eliminate the --force-reset option for both root and non-root users, ensuring a safer schema update process without unintended data loss.
2025-07-07 10:45:24 -03:00
Daniel Luiz Alves
b908dcf69d chore: clean up project configuration and dependencies
- Removed unused Turborepo configuration files and updated the .gitignore to exclude unnecessary directories.
- Simplified package.json scripts by removing redundant entries related to Turborepo.
- Updated dependencies in pnpm-lock.yaml and package.json for various packages, ensuring compatibility and improved performance.
- Enhanced pnpm workspace configuration by removing obsolete entries and ensuring consistency across applications.
- Added new lint log files for server and web applications to track linting processes.
2025-07-07 01:29:58 -03:00
Daniel Luiz Alves
82842508ef refactor: enhance StorageService with filesystem detection and improved error handling
- Simplified number validation and parsing methods for better clarity and performance.
- Introduced new methods for retrieving mount information and detecting mount points, improving filesystem handling.
- Replaced direct disk space command execution with a unified filesystem information retrieval approach.
- Enhanced error logging and removed unnecessary console outputs to streamline the service's operation.
2025-07-07 00:00:34 -03:00
Daniel Luiz Alves
c466bba77a docs: enhance SMTP configuration documentation with detailed options and testing features
- Updated the SMTP configuration section to include new fields for trusting self-signed certificates and advanced connection security options.
- Improved the documentation structure by adding subsections for basic SMTP configuration, email sender configuration, and advanced options.
- Introduced a testing feature for SMTP connections, detailing the process and expected outcomes for users.
- Removed outdated images and added new visuals to better illustrate the configuration steps and user interface elements.
- Enhanced translations for various languages to support the new SMTP features.
2025-07-06 23:49:17 -03:00
Daniel Luiz Alves
91b6a9913b docs: update UID and GID comments in Docker Compose files for clarity
- Enhanced comments for PALMR_UID and PALMR_GID environment variables across multiple Docker Compose files to indicate that users can change these values to match the UID and GID of the user running the container.
- Added a note in the quick-start documentation to guide users on adjusting UID and GID for file upload issues, including commands to find the current UID and GID in Linux systems.
2025-07-06 02:14:07 -03:00
Daniel Luiz Alves
84dc949d5c docs: enhance OIDC authentication documentation with new images and improved notes
- Added ZoomableImage components to illustrate OIDC provider options and settings, enhancing visual guidance for users.
- Updated the documentation to clarify the configuration process and recommended practices for using multiple OIDC providers.
- Introduced a new image showcasing all OIDC providers to improve user understanding of available options.
2025-07-06 01:58:06 -03:00
Daniel Luiz Alves
0329829185 docs: simplify OIDC provider titles for consistency
- Updated titles for Auth0, Authentik, Discord, Frontegg, GitHub, Google, Kinde Auth, and Zitadel documentation by removing "Provider Configuration" for a cleaner presentation.
- Added new images to enhance the documentation for custom OIDC provider setup, improving user understanding and visual guidance.
2025-07-06 01:48:14 -03:00
Daniel Luiz Alves
8ddfa382b4 docs: update OIDC provider titles to include "Provider Configuration" for clarity
- Modified titles for Auth0, Authentik, Discord, Frontegg, GitHub, Google, Kinde Auth, and Zitadel documentation to include "Provider Configuration" for improved clarity and consistency.
- Enhanced the Frontegg documentation with additional images and detailed setup instructions to aid user understanding.
- Introduced new images for Kinde Auth setup, showcasing application details and configuration steps.
2025-07-06 01:09:58 -03:00
Daniel Luiz Alves
95939f8f47 refactor: rename temp-chunks to temp-uploads and update related configurations
- Changed references from 'temp-chunks' to 'temp-uploads' across .dockerignore, Dockerfile, and various configuration files for consistency.
- Introduced a new directories configuration file to manage directory paths more effectively.
- Updated file handling in the server code to utilize streaming for uploads and downloads, improving performance and memory management.
- Enhanced cleanup processes for temporary directories to maintain a tidy file structure.
2025-07-06 00:06:09 -03:00
Daniel Luiz Alves
c9a9f1d6cf docs: enhance Frontegg authentication documentation with detailed setup instructions and visual aids
- Expanded the Frontegg section to include comprehensive setup steps, benefits, and troubleshooting guidance.
- Introduced multiple new images to illustrate the configuration process, application settings, and user interface elements for better clarity.
- Improved overall documentation structure to facilitate easier navigation and understanding for users integrating Frontegg with Palmr.
2025-07-05 01:39:35 -03:00
Daniel Luiz Alves
6f9813c2c7 docs: enhance Authentik authentication documentation with detailed setup instructions and visual aids
- Expanded the Authentik section to include comprehensive setup steps, benefits, and troubleshooting guidance.
- Introduced multiple new images to illustrate the configuration process, application settings, and user interface elements for better clarity.
- Improved overall documentation structure to facilitate easier navigation and understanding for users integrating Authentik with Palmr.
2025-07-05 00:41:30 -03:00
Daniel Luiz Alves
d63b2ab053 docs: enhance Zitadel authentication documentation with detailed setup instructions and visual aids
- Expanded the Zitadel authentication section to include comprehensive setup steps, benefits, and troubleshooting guidance.
- Introduced multiple new images to illustrate the configuration process, application settings, and user interface elements for better clarity.
- Improved overall documentation structure to facilitate easier navigation and understanding for users integrating Zitadel with Palmr.
2025-07-04 22:13:17 -03:00
Daniel Luiz Alves
9fa138a417 feat: update Auth0 authentication documentation and add new images
- Enhanced the Auth0 setup instructions with additional configuration details and clearer steps.
- Introduced new images for application settings, URLs configuration, and enabling the Auth0 provider to improve user understanding.
- Removed outdated images to streamline the documentation and ensure relevance.
2025-07-04 01:38:09 -03:00
Daniel Luiz Alves
82861d91e9 feat: enhance OIDC authentication documentation and add visual aids
- Updated the Auth0, Discord, GitHub, and Google authentication documentation to include detailed setup instructions and benefits of using each provider.
- Introduced ZoomableImage components for better visual representation of setup steps.
- Added troubleshooting sections for common issues encountered during authentication processes.
- Improved security best practices and next steps for users configuring OIDC providers.
- Included new images for various authentication providers to enhance user understanding.
- Updated translation files to support new icon picker features and improve localization.
2025-07-04 00:47:23 -03:00
Daniel Luiz Alves
1d2caa9e34 refactor: remove unused translation hook from ImagePreview component
- Eliminated the useTranslations hook from the ImagePreview component as it was not utilized, streamlining the code and improving performance.
2025-07-03 15:20:42 -03:00
Daniel Luiz Alves
4ea799ae80 feat: add total storage usage label in multiple languages and enhance storage usage component
- Introduced a new "total" label in various language translation files for storage usage.
- Updated the StorageUsage component to display the total storage size alongside the progress bar.
- Improved layout and styling in the QuickAccessCards component for better visual consistency.
2025-07-03 14:55:53 -03:00
Daniel Luiz Alves
3265f9d1a2 refactor: optimize file upload handling in GlobalDropZone component
- Converted generateFileId and createFileUpload functions to use useCallback for improved performance and memoization.
- Updated dependencies in useEffect hooks to include createFileUpload, ensuring proper functionality during file uploads and pasting events.
2025-07-03 11:13:09 -03:00
Daniel Luiz Alves
5e82e8c709 feat: implement global drop zone for file uploads across the application
- Introduced a new GlobalDropZone component to handle file drag-and-drop uploads, enhancing user experience.
- Updated dashboard and files pages to utilize the GlobalDropZone, allowing users to easily upload files by dragging them into designated areas.
- Added support for pasting images directly into the application, with success notifications for completed uploads.
- Enhanced localization by adding relevant messages for various languages in the translation files.
2025-07-03 11:06:34 -03:00
Daniel Luiz Alves
961d7b4f45 fix: update Brazilian Portuguese translations for consistency
- Corrected capitalization in various keys within pt-BR.json to ensure consistent styling, including titles and action labels.
- Updated the color of the markdown file icon in file-icons.tsx for improved visual distinction.
2025-07-03 02:08:31 -03:00
Daniel Luiz Alves
cc97a8e60d fix: update text color in QuickAccessCards for improved readability
- Changed the text color of card descriptions in quick-access-cards.tsx from gray to a muted foreground color, enhancing visual clarity.
2025-07-03 01:50:54 -03:00
Daniel Luiz Alves
5e367b67fa feat: enhance FilesTable and Textarea components for improved user interaction and styling
- Updated the FileIcon in FilesTable to include a hover effect and click handler for file preview functionality.
- Adjusted the background color in Textarea for better visual consistency with the overall design.
2025-07-03 01:49:11 -03:00
Daniel Luiz Alves
0b87c6e803 fix: remove unnecessary margin from icons in various components for improved layout consistency
- Adjusted icon classes in DeleteReverseShareModal, EmptyReverseSharesState, ReverseShareCard, StorageUsage, AddProviderForm, AuthProviderDeleteModal, AuthProvidersSettings, FilesView, Navbar, DeleteConfirmationModal, ShareFileModal, and ShareMultipleFilesModal to remove the right margin, enhancing visual alignment.
2025-07-03 01:29:48 -03:00
Daniel Luiz Alves
1ea4115578 feat: update global styles and layout for improved typography and card interaction
- Replaced Geist font with Outfit for both sans-serif and mono styles in globals.css and layout.tsx.
- Enhanced card hover effect in quick-access-cards.tsx to improve user interaction feedback.
- Adjusted card component structure in card.tsx for better styling and layout consistency.
2025-07-03 01:09:12 -03:00
Daniel Luiz Alves
d5918c3088 feat: enhance API configuration and file handling for improved performance
- Added experimental server actions and increased body size limits in next.config.ts to support larger payloads.
- Updated the download route to directly use the response body from the API, optimizing data handling.
- Modified the upload route to utilize the request body directly and adjusted content length handling for better compatibility.
2025-07-03 00:23:11 -03:00
Daniel Luiz Alves
3551732aa3 feat: enhance development scripts for improved workflow
- Added new development scripts in package.json for specific applications (web, server, docs) to streamline the development process using Turborepo.
- Updated the name of the frontend application in apps/web/package.json to align with the new naming convention.
2025-07-02 16:47:19 -03:00
Daniel Luiz Alves
6b0972c2ea chore: update package dependencies and scripts for improved validation
- Modified package.json files across multiple applications to streamline validation scripts by removing unnecessary formatting checks.
- Updated dependencies in server and docs applications to their latest versions, enhancing functionality and security.
- Adjusted development scripts in package.json to ensure consistency in linting and type-checking processes.
2025-07-02 15:57:37 -03:00
Daniel Luiz Alves
0ff4661ccd feat: integrate Turborepo for improved build and development workflow
- Added Turborepo configuration in turbo.json to streamline task management for development, building, linting, and formatting.
- Updated package.json scripts to utilize Turborepo for running development and build tasks across applications.
- Included .pnpm-workspace.yaml to define workspace structure for managing multiple applications.
- Enhanced .gitignore to exclude Turborepo's cache directory, ensuring cleaner repository management.
- Adjusted development scripts in apps/docs and apps/web to specify port numbers for local development.
2025-07-02 15:44:07 -03:00
Daniel Luiz Alves
75d6049b87 feat: enhance pre-push validation and update ESLint configurations
- Updated the Husky pre-push hook to validate all applications (web, docs, and server) before pushing changes, improving code quality checks.
- Modified ESLint configurations for the docs app to include additional ignored directories, ensuring cleaner linting results.
- Refactored the HomePage component in the docs app to improve structure and readability, while reintroducing the Highlight component for better content presentation.
- Added a .prettierignore file in the server app to exclude specific directories from formatting, enhancing development workflow.
- Updated various import statements across multiple files for consistency and clarity.
2025-07-02 14:53:23 -03:00
Daniel Luiz Alves
4fb7007db2 chore: update ESLint and Prettier configurations for improved code quality
- Removed the outdated .eslintrc.json file and replaced it with a new eslint.config.mjs file for better configuration management.
- Added .prettierrc.json to enforce consistent code formatting and included a .prettierignore file to exclude specific directories from formatting.
- Updated components.json to streamline alias definitions and ensure proper icon library usage.
- Enhanced package.json with new linting, formatting, and validation scripts to improve development workflow.
- Made various formatting adjustments across multiple files for consistency and clarity.
2025-07-02 12:01:59 -03:00
Daniel Luiz Alves
2c6699b604 feat: update documentation and configuration for v3.1-beta release
- Enhanced package.json with new linting, formatting, and type-checking scripts to improve code quality.
- Updated pnpm-lock.yaml to reflect dependency changes and ensure compatibility with the latest versions.
- Removed deprecated documentation files from the 1.1.7-beta version and added new content for the 3.1-beta release, including OIDC authentication guides and S3 provider configurations.
- Improved layout and styling in the documentation for better user experience.
- Updated the default version in constants to v3.1-beta, ensuring accurate routing in the application.
2025-07-02 12:01:45 -03:00
Daniel Luiz Alves
8db3304b56 feat: enhance file upload modal with success toast and file size formatting
- Added a success toast notification to the file upload modal, improving user feedback upon completion of uploads.
- Implemented a utility function to format file sizes for better readability in the upload status display.
- Reset the success toast flag in various scenarios to ensure accurate notifications during multiple upload sessions.
- Updated the favicon.ico file to reflect recent design changes.
2025-07-01 11:10:48 -03:00
Daniel Luiz Alves
8a954e14fa feat: enhance file upload section and reverse shares components
- Updated the file upload section to use axios for file uploads, enabling progress tracking during uploads.
- Removed unnecessary validation checks for optional fields in the reverse shares form, allowing both fields to be truly optional.
- Added refresh functionality to the reverse shares page, improving user experience by allowing data to be reloaded easily.
- Enhanced the reverse shares search component with a refresh button, providing a more intuitive interface for users.
2025-07-01 02:37:13 -03:00
Daniel Luiz Alves
00174fd9af fix: remove unnecessary loading state check in useFilePreview hook
- Eliminated the check for state.isLoadingPreview in the loadPreview function to simplify the loading logic.
- Cleaned up the parameters passed to the useFilePreview hook by removing the unused loading state, enhancing code clarity.
2025-07-01 01:59:24 -03:00
Daniel Luiz Alves
bb7872eed1 chore: add missing newline at end of package.json file 2025-07-01 01:44:26 -03:00
Daniel Luiz Alves
96f098f343 chore: fix missing newline at end of package.json file 2025-07-01 01:42:50 -03:00
Daniel Luiz Alves
fa0684ebbd feat: configure Husky with pre-push validation 2025-07-01 01:42:19 -03:00
Daniel Luiz Alves
5b04dd6415 feat: add Husky pre-push hook and validation script
- Introduced a pre-push hook in the Husky configuration to run validation checks for the web app before pushing changes.
- Added a validation script in package.json that includes formatting, linting, and type-checking tasks to ensure code quality.
- Updated pnpm-lock.yaml to include Husky as a dependency, enhancing the development workflow.
2025-07-01 01:36:25 -03:00
Daniel Luiz Alves
7e05724a2a chore: update configuration files and translations
- Modified ESLint and Next.js configuration files for improved code quality and performance.
- Updated package.json and pnpm-lock.yaml to reflect dependency changes and ensure compatibility.
- Added new translations for multiple languages, enhancing localization support across the application.
- Cleaned up unused or deprecated model files in the HTTP endpoints, streamlining the codebase.
2025-07-01 01:27:24 -03:00
Daniel Luiz Alves
b4e29294d9 refactor: replace fetch calls with API endpoint functions for authentication and provider management
- Updated OIDCCallbackPage to use getCurrentUser for fetching user data, improving code clarity and maintainability.
- Refactored MultiProviderButtons to utilize getEnabledProviders for loading authentication providers, enhancing consistency in API calls.
- Modified useLogin hook to replace fetch with getAppInfo for retrieving application information, streamlining authentication checks.
- Adjusted useAuthProviders to leverage new API functions for managing authentication providers, improving error handling and response management.
- Removed deprecated types and streamlined imports related to authentication provider management.
2025-06-30 14:02:26 -03:00
Daniel Luiz Alves
48019df81a feat: add SECURE_SITE environment variable to Docker Compose files
- Introduced SECURE_SITE variable in all Docker Compose files to allow configuration for reverse proxy usage.
- This addition enhances flexibility for deployment scenarios where a reverse proxy is utilized, improving security configurations.
2025-06-30 11:53:29 -03:00
Daniel Luiz Alves
9e1c6c0e9a refactor: standardize API base URL usage across proxy routes
- Introduced a consistent API_BASE_URL variable in all proxy route files to streamline API endpoint construction.
- Updated fetch calls to utilize the new variable, enhancing maintainability and reducing redundancy in URL definitions.
- This change improves code clarity and ensures that the base URL can be easily modified in one place if needed.
2025-06-30 11:53:05 -03:00
Daniel Luiz Alves
7eaae9fcb4 fix: update database schema push command to include force-reset option
- Modified the database schema push command in server-start.sh to include the --force-reset flag for both root and non-root users.
- This change ensures that the database schema is reset and applied correctly, improving the initialization process for the application.
2025-06-27 18:22:43 -03:00
Daniel Luiz Alves
099546d525 refactor: streamline share management in SharesPage component
- Removed local state for shareToViewDetails and integrated it with shareManager for better state management.
- Updated the onCloseViewDetails handler to utilize shareManager's method, enhancing code clarity and maintainability.
- Adjusted the useShares hook to eliminate unnecessary state, simplifying the overall logic.
2025-06-27 17:49:53 -03:00
Daniel Luiz Alves
d1de4c78c5 feat: standardize UID/GID configuration across Docker Compose files
- Added PALMR_UID and PALMR_GID environment variables to all relevant Docker Compose files to ensure consistent user and group ID settings for container processes.
- Updated documentation in quick-start guide to reflect these changes, enhancing clarity for users regarding UID/GID configurations.
2025-06-27 17:34:29 -03:00
Daniel Luiz Alves
69b808ef5e feat: add version update functionality and update package versions
- Introduced a new Makefile target `update-version` to streamline version updates across all package.json files.
- Added a script `update-versions.sh` to automate the version number update process.
- Updated package versions in `apps/docs`, `apps/server`, and `apps/web` to `3.1-beta` for consistency.
- Enhanced the build process to include version updates before building the Docker image.
2025-06-27 16:57:53 -03:00
Daniel Luiz Alves
503ab4055f feat: implement authentication provider management UI and functionality
- Added new UI components for managing authentication providers, including forms for adding, editing, and deleting providers.
- Integrated drag-and-drop functionality for reordering providers in the settings interface.
- Enhanced user experience with modals for confirming deletions and displaying callback URLs.
- Updated translation files to include new keys for authentication provider management, ensuring localization support.
- Refactored existing components to streamline the integration of new provider management features.
2025-06-27 15:23:37 -03:00
Daniel Luiz Alves
8f85874cbe feat: enhance authentication provider management and error handling
- Refactored AuthProvidersController to improve request handling and error responses, introducing utility methods for success and error replies.
- Added new request context and validation logic for custom endpoints in provider configurations, ensuring robust setup and error messaging.
- Implemented detailed error handling for callback and authorization processes, enhancing user feedback during authentication flows.
- Removed the ProviderManager class and integrated its functionality directly into AuthProvidersService for streamlined provider management.
- Updated DTOs and types to support new request structures and validation requirements, improving overall code clarity and maintainability.
2025-06-27 13:14:22 -03:00
Daniel Luiz Alves
f1449f6b10 feat: add Google and Discord authentication providers with configuration updates
- Introduced Google and Discord as new authentication providers in the seed script, including their OAuth2 configurations and metadata.
- Updated existing provider configurations to adjust sort orders and ensure proper integration with the new providers.
- Enhanced validation logic in the DTOs to accommodate optional endpoint fields and ensure correct provider setup.
- Implemented a delete confirmation modal in the web settings for managing authentication providers, improving user experience.
- Added logging for better debugging and tracking of provider-related operations in the controller and service layers.
2025-06-27 01:26:05 -03:00
Daniel Luiz Alves
9a086d7b40 refactor: remove test provider functionality and clean up related code
- Deleted the testProvider method from AuthProvidersController and its associated route in authProvidersRoutes.
- Removed test provider configuration logic from AuthProvidersService, including related testing methods and error handling.
- Updated ProviderManager to simplify endpoint fallback logic by removing unnecessary parameters.
- Cleaned up unused imports and variables in various files, enhancing code clarity and maintainability.
- Introduced a new checkbox in the AuthProvidersSettings component to hide disabled providers, improving user experience in managing authentication providers.
2025-06-26 23:11:52 -03:00
Daniel Luiz Alves
bbadb956af feat: enhance authentication provider configuration and testing
- Added new fields for authorizationEndpoint, tokenEndpoint, and userInfoEndpoint in the AuthProvider model to support custom endpoint configurations.
- Implemented validation logic in the AuthProvidersController to ensure either issuerUrl or all three custom endpoints are provided.
- Introduced a new testProvider endpoint to validate provider configurations, checking endpoint accessibility and credential validity.
- Updated the UI components to support manual endpoint configuration and testing, improving user experience in managing authentication providers.
- Enhanced the seeding script to include initial data for new provider configurations, ensuring a smooth setup process.
2025-06-26 18:25:26 -03:00
Daniel Luiz Alves
898586108f refactor: update authentication provider configurations and logic
- Removed displayName and type properties from ProviderConfig interface and related configurations for GitHub, Auth0, Kinde, Zitadel, and Authentik.
- Enhanced getDefaultScopes method to return scopes based on provider type, specifically for GitHub OAuth2 and OIDC providers.
- Updated AuthProvidersService to utilize provider type for determining PKCE requirements and default scopes.
- Adjusted placeholder text in the web settings for issuer URL to improve clarity.
2025-06-25 17:41:49 -03:00
Daniel Luiz Alves
6fbf9af388 feat: improve UID/GID configuration and troubleshooting documentation
- Updated docker-compose example to clarify UID/GID settings for better compatibility with host systems.
- Added a new troubleshooting guide to address common permission issues related to bind mounts.
- Enhanced existing documentation to emphasize the importance of matching host UID/GID with Palmr's defaults.
- Introduced a new troubleshooting section in the documentation to assist users in resolving permission denied errors.
2025-06-25 16:48:31 -03:00
Daniel Luiz Alves
11d834aea7 feat: implement authentication providers management
- Introduced a new AuthProvider model in the database schema to manage external authentication providers.
- Added routes and controllers for handling authentication provider operations, including creation and management.
- Updated the seeding script to include initial data for authentication providers.
- Enhanced the login and registration forms to support multiple authentication providers, improving user experience.
- Removed the deprecated OIDC functionality and updated related UI components and settings.
- Updated translation files to reflect changes in authentication terminology and settings.
- Improved error handling and logging for authentication processes.
2025-06-25 16:00:55 -03:00
Daniel Luiz Alves
828fbd4cfd v3.0.0-beta.12 (#109) 2025-06-25 08:42:28 -03:00
Daniel Luiz Alves
ea68e771a8 feat: enhance file management features and localization (#108) 2025-06-24 14:05:16 -03:00
Daniel Luiz Alves
229f9a3ca0 feat: enhance file management features and localization
- Added bulk download functionality for files in the PublicSharePage, allowing users to download multiple files as a ZIP.
- Introduced new success and error messages for file deletion and password protection updates, improving user feedback.
- Updated translation files to include new keys for bulk download, file deletion, and password protection messages, enhancing localization support.
- Improved UI components to accommodate new features and ensure a seamless user experience.
2025-06-24 13:58:57 -03:00
Daniel Luiz Alves
dd10c17a3a feat: enhance SMTP configuration options in settings (#107) 2025-06-24 11:19:22 -03:00
Daniel Luiz Alves
ab071916b8 feat: enhance SMTP configuration options in settings
- Added new fields for smtpSecure and smtpNoAuth in the email settings, allowing users to specify the connection security method and disable authentication for internal servers.
- Updated the EmailService to handle the new configuration options, improving flexibility in SMTP setup.
- Enhanced the UI components to include the new fields, ensuring proper user interaction and validation.
- Updated translation files to include descriptions and titles for the new SMTP settings, improving localization support.
2025-06-24 11:15:44 -03:00
Daniel Luiz Alves
1ab0504288 chore: add pull request template for improved contribution guidelines
- Introduced a new pull request template to standardize submissions and enhance clarity for contributors.
- The template includes sections for description, related issues, motivation, AI usage, testing, and a checklist to ensure quality and completeness.
- Aims to streamline the review process and improve collaboration within the project.
2025-06-24 01:02:41 -03:00
Daniel Luiz Alves
652f1f47d2 feat: implement file name truncation in modals for better display
- Added a utility function to intelligently truncate file names while preserving extensions.
- Updated ReceivedFilesModal and DeleteConfirmationModal to use the new truncation function, improving the display of long file names.
- Enhanced UI components to ensure proper layout and readability of file names in both modals.
2025-06-24 00:33:54 -03:00
Daniel Luiz Alves
cd9598a6d3 v3.0.0-beta.11 (#104) 2025-06-23 21:38:38 -03:00
Daniel Luiz Alves
017a1debd3 feat: add SMTP connection testing functionality (#103) 2025-06-23 18:28:54 -03:00
Daniel Luiz Alves
b917dbc05f feat: add SMTP connection testing functionality
- Implemented a new endpoint for testing SMTP connections, allowing administrators to validate SMTP settings before saving.
- Added a method in the EmailService to handle SMTP connection testing, utilizing either provided or saved configurations.
- Introduced a new UI component for testing SMTP connections within the settings, enhancing user experience with real-time feedback.
- Updated translation files to include new keys and messages related to SMTP testing across multiple languages.
2025-06-23 18:26:51 -03:00
Daniel Luiz Alves
4fdee6b98b Feat: Add bulk actions for file management in received files modal (#102) 2025-06-23 17:14:42 -03:00
Daniel Luiz Alves
a669a6c048 fix: change Docker build command to load images instead of pushing
- Updated the Docker build command in build-docker.sh to use --load instead of --push, allowing for local image loading during the build process.
- This change facilitates testing and debugging of Docker images before deployment.
2025-06-23 17:13:59 -03:00
Daniel Luiz Alves
264521f1c4 refactor: update translation management system to enhance key management and remove auto-translation
- Revised the translation management system to focus on key management, automating synchronization and validation of internationalization files.
- Removed the auto-translation functionality, emphasizing the need for manual translation by native speakers or professionals.
- Updated documentation to reflect changes in the workflow and best practices for managing translations.
- Adjusted related scripts and commands in package.json to align with the new translation process.
2025-06-23 17:11:25 -03:00
Daniel Luiz Alves
b1cc9dbb21 feat: add bulk actions for file management in received files modal
- Implemented bulk selection functionality for files in the ReceivedFilesModal, allowing users to select multiple files for actions such as download, copy, and delete.
- Added UI elements for bulk actions, including a dropdown menu for selecting actions and confirmation dialogs for deletion.
- Enhanced user experience by providing feedback during bulk operations and clearing selections after successful actions.
- Localized new messages for bulk actions across multiple languages to ensure consistent user feedback.
2025-06-23 17:11:08 -03:00
Daniel Luiz Alves
719b7f0036 v3.0.0-beta.10 (#101) 2025-06-23 16:04:01 -03:00
Daniel Luiz Alves
68c565f265 Implement file copy functionality from reverse shares to user files (#100) 2025-06-23 15:59:11 -03:00
Daniel Luiz Alves
22c5a44af8 feat: enhance reverse share functionality with field requirements
- Introduced new field requirements for name and email in the ReverseShare model, allowing for configurations of "HIDDEN", "OPTIONAL", or "REQUIRED".
- Updated the Create and Update schemas to include these new fields, ensuring proper validation and handling in the UI.
- Enhanced the file upload section to conditionally require name and email based on the new settings, improving user experience.
- Localized new messages for field requirements across multiple languages, ensuring consistent user feedback.
- Added a script to clean up translation files, addressing issues with multiple prefixes in translation keys.
2025-06-23 15:53:38 -03:00
Daniel Luiz Alves
4e841b272c feat: implement translation management system and enhance localization support
- Added a new translation management system to automate synchronization, validation, and translation of internationalization files.
- Introduced scripts for running translation operations, including checking status, synchronizing keys, and auto-translating strings.
- Updated package.json with new translation-related commands for easier access.
- Enhanced localization files across multiple languages with new keys and improved translations.
- Integrated download functionality for share files in the UI, allowing users to download multiple files seamlessly.
- Refactored components to support new download features and improved user experience.
2025-06-23 12:11:52 -03:00
Daniel Luiz Alves
6af10c6f33 refactor: remove UploadFileModal from SharesModals component
- Eliminated the UploadFileModal from the SharesModals component to streamline the modal management.
- Adjusted the component structure to enhance clarity and maintainability.
2025-06-23 01:28:19 -03:00
Daniel Luiz Alves
978a1e5755 feat: implement file copy functionality from reverse shares to user files
- Added a new endpoint to copy files from reverse shares to a user's personal files, ensuring only the creator can perform this action.
- Implemented error handling for various scenarios, including file not found, unauthorized access, and storage limitations.
- Updated the UI to include a "Copy to my files" action, enhancing user experience and accessibility.
- Localized new messages for success and error states in both English and Portuguese.
- Refactored related components to support the new copy functionality, ensuring a seamless integration into the existing workflow.
2025-06-21 11:37:47 -03:00
Daniel Luiz Alves
c265b8e08d v3.0.0-beta.9 (#90) 2025-06-20 16:33:04 -03:00
Daniel Luiz Alves
d0173a0bf9 refactor: optimize file icon rendering in UploadFileModal
- Consolidated file icon logic by introducing a new renderFileIcon function that utilizes the getFileIcon utility for improved clarity and maintainability.
- Removed redundant icon imports and streamlined the icon rendering process based on file names, enhancing code efficiency.
2025-06-20 16:09:13 -03:00
Daniel Luiz Alves
0d346b75cc refactor: simplify FilePreviewModal by utilizing useFilePreview hook
- Replaced complex state management and effect hooks in FilePreviewModal with a custom useFilePreview hook for improved readability and maintainability.
- Integrated FilePreviewRenderer component to handle different file types and rendering logic, enhancing the modularity of the code.
- Updated file icon mappings in file-icons.tsx to include additional file types and improve visual representation in the UI.
2025-06-20 15:37:00 -03:00
Daniel Luiz Alves
0a65917cbf refactor: update FilePreviewModal to handle text file previews
- Renamed jsonContent state to textContent for clarity and updated related logic to support various text file types.
- Implemented a new loadTextPreview function to handle text and JSON file previews, ensuring proper formatting and error handling.
- Enhanced file type detection to include a broader range of text file extensions, improving the preview functionality for users.
2025-06-20 15:14:35 -03:00
Daniel Luiz Alves
f651f50180 feat: enhance file upload and preview functionality (#89) 2025-06-20 14:44:43 -03:00
Daniel Luiz Alves
1125665bb1 feat: enhance file upload and preview functionality
- Improved the uploadSmallFile method to handle various request body types (buffer, string, object, stream) more effectively.
- Added error handling for unsupported request body types.
- Implemented JSON file preview capability in FilePreviewModal, allowing users to view formatted JSON content.
- Updated localization files to include "retry" messages in multiple languages for better user experience during upload errors.
2025-06-20 14:43:27 -03:00
Daniel Luiz Alves
b65aac3044 refactor: update authentication logic to support email or username (#88) 2025-06-20 13:46:10 -03:00
Daniel Luiz Alves
a865aabed0 refactor: update authentication logic to support email or username
- Modified the login schema to accept either an email or username for user authentication.
- Updated the AuthService to find users by email or username.
- Adjusted localization files to include new labels and placeholders for email or username input across multiple languages.
- Refactored the login form component to reflect the changes in the schema and improve user experience.
2025-06-20 13:45:37 -03:00
Daniel Luiz Alves
561e8faf33 refactor: remove outdated comment in FilePreviewModal
- Eliminated a redundant comment regarding the direct link approach in the file download logic to enhance code clarity and maintainability.
2025-06-20 10:29:08 -03:00
Daniel Luiz Alves
6445b0ce3e refactor: streamline file download logic in FilePreviewModal
- Updated the file download process to use a direct link approach, eliminating unnecessary fetch and blob creation steps.
- Improved code clarity by simplifying the download mechanism while maintaining functionality.
2025-06-20 10:28:44 -03:00
Daniel Luiz Alves
90cd3333cb Improve disk space detection (#87) 2025-06-20 10:19:15 -03:00
Daniel Luiz Alves
2ca0db70c3 localization: add loading and error messages for storage usage in multiple languages
- Enhanced localization files for various languages by adding loading states and detailed error messages related to storage information retrieval.
- Updated translations for "available" and included new keys for "loading," "retry," and various error scenarios to improve user experience during storage operations.
2025-06-20 10:18:33 -03:00
Daniel Luiz Alves
28697fa270 refactor: clean up comments and improve readability in various modules
- Removed unnecessary comments from timeout configuration, OIDC routes, reverse share routes, and other modules to enhance code clarity.
- Streamlined the code by eliminating redundant comments that do not add value to the understanding of the logic.
- Improved overall maintainability by focusing on concise and meaningful code structure.
2025-06-20 10:10:06 -03:00
Daniel Luiz Alves
d739c1b213 refactor: replace ShareFilePreviewModal with FilePreviewModal in files table component
- Updated the files table component to use FilePreviewModal for file previews.
- Removed the ShareFilePreviewModal component as it is no longer needed.
2025-06-20 09:55:03 -03:00
Daniel Luiz Alves
25a0c39135 docs: added instructions for Zitadel (#85) 2025-06-20 09:51:12 -03:00
Daniel Luiz Alves
185fa4c191 fix: change Docker build command from --push to --load
- Updated the Docker build command in build-docker.sh to use --load instead of --push, allowing for local image loading without pushing to a registry.
2025-06-20 09:48:42 -03:00
Daniel Luiz Alves
9dfb034c2e enhance: improve disk space detection and error handling in storage module
- Refactored disk space retrieval logic to support multiple commands based on the operating system.
- Added detailed error handling for disk space detection failures, including specific messages for system configuration issues.
- Updated API responses to provide clearer error messages to the frontend.
- Enhanced the dashboard UI to display loading states and error messages related to disk space retrieval, with retry functionality.
- Improved type definitions to accommodate new error handling in the dashboard components.
2025-06-20 09:48:00 -03:00
ruohki
936a2b71c7 docs: added instructions for Zitadel 2025-06-20 13:10:55 +02:00
Daniel Luiz Alves
cd14c28be1 refactor: simplify Docker environment detection for file storage paths (#77) 2025-06-19 03:02:31 -03:00
Daniel Luiz Alves
3c084a6686 refactor: simplify Docker environment detection for file storage paths
- Replaced manual Docker detection logic with a utility constant for determining if the application is running in a container.
- Updated file storage paths in both server and filesystem storage provider to use the new constant for improved readability and maintainability.
2025-06-19 02:49:47 -03:00
Daniel Luiz Alves
6a1381684b refactor: replace FilePreviewModal with ShareFilePreviewModal (#76) 2025-06-19 02:01:07 -03:00
Daniel Luiz Alves
dc20770fe6 refactor: replace FilePreviewModal with ShareFilePreviewModal in files table component
- Updated the files table component to use ShareFilePreviewModal for file previews.
- Removed the unused import of FilePreviewModal and added the new import for ShareFilePreviewModal.
2025-06-19 01:46:50 -03:00
Daniel Luiz Alves
6e526f7f88 fix: update email transport secure (#75) 2025-06-19 00:51:27 -03:00
Daniel Luiz Alves
858852c8cd refactor: remove unused import from email service 2025-06-19 00:50:09 -03:00
Daniel Luiz Alves
363dedbb2c Update service.ts (#74) 2025-06-19 00:49:27 -03:00
TerrifiedBug
cd215c79b8 Update service.ts
Fix nodemailer secure flag for STARTTLS
2025-06-18 23:45:42 +01:00
Daniel Luiz Alves
98586efbcd v3.0.0-beta.5 (#72) 2025-06-18 18:31:09 -03:00
Daniel Luiz Alves
c724e644c7 fix: update notification endpoint and include request body in API call
- Changed the API endpoint for notifying recipients to include the shareId directly in the URL.
- Added the request body to the fetch call to ensure proper data is sent with the notification request.
- Set the Content-Type header to application/json for the request.
2025-06-18 18:14:20 -03:00
Daniel Luiz Alves
555ff18a87 feat: implement Docker compatibility for file storage paths (#71) 2025-06-18 18:06:51 -03:00
Daniel Luiz Alves
5100e1591b feat: implement Docker compatibility for file storage paths
- Added checks to determine if the application is running in a Docker environment.
- Updated file storage paths to use `/app/server` in Docker and the current working directory for local development.
- Ensured consistent directory creation for uploads and temporary chunks across different environments.
2025-06-18 18:05:46 -03:00
Daniel Luiz Alves
6de29bbf07 fix: standardize environment variable imports and enhance user auth (#69) 2025-06-18 17:08:59 -03:00
Daniel Luiz Alves
39c47be940 fix: standardize environment variable imports and enhance user authentication error handling
- Updated imports for environment variables in auth and email services to ensure consistency.
- Improved error handling in user routes to provide more specific responses for unauthorized access and internal server errors.
2025-06-18 16:57:11 -03:00
Daniel Luiz Alves
76d96816bc v3.0.0-beta.3 (#68) 2025-06-18 16:19:24 -03:00
Daniel Luiz Alves
b3e7658a76 feat: enhance authentication flow and improve database setup script (#67) 2025-06-18 15:32:41 -03:00
Daniel Luiz Alves
61a579aeb3 feat: enhance authentication flow and improve database setup script
- Added a check for first user access in the authentication context to handle initial user setup.
- Updated the server start script to ensure proper ownership and permissions for database operations, enhancing compatibility with Docker environments.
- Refactored database seeding and configuration checks to run as the target user, preventing permission issues during setup.
2025-06-18 15:32:12 -03:00
Daniel Luiz Alves
cc9c375774 feat: add reverse proxy support (#66) 2025-06-18 12:44:39 -03:00
Daniel Luiz Alves
016006ba3d fix: storage calculation when running within docker (#65) 2025-06-18 12:44:20 -03:00
ruohki
cbc567c6a8 fixed logic error 2025-06-18 17:26:23 +02:00
Daniel Luiz Alves
25b4d886f7 docs: Update reverse proxy configuration to address SQLite "readonly database" error
- Added guidance for configuring proper UID/GID permissions to resolve SQLite issues with bind mounts.
- Included a note on checking host UID/GID and linked to detailed setup documentation for clarity.
2025-06-18 12:23:00 -03:00
ruohki
98953e042b check if runs within docker to pick storage loc 2025-06-18 17:16:11 +02:00
Daniel Luiz Alves
9e06a67593 docs: remove outdated Nginx configuration from reverse proxy documentation
- Eliminated the Nginx HTTP configuration section for reverse proxies without HTTPS/SSL to streamline the documentation.
- Maintained focus on the SECURE_SITE variable and Docker Compose setup for clarity in reverse proxy configurations.
2025-06-18 12:14:56 -03:00
Daniel Luiz Alves
9682f96905 docs: reverse proxy documentation to streamline Docker Compose example
- Removed outdated Docker Compose configuration for the Palmr service.
- Retained the SECURE_SITE environment variable setting for clarity.
- Updated documentation to emphasize HTTP security considerations.
2025-06-18 12:14:05 -03:00
Daniel Luiz Alves
d2c69c3b36 feat: Add SECURE_SITE configuration and reverse proxy documentation
- Introduced the SECURE_SITE environment variable to control cookie security settings based on deployment context.
- Updated Dockerfile to log SECURE_SITE status during application startup.
- Enhanced documentation with a new guide on reverse proxy configuration, detailing the use of SECURE_SITE for secure cookie handling.
- Adjusted authentication and email services to utilize SECURE_SITE for secure connections.
- Updated frontend components to set cookie security based on the current protocol.
2025-06-18 12:10:54 -03:00
Daniel Luiz Alves
9afe8292fa v3.0.0-beta.2 (#62) 2025-06-17 23:43:12 -03:00
Daniel Luiz Alves
e15f50a8a8 fix(docker): Implement bind mount compose (#61) 2025-06-17 23:31:06 -03:00
Daniel Luiz Alves
8affdc8f95 (fix) Share download (#58) 2025-06-17 23:27:38 -03:00
Daniel Luiz Alves
281eff0f14 chore: update Dockerfile and supervisord configuration for improved logging
- Modified the Dockerfile to streamline the creation of the supervisor configuration directory.
- Updated `infra/supervisord.conf` to redirect logs to stdout and stderr, enhancing log management and visibility.
- Removed specific log file paths and sizes to simplify logging setup.
2025-06-17 23:23:36 -03:00
Daniel Luiz Alves
b28f1f97c4 Refactor Dockerfile to use external supervisord configuration file
- Replaced inline supervisor configuration in Dockerfile with a separate `infra/supervisord.conf` file for better organization and maintainability.
- Ensured the new configuration retains all previous settings for the server and web programs.
2025-06-17 23:14:40 -03:00
Daniel Luiz Alves
c5660b3c6b feat: Enhance Docker setup and documentation for Palmr.
- Added a new `docker-compose-bind-mount-example.yaml` for easier bind mount configuration.
- Updated `.gitignore` to include the `data/` directory for persistent storage.
- Modified `docker-compose.yaml` to clarify volume paths and improve comments.
- Enhanced `Dockerfile` to support flexible UID/GID configuration and ensure proper directory permissions.
- Updated environment variable handling in `server-start.sh` and Prisma configuration for better database management.
- Revised documentation in `quick-start.mdx` and `uid-gid-configuration.mdx` to reflect new features and best practices for deployment.
2025-06-17 22:46:28 -03:00
Charly Gley
e64f718998 fix: change error and success messages 2025-06-17 19:59:27 +02:00
Charly Gley
f00a9dadd0 fix: make download on shares work 2025-06-17 19:55:23 +02:00
Daniel Luiz Alves
c262c164d2 v3.0.0-beta.1 (#57) 2025-06-17 11:07:39 -03:00
Daniel Luiz Alves
1d882252e3 feat: UID GID environment support (#56) 2025-06-17 10:49:57 -03:00
Daniel Luiz Alves
2ea7343e0c feat: Add flexible UID/GID configuration support in Dockerfile and documentation
- Updated Dockerfile to allow configurable user and group IDs via environment variables `PALMR_UID` and `PALMR_GID`, enhancing compatibility with host systems.
- Introduced a new documentation file `uid-gid-configuration.mdx` detailing the configuration process and troubleshooting for permission issues, particularly for NAS systems.
- Updated `meta.json` to include a reference to the new UID/GID configuration guide.
2025-06-17 10:46:36 -03:00
Daniel Luiz Alves
54bd987b9a docs: Update supported languages to include Polish
- Increased the total number of supported languages from 14 to 15, adding Polish (pl-PL) with complete translations across all application features and interfaces.
2025-06-17 10:43:02 -03:00
Daniel Luiz Alves
b900953674 fix: Updare Polish language translations for the application
- Created a new `pl-PL.json` file containing comprehensive translations for various application components, including common messages, file management, user authentication, and sharing features. This addition enhances accessibility for Polish-speaking users.
2025-06-17 10:39:37 -03:00
Daniel Luiz Alves
d07ebfd01f Create pl_PL.json (#43) 2025-06-17 10:34:14 -03:00
Daniel Luiz Alves
5b0b01eecd Update language-switcher.tsx (#44) 2025-06-17 10:25:40 -03:00
Daniel Luiz Alves
cb87505afd Remove hardcoded environment variables from supervisord.conf (#54) 2025-06-17 10:23:46 -03:00
Clay Buxton
b447204908 Remove hardcoded environment variables from supervisord.conf 2025-06-15 22:35:37 -04:00
Kamil
4049878cfe Update language-switcher.tsx
Add Polish language selector
2025-06-13 20:40:39 +02:00
Kamil
13ae0d3b8c Create pl_PL.json
Add Polish language translation
2025-06-13 20:38:58 +02:00
Daniel Luiz Alves
2990e6fefb v3.0-beta (#41) 2025-06-13 12:26:04 -03:00
Daniel Luiz Alves
65c9b755ca [New Version] - v3.0-Beta (#40) 2025-06-13 12:06:15 -03:00
Daniel Luiz Alves
893a4097b6 feat: add reverse share feature image to README
- Included a new image showcasing the reverse share functionality in the README, enhancing visual representation and user understanding of the feature.
2025-06-13 11:57:17 -03:00
Daniel Luiz Alves
d3c26b550b feat: update README and seed configuration for improved branding and clarity
- Replaced the banner image in the README to enhance visual appeal and branding.
- Updated the seed configuration to reflect a new application logo, ensuring consistency in branding.
- Expanded the README to include additional features such as simple deployment and scalable storage options, improving clarity for users.
2025-06-13 11:36:41 -03:00
Daniel Luiz Alves
348bdb0282 feat: add comprehensive documentation for new features and user contributions
- Introduced new guides for available languages, SMTP configuration, OIDC authentication, and issue reporting to enhance user experience and support.
- Added detailed instructions for contributing to the Palmr project, including GitHub sponsorship and starring the repository.
- Updated the homepage to highlight core features and improve user engagement.
- Removed outdated user management documentation to streamline content and focus on current functionalities.
- Included new images to support documentation and enhance visual understanding of features.
2025-06-13 11:23:35 -03:00
Daniel Luiz Alves
8f30883404 feat: update to v3.0-beta with new features and improvements
- Updated versioning across multiple components and documentation to v3.0-beta.
- Introduced new Docker Compose configurations for S3-compatible storage and MinIO support.
- Enhanced the documentation with new guides for API usage, architecture, and user management.
- Improved localization and user experience in the frontend with updated UI components and styles.
- Removed outdated Docker configurations and files to streamline the setup process.
- Added new utilities for key generation and improved error handling in various components.
- Updated license to reflect the new Kyantech-Permissive License.
2025-06-13 02:23:15 -03:00
Daniel Luiz Alves
458c6b40bb feat: enhance reverse share localization and functionality
- Updated localization files for multiple languages to include new strings related to reverse share features, improving user experience.
- Introduced new components for managing reverse share details, including editable fields and sections for received files.
- Enhanced existing modals with improved layouts and functionality for better user interaction during reverse share operations.
- Improved error handling and user feedback throughout the reverse share process.
2025-06-06 16:41:29 -03:00
Daniel Luiz Alves
fea4faa7ce feat: enhance reverse share modals and localization
- Updated localization files to include new strings for reverse share modals, improving user experience in multiple languages.
- Introduced new components for managing reverse share details, including editable fields and received files sections.
- Enhanced existing modals with improved layouts and functionality for better user interaction.
- Refactored hooks to streamline reverse share data handling and improve code organization.
- Added new utility functions for formatting file sizes and dates, enhancing the display of reverse share information.
- Improved error handling and user feedback during reverse share operations.
2025-06-06 14:51:39 -03:00
Daniel Luiz Alves
6a08874267 feat: enhance reverse share upload functionality with improved localization and error handling
- Updated localization files to include new strings for the reverse share upload process, enhancing user experience in multiple languages.
- Implemented a new layout for reverse share uploads, integrating file upload sections and status messages for better feedback.
- Added error handling for various upload scenarios, including password protection, link expiration, and file validation.
- Refactored components to utilize hooks for managing upload state and responses, improving code organization and maintainability.
- Introduced a new password modal for handling protected links, enhancing security during file uploads.
- Enhanced the user interface with dynamic status messages and visual feedback during the upload process.
2025-06-06 13:43:16 -03:00
Daniel Luiz Alves
b549aef45f feat: introduce reverse share functionality and password reset guide
- Added a comprehensive guide for resetting user passwords directly within the Docker container, enhancing security and usability.
- Implemented reverse share features, including new routes, controllers, and services for managing reverse shares.
- Introduced DTOs and repository patterns for reverse share operations, improving code organization and maintainability.
- Updated API endpoints to support reverse share functionalities, including file uploads and password management.
- Enhanced the dashboard with new components for managing reverse shares, improving user experience and accessibility.
- Updated localization files to include new strings related to reverse shares and password management.
2025-06-06 01:43:58 -03:00
Daniel Luiz Alves
1fb06067cd feat: update Dockerfile and add password reset functionality
- Upgraded Node.js version in Dockerfile from 18-alpine to 20-alpine for improved performance and security.
- Added API_BASE_URL environment variable to support local API calls.
- Introduced a new reset-password.sh script for interactive password resets within the Docker container.
- Created reset-password.ts script to handle password reset logic, including user validation and password hashing.
- Enhanced Dockerfile to copy the new scripts and ensure proper permissions for execution.
2025-06-03 17:49:48 -03:00
Daniel Luiz Alves
998b690659 feat: implement OIDC authentication and enhance user management features
- Introduced OIDC authentication support with new OIDCService, controller, and routes for handling OIDC login and callback processes.
- Updated user management functionalities to integrate OIDC, allowing users to authenticate via external providers.
- Enhanced localization files to include new strings related to OIDC authentication across multiple languages.
- Refactored existing components and hooks to support the new authentication flow, improving user experience during login and registration processes.
- Added new UI components for handling OIDC login and callback, ensuring a seamless integration with the existing application structure.
2025-06-03 16:15:22 -03:00
Daniel Luiz Alves
459783b152 chore: remove ONLY_DOCKER.md documentation file
- Deleted the ONLY_DOCKER.md file which provided instructions for running Palmr with Docker without docker-compose. This file is no longer needed as the documentation has been consolidated or updated elsewhere.
2025-06-02 17:14:29 -03:00
Daniel Luiz Alves
bc752b3b74 feat: enhance file selector with improved localization and functionality
- Updated localization files for multiple languages to include new strings related to file sharing and management.
- Enhanced the FileSelector component to support additional features such as file descriptions, search functionality, and improved user feedback.
- Refactored action button titles and placeholder texts to utilize localized strings for better user experience.
- Improved the display of file counts and selection statuses in the file selector interface.
2025-06-02 17:05:01 -03:00
Daniel Luiz Alves
f067e160ba feat: enhance sharing features with security and expiration settings
- Introduced ShareSecurityModal and ShareExpirationModal components to manage share security and expiration settings.
- Updated SharesModals and SharesTable components to integrate new modals for managing security and expiration.
- Enhanced ShareManager to handle updates for security and expiration settings.
- Improved localization files to include new strings related to share security and expiration across multiple languages.
- Refactored existing components to support the new functionality, improving user experience in managing shared items.
2025-06-02 16:52:46 -03:00
Daniel Luiz Alves
5f4f8acbca feat: enhance filename encoding for Content-Disposition header
- Implemented a new method to safely encode filenames for the Content-Disposition header in both FilesystemController and S3StorageProvider, improving file download handling.
- Updated the upload and presigned URL generation processes to utilize the new encoding method, ensuring proper filename formatting and security.
- Enhanced validation logic in FilesystemStorageProvider for download tokens to improve robustness.
2025-06-02 14:57:03 -03:00
Daniel Luiz Alves
1a34236208 feat: implement bulk delete functionality for shares
- Added bulk delete confirmation modal to enhance user experience when deleting multiple shares.
- Integrated bulk delete actions in the shares table, allowing users to select and delete multiple shares at once.
- Updated ShareManager to handle bulk delete operations and manage selected shares state.
- Enhanced localization files to include new strings related to bulk delete actions across multiple languages.
2025-06-02 13:40:34 -03:00
Daniel Luiz Alves
14477ff676 feat: enhance file management and audio playback features
- Added a new slider component for audio playback control, improving user interaction with audio files.
- Implemented a custom audio player to support audio file previews within the file preview modal.
- Introduced a files view manager to toggle between table and grid views for better file organization.
- Updated localization files to include new strings related to audio playback and file management across multiple languages.
- Enhanced the recent files component to utilize the new dashboard files view for improved user experience.
2025-06-02 11:58:44 -03:00
Daniel Luiz Alves
ff6e171e91 feat: enhance file sharing and management features
- Added support for file descriptions in sharing modals, allowing users to provide additional context when sharing files.
- Implemented bulk sharing functionality, enabling users to share multiple files at once with a single action.
- Enhanced file management capabilities with new modals for bulk downloads and deletions, improving user experience.
- Updated localization files to include new strings related to file sharing and management across multiple languages.
- Improved the file manager to handle bulk actions and state management more effectively.
2025-06-02 03:09:15 -03:00
Daniel Luiz Alves
d69453e4ae feat: enhance file preview and upload functionality
- Updated localization files for multiple languages to improve user experience with file previews and uploads.
- Enhanced the FilePreviewModal component to support video, audio, and PDF previews with blob loading for better performance.
- Implemented a confirmation modal for canceling ongoing uploads, providing users with clearer options during the upload process.
- Improved file upload handling with better state management and user feedback during uploads.
2025-06-02 00:04:24 -03:00
Daniel Luiz Alves
158858e426 feat: implement file sharing functionality with modal support
- Added ShareFileModal component to facilitate file sharing with customizable options.
- Integrated sharing functionality into RecentFiles and FileList components, allowing users to share files directly.
- Updated file manager to handle file sharing state and actions.
- Enhanced localization files to include new share-related strings across multiple languages.
2025-06-01 22:52:35 -03:00
Daniel Luiz Alves
b90c77966d feat: implement file renaming and description updating in file and share tables
- Added functionality to update file names and descriptions directly in the FileList and FilesTable components.
- Enhanced SharesTable to allow renaming of shares with inline editing capabilities.
- Updated ShareManager to handle name updates for shares, improving user experience in managing shared items.
- Introduced optimistic UI updates for better responsiveness during editing actions.
2025-06-01 22:23:44 -03:00
Daniel Luiz Alves
9dff734f9f feat: enhance share service and API routes for better parameter handling
- Updated ShareService to hash passwords conditionally before storing them in the database.
- Modified API route handlers to await parameters, improving the handling of dynamic route parameters in the fetch requests.
- Added .gitignore entry for Prisma database files to prevent them from being tracked.
2025-06-01 00:52:46 -03:00
Daniel Luiz Alves
d3b7fe04ed feat: implement file size input component and update settings configuration
- Added a new FileSizeInput component to handle file size configurations in a user-friendly manner.
- Updated SettingsInput to integrate the FileSizeInput for maxFileSize and maxTotalStoragePerUser settings.
- Revised environment schema to remove MAX_FILESIZE validation, ensuring flexibility in configuration.
- Adjusted localization files to remove byte references in descriptions for clarity across multiple languages.
2025-06-01 00:29:35 -03:00
Daniel Luiz Alves
122781ca3d chore: update environment example and language switcher cookie comment
- Revised the .env.example file to clarify S3 storage configuration options and removed commented-out database URL.
- Added a comment to the COOKIE_MAX_AGE constant in the language switcher for better understanding of its purpose.
2025-05-31 23:10:10 -03:00
Daniel Luiz Alves
32727bf99b feat: add Italian and Dutch options to language switcher
- Updated the language switcher component to include Italian (it-IT) and Dutch (nl-NL) as selectable languages, enhancing localization support for users.
2025-05-31 03:30:25 -03:00
Daniel Luiz Alves
9baf3588c0 feat: add Italian and Dutch localization files
- Introduced new localization files for Italian (it-IT.json) and Dutch (nl-NL.json) languages, providing complete translations for the application interface and enhancing accessibility for users in these regions.
2025-05-31 03:29:49 -03:00
Daniel Luiz Alves
3677b6e494 fix: update language switcher secure cookie setting
- Changed the secure cookie setting in the LanguageSwitcher component from production-only to false, ensuring compatibility in non-production environments.
2025-05-31 02:46:57 -03:00
Daniel Luiz Alves
7a77c0a1c1 feat: enhance password reset functionality and update environment configuration
- Removed FRONTEND_URL validation from environment schema.
- Updated AuthController to include origin in password reset requests.
- Modified RequestPasswordResetSchema to require origin.
- Adjusted AuthService and EmailService to handle origin for password reset emails.
- Updated frontend hook to pass origin when requesting password reset.
2025-05-31 02:46:34 -03:00
Daniel Luiz Alves
6c4dbb167e fix: update footer version display
- Changed the footer version display from "v{version}-beta" to "v{version}" to reflect the current version without the beta suffix.
2025-05-31 02:45:30 -03:00
Daniel Luiz Alves
d74ff76227 fix: update French and Portuguese localization files
- Added missing title for SMTP notifications in the French localization file.
- Reformatted the Portuguese localization file to improve structure and readability by aligning keys and values properly.
2025-05-31 02:45:10 -03:00
Daniel Luiz Alves
713ad709a6 fix: update localization files to use placeholder syntax
- Modified JSON files for multiple languages to replace template syntax from `{{variable}}` to `{variable}` for consistency across localization strings.
- Ensured that all relevant keys in the files for Arabic, German, Spanish, French, Hindi, Japanese, Korean, Portuguese, Russian, Turkish, and Chinese reflect this change, enhancing maintainability and readability.
2025-05-31 02:37:52 -03:00
Daniel Luiz Alves
c39d41b76c feat: migrate from PostgreSQL to SQLite
- Updated Docker Compose and Dockerfile to remove PostgreSQL dependencies and configure SQLite as the database provider.
- Adjusted environment variables and healthcheck commands to reflect the new database setup.
- Simplified server startup script by removing PostgreSQL wait logic and replacing migration commands with schema push.
- Updated Prisma schema to use SQLite and removed related migration files.
2025-05-30 22:50:40 -03:00
Daniel Luiz Alves
602780e8dd feat: update Docker Compose files for improved configuration and documentation
- Refactored environment variable definitions in docker-compose files to enhance clarity and consistency.
- Updated healthcheck commands to utilize dynamic port variables for better adaptability.
- Added a new quick-start guide to the documentation, providing users with a streamlined setup process using Docker Compose.
- Included the quick-start page in the meta.json for better navigation in the documentation.
2025-05-30 17:10:58 -03:00
Daniel Luiz Alves
2276ed5bd6 feat: update package.json for Palmr v2.1-beta release
- Updated version to "2.1-beta" for both server and frontend applications.
- Changed project names to "palmr-api" and "palmr-frontend".
- Added descriptions, author information, keywords, and license details.
- Specified package manager version as "pnpm@10.6.0" for both applications.
2025-05-30 14:09:16 -03:00
Daniel Luiz Alves
4b57a03311 feat: start update documentation for Palmr v2.1-beta release
- Renamed the project to "palmr-docs" and updated version to "2.1-beta" in package.json.
- Added new architecture and user management documentation for the 2.1-beta version.
- Updated meta.json files to include the new version and pages.
- Introduced a version warning component for deprecated documentation.
- Enhanced layout and styling for better user experience.
- Added new assets including logos and banners for the updated version.
2025-05-30 14:08:58 -03:00
Daniel Luiz Alves
fff4675aa3 feat: add docker-compose files for S3 and local filesystem storage options
Introduce three new docker-compose files: docker-compose-file-system.yaml for local filesystem storage, docker-compose-s3-minio.yaml for MinIO S3-compatible storage, and docker-compose-s3.yaml for direct S3 storage. Each configuration includes environment variables for service setup, health checks, and persistent volume management. This enhances deployment flexibility for the Palmr application.
2025-05-28 18:07:16 -03:00
Daniel Luiz Alves
8290ccaaa9 feat: enhance Docker setup for local filesystem storage
Update Dockerfile and docker-compose.yaml to support local filesystem storage for uploads and temporary files. Add necessary directories and permissions in the Dockerfile, and configure volumes in docker-compose for persistent storage. Modify .dockerignore to exclude runtime-generated storage directories, ensuring a cleaner build environment.
2025-05-28 10:46:05 -03:00
Daniel Luiz Alves
c780ea2f2a feat: enhance file storage capabilities with local filesystem support
Implement a new FilesystemStorageProvider to enable file uploads and downloads directly to a local encrypted filesystem. Update the application to support both S3 and local filesystem storage modes, allowing for flexible file handling based on environment configurations. Introduce timeout configurations for large file operations and ensure proper directory management for uploads. Update relevant routes and controllers to accommodate the new filesystem functionality.
2025-05-28 10:00:52 -03:00
Daniel Luiz Alves
615d203002 feat: implement S3-compatible storage support
Add support for S3-compatible storage by introducing a new S3StorageProvider. Update environment variables to replace MinIO configurations with S3 settings. Modify file service methods to utilize the new provider for generating presigned URLs and managing file operations. Update related documentation and API endpoints to reflect these changes, ensuring compatibility with various S3 providers.
2025-05-28 01:34:22 -03:00
Daniel Luiz Alves
9984a21b76 chore: refactor Dockerfile, docker-compose, and .dockerignore for a single image (#37) 2025-05-27 01:14:39 -03:00
Daniel Luiz Alves
431086a614 fix: update healthcheck commands in installation documentation to use wget 2025-05-27 01:11:07 -03:00
Daniel Luiz Alves
d40ef51695 chore: add Dockerfile, docker-compose, and .dockerignore for multi-service setup
Introduce a Dockerfile for building the Palmr application with multi-stage builds for both server and web components. Update docker-compose.yaml to consolidate services under a single 'palmr' service, ensuring proper health checks and environment variable configurations. Add a .dockerignore file to optimize Docker builds by excluding unnecessary files. Include a Makefile for simplified build and deployment commands.
2025-05-27 00:50:46 -03:00
Daniel Luiz Alves
8f3ad71850 v2.0.0-beta.5 (#36) 2025-05-20 12:03:31 -03:00
Daniel Luiz Alves
a9191d6b54 docs(installation): update environment variable names for consistency
Update environment variable names in the installation documentation to use consistent naming conventions. This includes changing POSTGRES_PASSWORD to POSTGRESQL_PASSWORD and similar adjustments for other variables to align with the expected naming format.
2025-05-20 12:02:14 -03:00
Daniel Luiz Alves
b8465df016 Fix healthcheck and environment variables in docker-compose.yml (#35) 2025-05-20 11:51:44 -03:00
tiltshiftfocus
5a44d79279 Fix healthcheck and environment variables in docker-compose.yml 2025-05-20 14:50:35 +08:00
Daniel Luiz Alves
63d9abfe3e v2.0.0-beta.4 (#34) 2025-05-19 18:10:13 -03:00
Daniel Luiz Alves
d3ae5ea10c build: update Node.js and dependencies in Dockerfiles and package.json
Update the base Node.js image from version 18 to 22-alpine in both web and server Dockerfiles to leverage the latest features and security patches. Additionally, update the @prisma/client dependency to version 6.4.1 in the server package.json and pnpm-lock.yaml to ensure compatibility and stability.
2025-05-19 18:08:19 -03:00
Daniel Luiz Alves
d614820aca add RepoFlow as supporter 2025-05-14 21:44:06 -03:00
Daniel Luiz Alves
3c2d92c630 feat: change download behaviour (#33) 2025-05-14 21:26:52 -03:00
Charly Gley
6ae8436f4b fix: changed download behaviour for the public share as well 2025-05-10 15:03:18 +02:00
Charly Gley
39d5980936 feat: change download behaviour - download directly from minio backend, which makes the browser display the download progress 2025-05-10 03:24:25 +02:00
Daniel Luiz Alves
27e0e7c8da docs: update docker image tags to 'latest' in installation guide (#31) 2025-05-06 11:03:06 -03:00
Daniel Luiz Alves
02bc1df0c1 docs: update docker image tags to 'latest' in installation guide
This change ensures that the installation guide uses the 'latest' tag for docker images instead of the specific 'v2.0.0-beta' version, making it easier for users to always get the most recent version without manually updating the tag.
2025-05-06 11:02:00 -03:00
Daniel Luiz Alves
c1baa3a16d v2.0.0-beta.3 (#30) 2025-05-06 10:06:52 -03:00
Daniel Luiz Alves
cfc103e056 fix: (docker images) (#29) 2025-05-06 09:41:12 -03:00
Charly Gley
1a0b565ae0 fix: (docker images)
changed check-db.mjs to output number in stdout
changed routes.ts to import prisma with relative paths
2025-05-05 21:04:14 +02:00
Daniel Luiz Alves
37a30f1bd7 v2.0.0-beta.2 (#28) 2025-05-05 11:42:17 -03:00
Daniel Luiz Alves
d7bdffe096 feat: Pre-upload validation API (#26) 2025-05-05 09:50:44 -03:00
Daniel Luiz Alves
277fa3ce28 fix(register-form) (#27) 2025-05-05 09:50:09 -03:00
Charly Gley
11b2c5d9a1 fix(register-form): change form validation password length to 8 instead of 6 (backend expects at least 8). Added translations for the error/success toast messages. 2025-05-04 04:12:19 +02:00
Charly Gley
0e1ea0f2ef feat: Pre-upload validation API
I implemented a new API Endpoint /files/check that is queried before trying to upload the file to the MinIO backend.
This prevents the current issue where files exceeding the maximum file size would be uploaded to the storage backend but then fail to get registered, resulting in "dead" data invisible in the frontend but stored in the backend.
Additionally I added new toast notifications for the following errors that can happen while checking if the file is valid:
- filesizeExceeded: Displays a toast that the file is too large and shows the current MAX_FILESIZE
- insufficientStorage: Displays a toast with the error that not enough storage is available together with the currently available storage
- unauthorized: Displays a toast saying that the token is invalid
2025-05-03 05:22:57 +02:00
Daniel Luiz Alves
a8c53afe8c [Next Release] v2.0.0-beta.1 (#21) 2025-05-02 18:03:32 -03:00
PunchEnergyFTW
5b3dab7c75 fix(shares): Allow users to set and update passwords for shares (#25) 2025-05-02 17:01:22 -03:00
Daniel Luiz Alves
57d89e5807 Feat: Initial admin creation (#24)
In this pull request, we're removing the default admin user that was previously created via seed. Instead, the initial user will now be created dynamically by whoever is installing Palmr., eliminating the need for a predefined seed. This change makes the setup process more fluid and secure.
2025-05-02 16:23:13 -03:00
PunchEnergyFTW
107a467bcc Feat: Add max filesize environment variable (#20)
Co-authored-by: Charly Gley <charly@gley.dev>
2025-04-27 23:30:18 -03:00
Daniel Luiz Alves
792183bbb3 Merge branch 'main' into next 2025-04-27 23:27:44 -03:00
Daniel Luiz Alves
a12183d4a8 Squashed commit of the following:
commit 359d0a0403
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 25 14:11:09 2025 -0300

    docs(installation): add command to generate .env file

    Add a command to generate a .env file with the `server_ip` configuration to simplify the setup process for users. This command can be executed in the server terminal at the same path as the docker-compose.yaml file.

commit c3967eca72
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 25 13:42:26 2025 -0300

    refactor(web): remove unused config fetch in layout metadata

    Simplify the metadata generation in the layout component by removing the unnecessary fetch of app configurations. This reduces complexity and improves maintainability.

commit 6898dd8d1b
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 25 01:22:53 2025 -0300

    refactor(layout): remove unused changeLayout prop from Banner component

    The changeLayout prop was not utilized in the Banner component, so it has been removed to simplify the code and improve maintainability.

    style(home): add version tag to the hero section title

    Added a small version tag "v2.0.0-beta" to the hero section title for better visibility and user awareness of the current version.

commit e80de3576c
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 25 01:11:45 2025 -0300

    build(docs): disable eslint and typescript checks during builds

    To streamline the build process and avoid unnecessary interruptions, eslint and typescript checks are now ignored during builds

commit 17dd85241c
Merge: da64d65 f7124ec
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 25 01:01:28 2025 -0300

    Upgrade to v2.0.0-beta (#16)

commit f7124ec346
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 25 00:56:04 2025 -0300

    chore: update environment and docker configurations

    Update .env.example to include SERVER_IP, add metadata to docs layout, and switch docker-compose image tags to 'latest' for consistency and clarity.

commit b443fcb010
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Thu Apr 24 23:31:40 2025 -0300

    docs: update image URLs in README.md

    Update the image URLs in the README.md file to use the new Cloudinary links for better reliability and consistency

commit d106b5346f
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Thu Apr 24 23:28:30 2025 -0300

    docs: update documentation links and README content

    Update all documentation links from 'palmr-docs.kyantech.com.br' to 'palmr.kyantech.com.br' to reflect the new URL. Additionally, update the README.md to include the latest frontend technology stack and correct the screenshot image link. Also, add a hyperlink to the core maintainer's GitHub profile.

commit 7a6df51308
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Thu Apr 24 23:14:25 2025 -0300

    refactor(home): update layout, image URLs, and documentation links

    - Remove unnecessary spaces in JSX elements for cleaner code
    - Add images configuration to next.config.mjs to support remote image sources
    - Replace old image URLs with new Cloudinary-hosted images
    - Update documentation links to include an icon for better UX

commit e40254fea6
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Thu Apr 24 20:17:04 2025 -0300

    feat(home-page): redesign home page with interactive components

    Added new interactive components like animated grids, pulsating buttons, and ripple effects to enhance the user experience. Updated the layout to include sections for features, architecture, and file sharing. Improved the overall design with modern animations and typography.

commit a3ed862ed9
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Thu Apr 24 12:12:11 2025 -0300

    docs: add new documentation pages for Palmr 2.0.0-beta

    This commit introduces several new documentation pages for the Palmr 2.0.0-beta release. The added pages cover topics such as SMTP configuration, available languages, GitHub sponsorship, starring the repository, opening issues, generating shares, and contributing to the project. These additions aim to provide comprehensive guidance for users and contributors, enhancing the overall user experience and supporting the project's growth.

commit 7904333b15
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Wed Apr 23 16:59:06 2025 -0300

    docs: add API documentation and update meta.json for 1.1.7-beta and 2.0.0-beta

    This commit introduces API documentation files for both 1.1.7-beta and 2.0.0-beta versions, including detailed guides on accessing and using Scalar and Swagger-based API documentation. Additionally, it updates the meta.json files for both versions to include the new API section and other relevant entries. The global.css file has also been updated to improve styling for code blocks and headings.

commit 57af56ff7e
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Tue Apr 22 17:46:31 2025 -0300

    feat(docs): update and enhance documentation for v2.0.0-beta

    Add new architecture, installation, and GitHub architecture documentation. Include new banner and architecture images. Refactor meta.json and index.mdx for better structure and clarity. Add sponsor and footer components to the docs layout. Update docker-compose.yaml with new environment variables and port configurations. Remove outdated files and streamline content for v2.0.0-beta release.

commit a2a5b6a88b
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Thu Apr 17 11:49:32 2025 -0300

    refactor: replace Image component with img tag for app logo

    The commit replaces the Next.js `Image` component with the standard HTML `img` tag in the app logo rendering. This change simplifies the implementation and removes unnecessary dependencies. Additionally, the `env` import was removed from the seed file, the docker-compose image tag was updated to a specific version, and remote image patterns were added to the Next.js config.

commit fccc9d559f
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Thu Apr 17 01:16:38 2025 -0300

    chore: remove docker-compose-local.yaml file

    The file was deleted as it is no longer needed for the local development setup. This change simplifies the project structure and reduces maintenance overhead.

commit c1fc52c302
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Thu Apr 17 01:15:19 2025 -0300

    feat(docs): migrate documentation to Next.js with Fumadocs

    This commit migrates the documentation site from Astro to Next.js, leveraging Fumadocs for enhanced functionality and maintainability. The migration includes:
    - New Next.js configuration and setup
    - Integration of Fumadocs for documentation rendering
    - Addition of new documentation assets and images
    - Removal of Astro-related files and configurations

    The migration aims to improve the documentation site's performance, scalability, and developer experience.

commit dca252827c
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Wed Apr 16 15:24:20 2025 -0300

    refactor: remove deprecated Makefile and generate-docker-compose.sh

    The Makefile and generate-docker-compose.sh script were removed as they are no longer needed. The docker-compose.yaml file was updated to include inline comments and use the latest image tag for the palmr-app service. This cleanup simplifies the project structure and ensures clarity in the docker-compose configuration.

commit 32bc17c373
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Wed Apr 16 14:36:16 2025 -0300

    chore: update .gitignore and docker-compose.yaml for better configuration

    - Add `.env` to .gitignore to ignore environment variables file
    - Update docker-compose.yaml to use environment variables for configuration
      and improve comments for clarity

commit efba0b75dc
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Wed Apr 16 13:53:51 2025 -0300

    refactor(web): restructure and clean up project files

    Restructured the project by moving and deleting unused files, updating configurations, and organizing code for better maintainability. This includes removing deprecated models, updating environment settings, and consolidating utility functions.

commit a119ab4d46
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Wed Apr 16 13:40:54 2025 -0300

    build(web): add Dockerfile and docker-compose.yml for production deployment

    Refactor image handling in components to use Next.js Image component
    Remove unused imports and disable ESLint during builds
    Add error logging for i18n and login functionality
    Update Next.js config for standalone output and build optimizations

commit d25f493c7a
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Wed Apr 16 11:17:48 2025 -0300

    feat(i18n): add theme translation support for multiple languages

    Add theme-related translations (toggle, light, dark, system) to JSON files for all supported languages. Update the mode-toggle component to use these translations for theme switching. Also, refactor API route files to improve code consistency and readability.

commit 78e2d05d6c
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Wed Apr 16 10:52:20 2025 -0300

    refactor(api): migrate API endpoints to use proxy routes and update axios instance

    This commit introduces proxy routes for all API endpoints and updates the axios instance to use the new proxy routes. The changes ensure that all API requests are routed through the Next.js API routes, improving security and consistency. Additionally, the axios instance is renamed to `apiInstance` to reflect its purpose more accurately. The metadata generation in layout files is also simplified by removing unnecessary API calls.

commit 564ff43843
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Tue Apr 15 10:21:30 2025 -0300

    chore: remove unused SVG files and refactor login types

    Clean up the codebase by deleting unused SVG assets and improve code readability by adding proper spacing and type definitions in the login module

commit 5aea36fd98
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Mon Apr 14 16:55:36 2025 -0300

    feat: add forgot and reset password functionality

    Implement forgot and reset password features, including form components, hooks for form handling, and layout/page components. This allows users to request a password reset and set a new password securely.

commit 7d6e484c2b
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Mon Apr 14 15:55:15 2025 -0300

    feat(shares): add share management and public share components

    This commit introduces new components and hooks for managing shares and viewing public shares. It includes the following key changes:
    - Added components for share management, such as `SharesHeader`, `SharesSearch`, and `SharesTableContainer`.
    - Implemented `useShares` hook to handle share data fetching and state management.
    - Created `PublicSharePage` and related components for viewing public shares, including `ShareDetails`, `PasswordModal`, and `ShareNotFound`.
    - Added `usePublicShare` hook to manage public share data and password handling.
    - Updated layout and types to support the new features.

commit e50abf953e
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Mon Apr 14 15:21:31 2025 -0300

    feat(shares): add shares page with search, table, and modals

    Introduce a new shares page that includes a search bar, shares table, and various modals for managing shares. The page supports creating, editing, deleting, and generating links for shares. Additionally, it includes functionality for notifying recipients and viewing share details. The layout and components are designed to be reusable and maintainable.

commit 15dce5dab1
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Mon Apr 14 11:53:43 2025 -0300

    feat(layout): add app name to page titles and implement favicon component

    Add app name to page titles by fetching it from the configs endpoint. Introduce a new `Favicon` component to handle dynamic favicon rendering based on the app logo. Remove manual favicon updates from the app info context as it is now handled by the `Favicon` component.

commit 20fee6b449
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Mon Apr 14 10:37:00 2025 -0300

    refactor(users-management): reorganize imports and clean up code for better readability

    This commit focuses on improving the readability and maintainability of the users-management module by reorganizing imports, removing unnecessary whitespace, and standardizing code formatting. No functional changes were made.

commit e03ca7e0dc
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Mon Apr 14 10:30:45 2025 -0300

    feat(users-management): add users management module

    Introduce a new users management module that includes features for creating, reading, updating, and deleting users. The module includes components for user tables, modals for user actions, and hooks for managing user state and interactions. This replaces the previous admin page with a more comprehensive and modular approach to user management.

commit ab6c634782
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 11 16:45:03 2025 -0300

    feat(profile): add profile page with form, password, and image components

    Introduce a new profile page that includes forms for updating user profile information, changing passwords, and managing profile pictures. The page is protected and integrates with the existing authentication system. Additionally, update validation messages for better clarity and consistency.

commit 6a933891c8
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 11 16:43:51 2025 -0300

    refactor(settings): reorganize imports and improve code readability

    Restructured imports across multiple files to follow a consistent order and improve readability. Also, adjusted some code formatting for better maintainability.

commit 5cd7acc158
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 11 15:47:42 2025 -0300

    feat(settings): add settings page with layout, form, and components

    Introduce a new settings page with a structured layout, form components, and hooks for managing application settings. This includes the addition of settings-specific types, constants, and UI components such as `SettingsForm`, `SettingsGroup`, and `SettingsInput`. The `useSettings` hook handles configuration loading and updates, while the `LogoInput` component manages logo uploads and removal. The `Select` component from Radix UI is also added to support dropdown functionality.

commit b4cecf9e32
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 11 15:01:32 2025 -0300

    style: reorganize imports and format code for consistency

    Refactor import statements and code formatting across multiple files to improve readability and maintain consistency. This includes reordering imports, fixing linting issues, and standardizing code style.

commit e55f090235
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 11 14:59:52 2025 -0300

    feat(files): add file management components and hooks

    Introduce new components and hooks for managing files, including file list, search bar, empty state, and modals. This includes the addition of a breadcrumb component for better navigation and the use of client-side rendering for specific components. The changes aim to improve the user experience and maintainability of the file management system.

commit 0a738430e7
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 11 14:18:11 2025 -0300

    feat: add new utility functions and UI components for file management

    This commit introduces several new utility functions and UI components to enhance file management capabilities. Key additions include:
    - `generateSafeFileName` utility for creating safe file names.
    - `customNanoid` utility for generating custom IDs.
    - New UI components: `AspectRatio`, `Loader`, `Switch`, `ScrollArea`, and various modals for file actions, share management, and file preview.
    - Updated translations and package dependencies to support new features.

commit 6c7117cc14
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Wed Apr 9 15:57:09 2025 -0300

    style: format code and fix linting issues across multiple files

    Refactor code to improve readability and consistency by applying Prettier formatting rules. This includes fixing trailing commas, sorting imports, and ensuring consistent code style. No functional changes were made.

commit 61cf88b41f
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Wed Apr 9 15:48:00 2025 -0300

    feat(dashboard): add dashboard components and utilities

    This commit introduces new components and utilities for the dashboard, including storage usage, quick access cards, recent files, and recent shares. It also adds file and share management hooks, along with new UI components like progress bars, separators, and avatars. The changes enhance the dashboard's functionality and improve user experience by providing quick access to essential features and better visual feedback.

    The commit includes:
    - New components for storage usage, quick access, recent files, and shares
    - File and share management hooks for CRUD operations
    - Utility functions for file size formatting and file icons
    - New UI components like progress bars, separators, and avatars
    - Updated translations and styles for consistency

commit b077154c22
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Tue Apr 8 15:06:17 2025 -0300

    feat(auth): add protected routes and enhance auth context

    Implement protected routes for admin and dashboard pages to restrict access based on authentication and admin status. Enhance the auth context to handle user data validation and improve error handling during authentication checks.

commit 9e35d27497
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Mon Apr 7 16:14:18 2025 -0300

    feat: add initial project setup with config, models, and assets

    This commit introduces the initial project setup including configuration files, API models, and necessary assets. The changes include:
    - Added Prettier and PostCSS configuration files
    - Included favicon and public assets like SVGs
    - Set up Next.js and theme provider configurations
    - Added TypeScript models for API endpoints and responses

commit da64d65401
Merge: ca7bdef 7b2f15d
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 4 23:40:35 2025 -0300

    feat: enable reverse proxy support and add pnpm.lock for custom builds in apps/web (#13)

commit 7b2f15dcd5
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 4 23:37:08 2025 -0300

    refactor: remove lock files from .gitignore and update vite config

    Remove unnecessary lock files from .gitignore to streamline version control. Update Vite configuration to allow all hosts in both development and preview modes for better accessibility

commit ca7bdefcdb
Merge: 92b437e 1768aa8
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 4 00:44:02 2025 -0300

    Merge branch 'main' of github.com:kyantech/Palmr

commit 92b437ee36
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 4 00:41:55 2025 -0300

    chore: bump version to 1.1.6 across all apps

commit fcaef88850
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 4 00:40:49 2025 -0300

    docs: update installation guide with security and deployment details

    Add a new section "Quick Start with Default Docker Compose" to emphasize the risks of using default credentials and provide recommendations for secure deployment. Clarify the usage of Docker Compose for different environments (local, production) and update port configuration recommendations with a warning about ReactJS limitations.

commit 68d6fd09af
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Fri Apr 4 00:12:02 2025 -0300

    chore: add docker-compose.yaml and update .gitignore

    Add docker-compose.yaml to define services for the application stack, including API, app, MinIO, and PostgreSQL. Remove docker-compose.yaml from .gitignore to track it in version control

commit 1768aa81b7
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Thu Apr 3 16:16:27 2025 -0300

    Update README.md

commit 644fc7aa30
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Thu Apr 3 16:15:34 2025 -0300

    Update README.md

commit cc6fe6d62e
Author: Daniel Luiz Alves <daniel.xcoders@gmail.com>
Date:   Thu Apr 3 16:15:06 2025 -0300

    Update README.md
2025-04-27 23:23:49 -03:00
Daniel Luiz Alves
359d0a0403 docs(installation): add command to generate .env file
Add a command to generate a .env file with the `server_ip` configuration to simplify the setup process for users. This command can be executed in the server terminal at the same path as the docker-compose.yaml file.
2025-04-25 14:11:09 -03:00
Daniel Luiz Alves
c3967eca72 refactor(web): remove unused config fetch in layout metadata
Simplify the metadata generation in the layout component by removing the unnecessary fetch of app configurations. This reduces complexity and improves maintainability.
2025-04-25 13:42:26 -03:00
952 changed files with 91110 additions and 17347 deletions

81
.dockerignore Normal file
View File

@@ -0,0 +1,81 @@
# Git
.git
.gitignore
# Documentation
README.md
CONTRIBUTING.md
*.md
# Node modules
node_modules
*/node_modules
**/node_modules
# Build outputs
.next
dist
build
# Development files
.env*
.vscode
.idea
# Logs
*.log
logs
# Runtime data
pids
*.pid
*.seed
*.pid.lock
# Coverage directory used by tools like istanbul
coverage
# nyc test coverage
.nyc_output
# Dependency directories
jspm_packages/
# Optional npm cache directory
.npm
# Optional REPL history
.node_repl_history
# Output of 'npm pack'
*.tgz
# Yarn Integrity file
.yarn-integrity
# dotenv environment variables file
.env
# Docker files
Dockerfile*
docker-compose*
# Storage directories (created at runtime)
uploads/
temp-uploads/
apps/server/uploads/
apps/server/temp-uploads/
# Static files
apps/server/prisma/*.db
apps/server/.env
apps/web/.env
# OS generated files
.DS_Store
.DS_Store?
._*
.Spotlight-V100
.Trashes
ehthumbs.db
Thumbs.db

259
.github/copilot-instructions.md vendored Normal file
View File

@@ -0,0 +1,259 @@
# GitHub Copilot Instructions for Palmr
This file contains instructions for GitHub Copilot to help contributors work effectively with the Palmr codebase.
## Project Overview
Palmr is a flexible and open-source alternative to file transfer services like WeTransfer and SendGB. It's built with:
- **Backend**: Fastify (Node.js) with TypeScript, SQLite database, and filesystem/S3 storage
- **Frontend**: Next.js 15 + React + TypeScript + Shadcn/ui
- **Documentation**: Next.js + Fumadocs + MDX
- **Package Manager**: pnpm (v10.6.0)
- **Monorepo Structure**: Three main apps (web, server, docs) in the `apps/` directory
## Architecture and Structure
### Monorepo Layout
```
apps/
├── docs/ # Documentation site (Next.js + Fumadocs)
├── server/ # Backend API (Fastify + TypeScript)
└── web/ # Frontend application (Next.js 15)
```
### Key Technologies
- **TypeScript**: Primary language for all applications
- **Database**: Prisma ORM with SQLite (optional S3-compatible storage)
- **Authentication**: Multiple OAuth providers (Google, GitHub, Discord, etc.)
- **Internationalization**: Multi-language support with translation scripts
- **Validation**: Husky pre-push hooks for linting and type checking
## Development Workflow
### Base Branch
Always create new branches from and submit PRs to the `next` branch, not `main`.
### Commit Convention
Use Conventional Commits format for all commits:
```
<type>(<scope>): <description>
Types:
- feat: New feature
- fix: Bug fix
- docs: Documentation changes
- test: Adding or updating tests
- refactor: Code refactoring
- style: Code formatting
- chore: Maintenance tasks
```
Examples:
- `feat(web): add user authentication system`
- `fix(api): resolve null pointer exception in user service`
- `docs: update installation instructions in README`
- `test(server): add unit tests for user validation`
### Code Quality Standards
1. **Linting**: All apps use ESLint. Run `pnpm lint` before committing
2. **Formatting**: Use Prettier for code formatting. Run `pnpm format`
3. **Type Checking**: Run `pnpm type-check` to validate TypeScript
4. **Validation**: Run `pnpm validate` to run both linting and type checking
5. **Pre-push Hook**: Automatically validates all apps before pushing
### Testing Changes
- Test incrementally during development
- Run validation locally before pushing: `pnpm validate` in each app directory
- Keep changes focused on a single issue or feature
- Review your work before committing
## Application-Specific Guidelines
### Web App (`apps/web/`)
- Framework: Next.js 15 with App Router
- Port: 3000 (development)
- Scripts:
- `pnpm dev`: Start development server
- `pnpm build`: Build for production
- `pnpm validate`: Run linting and type checking
- Translations: Use Python scripts in `scripts/` directory
- `pnpm translations:check`: Check translation status
- `pnpm translations:sync`: Synchronize translations
### Server App (`apps/server/`)
- Framework: Fastify with TypeScript
- Port: 3333 (default)
- Scripts:
- `pnpm dev`: Start development server with watch mode
- `pnpm build`: Build TypeScript to JavaScript
- `pnpm validate`: Run linting and type checking
- `pnpm db:seed`: Seed database
- Database: Prisma ORM with SQLite
### Docs App (`apps/docs/`)
- Framework: Next.js with Fumadocs
- Port: 3001 (development)
- Content: MDX files in `content/docs/`
- Scripts:
- `pnpm dev`: Start development server
- `pnpm build`: Build documentation site
- `pnpm validate`: Run linting and type checking
## Code Style and Best Practices
### General Guidelines
1. **Follow Style Guidelines**: Ensure code adheres to ESLint and Prettier configurations
2. **TypeScript First**: Always use TypeScript, avoid `any` types when possible
3. **Component Organization**: Keep components focused and single-purpose
4. **Error Handling**: Implement proper error handling and logging
5. **Comments**: Add comments only when necessary to explain complex logic
6. **Imports**: Use absolute imports where configured, keep imports organized
### API Development (Server)
- Use Fastify's schema validation for all routes
- Follow REST principles for endpoint design
- Implement proper authentication and authorization
- Handle errors gracefully with appropriate status codes
- Document API endpoints in the docs app
### Frontend Development (Web)
- Use React Server Components where appropriate
- Implement proper loading and error states
- Follow accessibility best practices (WCAG guidelines)
- Optimize performance (lazy loading, code splitting)
- Use Shadcn/ui components for consistent UI
### Documentation
- Write clear, concise documentation
- Include code examples where helpful
- Update documentation when changing functionality
- Use MDX features for interactive documentation
- Follow the existing documentation structure
## Translation and Internationalization
- All user-facing strings should be translatable
- Use the Next.js internationalization system
- Translation files are in `apps/web/messages/`
- Reference file: `en-US.json`
- Run `pnpm translations:check` to verify translations
- Mark untranslated strings with `[TO_TRANSLATE]` prefix
## Common Patterns
### Authentication Providers
- Provider configurations in `apps/server/src/modules/auth-providers/providers.config.ts`
- Support for OAuth2 and OIDC protocols
- Field mappings for user data normalization
- Special handling for providers like GitHub that require additional API calls
### File Storage
- Default: Filesystem storage
- Optional: S3-compatible object storage
- File metadata stored in SQLite database
### Environment Variables
- Configure via `.env` files (not committed to repository)
- Required variables documented in README or docs
- Use environment-specific configurations
## Contributing Guidelines
### Pull Request Process
1. Fork the repository
2. Create a branch from `next`: `git checkout -b feature/your-feature upstream/next`
3. Make focused changes addressing a single issue/feature
4. Write or update tests as needed
5. Update documentation to reflect changes
6. Ensure all validations pass: `pnpm validate` in each app
7. Commit using Conventional Commits
8. Push to your fork
9. Create Pull Request targeting the `next` branch
### Code Review
- Be responsive to feedback
- Keep discussions constructive and professional
- Make requested changes promptly
- Ask questions if requirements are unclear
### What to Avoid
- Don't mix unrelated changes in a single PR
- Don't skip linting or type checking
- Don't commit directly to `main` or `next` branches
- Don't add unnecessary dependencies
- Don't ignore existing code style and patterns
- Don't remove or modify tests without good reason
## Helpful Commands
### Root Level
```bash
pnpm install # Install all dependencies
git config core.hooksPath .husky # Configure Git hooks
```
### Per App (web/server/docs)
```bash
pnpm dev # Start development server
pnpm build # Build for production
pnpm lint # Run ESLint
pnpm lint:fix # Fix ESLint issues automatically
pnpm format # Format code with Prettier
pnpm format:check # Check code formatting
pnpm type-check # Run TypeScript type checking
pnpm validate # Run lint + type-check
```
### Docker
```bash
docker-compose up # Start all services
docker-compose down # Stop all services
```
## Resources
- **Documentation**: [https://palmr.kyantech.com.br](https://palmr.kyantech.com.br)
- **Contributing Guide**: [CONTRIBUTING.md](../CONTRIBUTING.md)
- **Issue Tracker**: GitHub Issues
- **License**: Apache-2.0
## Getting Help
- Review existing documentation in `apps/docs/content/docs/`
- Check contribution guide in `CONTRIBUTING.md`
- Review existing code for patterns and examples
- Ask questions in PR discussions or issues
- Read error messages and logs carefully
## Important Notes
- **Beta Status**: This project is in beta; expect changes and improvements
- **Focus on Quality**: Prioritize code quality and maintainability over speed
- **Test Locally**: Always test your changes locally before submitting
- **Documentation Matters**: Keep documentation synchronized with code
- **Community First**: Be respectful, patient, and constructive with all contributors

56
.github/pull_request_template.md vendored Normal file
View File

@@ -0,0 +1,56 @@
## **🎯 Please make sure you are opening this Pull Request against the `next` branch!**
## 📝 Description
Please provide a clear and concise description of the changes introduced by this pull request.
## 🔗 Related Issue(s)
If this PR fixes or relates to an issue, please link it here (e.g., `Closes #123`).
## 💡 Motivation and Context
Why is this change required? What problem does it solve?
## 🤖 Use of Artificial Intelligence (AI)
The use of AI tools is absolutely welcome and not an issue. For transparency and continuous improvement, please answer the following:
- Did you use any AI tools (such as GitHub Copilot, ChatGPT, etc.) to help develop this PR?
- [ ] No, this PR was developed without the assistance of AI tools.
- [ ] Yes, AI tools assisted in the development of this PR (please specify which ones and how they were used):
- Tool(s) used:
- Brief description of how AI contributed:
- Was this PR generated entirely by an AI tool (i.e., with minimal human intervention)?
- [ ] No
- [ ] Yes (please provide details):
## 🧪 How Has This Been Tested?
Please describe the tests that you ran to verify your changes. Include details about your test environment, and the test cases you ran.
## 📸 Screenshots (if appropriate)
Add any relevant screenshots to help explain your changes.
## 🔄 Types of Changes
Check the relevant option(s) below:
- [ ] 🐛 Bug fix (non-breaking change which fixes an issue)
- [ ] ✨ New feature (non-breaking change which adds functionality)
- [ ] ⚠️ Breaking change (fix or feature that would cause existing functionality to change)
- [ ] 📚 Documentation update
## ✅ Checklist
- [ ] My code follows the code style of this project
- [ ] I have performed a self-review of my code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added tests that prove my fix is effective or that my feature works
- [ ] I have added necessary documentation (if appropriate)
- [ ] I have rebased and/or merged on top of the latest `next` branch
---
🙏 Thank you for your contribution!

5
.gitignore vendored
View File

@@ -30,3 +30,8 @@ apps/server/dist/*
#DEFAULT
.env
.steering
data/
node_modules/
screenshots/

12
.husky/pre-push Executable file
View File

@@ -0,0 +1,12 @@
echo "🔍 Running pre-push validation for all apps..."
echo "📱 Validating web app..."
cd apps/web && pnpm validate
echo "📚 Validating docs app..."
cd ../docs && pnpm validate
echo "🖥️ Validating server app..."
cd ../server && pnpm validate
echo "✅ All validations passed!"

168
Dockerfile Normal file
View File

@@ -0,0 +1,168 @@
FROM node:24-alpine AS base
# Install system dependencies
RUN apk add --no-cache \
gcompat \
supervisor \
curl \
su-exec
# Enable pnpm
RUN corepack enable pnpm
# Set working directory
WORKDIR /app
# === SERVER BUILD STAGE ===
FROM base AS server-deps
WORKDIR /app/server
# Copy server package files
COPY apps/server/package*.json ./
COPY apps/server/pnpm-lock.yaml ./
# Install server dependencies
RUN pnpm install --frozen-lockfile
FROM base AS server-builder
WORKDIR /app/server
# Copy server dependencies
COPY --from=server-deps /app/server/node_modules ./node_modules
# Copy server source code
COPY apps/server/ ./
# Generate Prisma client
RUN npx prisma generate
# Build server
RUN pnpm build
# === WEB BUILD STAGE ===
FROM base AS web-deps
WORKDIR /app/web
# Copy web package files
COPY apps/web/package.json apps/web/pnpm-lock.yaml ./
# Install web dependencies
RUN pnpm install --frozen-lockfile
FROM base AS web-builder
WORKDIR /app/web
# Copy web dependencies
COPY --from=web-deps /app/web/node_modules ./node_modules
# Copy web source code
COPY apps/web/ ./
# Set environment variables for build
ENV NEXT_TELEMETRY_DISABLED=1
ENV NODE_ENV=production
# Build web application
RUN pnpm run build
# === PRODUCTION STAGE ===
FROM base AS runner
# Set production environment
ENV NODE_ENV=production
ENV NEXT_TELEMETRY_DISABLED=1
ENV API_BASE_URL=http://127.0.0.1:3333
# Define build arguments for user/group configuration (defaults to current values)
ARG PALMR_UID=1001
ARG PALMR_GID=1001
# Create application user with configurable UID/GID
RUN addgroup --system --gid ${PALMR_GID} nodejs
RUN adduser --system --uid ${PALMR_UID} --ingroup nodejs palmr
# Create application directories
RUN mkdir -p /app/palmr-app /app/web /app/infra /home/palmr/.npm /home/palmr/.cache
RUN chown -R palmr:nodejs /app /home/palmr
# === Copy Server Files to /app/palmr-app (separate from /app/server for bind mounts) ===
WORKDIR /app/palmr-app
# Copy server production files
COPY --from=server-builder --chown=palmr:nodejs /app/server/dist ./dist
COPY --from=server-builder --chown=palmr:nodejs /app/server/node_modules ./node_modules
COPY --from=server-builder --chown=palmr:nodejs /app/server/prisma ./prisma
COPY --from=server-builder --chown=palmr:nodejs /app/server/package.json ./
# Copy password reset script and make it executable
COPY --from=server-builder --chown=palmr:nodejs /app/server/reset-password.sh ./
COPY --from=server-builder --chown=palmr:nodejs /app/server/src/scripts/ ./src/scripts/
RUN chmod +x ./reset-password.sh
# Copy seed file to the shared location for bind mounts
RUN mkdir -p /app/server/prisma
COPY --from=server-builder --chown=palmr:nodejs /app/server/prisma/seed.js /app/server/prisma/seed.js
# === Copy Web Files ===
WORKDIR /app/web
# Copy web production files
COPY --from=web-builder --chown=palmr:nodejs /app/web/public ./public
COPY --from=web-builder --chown=palmr:nodejs /app/web/.next/standalone ./
COPY --from=web-builder --chown=palmr:nodejs /app/web/.next/static ./.next/static
# === Setup Supervisor ===
WORKDIR /app
# Create supervisor configuration
RUN mkdir -p /etc/supervisor/conf.d
# Copy server start script and configuration files
COPY infra/server-start.sh /app/server-start.sh
COPY infra/configs.json /app/infra/configs.json
COPY infra/providers.json /app/infra/providers.json
COPY infra/check-missing.js /app/infra/check-missing.js
RUN chmod +x /app/server-start.sh
RUN chown -R palmr:nodejs /app/server-start.sh /app/infra
# Copy supervisor configuration
COPY infra/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
# Create main startup script
COPY <<EOF /app/start.sh
#!/bin/sh
set -e
echo "Starting Palmr Application..."
echo "Storage Mode: \${ENABLE_S3:-false}"
echo "Secure Site: \${SECURE_SITE:-false}"
echo "Encryption: \${DISABLE_FILESYSTEM_ENCRYPTION:-true}"
echo "Database: SQLite"
# Set global environment variables
export DATABASE_URL="file:/app/server/prisma/palmr.db"
export NEXT_PUBLIC_DEFAULT_LANGUAGE=\${DEFAULT_LANGUAGE:-en-US}
# Ensure /app/server directory exists for bind mounts
mkdir -p /app/server/uploads /app/server/temp-uploads /app/server/prisma
echo "Data directories ready for first run..."
# Start supervisor
exec /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf
EOF
RUN chmod +x /app/start.sh
# Create volume mount points for bind mounts
VOLUME ["/app/server"]
# Expose ports
EXPOSE 3333 5487
# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
CMD curl -f http://localhost:5487 || exit 1
# Start application
CMD ["/app/start.sh"]

205
LICENSE
View File

@@ -1,25 +1,190 @@
BSD 2-Clause License
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
Copyright (c) 2025, Daniel Luiz Alves (danielalves96)
All rights reserved.
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Definitions.
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
Copyright 2025 Daniel Luiz Alves (danielalves96) - Kyantech Solutions, Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

64
Makefile Normal file
View File

@@ -0,0 +1,64 @@
.PHONY: help build start clean logs stop restart update-version
# Default target
help:
@echo "🚀 Palmr - Available Commands:"
@echo ""
@echo " make build - Build Docker image with multi-platform support"
@echo " make update-version - Update version in all package.json files"
@echo " make start - Start the application using docker-compose"
@echo " make stop - Stop all running containers"
@echo " make logs - Show application logs"
@echo " make clean - Clean up containers and images"
@echo " make shell - Access the application container shell"
@echo ""
@echo "📁 Scripts location: ./infra/"
# Build Docker image using the build script
build:
@echo "🏗️ Building Palmr Docker image..."
@echo "📝 This will update version numbers in all package.json files before building"
@echo ""
@chmod +x ./infra/update-versions.sh
@chmod +x ./infra/build-docker.sh
@echo "🔄 Starting build process..."
@./infra/build-docker.sh
# Update version in all package.json files
update-version:
@echo "🔄 Updating version numbers..."
@echo "🏷️ Please enter the new version (e.g., v3.0.0, 3.0-beta):"
@read -p "Version: " VERSION; \
if [ -z "$$VERSION" ]; then \
echo "❌ Error: Version cannot be empty"; \
exit 1; \
fi; \
chmod +x ./infra/update-versions.sh; \
./infra/update-versions.sh "$$VERSION"
# Start the application
start:
@echo "🚀 Starting Palmr application..."
@docker-compose up -d
# Stop the application
stop:
@echo "🛑 Stopping Palmr application..."
@docker-compose down
# Show logs
logs:
@echo "📋 Showing Palmr logs..."
@docker-compose logs -f
# Clean up containers and images
clean:
@echo "🧹 Cleaning up Docker containers and images..."
@docker-compose down -v
@docker system prune -f
@echo "✅ Cleanup completed!"
# Access container shell
shell:
@echo "🐚 Accessing Palmr container shell..."
@docker-compose exec palmr /bin/sh

102
README.md
View File

@@ -1,11 +1,22 @@
# 🌴 Palmr. - Open-Source File Transfer
<p align="center">
<img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1745548261/Palmr./banner_roxtph.png" alt="Palmr Logo" style="width: 100%;">
<img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749825361/Group_47_1_bcx8gw.png" alt="Palmr Banner" style="width: 100%;"/>
</p>
**Palmr.** is a **flexible** and **open-source** alternative to file transfer services like **WeTransfer**, **SendGB**, **Send Anywhere**, and **Files.fm**.
<div align="center">
<div style="background: linear-gradient(135deg, #ff4757, #ff3838); padding: 20px; border-radius: 12px; margin: 20px 0; box-shadow: 0 4px 15px rgba(255, 71, 87, 0.3); border: 2px solid #ff3838;">
<h3 style="color: white; margin: 0 0 10px 0; font-size: 18px; font-weight: bold;">
⚠️ BETA VERSION
</h3>
<p style="color: white; margin: 0; font-size: 14px; opacity: 0.95;">
<strong>This project is currently in beta phase.</strong><br>
Not recommended for production environments.
</p>
</div>
</div>
🔗 **For detailed documentation visit:** [Palmr. - Documentation](https://palmr.kyantech.com.br)
@@ -14,6 +25,9 @@
- **Self-hosted** Deploy on your own server or VPS.
- **Full control** No third-party dependencies, ensuring privacy and security.
- **No artificial limits** Share files without hidden restrictions or fees.
- **Folder organization** Create folders to organize and share files.
- **Simple deployment** SQLite database and filesystem storage for easy setup.
- **Scalable storage** Optional S3-compatible object storage for enterprise needs.
## 🚀 Technologies Used
@@ -26,8 +40,8 @@
### **Backend & API**
- **Fastify (Node.js)** High-performance API framework with built-in schema validation.
- **PostgreSQL** Reliable, secure, and scalable database solution.
- **MinIO (Object Storage)** AWS S3-compatible storage for high availability.
- **SQLite** Lightweight, reliable database with zero-configuration setup.
- **Filesystem Storage** Direct file storage with optional S3-compatible object storage.
### **Frontend**
- **NextJS 15 + TypeScript + Shadcn/ui** Modern and fast web interface.
@@ -36,9 +50,80 @@
## 🛠️ How It Works
1. **Web Interface** → Built with Next, React and TypeScript for a seamless user experience.
2. **Backend API** → Fastify handles requests and interacts with storage.
3. **Database**PostgreSQL stores metadata and transactional data.
4. **Storage**MinIO ensures reliable file storage and retrieval.
2. **Backend API** → Fastify handles requests and manages file operations.
3. **Database** → SQLite stores metadata and transactional data with zero configuration.
4. **Storage**Filesystem storage ensures reliable file storage with optional S3-compatible object storage for scalability.
## 📸 Screenshots
<table>
<tr>
<td align="center">
<img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824929/Login_veq6e7.png" alt="Login Page" style="width: 100%; border-radius: 8px;" />
<br /><strong>Login Page</strong>
</td>
<td align="center">
<img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824929/Home_lzvfzu.png" alt="Home Page" style="width: 100%; border-radius: 8px;" />
<br /><strong>Home Page</strong>
</td>
</tr>
<tr>
<td align="center">
<img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824928/Dashboard_uycmxb.png" alt="Dashboard" style="width: 100%; border-radius: 8px;" />
<br /><strong>Dashboard</strong>
</td>
<td align="center">
<img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824929/Profile_wvnlzw.png" alt="Profile Page" style="width: 100%; border-radius: 8px;" />
<br /><strong>Profile Page</strong>
</td>
</tr>
<tr>
<td align="center">
<img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824928/Files_List_ztwr1e.png" alt="Files List View" style="width: 100%; border-radius: 8px;" />
<br /><strong>Files List View</strong>
</td>
<td align="center">
<img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824928/Files_Cards_pwsh5e.png" alt="Files Card View" style="width: 100%; border-radius: 8px;" />
<br /><strong>Files Card View</strong>
</td>
</tr>
<tr>
<td align="center">
<img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824927/Shares_cgplgw.png" alt="Shares Management" style="width: 100%; border-radius: 8px;" />
<br /><strong>Shares Management</strong>
</td>
<td align="center">
<img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824928/Reive_Files_uhkeyc.png" alt="Receive Files" style="width: 100%; border-radius: 8px;" />
<br /><strong>Receive Files</strong>
</td>
</tr>
<tr>
<td align="center">
<img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824927/Default_Reverse_xedmhw.png" alt="Reverse Share" style="width: 100%; border-radius: 8px;" />
<br /><strong>Reverse Share</strong>
</td>
<td align="center">
<img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824928/Settings_oampxr.png" alt="Settings Panel" style="width: 100%; border-radius: 8px;" />
<br /><strong>Settings Panel</strong>
</td>
</tr>
<tr>
<td align="center">
<img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824928/User_Management_xjbfhn.png" alt="User Management" style="width: 100%; border-radius: 8px;" />
<br /><strong>User Management</strong>
</td>
<td align="center">
<img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824928/Forgot_Password_jcz9ad.png" alt="Forgot Password" style="width: 100%; border-radius: 8px;" />
<br /><strong>Forgot Password</strong>
</td>
</tr>
<tr>
<td align="center">
<img src="https://res.cloudinary.com/technical-intelligence/image/upload/v1749824928/WeTransfer_Reverse_u0g7eb.png" alt="Forgot Password" style="width: 100%; border-radius: 8px;" />
<br /><strong>Reverse Share (WeTransfer Style)</strong>
</td>
</tr>
</table>
## 👨‍💻 Core Maintainers
@@ -49,6 +134,10 @@
</br>
## 🤝 Supporters
[<img src="https://i.ibb.co/nMN40STL/Repoflow.png" width="200px" alt="Daniel Luiz Alves" />](https://www.repoflow.io/)
## ⭐ Star History
<a href="https://www.star-history.com/#kyantech/Palmr&Date">
@@ -62,3 +151,4 @@
## 🛠️ Contributing
For contribution guidelines, please refer to the [CONTRIBUTING.md](CONTRIBUTING.md) file.

View File

@@ -1,3 +0,0 @@
{
"extends": ["next/core-web-vitals", "next/typescript"]
}

View File

@@ -0,0 +1,4 @@
/node_modules
/.next
/out
/build

View File

@@ -0,0 +1,16 @@
{
"importOrder": [
"^(react/(.*)$)|^(react$)",
"^(next/(.*)$)|^(next$)",
"<THIRD_PARTY_MODULES>",
"",
"^@/(.*)$",
"^[./]"
],
"importOrderParserPlugins": ["typescript", "jsx", "decorators-legacy"],
"plugins": ["@ianvs/prettier-plugin-sort-imports", "prettier-plugin-sort-json"],
"printWidth": 120,
"singleQuote": false,
"tabWidth": 2,
"trailingComma": "es5"
}

View File

@@ -1,15 +1,5 @@
{
"$schema": "https://ui.shadcn.com/schema.json",
"style": "new-york",
"rsc": true,
"tsx": true,
"tailwind": {
"config": "",
"css": "src/app/global.css",
"baseColor": "neutral",
"cssVariables": true,
"prefix": ""
},
"aliases": {
"components": "@/components",
"utils": "@/lib/utils",
@@ -17,5 +7,15 @@
"lib": "@/lib",
"hooks": "@/hooks"
},
"iconLibrary": "lucide"
"iconLibrary": "lucide",
"rsc": true,
"style": "new-york",
"tailwind": {
"config": "",
"css": "src/app/global.css",
"baseColor": "neutral",
"cssVariables": true,
"prefix": ""
},
"tsx": true
}

View File

@@ -1,50 +0,0 @@
---
title: API Endpoints
---
Palmr. provides a **highly documented and typed API** that can be accessed at:
- **In a production environment:** `{your_server_domain}/docs`
- **In a local environment:** [http://localhost:3333/docs](http://localhost:3333/docs)
The API documentation is powered by **Scalar** ([https://scalar.com](https://scalar.com)), which offers a fully interactive interface for testing all the available requests within Palmr. Below is an example screenshot of the API documentation interface:
![Palmr API Documentation](/assets/v1/api-docs/scalar.png)
---
### Accessing the API Documentation
We do **not provide an online version** of the API documentation because it may change depending on the specific version of Palmr. you are using. Therefore, we recommend checking the documentation only after starting your API service. The API service corresponds to the **server** within the official Palmr. GitHub repository.
---
### Scalar-Based Documentation
We recommend using **Scalar** for querying and testing the API because the system was designed with Scalar in mind. Scalar offers an intuitive and interactive environment for exploring endpoints, sending requests, and viewing responses directly within the interface.
---
### Swagger-Based Documentation
If you prefer not to use Scalar or are more comfortable with an alternative tool, a **Swagger-based version** of the documentation is also available.
![Palmr API Documentation](/assets/v1/api-docs/swagger.png)
You can access it at:
- **In a production environment:** `{your_server_domain}/swagger`
- **In a local environment:** [http://localhost:3333/swagger](http://localhost:3333/swagger)
Both the Scalar and Swagger versions contain the same endpoints and are documented at a level sufficient for testing and integrating with other systems.
---
Both options ensure that you have all the necessary tools and information to integrate Palmr. with your systems or third-party services effectively.
### Useful Links
Here are some useful links related to Palmr.'s API and its components:
- [Scalar Official Website](https://scalar.com)
- [Swagger Official Website](https://swagger.io)

View File

@@ -1,54 +0,0 @@
---
title: Architecture of Palmr.
---
##### Overview of the core architecture components of Palmr.
Understanding the architecture of Palmr. is crucial for both deploying and scaling the application. Below is a diagram illustrating the main components:
![Palmr Banner](/assets/v1/general/architecture.png)
## **Technologies Used**
Each component in the Palmr. architecture plays a vital role in ensuring reliability, performance, and scalability:
### **PostgreSQL**
Palmr. uses **PostgreSQL** as the primary database solution. It provides reliable and secure data storage, ensuring consistency and high performance for all database operations. PostgreSQL's powerful indexing, query optimization, and support for complex data types make it an ideal choice for handling large amounts of data.
### **React + TypeScript + Vite**
The frontend of Palmr. is built using **React** and **TypeScript**, bundled with **Vite** for fast development and optimized builds.
- **React** enables the creation of a dynamic and responsive user interface with a component-based architecture.
- **TypeScript** adds static typing, enhancing code quality and reducing runtime errors.
- **Vite** provides a fast and efficient development environment with hot module replacement (HMR) and optimized production builds.
### **MinIO**
Palmr. uses **MinIO** for object storage. MinIO is a high-performance, S3-compatible object storage solution designed for large-scale data infrastructure.
- Supports high-throughput file storage and retrieval.
- Ensures data integrity and redundancy.
- Compatible with AWS S3 APIs, making integration seamless.
### **Fastify**
The backend of Palmr. is powered by **Fastify**, a high-performance, low-overhead web framework for Node.js.
- Provides fast request handling with a lightweight core.
- Built-in schema-based validation for secure and reliable API handling.
- Supports plugin-based architecture for easy extensibility.
### **How It Works**
1. **Frontend** — React + TypeScript + Vite handle the user interface and user interactions.
2. **Backend** — Fastify processes requests and communicates with the database and storage layers.
3. **Database** — PostgreSQL stores metadata and transactional data.
4. **Object Storage** — MinIO stores the actual files and ensures scalable, high-performance storage.
---
### **Useful Links**
- [PostgreSQL Documentation](https://www.postgresql.org/docs/)
- [React Documentation](https://react.dev/)
- [TypeScript Handbook](https://www.typescriptlang.org/docs/)
- [Vite Guide](https://vitejs.dev/guide/)
- [MinIO Documentation](https://min.io/docs/minio/container/index.html)
- [Fastify Documentation](https://fastify.dev/docs/latest/)
---

View File

@@ -1,48 +0,0 @@
---
title: Available languages
---
The project uses i18next for internationalization (i18n) support. The language detection is handled automatically through i18next-browser-languagedetector .
### Available Languages in Palmr.
----
##### 1. 🇺🇸 English (en-US)
##### 2. 🇧🇷 Portuguese (pt-BR)
##### 3. 🇫🇷 French (fr-FR)
##### 4. 🇪🇸 Spanish (es-ES)
##### 5. 🇩🇪 German (de-DE)
##### 6. 🇷🇺 Russian (ru-RU)
##### 7. 🇮🇳 Hindi (hi-IN)
##### 8. 🇸🇦 Arabic (ar-SA)
##### 9. 🇯🇵 Japanese (ja-JP)
##### 10. 🇰🇷 Korean (ko-KR)
##### 11. 🇹🇷 Turkish (tr-TR)
##### 12. 🇨🇳 Chinese (zh-CN)
</br>
### Language Selection
##### The language can be changed in two ways:
#### 1. Automatic Detection
- The application automatically detects the user's browser language
- Uses the browser's language settings as the initial language
#### 2. Manual Selection
![Palmr Profile Menu](/assets/v1/main/language/language-selector.png)
- Users can manually switch languages through the language selector in the UI
- Language preference is saved in the browser's localStorage
### Default Language
##### English (en-US) is set as the fallback language.
</br>
### Language Detection
The application automatically detects the user's browser language and sets it as the initial language. Users can manually change the language using the language switcher in the interface (globe icon in the navigation bar).
### RTL Support
The application includes special handling for right-to-left (RTL) languages, specifically for Arabic (ar-SA).

View File

@@ -1,67 +0,0 @@
---
title: Configuring SMTP
---
For Palmr to function with all its best features, we need to configure our email server. To make this easier, there is a built-in configuration panel inside **Settings** in Palmr. However, only users with an **ADMIN** profile can access and configure these settings.
## Why Configure SMTP?
The main functionalities that depend on SMTP configuration are:
- **Password Reset** Users who forget their password and cannot access the **Settings** panel need this feature.
- **Email Notifications** Recipients will receive emails when new shares are sent to them.
Now, let's go through the step-by-step process to configure the **SMTP Server**.
---
## Accessing SMTP Settings
To access **Settings**, an **ADMIN** user must click on the profile picture in the **header** and select **Settings** from the dropdown menu.
![Dropdown Menu](/assets/v1/main/smtp/dropdown-menu.png)
Once inside the **Settings** panel, click on the **Email** card to expand the SMTP configuration options.
![Closed Settings Card](/assets/v1/main/smtp/closed-card.png)
After expanding the card, the following SMTP configuration fields will appear:
![Opened Settings Card](/assets/v1/main/smtp/opened-card.png)
---
## Configuring SMTP Server
The first step is to **enable SMTP** by selecting "Yes" in the **SMTP Enabled** field.
![SMTP Enabled](/assets/v1/main/smtp/smtp-enabled.png)
Once SMTP is enabled, you can configure the other necessary fields:
- **Sender Name** This will appear as the senders name in emails. (Example: "Palmr")
- **Sender Email** The email address from which notifications will be sent. (Example: "noreply@palmr.app")
- **SMTP Server** The SMTP server address. You can use any email service provider. For Gmail, use `smtp.gmail.com` (this is the recommended option and set as default).
- **SMTP Port** The server port. For Gmail, the standard port is **587**.
- **SMTP Username** The username for the SMTP server. For Gmail, enter your email address.
- **SMTP Password** The SMTP password. (Generate an App Password for Gmail)
> **Important:** If using **Gmail**, you need to generate an **App Password** instead of using your standard email password.
> For other email services, consult the official documentation of the service provider you are using. We recommend using Gmail for simplicity and limits the number of emails sent.
---
## Generating a Gmail App Password
To generate an App Password for Gmail:
1. Go to [Google My Account](https://myaccount.google.com/).
2. Select **Security**.
3. Scroll down to **App Passwords**.
4. Generate a new password specifically for Palmr.
For a complete guide, refer to: **[How to set up SMTP credentials with Gmail](https://medium.com/rails-to-rescue/how-to-set-up-smtp-credentials-with-gmail-for-your-app-send-email-cf236d11087d)**.
---
## Finalizing SMTP Configuration
After entering the correct information, save the settings. Palmr is now ready to send emails for password resets and share notifications!

View File

@@ -1,161 +0,0 @@
---
title: How to Contribute
---
Thank you for your interest in contributing to the **Palmr.** project! Contributions are what make the open-source community such an amazing place to learn, inspire, and create. This guide will walk you through the process of contributing to Palmr.
---
### Step 1: Log in to GitHub
Before you can contribute, you need to be logged into your GitHub account. If you don't have an account yet, you can sign up for free at **[GitHub](https://github.com/)**.
---
### Step 2: Go to the Palmr Repository
Once you're logged in, go to the Palmr repository by clicking on this link: **[https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr)**.
Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **kyantech**.
---
### Step 3: Fork the Repository
To contribute to the project, youll need to create your own copy of the repository. This is called a **fork**. Heres how to do it:
1. Click the **Fork** button at the top right of the repository page.
2. This will create a copy of the repository under your GitHub account.
---
### Step 4: Clone Your Forked Repository
Next, youll need to clone your forked repository to your local machine. Heres how:
1. On your forked repository page, click the **Code** button.
2. Copy the repository URL (HTTPS or SSH).
3. Open your terminal or command prompt and run the following command to clone the repository:
```bash
git clone <repository-url>
```
4. Navigate into the cloned directory:
```bash
cd Palmr
```
---
### Step 5: Set Up the `next` Branch as the Base
Before making changes, ensure your local repository is set up to track the `next` branch from the original Palmr repository. Heres how:
1. Add the original Palmr repository as a remote:
```bash
git remote add upstream https://github.com/kyantech/Palmr.git
```
2. Fetch the latest changes from the `next` branch:
```bash
git fetch upstream next
```
3. Create a new branch for your contribution based on `upstream/next`:
```bash
git checkout -b your-branch-name upstream/next
```
---
### Step 6: Make Your Changes
Now youre ready to make your contributions! This could include:
- Fixing a bug
- Adding a new feature
- Improving documentation
- Writing tests
Make your changes in your local repository using your preferred code editor.
---
### Step 7: Commit Your Changes Using Conventional Commits
Once youve made your changes, commit them to your branch using **Conventional Commits**. Conventional Commits help maintain a clean and consistent commit history. Heres how to format your commit messages:
#### Commit Message Format:
`<type>(<scope>): <description>`
#### Examples:
- `feat: add user authentication`
- `fix(api): resolve null pointer exception`
- `docs: update README file`
- `chore: update dependencies`
#### Steps to Commit:
1. Stage your changes:
```bash
git add .
```
2. Commit your changes with a properly formatted message:
```bash
git commit -m "feat: add new feature for user profiles"
```
---
### Step 8: Push Your Changes to GitHub
After committing your changes, push them to your forked repository on GitHub:
```bash
git push origin your-branch-name
```
---
### Step 9: Open a Pull Request to the `next` Branch
Now that your changes are on GitHub, you can open a **Pull Request (PR)** to propose your changes to the `next` branch of the Palmr repository. Heres how:
1. Go to your forked repository on GitHub.
2. Click the **Pull Request** button.
3. On the PR creation page:
- Set the **base repository** to `kyantech/Palmr`.
- Set the **base branch** to `next`.
- Set the **head repository** to your forked repository.
- Set the **compare branch** to your branch (`your-branch-name`).
4. Fill out the PR form with a clear title and description of your changes.
5. Click **Create Pull Request**.
---
### Step 10: Wait for Review
Once your PR is submitted, the maintainers will review your changes. They may provide feedback or request additional changes. Be sure to respond to their comments and make any necessary updates.
---
### Tips for Contributing
To ensure your contribution is accepted, follow these tips:
- **Use Conventional Commits**: Write clear and consistent commit messages using the Conventional Commits format.
- **Keep Your PRs Small**: Focus on one issue or feature per PR to make it easier to review.
- **Be Patient**: Maintainers are often volunteers and may take some time to review your PR.
---
### Why Contributing is Important
Contributing to open-source projects like Palmr has many benefits:
1. **Improves the Project**: Your contributions help make the project better for everyone.
2. **Builds Your Skills**: Youll gain experience working with Git, GitHub, and collaborative coding.
3. **Supports the Community**: Open-source thrives on community contributions. Your work helps sustain the project.
---
### Conclusion
That's it! You've successfully contributed to the **🌴 Palmr.** project on GitHub. Thank you for your time and effort in making Palmr better for everyone. We appreciate your contribution!

View File

@@ -1,128 +0,0 @@
---
title: Creating a share
---
To create a share in Palmr, the process is very intuitive and self-explanatory. There are multiple ways to create a share, but the most straightforward method is through the **Home Page**, specifically in the **Recent Shares** section.
## Home Page
On the home page, there is a **"Recent Shares"** section. When no shares have been created yet, this section will appear as follows:
![Recent Shares Section](/assets/v1/main/shares/share-section.png)
Since no shares exist yet, you will see a **"Create Share"** button prominently displayed.
![Create Share Button](/assets/v1/main/shares/create-first-share.png)
> **Note:** You dont need to upload files to create a share! Yes, its entirely possible to create a share without adding any files. While this might not make sense in every scenario, some users and use cases find this feature highly valuable.
As mentioned above, shares in Palmr are created first with their settings, and then files can be added later. You can also edit a share at any time.
To create a share, simply click the **"Create Share"** button in the center of the **Recent Shares** section. Doing so will open the following **Create Share** modal:
![Create Share Modal](/assets/v1/main/shares/create-share-modal.png)
Fill in the required information in the modal. The fields **Expiration Date**, **Max Views**, and **Password** are optional but significantly impact how the share functions for recipients:
- **Password:** If set, the recipient must enter the correct password to access the share.
- **Max Views:** If the limit is reached, the share will no longer be accessible unless the creator increases or removes the limit.
- **Expiration Date:** After the expiration date, the share will automatically be disabled unless extended by the creator.
Even the **name** field is optional, but we recommend setting a name for better organization.
Once a share is created, the **Recent Shares** section updates to display a table with the following fields:
- **Name**
- **Created At**
- **Expires At**
- **Status**
- **Security**
- **Files**
- **Recipients**
- **Actions**
![Shares Table](/assets/v1/main/shares/shares-table.png)
To create additional shares, a **"New Share"** button appears in the upper right corner of the **Recent Shares** section.
![New Share Button](/assets/v1/main/shares/new-share-btn.png)
Clicking this button will reopen the **Create Share** modal.
The **Recent Shares** section displays only the **last 5 shares**. To view all created shares, click the **"View All"** button.
![Shares Filled](/assets/v1/main/shares/recent-shares-filled.png)
![View All Button](/assets/v1/main/shares/view-all-button.png)
Clicking this redirects you to the **Shares Management** page.
![Shares Management Page](/assets/v1/main/shares/my-shares-page.png)
Another way to access the **Shares Management** page is by clicking the **"My Shares"** card on the home page.
![My Shares Card](/assets/v1/main/shares/my-shares-card.png)
---
## Shares Management Page
The **Shares Management** page is similar to the **Uploads Management** page, but here, you can **add, remove, edit, and view all created shares** without the limitation of only displaying the last 5 shares.
##### Each share has an **Actions** column with the following options:
![Actions Column](/assets/v1/main/shares/actions-column.png)
## Edit Share
Clicking the **Edit** button allows you to modify the share details.
![Edit Share Modal](/assets/v1/main/shares/edit-share-modal.png)
## Manage Files
Clicking the **Manage Files** button lets you add or remove files from the share.
![Manage Files Modal](/assets/v1/main/shares/manage-files-modal.png)
## Manage Recipients
Clicking the **Manage Recipients** button lets you add or remove recipients for the share.
> **Note:** Email notifications will only be sent if SMTP settings are properly configured in the system.
![Manage Recipients Modal](/assets/v1/main/shares/manage-recipients-modal.png)
## View Share Details
Clicking **View Details** lets you see all details of a share.
![View Details Modal](/assets/v1/main/shares/share-details-modal.png)
## Generate Share Link
Clicking the **Generate Link** button creates a shareable link, which can be customized.
![Generate Link Modal](/assets/v1/main/shares/generate-share-link-modal.png)
Once generated, you can view and copy the link.
![Copy Link Modal](/assets/v1/main/shares/copy-link-modal.png)
The generated link can be edited or copied from a dropdown menu.
![Edit or Copy Link Dropdown](/assets/v1/main/shares/dropdown-with-copy.png)
When the generated link is accessed, the recipient can **view and download** the shared files.
![Shared Page Preview](/assets/v1/main/shares/share-screen.png)
## Delete Share
Clicking the **Delete** button allows you to permanently remove a share.
![Delete Share Modal](/assets/v1/main/shares/delete-share-modal.png)
---
## Summary
Palmrs share creation process is intuitive and flexible. You can create a share without files, edit share settings, manage recipients, and generate shareable links. The **Shares Management** page provides a full overview of all shares, ensuring you have complete control over your file-sharing process.

View File

@@ -1,77 +0,0 @@
---
title: Github Sponsors
---
Sponsoring a project on GitHub is a powerful way to support its development and ensure its long-term sustainability. This tutorial will guide you through the process of sponsoring the **Palmr.** project on GitHub using GitHub Sponsors.
---
### Step 1: Log in to GitHub
Before you can star a project, you need to be logged into your GitHub account. If you don't have an account yet, you can sign up for free at [GitHub](https://github.com/).
---
### Step 2: Go to the Palmr. Repository
Once you're logged in, go to the Palmr. repository by clicking on this link: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr).
Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **Kyantech**.
---
### Step 3: Click on the "Sponsor" Button
On the Palmr repository page, you'll see a "Sponsor" button at the top right corner of the page. Click this button to proceed.
![Palmr Profile Menu](/assets/v1/sponsor/sponsor-btn.png)
---
### Step 4: Choose a Custom Sponsorship Amount
GitHub Sponsors allows you to sponsor the project with a **custom amount starting at $1**. Here's how to do it:
1. On the sponsorship page, look for the option to **enter a custom amount**.
2. Type in the amount you'd like to sponsor (e.g., $1, $5, $10, or any amount you choose).
3. Select the billing frequency (monthly or one-time).
![Palmr Profile Menu](/assets/v1/sponsor/sponsor-page.png)
---
### Step 5: Complete the Sponsorship
After entering your custom amount and selecting the billing frequency, you'll be prompted to enter your payment details. Follow the instructions to complete the sponsorship process. Once done, you'll officially be a sponsor of the Palmr project!
---
### Why Sponsoring is Important for Project Development
Sponsoring a project goes beyond starring—it provides direct financial support to the developers, enabling them to focus on improving and maintaining the project. Here's why sponsoring is so important:
#### 1. **Supports Sustainability**
- Sponsoring helps ensure the long-term sustainability of the project by providing developers with the resources they need to continue their work.
#### 2. **Encourages Innovation**
- Financial support allows developers to experiment, innovate, and add new features to the project.
#### 3. **Shows Deep Appreciation**
- Sponsoring is a tangible way to show your appreciation for the hard work and effort that goes into maintaining and developing a project.
#### 4. **Gives You Recognition**
- Many projects offer recognition for sponsors, such as listing your name or company on the project's README or website.
#### 5. **Helps Open Source Thrive**
- Open-source projects like Palmr rely on community support. By sponsoring, you're contributing to the growth and success of the open-source ecosystem.
---
### A Meaningful Way to Give Back
Sponsoring a project is a meaningful way to give back to the developers who create the tools and software you rely on. Even a small contribution of **$1** can make a big difference. Your support ensures that Palmr continues to grow and improve. Thank you for considering sponsoring! 💖
---
### Conclusion
That's it! You've successfully sponsored the **Palmr** project on GitHub. Your contribution, no matter the amount, will help ensure the project continues to grow and improve. Thank you for your support!

View File

@@ -1,72 +0,0 @@
---
title: Star this project on Github
---
Starring a project on GitHub is a great way to show appreciation for a repository and to bookmark it for easy access later. This tutorial will guide you through the process of starring the **Palmr** project on GitHub.
---
### Step 1: Log in to GitHub
Before you can star a project, you need to be logged into your GitHub account. If you don't have an account yet, you can sign up for free at [GitHub](https://github.com/).
---
### Step 2: Go to the Palmr. Repository
Once you're logged in, go to the Palmr. repository by clicking on this link: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr).
Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **Kyantech**.
---
### Step 3: Star the Repository
On the Palmr. repository page, you'll see a "Star" button at the top right corner of the page. Click this button to star the repository.
![Palmr Profile Menu](/assets/v1/sponsor/star-btn.png)
---
### Step 4: Confirm the Star
After clicking the "Star" button, the button will change to "Unstar," indicating that the repository has been successfully starred. You can always unstar the repository by clicking the "Unstar" button.
![Palmr Profile Menu](/assets/v1/sponsor/starred-button.png)
---
### Why Starring is Important for Project Development
Starring a repository on GitHub is more than just a bookmarking tool—its a way to support the project and its developers. Heres why starring is so important:
#### 1. **Shows Appreciation**
- Starring a repository is a simple way to show your appreciation for the hard work and effort that goes into maintaining and developing a project. Its like giving a thumbs-up to the developers!
#### 2. **Increases Visibility**
- The more stars a repository has, the more visible it becomes on GitHub. This can attract more contributors, users, and even potential sponsors, which helps the project grow.
#### 3. **Encourages Developers**
- Seeing stars on a repository motivates developers to continue improving the project. Its a sign that people find the project useful and valuable.
#### 4. **Helps with Discovery**
- GitHubs trending and recommendation algorithms often prioritize repositories with more stars. By starring Palmr, youre helping others discover it more easily.
#### 5. **Tracks Your Interests**
- Starring a repository adds it to your "Starred" list, making it easy for you to find and revisit the project later. Its a great way to keep track of projects you love or want to follow.
#### 6. **Supports Open Source**
- Open-source projects like Palmr thrive on community support. By starring the repository, youre contributing to the open-source ecosystem and helping ensure the projects longevity.
---
### A Small Action with a Big Impact
Starring a repository takes just a second, but it can have a huge impact on the projects growth and development. Your support means a lot to the developers and the community behind Palmr. So, if you find the project useful, dont forget to hit that **Star** button! ⭐
---
### Conclusion
That's it! You've successfully starred the **Palmr.** project on GitHub. Starring repositories is a simple yet powerful way to keep track of projects you find interesting or useful. Thank you for supporting Palmr!

View File

@@ -1,80 +0,0 @@
---
title: Github Architecture
---
## Project Structure
```plaintext
├── apps/
│ ├── web/ # Frontend application
│ ├── server/ # Backend API service
│ └── docs/ # Documentation site
└── composes/ # Docker compose configurations
configurations
```
## Core Components
### 1. Frontend Application (apps/web)
##### Technology Stack:
- React 18
- TypeScript
- Vite
- HeroUI Components
- TailwindCSS
- i18next for internationalization
##### The frontend follows a feature-based architecture with:
- Components-based structure
- Custom hooks for business logic
- Route protection system
- File management system
- Modal system for file operations
### 2. Backend Service (apps/server)
##### Technology Stack:
- Fastify
- PostgreSQL
- MinIO for object storage
- Prisma as ORM
##### Key features include:
- User authentication/authorization
- File management
- Storage management
- Share system
### 3. Documentation (apps/docs)
- Built with Astro and Starlight
- Provides comprehensive documentation for the project
### 4. Infrastructure
- Docker-based deployment
- Containerized services
- Environment-specific configurations through docker-compose
## Key Features
##### 1. File Management
- Upload/Download capabilities
- File preview system
- Share management
- Storage usage monitoring
##### 2. User System
- Authentication
- User management
- Profile management
##### 3. Storage System
- MinIO integration for object storage
- Disk space monitoring
- Upload size validation
##### 4. Internationalization
- Multi-language support
- Translation management

View File

@@ -1,42 +0,0 @@
---
title: Welcome to Palmr.
---
![Palmr Banner](/assets/v1/general/banner.png)
## 🌴 What is **Palmr.** ?
___
**Palmr.** is a powerful and **flexible open-source alternative** to popular file transfer services like **WeTransfer**, **SendGB**, **Send Anywhere** and **Files.fm**. The key advantage of Palmr. is that you can **host it on your own infrastructure**, such as a **dedicated server** or **VPS**, giving you full control over your files and data security — without relying on third-party services or worrying about artificial limits or high fees.
## **Why Choose Palmr.?**
___
### **1. No Artificial Limits**
Unlike traditional services, Palmr. does not impose file size or quantity limits. The only limit is the **available storage** on your server or VPS. If you have the storage capacity, you can send files without restrictions, no premium plans, no ads, and no hidden fees.
### **2. Open Source and Free**
Palmr. is completely **open source** and free to use. You can:
- Deploy it on any infrastructure (VPS, dedicated server, Docker, etc.).
- Review and audit the code to ensure security and integrity.
- Contribute improvements or custom features.
- Adapt it for different use cases as needed.
### **3. Security and Privacy Under Your Control**
By hosting Palmr. on your own infrastructure, you retain **full control over your data**. Your files are not stored or processed by third parties, ensuring **privacy** and **confidentiality** of transferred information.
### **4. Highly Customizable**
Palmr. is fully customizable, allowing you to align it with your brand identity and user experience:
- Add your own **logo**.
- Set a **custom app name**.
- Configure an **SMTP server** for email notifications.
- Customize some text to create a unique experience for users.
### **5. Complete User and Admin Management**
Palmr. offers a robust user and admin management system:
- Create and manage multiple **administrators** .
- Add unlimited **users**.
- Control who can view, upload, and manage files.
- Easily monitor usage.
### **6. Fast, Lightweight, and Scalable**
Palmr. is designed to be lightweight and scalable, ensuring high performance even with large files or high user traffic. Its efficient architecture allows you to scale easily as your needs grow.

View File

@@ -1,135 +0,0 @@
---
title: Installation (Docker Compose)
---
import { Tab, Tabs } from 'fumadocs-ui/components/tabs';
### Quick Start with Default Docker Compose
There is a default `docker-compose.yml` file in the project root that can be used for quick execution. While this provides a convenient way to get started, it's important to note that using the default passwords is **not secure**, especially if the application is exposed to public networks. Malicious users could potentially exploit known default credentials to attack your deployment.
This base Docker Compose configuration works perfectly for localhost development but may require modifications when deployed to a VPS or production environment for optimal performance and security. Please consult the complete documentation for proper production deployment configurations.
For a quick start using the default configuration, simply run:
```bash
docker compose up -d
```
This command will start the project using the default configuration.
> ⚠️ **Important:** We strongly recommend testing your configuration locally first, especially if you've made any modifications to the Docker Compose files. Only after confirming everything works as expected locally should you proceed with deployment to a VPS or server environment.
### Startup Script for Docker Compose
To simplify the execution of the project and enable it to run on any machine, a **startup script** for Docker Compose was created. This script automates the generation of secure credentials and facilitates local setup. While this method provides better security than using default passwords, for maximum security, we strongly recommend moving all sensitive credentials to environment variables instead.
To execute the project using this approach, you need to have **Docker** and **Docker Compose** installed on your machine. While this is the simplest way to execute the project, it is **not recommended for production environments**.
---
### Ways to Execute the Startup Script
First of all, download the relase v1.1.7-beta:
[Release version - 1.1.7-beta](https://github.com/kyantech/Palmr/releases/tag/v1.1.7-beta)
There are two ways to execute the script:
<Tabs items={['Using a Makefile', 'Running the Script Directly']}>
<Tab >
To use this method, you need to have the `make` command installed on your machine.
To generate the new `docker-compose.yml` file using a Makefile, run the following command from the project root:
```bash
make gen-compose
```
This command will subcribe the `docker-compose.yml` file in the root of the project.
- The script's primary function is to generate secure passwords for **MinIO** (object storage) and **Postgres** (database).
- The generated `docker-compose.yml` file serves as a base and can be modified at any time.
- It is configured to run locally via `localhost` and is **not intended for production** or VPS environments.
After the file is generated, you can modify or adapt it for deployment in other environments.
</Tab>
<Tab >
To generate the `docker-compose.yml` file by running the script directly, use the following commands:
```bash
chmod +x ./scripts/generate-docker-compose.sh
./scripts/generate-docker-compose.sh
```
This will have the same effect as running `make gen-compose`.
</Tab>
</Tabs>
---
### Running the Project
After generating the new `docker-compose.yml` file, you can start the project by running the following command from the project root:
```bash
docker compose up -d
```
To access Palmr. in a local environment, open your browser and visit:
[http://localhost:4173](http://localhost:4173)
---
### Deployment in Production
For production environments with high scalability and availability requirements, we recommend using **Kubernetes**, **Docker Swarm**, or a similar container orchestrator.
For homelab, personal projects, or environments where high availability and scalability are not critical, Docker Compose can be used without issues. The `docker-compose.yml` file pulls the latest Palmr. images from Docker and makes them available on specific ports, as shown below:
- **Frontend:** [http://localhost:4173](http://localhost:4173)
- **Backend:** [http://localhost:3333](http://localhost:3333)
- **MinIO API:** [http://localhost:9000](http://localhost:9000)
- **MinIO Console:** [http://localhost:9001](http://localhost:9001)
- **Postgres Database:** [http://localhost:5423](http://localhost:5423)
---
### Port Configuration Recommendations
In this version of `docker-compose.yml`, none of the ports for the frontend and backend should be modified. Consequently, none of the URLs should be changed because the frontend image contains a pre-built version configured to work on port **4173**.
> ⚠️ Due to technical limitations related to **ReactJS**, environment variables executed at runtime cannot be changed. Therefore, to ensure that the system functions correctly as designed, keep the `docker-compose.yml` file unchanged.
---
### Running in Development Mode
If you want to modify the ports in a local environment and run the project using Docker with Docker Compose, we recommend using the `docker-compose-dev.yaml` file. This file builds the project based on the files in the cloned repository.
When using `docker-compose-dev.yaml`, make sure to configure all port and URL settings correctly. Incorrect configuration will prevent Palmr. from functioning as expected.
---
### Docker Compose in Production Environments
We **do not recommend** using `docker-compose.yml` in production or VPS environments. Docker Compose is designed for development and testing purposes only, not for handling production workloads.
---
### Recommended Deployment for Production
For production environments, we recommend using **Kubernetes**. However, the repository does not include a ready-to-use Kubernetes configuration, so you will need to configure it manually.
Alternatively, you can set up the application using separate services as follows:
- **Frontend:** Host on **Vercel** or **AWS Amplify**.
- **Backend:** Host on **Render.com** or similar services.
- **MinIO:** Deploy separately on a server using Docker.
- **Database:** Host on a managed service like **Neon.tech**.
---
### Environment Variables
The Palmr. code is completely open-source, allowing you to adjust the deployment to meet your needs. Ensure that the environment variables are correctly configured to avoid issues during execution.
---
### Additional Resources
- [Docker Documentation](https://docs.docker.com/)
- [Docker Compose Documentation](https://docs.docker.com/compose/)
- [Kubernetes Documentation](https://kubernetes.io/docs/)
- [MinIO Documentation](https://min.io/docs/minio/container/index.html)
- [PostgreSQL Documentation](https://www.postgresql.org/docs/)

View File

@@ -1,104 +0,0 @@
---
title: First Login (Admin)
---
Once you have started all the services as described in the deployment instructions, you will be able to access the frontend at:
- **Production environment:** `{your_web_domain}`
- **Local environment:** [http://localhost:4173](http://localhost:4173)
Upon accessing the frontend, you will see a screen similar to the image below:
![Palmr Landing Page](/assets/v1/general/lp.png)
This is the **Palmr. landing page**, which provides basic information about the application. This landing page can be hidden later when you configure your app, allowing the login page to become the default home page. However, on the first execution, it is displayed by default.
---
## First Login
At the top of the landing page, you will see a button to log in to Palmr.:
> **But you may wonder:**
To simplify the process, Palmr. comes pre-configured with **seed data** upon the first initialization. This seed data includes a default **admin user** with full access to all settings and user management within the application.
After clicking the **Login** button, you will be redirected to the login screen, which looks like this:
![Palmr Login Page](/assets/v1/ui/login.png)
Use the following default credentials to log in for the first time:
| User | Password |
|------------|------------|
| `admin@example.com` | `admin123` |
If everything is set up correctly, you will be authenticated and redirected to Palmr.'s main dashboard, which looks like this:
![Palmr Dashboard](/assets/v1/ui/dashboard.png)
At this point, you are officially logged in and ready to start using all the features of Palmr.!
---
## Recommendations After First Access
Since Palmr. includes a single default admin user in the seed data, it is **highly recommended** to change the default admin credentials immediately after the first login. This is crucial for maintaining the security of your instance.
Follow these steps to update the admin credentials and secure your Palmr. instance:
### Step 1: Access the Profile Settings
1. Click the **user icon** located in the top right corner of the screen.
2. A dropdown menu will appear with several options:
![Palmr Profile Menu](/assets/v1/ui/menu.png)
3. Select **"Profile"** from the dropdown menu. This will redirect you to the profile settings page:
![Palmr Profile Page](/assets/v1/ui/profile.png)
---
### Step 2: Update the Admin Profile
On the profile settings page, you can update all the information related to the admin account.
- To update the password, enter a new secure password and confirm it.
- Update other details as needed based on your preferences.
**Tip:** For better security, use a strong password containing:
- At least 12 characters
- A mix of uppercase and lowercase letters
- Numbers and special characters
---
### Step 3: Update the Profile Picture
You can also update the profile picture for better personalization.
1. Click the **camera icon** next to the avatar.
2. Select an image from your local device.
![Palmr Profile Picture](/assets/v1/ui/profile_picture.png)
> **Recommendation:** Use a square image to ensure proper display.
---
## Troubleshooting
If you encounter any issues during the first login or profile update, please check the following:
- Ensure that all services (frontend, backend, MinIO, and database) are running correctly.
- Make sure the environment variables are properly configured.
- Confirm that the database seeds have been applied correctly.
---
## Security Best Practices
- After setting up your admin account, create separate user accounts with limited access based on roles.
- Use HTTPS to secure the connection between the client and the server.
- Regularly update the Palmr. instance to benefit from the latest security patches and improvements.
---

View File

@@ -1,85 +0,0 @@
---
title: Manage users
---
Manage users to **Palmr** is a straightforward process. Below is a detailed step-by-step guide explaining how to create and manage users within the application.
### Step 1: Accessing User Management
To begin, you need to navigate to the **User Management** section:
1. Click on the **user icon** located in the header of the app.
2. A dropdown menu will appear. From the options available, select **"User Management"**
![Palmr Profile Menu](/assets/v1/ui/menu.png)
---
### Step 2: User Management Dashboard
After selecting **User Management**, you will be redirected to the **User Management Dashboard**.
- On your first access, the only user listed will be the **default Admin** user.
- If you need to update the Admin user details, you must follow the steps outlined in the **Profile Management** section.
- User details for the logged-in Admin cannot be modified from the **User Management Dashboard**.
![Palmr Profile Menu](/assets/v1/main/users/users-management.png)
---
### Step 3: Adding a New User
1. To add a new user, click on the **"Add User"** button located at the top right corner of the screen.
![Palmr Profile Menu](/assets/v1/main/users/add-users-btn.png)
2. A modal form will appear, allowing you to enter the new user's details:
![Palmr Profile Menu](/assets/v1/main/users/add-user-modal.png)
3. After filling in the user details, click on **"Create"** to confirm.
Alternatively, you can click **"Cancel"** to abort the user creation process.
4. Once the user is created successfully, it will appear in the user list.
![Palmr Profile Menu](/assets/v1/main/users/new-user-table.png)
---
### Step 4: Managing User Actions
In the **User List**, under the **"Actions"** column, you will find a dropdown menu for each user.
![Palmr Profile Menu](/assets/v1/main/users/add-user-actions-dropdown.png)
Available actions include:
- **Edit User** Opens a modal form to update user information:
- Change user details including role.
- Change the user password.
![Palmr Profile Menu](/assets/v1/main/users/edit-user-modal.png)
- **Deactivate User** Marks the user as inactive, preventing them from logging into the system.
- **Activate User** Reactivates a deactivated user, allowing them to log in again.
- **Delete User** Permanently removes the user from the system.
---
### Troubleshooting
#### User Creation Fails
- Ensure all mandatory fields (name, email, role) are filled out correctly.
- Check for duplicate emails.
- Verify that the system has proper connectivity to the backend.
#### User Cannot Log In
- Ensure the user is marked as **Active**.
- Verify that the correct email and password are being used.
- Reset the user password if needed.

View File

@@ -1,170 +0,0 @@
---
title: Manual Installation
---
Manual installation is a bit more complex and labor-intensive compared to installation via Docker Compose. However, by following this step-by-step guide, you can execute the project cleanly.
It's worth noting that even though our frontend and backend are run manually, we will still need to use Docker or another third-party service to run Postgres and MinIO. In this tutorial, we will use Docker with Docker Compose to set up MinIO and Postgres.
For this, within our `apps/server` directory, we already have a Docker Compose file that runs MinIO and Postgres, which are necessary for the application to function. However, feel free to use another service if you prefer. Once again, we are using Docker Compose to reduce the manual effort required to set up these services, especially third-party services like Postgres and MinIO.
Now, let's proceed with the step-by-step guide.
## Prerequisites
Before we begin, we need to have the following tools installed in our environment:
- Docker
- Docker Compose
- Node.js
- pnpm
- Git
It's important to emphasize that the entire repository was written using the `pnpm` package manager. Therefore, it is highly recommended to use `pnpm` to run the services to avoid potential issues. However, if you prefer to use another package manager like `npm`, `yarn`, or `bun`, you may do so at your own risk. The system might work normally, but it could also present unknown and unmapped errors when using other package managers. So, we strongly recommend using `pnpm`.
## Running the Application
### Step 1: Clone the Repository
First, clone the official repository:
```bash
git clone https://github.com/kyantech/Palmr.git
```
In the root of this repository, you will find a folder called apps. Inside this folder, there are three subfolders: docs, server, and web. For now, we are interested in the server and web folders, which contain our backend (written in Fastify) and frontend (written in React + Vite), respectively.
### Step 2: Set Up Backend Services
Navigate to the backend folder, where the Docker Compose file for MinIO and Postgres is located:
```bash
cd ./apps/server
```
Inside this folder, you can start by running:
```bash
docker compose up -d
```
This command will run Postgres and MinIO in the background. If you need to make any changes, the file being executed with docker compose up is located at `apps/server/docker-compose.yaml`. However, we recommend using the default settings for the first run and making changes only after you have a functional version of the base code.
### Step 3: Set Up Backend
With MinIO and Postgres running via Docker Compose, let's proceed to the next steps, which involve running the project itself. Here, we will build and run the project in production mode, not development mode. To do this, we need to build both the backend and frontend applications.
Since we are already in the server folder, let's start with the backend.
#### 3.1: Set Up Environment Variables
We need some environment variables for Palmr to run successfully. For this, we will use the `.env.example` file provided in the repository as a base.
Simply run:
```bash
cp .env.example .env
```
This command copies the necessary environment variables to a `.env` file in the root directory.
#### 3.2: Install Dependencies
Next, we need to initialize the database connected directly to Postgres via Prisma, our ORM. But for Prisma to work, we need to install the dependencies for our backend project. With Node and pnpm installed, run:
```bash
pnpm install
```
#### 3.3: Generate Prisma Client
After the installation is complete, run the following command:
```bash
pnpm dlx prisma generate
```
The prisma generate command generates the Prisma client for the project. This client allows programmatic access to the database.
#### 3.4: Deploy Prisma Migrations
Once the generation is complete, run:
```bash
pnpm dlx prisma migrate deploy
```
The prisma migrate deploy command deploys the Prisma migration.
#### 3.5: Seed the Database
After the migration is deployed, we can seed the database to populate the initial tables with the following command:
```bash
pnpm db:seed
```
Now, our database is ready for the project to run.
#### 3.6: Build and Run the Backend
To run the backend, simply execute:
```bash
pnpm run build
```
This command builds the application for production. After the build is complete, run:
```bash
pnpm start
```
Following these steps, the backend will be functional. To test it, you can access:
```bash
http://localhost:3333/docs
```
This is the API documentation page.
### Step 4: Set Up Frontend
The frontend setup is similar to the backend, but we don't need to run any Docker containers—only the service itself.
#### 4.1: Navigate to the Frontend Directory
If you are in the server folder:
```bash
cd ../web
```
If you are in the root of the repository:
```bash
cd apps/web
```
#### 4.2: Set Up Environment Variables
Once in the web directory, first run:
```bash
cp .env.example .env
```
This populates the environment variables, just like in the backend.
#### 4.3: Install Dependencies
Next, install the dependencies:
```bash
pnpm install
```
#### 4.4: Build and Run the Frontend
Now, the process for the frontend is simpler. We can simply run the build with:
```bash
pnpm run build
```
Once the build is complete, start the service with:
```bash
pnpm preview
```
Wait for the service to start, and then you can test the entire application at:
```bash
http://localhost:4173
```
##### Conclusion
That's it! This is the step-by-step guide to manually running a production version of Palmr.
### Useful Links
- [Docker Documentation](https://docs.docker.com/)
- [Node.js Documentation](https://nodejs.org/en/docs/)
- [pnpm Documentation](https://pnpm.io/)
- [Prisma Documentation](https://www.prisma.io/docs/)

View File

@@ -1,28 +0,0 @@
{
"title": "v1.1.7-beta",
"description": "(Deprecated)",
"root": true,
"icon": "Building2",
"pages": [
"---Introduction---",
"index",
"architecture",
"github-architecture",
"installation",
"manual-installation",
"api",
"---How to use Palmr.---",
"login",
"manage-users",
"upload",
"generate-share",
"configuring-smtp",
"available-languages",
"---Developers---",
"contribute",
"open-an-issue",
"---Sponsor this project---",
"gh-star",
"gh-sponsor"
]
}

View File

@@ -1,81 +0,0 @@
---
title: How to open an issue
---
Opening an issue on GitHub is a great way to report bugs, request features, or ask questions about a project. This tutorial will guide you through the process of opening an issue for the **Palmr.** project on GitHub.
---
### Step 1: Log in to GitHub
Before you can star a project, you need to be logged into your GitHub account. If you don't have an account yet, you can sign up for free at [GitHub](https://github.com/).
---
### Step 2: Go to the Palmr. Repository
Once you're logged in, go to the Palmr. repository by clicking on this link: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr).
Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **Kyantech**.
---
### Step 3: Navigate to the Issues Tab
On the Palmr repository page, click on the **Issues** tab near the top of the page. This will take you to the issues section of the repository.
![Palmr Profile Menu](/assets/v1/developers/issues-tab.png)
---
### Step 4: Click on "New Issue"
Once you're in the issues section, click the **New Issue** button to start creating a new issue.
![Palmr Profile Menu](/assets/v1/developers/new-issue-btn.png)
---
### Step 5: Fill Out the Issue Form
Youll now see a form where you can provide details about your issue. Heres how to fill it out:
1. **Title**: Write a clear and concise title that summarizes the issue.
2. **Description**: Provide a detailed description of the issue. Include steps to reproduce the problem (if its a bug), expected behavior, and actual behavior. If youre requesting a feature, explain why it would be useful.
3. **Labels (Optional)**: Add labels to categorize your issue (e.g., `bug`, `enhancement`, `question`). This helps the maintainers organize and prioritize issues.
4. **Attachments (Optional)**: You can attach screenshots, logs, or other files to help explain the issue.
![Palmr Profile Menu](/assets/v1/developers/new-issue-form.png)
---
### Step 6: Submit the Issue
Once youve filled out the form, click the **Create** button. Your issue will now be visible to the project maintainers and other contributors.
---
### Tips for Writing a Good Issue
To ensure your issue is addressed quickly and effectively, follow these tips:
- **Be Clear and Specific**: Provide as much detail as possible.
- **Use a Descriptive Title**: A good title helps maintainers understand the issue at a glance.
- **Include Steps to Reproduce**: If its a bug, explain how to reproduce it.
- **Be Polite and Respectful**: Remember that maintainers and contributors are volunteering their time.
---
### Why Opening Issues is Important
Opening issues is a key part of contributing to open-source projects. Heres why it matters:
1. **Improves the Project**: Your feedback helps identify bugs and suggest new features.
2. **Helps Maintainers**: Clear and detailed issues make it easier for maintainers to address problems.
3. **Encourages Collaboration**: Issues can spark discussions and attract contributors to help solve problems.
---
### Conclusion
That's it! You've successfully opened an issue for the **Palmr** project on GitHub. Your contribution helps improve the project and supports the open-source community. Thank you for taking the time to share your feedback!

View File

@@ -1,94 +0,0 @@
---
title: Uploading Files
---
To upload a file in Palmr, the process is very simple. There are two main locations where you can upload files.
However, before proceeding, its important to highlight that the core functionality of Palmr is file sharing.
But for this to work, you need to first upload one or more files to share. Later, you can create a sharing session,
which may contain one or multiple files.
Now let's focus on the file upload process. As mentioned, it is very simple, and you can upload files from two locations:
**the Home Page** or **the My Files Page**. We will go through both examples below, but the process is exactly the same in both cases.
---
## Home Page
On the home page, there is a **"Recent Uploads"** section. On the first initialization (when no file has been uploaded yet),
it will appear like this:
![Recent Uploads Section](/assets/v1/main/upload/recent-uploads.png)
To upload a file, simply click on the **"Upload File"** button. This will open a modal where you can select the file you want
to upload from your device. Some file types, such as images, audio, and video, will have a preview available.
![Upload File Button](/assets/v1/main/upload/upload-file-button.png)
### Example with an image:
![Preview Example](/assets/v1/main/upload/preview-example.png)
After selecting the file, you can either confirm the upload by clicking the **"Upload"** button or cancel the operation by clicking the **"Cancel"** button.
![Upload and Cancel Buttons](/assets/v1/main/upload/upload-cancel-buttons.png)
Once one or more files have been uploaded, the **"Recent Uploads"** section will update and look like this:
![Recent Uploads with Files](/assets/v1/main/upload/recent-uploads-filled.png)
To upload a new file from this screen, click the **"Upload File"** button in the upper right corner of the section, and follow the same steps as before.
![New Upload Button](/assets/v1/main/upload/new-upload-button.png)
This list on the home page shows only the **last 5 uploads**. To view older files or upload more, you need to go to the **"My Files"** page.
You can access this by clicking on the **"View All"** button in the upper right corner of the section or by clicking on the **"My Files"** card on the home page.
![View All Button](/assets/v1/main/upload/view-all-button.png)
Or:
![My Files Card](/assets/v1/main/files/my-files-card.png)
---
## My Files Page
On the **"My Files"** page, the layout will look like this:
![My Files Page](/assets/v1/main/files/my-files-page.png)
Here, you have the option to **filter** your uploaded files or upload new ones by clicking the **"Upload File"** button and following the same steps explained earlier.
Notice that the tables in the **"Recent Files"** section and the **"My Files"** page are the same — the only difference is the number of results shown.
The **"Recent Files"** section shows only the last 5 uploads, while the **"My Files"** table displays all uploads.
The table fields include:
- **Name**
- **Description**
- **Size**
- **Created At**
- **Updated At**
- **Actions**
### Actions Column
In the **"Actions"** column, you will find an icon that opens the following dropdown:
![Actions Dropdown](/assets/v1/main/files/actions-dropdown.png)
Each option is self-explanatory, but lets detail the **Edit** option:
- **Edit** Opens a modal where you can edit the file name, description, and other details.
![Edit Modal](/assets/v1/main/files/edit-modal.png)
- You can also **delete** a file directly from the dropdown by selecting the **Delete** option.
The preview feature is only available for files like images, audio, PDFs and video. For other file types,
you can download them using the **Download** option in the dropdown.
---
## Notes and Recommendations
- For a better user experience, we recommend using optimized files for upload.
- Upload errors or issues are logged and can be reviewed through the admin panel.
- Admins can manage file access permissions.

View File

@@ -18,7 +18,6 @@ The API documentation is powered by **[Scalar](https://scalar.com/)**, which pro
![Palmr API Documentation](/assets/v2/api-docs/scalar.png)
We have made a deliberate decision to **not provide an online version** of the API documentation, as the endpoints and functionality may vary significantly depending on the specific version of Palmr. you have deployed in your environment. To ensure you're always working with accurate and version-specific documentation, we strongly recommend accessing the documentation only after initializing your API service. It's important to note that the API service is specifically designated as the **server** component within the official Palmr. GitHub repository.
We strongly recommend utilizing **Scalar** as your primary tool for querying and testing the API, as the entire documentation system has been carefully optimized and designed with Scalar integration in mind. Scalar provides developers with an exceptionally intuitive and feature-rich interactive environment that streamlines the process of exploring endpoints, constructing and sending requests, and analyzing responses directly within its sophisticated interface.

View File

@@ -12,51 +12,50 @@ Understanding the architecture of Palmr. is crucial for both deploying and scali
Each component in the Palmr. architecture plays a vital role in ensuring reliability, performance, and scalability. The stack is built with simplicity, performance, and flexibility in mind, everything is self-hosted, developer-friendly, and designed to scale without adding unnecessary complexity.
### 💾 PostgreSQL
Palmr. uses **PostgreSQL** as the primary database solution. It's a powerful, open-source relational database thats trusted by developers around the world. PostgreSQL is fully ACID-compliant, which means it handles transactions safely and reliably. Its perfect for storing structured data like user accounts, file metadata, transfer logs, and anything else that requires consistency. With advanced features like full-text search, custom data types (like JSONB), and strong indexing capabilities, PostgreSQL gives us the tools to scale efficiently without giving up query performance or flexibility.
- Provides reliable and secure data storage, ensuring consistency and high performance for all database operations.
- Powerful indexing, query optimization, and support for complex data types.
- Ideal for handling large amounts of metadata and transactional data in a predictable and scalable way.
### 🎨 Next.js 15 + React + TypeScript
The frontend of Palmr. is built using **Next.js 15**, along with **React** and **TypeScript**, forming a modern stack thats easy to maintain and super fast for end users. Next.js 15 brings server components, server actions, and a new app router system that makes rendering dynamic content incredibly efficient. This allows us to load only whats needed, when its needed which makes the app feel snappy even under load. React provides a clean, component-based structure that makes it easy to break the UI into reusable pieces, and TypeScript helps prevent bugs before they even happen by enforcing static typing and better code navigation. Whether it's SSR, static pages, or dynamic user interactions, this trio handles it all seamlessly.
- **React** enables the creation of a dynamic and responsive user interface with a component-based architecture.
- **TypeScript** adds static typing, enhancing code quality and reducing runtime errors.
- **Next.js 15** handles routing, server-side rendering, and server components for performance at scale.
### 📦 MinIO
Palmr. uses **MinIO** for object storage. MinIO is a lightweight, high-performance, S3-compatible storage solution that makes file handling simple and scalable. Every file uploaded to Palmr. Whether it's a personal file transfer or a shared asset is stored in MinIO. Its built to handle huge amounts of data and can be deployed locally, on-premise, or in the cloud. Because it speaks the same API as Amazon S3, integrating with it is straightforward and familiar to most developers. And since its self-hosted, we have full control over performance, redundancy, and security.
- Supports high-throughput file storage and retrieval.
- Ensures data integrity and redundancy.
- Compatible with AWS S3 APIs, making integration seamless.
### ⚡ Fastify
The backend of Palmr. is powered by **Fastify**, a super-fast Node.js web framework optimized for performance and low overhead. Its designed to handle lots of concurrent requests with minimal resource usage, which is key for scalable backend services. Fastify also has a built-in schema validation system that ensures all incoming data is properly validated before reaching business logic, which helps prevent bugs and security issues. It follows a plugin-based architecture, making it easy to keep route handlers, services, and middlewares cleanly separated and easy to extend as the project grows.
- Provides fast request handling with a lightweight core.
- Built-in schema-based validation for secure and reliable API handling.
- Supports plugin-based architecture for easy extensibility.
### 🔄 How It Works
1. **Frontend** — React + TypeScript + Next.js 15 handle the user interface and user interactions.
2. **Backend** — Fastify processes requests and communicates with the database and storage layers.
3. **Database** — PostgreSQL stores metadata and transactional data.
4. **Object Storage** — MinIO stores the actual files and ensures scalable, high-performance storage.
### 📚 Useful Links
- [PostgreSQL Documentation](https://www.postgresql.org/docs/)
- [Next.js Documentation](https://nextjs.org/docs)
- [React Documentation](https://react.dev/)
- [TypeScript Handbook](https://www.typescriptlang.org/docs/)
- [MinIO Documentation](https://min.io/docs/minio/container/index.html)
- [Fastify Documentation](https://fastify.dev/docs/latest/)

View File

@@ -8,20 +8,20 @@ The project leverages next-intl, a powerful and flexible internationalization (i
---
| Language | Code | Description | Translation |
|----------|------|-------------|-------------|
| 🇺🇸 English | en-US | Primary development language and default fallback option | 100% |
| 🇧🇷 Portuguese | pt-BR | Standard Brazilian Portuguese support | 100% |
| 🇫🇷 French | fr-FR | Standard French language support | 100% |
| 🇪🇸 Spanish | es-ES | Standard Spanish language support | 100% |
| 🇩🇪 German | de-DE | Standard German language support | 100% |
| 🇷🇺 Russian | ru-RU | Standard Russian language support | 100% |
| 🇮🇳 Hindi | hi-IN | Standard Hindi language support | 100% |
| 🇸🇦 Arabic | ar-SA | Standard Arabic language support with RTL | 100% |
| 🇯🇵 Japanese | ja-JP | Standard Japanese language support | 100% |
| 🇰🇷 Korean | ko-KR | Standard Korean language support | 100% |
| 🇹🇷 Turkish | tr-TR | Standard Turkish language support | 100% |
| 🇨🇳 Chinese | zh-CN | Standard Simplified Chinese support | 100% |
| Language | Code | Description | Translation |
| ------------- | ----- | -------------------------------------------------------- | ----------- |
| 🇺🇸 English | en-US | Primary development language and default fallback option | 100% |
| 🇧🇷 Portuguese | pt-BR | Standard Brazilian Portuguese support | 100% |
| 🇫🇷 French | fr-FR | Standard French language support | 100% |
| 🇪🇸 Spanish | es-ES | Standard Spanish language support | 100% |
| 🇩🇪 German | de-DE | Standard German language support | 100% |
| 🇷🇺 Russian | ru-RU | Standard Russian language support | 100% |
| 🇮🇳 Hindi | hi-IN | Standard Hindi language support | 100% |
| 🇸🇦 Arabic | ar-SA | Standard Arabic language support with RTL | 100% |
| 🇯🇵 Japanese | ja-JP | Standard Japanese language support | 100% |
| 🇰🇷 Korean | ko-KR | Standard Korean language support | 100% |
| 🇹🇷 Turkish | tr-TR | Standard Turkish language support | 100% |
| 🇨🇳 Chinese | zh-CN | Standard Simplified Chinese support | 100% |
### 🔄 Language Selection

View File

@@ -7,6 +7,7 @@ For Palmr to function with all its best features, we need to configure our email
## ❓ Why Configure SMTP?
The main functionalities that depend on SMTP configuration are:
- 🔑 **Password Reset** Users who forget their password and cannot access the **Settings** panel need this feature.
- 📧 **Email Notifications** Recipients will receive emails when new shares are sent to them.
@@ -53,6 +54,7 @@ Once SMTP is enabled, you can configure the other necessary fields:
### 🔐 Generating a Gmail App Password
To generate an App Password for Gmail:
1. Go to [Google My Account](https://myaccount.google.com/).
2. Select **Security**.
3. Scroll down to **App Passwords**.

View File

@@ -15,6 +15,7 @@ Before you can contribute, you need to be logged into your GitHub account. If yo
---
### 🔍 Access the Repository
Once you're logged in, go to the Palmr repository by clicking on this link: **[https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr)**. The repository contains all the source code, documentation, and resources for the Palmr project. Take a moment to explore the repository structure, including the README file, which provides an overview of the project.
Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **kyantech**. When searching, make sure you're looking at the official repository by checking the owner and repository name. The repository should have a description that matches the Palmr project and show recent activity from the maintainers. You can also check the number of stars, forks, and watchers to verify you're accessing the correct repository.
@@ -32,6 +33,7 @@ To contribute to the project, you'll need to create your own copy of the reposit
5. You'll be automatically redirected to your forked repository once it's ready.
The fork will maintain a connection to the original repository, allowing you to:
- Keep your fork synchronized with the original repository
- Submit pull requests from your fork to the original repository
- Work independently on your own copy without affecting the original
@@ -41,6 +43,7 @@ The fork will maintain a connection to the original repository, allowing you to:
### 📥 Clone the Fork
Next, youll need to clone your forked repository to your local machine. Heres how:
1. On your forked repository page, click the **Code** button.
2. Copy the repository URL (HTTPS or SSH).
3. Open your terminal or command prompt and run the following command to clone the repository:
@@ -60,6 +63,7 @@ Next, youll need to clone your forked repository to your local machine. Here
### 🔄 Set up Base Branch
Before making changes, ensure your local repository is set up to track the `next` branch from the original Palmr repository. Heres how:
1. Add the original Palmr repository as a remote:
```bash
@@ -81,7 +85,9 @@ Before making changes, ensure your local repository is set up to track the `next
---
### ✏️ Make Local Changes
Now you're ready to make your contributions! This could include:
- Fixing a bug
- Adding a new feature
- Improving documentation
@@ -113,12 +119,14 @@ Once youve made your changes, commit them to your branch using **Conventional
`<type>(<scope>): <description>`
**Examples:**
- `feat: add user authentication`
- `fix(api): resolve null pointer exception`
- `docs: update README file`
- `chore: update dependencies`
**Steps to Commit:**
1. Stage your changes:
```bash
@@ -138,6 +146,7 @@ Once youve made your changes, commit them to your branch using **Conventional
After committing your changes, you'll need to push them to your forked repository on GitHub. This step synchronizes your local changes with your remote repository. Here's how to do it:
1. First, ensure your branch is up-to-date with any remote changes:
```bash
git pull origin your-branch-name
```
@@ -148,11 +157,13 @@ After committing your changes, you'll need to push them to your forked repositor
```
If this is the first time pushing this branch, you might need to set the upstream branch:
```bash
git push -u origin your-branch-name
```
```bash
git push -u origin your-branch-name
```
If you encounter any errors while pushing:
- Make sure you have the correct permissions on your fork
- Verify your remote URL is correct using `git remote -v`
- Check if you need to authenticate with GitHub
@@ -162,6 +173,7 @@ If you encounter any errors while pushing:
### 🔀 Create Pull Request
Now that your changes are on GitHub, you can open a **Pull Request (PR)** to propose your changes to the `next` branch of the Palmr repository. Heres how:
1. Go to your forked repository on GitHub.
2. Click the **Pull Request** button.
3. On the PR creation page:
@@ -191,6 +203,7 @@ Remember that code review is a collaborative process aimed at ensuring code qual
## 💡 Contribution Tips
To ensure your contribution is accepted, follow these tips:
- **Use Conventional Commits**: Write clear and consistent commit messages using the Conventional Commits format.
- **Keep Your PRs Small**: Focus on one issue or feature per PR to make it easier to review.
- **Be Patient**: Maintainers are often volunteers and may take some time to review your PR.
@@ -206,6 +219,7 @@ To ensure your contribution is accepted, follow these tips:
## ⭐ Why Contribute?
Contributing to open-source projects like Palmr has many benefits:
1. **Improves the Project**: Your contributions help make the project better for everyone.
2. **Builds Your Skills**: Youll gain experience working with Git, GitHub, and collaborative coding.
3. **Supports the Community**: Open-source thrives on community contributions. Your work helps sustain the project.

View File

@@ -1,108 +0,0 @@
---
title: 👋 First Login (Admin)
---
After successfully initiating all required services according to the detailed deployment instructions provided, you will gain access to the frontend interface through the following designated endpoints:
- **Production environment:** `{your_web_domain}` or `{your_server_ip}` - This is your primary access point for the live application deployment
- **Local environment:** [http://localhost:4173](http://localhost:4173/) - This endpoint is specifically for development and testing purposes
Upon successfully navigating to the frontend interface through either of these endpoints, you will be presented with a comprehensive welcome screen, as illustrated in the image below:
![Landing Page](/assets/v1/general/lp.png)
What you are viewing is the **Palmr. landing page** ✨, which serves as an introductory interface providing essential information about the application's capabilities and features. While this landing page is displayed by default during your initial setup, you have the flexibility to modify this configuration later. Should you prefer, you can configure the system to bypass this landing page and present the login interface as your primary entry point. However, for the purposes of initial system familiarization, the landing page is deliberately set as the default welcome screen.
---
## 🔑 First Login
Prominently displayed at the top of the landing page, you will notice a clearly marked button that enables you to authenticate and access Palmr.:
> But you may wonder:
>
To facilitate a smooth onboarding experience, Palmr. has been thoughtfully designed with pre-configured **seed data** that is automatically implemented during the initial system initialization. This preliminary data setup includes a comprehensive **admin user** account that is granted complete access privileges, enabling full control over all system settings and user management functionalities within the application environment.
Upon selecting the **Login** button, the system will seamlessly redirect you to the authentication interface, which presents itself as shown in the following image:
![Login Page](/assets/v1/ui/login.png)
For your initial access to the system, please utilize these pre-configured authentication credentials:
### 👤 Admin Credentials
| User | Password |
| --- | --- |
| `admin@example.com` | `admin123` |
Following successful validation of your credentials, the system will authenticate your session and automatically direct you to Palmr.'s primary dashboard interface, which appears as demonstrated in this image:
![Dashboard](/assets/v1/ui/dashboard.png)
Having completed these steps successfully, you have now established an authenticated session and are fully prepared to explore and utilize the comprehensive feature set that Palmr. has to offer! 🎉
---
## 🛡️ Recommendations After First Access
Given that Palmr.'s initial configuration includes a solitary default admin user within the seed data, it is **strongly recommended** as a security best practice to modify the default administrative credentials immediately following your first successful login. This crucial step is fundamental to establishing and maintaining the security integrity of your Palmr. instance.
Please follow this detailed sequence of steps to update your administrative credentials and enhance the security of your Palmr. installation:
### 🔧 Access the Profile Settings
1. Locate and click the **user icon** positioned in the upper right corner of your screen interface.
2. Upon clicking, you will be presented with an expandable dropdown menu containing several configuration options:
![Menu](/assets/v1/ui/menu.png)
1. From the available options in the dropdown menu, select **"Profile"**. This selection will navigate you to the comprehensive profile settings interface:
![Profile](/assets/v1/ui/profile.png)
---
### 📝 Update the Admin Profile
Within the profile settings interface, you have full access to modify all information associated with the administrative account.
- To enhance security through password modification, input and confirm your newly chosen secure password.
- Take this opportunity to review and adjust any additional profile details according to your specific requirements and preferences.
**Tip:** ✨ To establish robust security measures, ensure your new password incorporates the following elements:
- A minimum length of 12 characters to provide adequate complexity
- A diverse combination of uppercase and lowercase alphabetical characters
- An assortment of numerical digits and special character symbols
---
### 📸 Update the Profile Picture
To enhance the personalization of your administrative profile, you have the option to customize your profile picture.
1. Identify and select the **camera icon** positioned adjacent to your current avatar display.
2. Browse and select an appropriate image file from your local storage device.
![Profile Picture](/assets/v1/ui/profile_picture.png)
> 💡 Recommendation: For optimal visual presentation, utilize an image with equal width and height dimensions (square format).
>
---
## ⚠️ Troubleshooting
Should you encounter any technical difficulties during the initial authentication process or while updating your profile information, please verify the following system components:
- Confirm the operational status of all essential services, including the frontend interface, backend systems, MinIO storage, and database connections.
- Verify the accurate configuration of all necessary environment variables within your system.
- Ensure the successful and complete application of all database seed operations.
---
## 🔒 Security Best Practices
- Following the successful configuration of your administrative account, establish additional user accounts with appropriately restricted access permissions based on specific roles and responsibilities.
- Implement HTTPS protocol to ensure secure data transmission between client devices and the server infrastructure.
- Maintain system security by regularly implementing updates to your Palmr. installation to incorporate the latest security patches and system improvements.

View File

@@ -6,7 +6,7 @@ title: 🔗 Managing shares
Creating a share in Palmr is designed to be a straightforward and user-friendly experience that anyone can master quickly. While the platform offers several methods for share creation, we recommend beginning with the most accessible approach: utilizing the **Home Page**, particularly through the well-organized **Recent Shares** section.
___
---
### Home Page
@@ -19,7 +19,6 @@ For first-time users, the interface features a prominently positioned **"Create
![](/assets/v1/main/shares/create-first-share.png)
> Note: One of Palmr's unique features is its flexibility - you don't need to upload files to create a share! This might seem counterintuitive at first, but it's a deliberately designed feature that many users find invaluable for their specific workflows and use cases. This approach allows you to set up the sharing framework first and add content later.
>
This design philosophy reflects Palmr's user-centric approach: you can establish your share's parameters and settings first, then populate it with files at your convenience. Furthermore, all aspects of your share remain fully editable at any time, providing maximum flexibility.
@@ -78,7 +77,7 @@ Each share has an **Actions** column with the following options:
![](/assets/v1/main/shares/actions-column.png)
___
---
## ✏️ Edit Share
@@ -88,24 +87,23 @@ The **Edit** button provides access to a comprehensive interface where you can m
## 📁 Manage Files
___
---
Through the **Manage Files** button, you gain complete control over the content of your share, with the ability to both add new files and remove existing ones.
![](/assets/v1/main/shares/manage-files-modal.png)
___
---
## 👥 Manage Recipients
The **Manage Recipients** button opens an interface where you can maintain your recipient list, adding or removing access as needed.
> Note: For email notifications to function properly, please ensure that your system's SMTP settings are correctly configured and active.
>
![](/assets/v1/main/shares/manage-recipients-modal.png)
___
---
## 👀 View Share Details
@@ -113,7 +111,7 @@ The **View Details** option provides a comprehensive overview of all aspects and
![](/assets/v1/main/shares/share-details-modal.png)
___
---
## 🔗 Generate Share Link
@@ -133,7 +131,7 @@ When recipients access your generated link, they'll be able to both **view and d
![](/assets/v1/main/shares/share-screen.png)
___
---
## Delete Share

View File

@@ -34,6 +34,7 @@ Once you're logged in, go to the Palmr. repository by clicking on this link: [ht
Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **Kyantech**.
You can also:
- Star the repository to show your support
- Watch it for updates
- Fork it if you want to contribute
@@ -75,25 +76,26 @@ Once done, you'll officially be a **Palmr sponsor**! 🙌
### ⭐ Why Sponsoring Matters
- 🧱 Supports Sustainability
Your sponsorship helps keep the project alive and maintained long-term.
Your sponsorship helps keep the project alive and maintained long-term.
- 🚀 Encourages Innovation
Financial support gives developers the freedom to try new ideas and push boundaries.
Financial support gives developers the freedom to try new ideas and push boundaries.
- 🫶 Shows Deep Appreciation
Sponsoring is a meaningful, tangible way to thank developers for their work.
Sponsoring is a meaningful, tangible way to thank developers for their work.
- 🏆 Earns You Recognition
Many projects publicly thank their sponsors — you might appear in the README or on the site!
Many projects publicly thank their sponsors — you might appear in the README or on the site!
- 🌱 Helps Open Source Thrive
Open-source projects rely on community support. Sponsoring helps the ecosystem grow.
Open-source projects rely on community support. Sponsoring helps the ecosystem grow.
---
## 🎁 What Happens After Sponsoring
Once you become a sponsor:
1. You'll receive a confirmation email from GitHub
2. Your name will appear in our sponsors list
3. You'll get access to sponsor-only updates and content
@@ -107,4 +109,3 @@ Once you become a sponsor:
That's it! You've successfully sponsored the **Palmr.** project on GitHub.
Your support will help ensure this open-source project continues to evolve and thrive.
**We appreciate you and welcome you to our community!** 🎉

View File

@@ -66,6 +66,7 @@ After clicking the "Star" button, several things will happen:
4. The repository will be added to your starred repositories list
You can access your starred repositories anytime by:
- Clicking your profile picture
- Selecting "Your stars" from the dropdown menu
- Or visiting: https://github.com/[your-username]?tab=stars
@@ -81,22 +82,22 @@ To remove your star, simply click the "Unstar" button at any time.
Starring a repository on GitHub is more than just a bookmarking tool—its a way to support the project and its developers. Heres why starring is so important:
- 🙌 Shows Appreciation
Starring a repository is a simple way to show your appreciation for the hard work and effort that goes into maintaining and developing a project.
Starring a repository is a simple way to show your appreciation for the hard work and effort that goes into maintaining and developing a project.
- 📈 Increases Visibility
The more stars a repository has, the more visible it becomes on GitHub.
The more stars a repository has, the more visible it becomes on GitHub.
- 💪 Encourages Developers
Seeing stars motivates developers to continue improving the project.
Seeing stars motivates developers to continue improving the project.
- 🔍 Helps with Discovery
GitHub prioritizes repositories with more stars in trending and recommendations.
GitHub prioritizes repositories with more stars in trending and recommendations.
- 📚 Tracks Your Interests
Starred repositories are saved to your list for easy access later.
Starred repositories are saved to your list for easy access later.
- 🌍 Supports Open Source
Your stars help sustain the open-source community and the Palmr project.
Your stars help sustain the open-source community and the Palmr project.
---
@@ -119,6 +120,7 @@ Your star is more than just a number - it's a vote of confidence in our vision a
That's it! You've successfully starred the **Palmr** project on GitHub. Thank you for supporting Palmr and becoming part of our growing community! Your support helps us continue improving and expanding the project for everyone.
Feel free to explore our other ways to contribute, like:
- Sharing Palmr with others
- Reporting issues
- Contributing code

View File

@@ -2,31 +2,30 @@
title: </> Github Architecture
---
import { File, Folder, Files } from "fumadocs-ui/components/files";
import { File, Files, Folder } from "fumadocs-ui/components/files";
## Project Structure
<Files>
<Folder name="apps" defaultOpen>
<Folder name="docs" >
<Folder name="docs">
<File name="all documentation files" />
</Folder>
<Folder name="server" >
<Folder name="server">
<File name="all backend files" />
</Folder>
<Folder name="web" >
<Folder name="web">
<File name="all frontend files" />
</Folder>
</Folder>
<File name="other project files" />
</Files>
## Core Components
### 🖥️ Frontend Application (apps/web)
**Technology Stack:**
**Technology Stack:**
- Next.js 15 (App Router)
- React 18
@@ -52,7 +51,7 @@ The frontend is organized with:
### ⚙️ Backend Service (apps/server)
**Technology Stack:**
**Technology Stack:**
- Fastify
- PostgreSQL
@@ -76,7 +75,7 @@ Key features include:
### 📚 Documentation (apps/docs)
**Technology Stack:**
**Technology Stack:**
- Fumadocs
- MDX (Markdown + JSX)

View File

@@ -2,13 +2,12 @@
title: 🐳 Installation (Docker Compose)
---
Installation via Docker Compose is the simplest way to run the project across different environments. For it to run correctly, we need two main tools installed in our environment:
- Docker ([https://docs.docker.com](https://docs.docker.com/))
- Docker Compose ([https://docs.docker.com/compose](https://docs.docker.com/compose/))
> *It's worth emphasizing that Palmr. was fully developed in a MacOS environment and extensively tested on Linux servers. Therefore, we can guarantee the best system performance in these environments. Windows and other environments have not been tested yet, and potential bugs may occur during execution. However, remember that we are still in a beta version of Palmr., and errors or bugs can occur in any operating system. If you identify any issues, we appreciate your help in notifying us through our GitHub [issues page](https://github.com/kyantech/Palmr/issues).*
> _It's worth emphasizing that Palmr. was fully developed in a MacOS environment and extensively tested on Linux servers. Therefore, we can guarantee the best system performance in these environments. Windows and other environments have not been tested yet, and potential bugs may occur during execution. However, remember that we are still in a beta version of Palmr., and errors or bugs can occur in any operating system. If you identify any issues, we appreciate your help in notifying us through our GitHub [issues page](https://github.com/kyantech/Palmr/issues)._
---
@@ -25,22 +24,24 @@ Next, let's look at the content of our `docker-compose.yaml`.
---
## 🐳 Docker Compose Content
Below is the complete content of our `docker-compose.yaml` that can be copied directly from here or from our official repository ([Docker Compose](https://github.com/kyantech/Palmr/blob/main/docker-compose.yaml)).
```yaml
services:
palmr-api:
image: kyantech/palmr-api:v2.0.0-beta # Make sure to use the correct version (latest) of the image
container_name: palmr-api
palmr:
image: kyantech/palmr:latest # Make sure to use the correct version (latest) of the image
container_name: palmr
depends_on:
postgres:
condition: "service_healthy"
minio:
condition: "service_healthy"
environment:
# Server environment variables
- PORT=${API_INTERNAL_PORT:-3333} # Port for the backend service
- DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD:-postgresRootPassword}@postgres:5432/palmr_db?schema=public # Database URL with configurable password through POSTGRES_PASSWORD env var
- MINIO_ENDPOINT=minio # This can change if your MinIO is at a different address
- DATABASE_URL=postgresql://postgres:${POSTGRESQL_PASSWORD:-postgresRootPassword}@postgres:5432/palmr_db?schema=public # Database URL with configurable password through POSTGRESQL_PASSWORD env var
- MINIO_ENDPOINT=${MINIO_ENDPOINT:-minio} # This can change if your MinIO is at a different address
- MINIO_PORT=${MINIO_INTERNAL_API_PORT:-6421} # Default MinIO port (Change if yours is not the default)
- MINIO_USE_SSL=false # MinIO uses SSL by default, but you can change it to true if needed
- MINIO_ROOT_USER=${MINIO_ROOT_USER:-minio_root_user} # MinIO credentials can be configured through MINIO_ROOT_USER env vars
@@ -49,34 +50,32 @@ services:
- MINIO_BUCKET_NAME=files # MinIO bucket name - This is needed for MinIO to work properly, dont change it if you don't know what you are doing
- FRONTEND_URL=${APP_URL:-http://${SERVER_IP:-localhost}:${APP_EXTERNAL_PORT:-5487}} # Frontend URL - Make sure to use the correct frontend URL, depends on where the frontend is running, its prepared for localhost, but you can change it to your frontend URL if needed
- SERVER_IP=${SERVER_IP:-localhost} # Server IP - Make sure to use the correct server IP if you running on a cloud provider or a virtual machine. This prepared for localhost, but you can change it to your server IP if needed
ports:
- "${API_EXTERNAL_PORT:-3333}:${API_INTERNAL_PORT:-3333}" # Backend port mapping
restart: unless-stopped
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:${API_INTERNAL_PORT:-3333}/health"]
interval: 10s
timeout: 5s
retries: 5
start_period: 30s
- MAX_FILESIZE=${MAX_FILESIZE:-1073741824} # Max Filesize for upload - Declared in Bytes. Default is 1GiB
palmr-app:
image: kyantech/palmr-app:v2.0.0-beta # Make sure to use the correct version (latest) of the image
container_name: palmr-web
depends_on:
palmr-api:
condition: "service_healthy"
ports:
- "${APP_EXTERNAL_PORT:-5487}:5487" # Frontend port mapping
environment:
# Web environment variables
- NODE_ENV=production
- NEXT_TELEMETRY_DISABLED=1
- API_BASE_URL=http://palmr-api:${API_INTERNAL_PORT:-3333} # Here we use docker's internal network to reference the backend service (can be changed if needed)
- API_BASE_URL=http://palmr:${API_INTERNAL_PORT:-3333} # Using Docker service name for internal communication
ports:
- "${API_EXTERNAL_PORT:-3333}:3333" # Server port
- "${APP_EXTERNAL_PORT:-5487}:5487" # Web port
restart: unless-stopped
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:5487"]
test:
[
"CMD",
"wget",
"--no-verbose",
"http://palmr:${API_INTERNAL_PORT:-3333}/health",
"&&",
"wget",
"--no-verbose",
"http://palmr:${APP_INTERNAL_PORT:-5487}",
]
interval: 30s
timeout: 10s
retries: 3
start_period: 60s
minio:
image: minio/minio:RELEASE.2025-03-12T18-04-18Z # Use only version RELEASE.2025-03-12T18-04-18Z to avoid compatibility issues with the backend
@@ -120,10 +119,10 @@ services:
container_name: palmr-postgres
environment:
# PostgreSQL credentials configurable through environment variables
# POSTGRES_USER, POSTGRES_PASSWORD, and POSTGRES_DB can be set to override defaults
- POSTGRESQL_USERNAME=${POSTGRES_USER:-postgres}
- POSTGRESQL_PASSWORD=${POSTGRES_PASSWORD:-postgresRootPassword}
- POSTGRESQL_DATABASE=${POSTGRES_DB:-palmr_db}
# POSTGRESQL_USERNAME, POSTGRESQL_PASSWORD, and POSTGRES_DB can be set to override defaults
- POSTGRESQL_USERNAME=${POSTGRESQL_USERNAME:-postgres}
- POSTGRESQL_PASSWORD=${POSTGRESQL_PASSWORD:-postgresRootPassword}
- POSTGRESQL_DATABASE=${POSTGRES_DATABASE:-palmr_db}
volumes:
- postgres_data:/bitnami/postgresql
ports:
@@ -138,7 +137,6 @@ services:
volumes:
minio_data:
postgres_data:
```
Notice that the `docker-compose.yaml` has several comments that help you configure your own compose to meet your environment's needs. Let's give an overview of some changes we can make.
@@ -147,15 +145,14 @@ Notice that the `docker-compose.yaml` has several comments that help you configu
### ⚙️ Services Overview
Palmr. consists of five main services, each with specific responsibilities. Below, we present a detailed view of each component:
Palmr. consists of four main services, each with specific responsibilities. Below, we present a detailed view of each component:
| **Service** | **Image** | **Exposed Ports** | **Main Features** |
| --- | --- | --- | --- |
| palmr-api (Backend) | [kyantech/palmr-api:latest](https://hub.docker.com/repository/docker/kyantech/palmr-api/tags/latest/sha256-84245d3d0012aa65c588caba56322363729c4b68c3722a08dcda912904de9d1d) | **3333** | • Main API service<br/>• Depends on services: postgres and minio<br/>• Has healthcheck to ensure availability |
| palmr-app (Frontend) | [kyantech/palmr-app:latest](https://hub.docker.com/repository/docker/kyantech/palmr-app/tags/latest/sha256-33f568673ae8cc8529532146b6afc1acafa203387ced6c7bb3451a7ab4198a2f) | **5487** | • Web application interface<br/>• Depends on palmr-api service<br/>• Configured for production environment |
| minio (Storage) | [minio/minio:RELEASE.2025-03-12T18-04-18Z](https://hub.docker.com/layers/minio/minio/RELEASE.2025-03-12T18-04-18Z/images/sha256-85f3e4cd1ca92a2711553ab79f222bcd8b75aa2c77a1a0b0ccf80d38e8ab2fe5) | **6421**(API)<br/>**6422**(Console) | • File storage service<br/>• Persistent volume for data |
| minio-init (Config) | [minio/mc:RELEASE.2025-03-12T17-29-24Z](https://hub.docker.com/layers/minio/mc/RELEASE.2025-03-12T17-29-24Z/images/sha256-68d8c80f43908b02daa285e55547131870a1d36b3ffe272c26d7d8f4d52d1e5c) | N/A | • Initially configures the "files" bucket<br/>• Runs only once during initialization |
| postgres (Database) | [bitnami/postgresql:17.2.0](https://hub.docker.com/layers/bitnami/postgresql/17.2.0/images/sha256-29c614afad4f514b12b5c0f4d006f38c98fa4b18c3582732ff93b3fe9a79d875) | **5432** | • PostgreSQL database<br/>• Persistent volume for data |
| **Service** | **Image** | **Exposed Ports** | **Main Features** |
| ------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- |
| palmr | [kyantech/palmr:latest](https://hub.docker.com/repository/docker/kyantech/palmr/general) | **3333** (API)<br/>**5487** (Web) | • Combined backend API and frontend service<br/>• Depends on services: postgres and minio<br/>• Has healthcheck to ensure availability |
| minio (Storage) | [minio/minio:RELEASE.2025-03-12T18-04-18Z](https://hub.docker.com/layers/minio/minio/RELEASE.2025-03-12T18-04-18Z/images/sha256-85f3e4cd1ca92a2711553ab79f222bcd8b75aa2c77a1a0b0ccf80d38e8ab2fe5) | **6421**(API)<br/>**6422**(Console) | • File storage service<br/>• Persistent volume for data |
| minio-init (Config) | [minio/mc:RELEASE.2025-03-12T17-29-24Z](https://hub.docker.com/layers/minio/mc/RELEASE.2025-03-12T17-29-24Z/images/sha256-68d8c80f43908b02daa285e55547131870a1d36b3ffe272c26d7d8f4d52d1e5c) | N/A | • Initially configures the "files" bucket<br/>• Runs only once during initialization |
| postgres (Database) | [bitnami/postgresql:17.2.0](https://hub.docker.com/layers/bitnami/postgresql/17.2.0/images/sha256-29c614afad4f514b12b5c0f4d006f38c98fa4b18c3582732ff93b3fe9a79d875) | **5432** | • PostgreSQL database<br/>• Persistent volume for data |
---
@@ -163,26 +160,25 @@ Palmr. consists of five main services, each with specific responsibilities. Belo
The table below shows all environment variables that can be set
| **Variable** | **Default Value** | **Description** |
| --- | --- | --- |
| API_INTERNAL_PORT | 3333 | Internal API port in container |
| API_EXTERNAL_PORT | 3333 | Exposed port on host for API |
| POSTGRES_PASSWORD | postgresRootPassword | PostgreSQL database password |
| APP_EXTERNAL_PORT | 5487 | Exposed port on host for frontend |
| APP_URL | http://localhost:5487 | Complete frontend URL |
| SERVER_IP | localhost | IP of the server where the application is running |
| MINIO_ROOT_USER | minio_root_user | MinIO admin user |
| MINIO_ROOT_PASSWORD | minioRootPassword | MinIO admin password |
| MINIO_INTERNAL_API_PORT | 6421 | Internal MinIO API port |
| MINIO_INTERNAL_CONSOLE_PORT | 6422 | Internal MinIO console port |
| MINIO_EXTERNAL_API_PORT | 6421 | Exposed port on host for MinIO API |
| MINIO_EXTERNAL_CONSOLE_PORT | 6422 | Exposed port on host for MinIO console |
| POSTGRESQL_USERNAME | postgres | PostgreSQL user |
| POSTGRESQL_DATABASE | palmr_db | Database name |
> *All these variables can be configured through a .env file in the project root or defined directly in the environment where docker-compose will be executed. The best way to do this is up to you. But be careful to replace correctly if doing directly in the compose instead of providing an environment var.*
>
| **Variable** | **Default Value** | **Description** |
| --------------------------- | --------------------- | ------------------------------------------------- |
| API_INTERNAL_PORT | 3333 | Internal API port in container |
| API_EXTERNAL_PORT | 3333 | Exposed port on host for API |
| POSTGRES_PASSWORD | postgresRootPassword | PostgreSQL database password |
| APP_EXTERNAL_PORT | 5487 | Exposed port on host for frontend |
| APP_URL | http://localhost:5487 | Complete frontend URL |
| SERVER_IP | localhost | IP of the server where the application is running |
| MINIO_ROOT_USER | minio_root_user | MinIO admin user |
| MINIO_ROOT_PASSWORD | minioRootPassword | MinIO admin password |
| MINIO_INTERNAL_API_PORT | 6421 | Internal MinIO API port |
| MINIO_INTERNAL_CONSOLE_PORT | 6422 | Internal MinIO console port |
| MINIO_EXTERNAL_API_PORT | 6421 | Exposed port on host for MinIO API |
| MINIO_EXTERNAL_CONSOLE_PORT | 6422 | Exposed port on host for MinIO console |
| POSTGRESQL_USERNAME | postgres | PostgreSQL user |
| POSTGRESQL_DATABASE | palmr_db | Database name |
| MAX_FILESIZE | 1073741824 | Max Uploadsize per file. Unit in Bytes |
> _All these variables can be configured through a .env file in the project root or defined directly in the environment where docker-compose will be executed. The best way to do this is up to you. But be careful to replace correctly if doing directly in the compose instead of providing an environment var._
#### 🗂️ Persistent Volumes
@@ -195,16 +191,19 @@ The table below shows all environment variables that can be set
In a localhost environment, there's no mystery. If you don't want to change any service exposure ports, you can simply run:
```bash
docker compose pull && docker compose up -d
```
This will execute all necessary services and give you access to the following URLs (if you haven't changed any ports):
- **Frontend:** [http://localhost:5487](http://localhost:5487)
- **Backend:** [http://localhost:3333](http://localhost:3333/)
- **MinIO API:** [http://localhost:6421](http://localhost:6421)
- **MinIO Console:** [http://localhost:6422](http://localhost:6422)
- **Postgres Database:** [http://localhost:5423](http://localhost:5423/) (Connection only)
- **Postgres Database:** [http://localhost:5432](http://localhost:5432/) (Connection only)
> *If you have changed any port, simply access the URL with the port you configured.*
>
> _If you have changed any port, simply access the URL with the port you configured._
---
@@ -219,16 +218,25 @@ We mainly need to pay attention to the following points:
- For all environment variables that are `PASSWORD`, it's highly recommended to generate secure passwords and replace them as env vars.
- Lastly, make sure no docker service will conflict with any existing ones in your environment. If there is a conflict, simply change the execution ports via environment var or in the docker compose.
To generate a .env file with just the `server_ip` configuration, you can run this command:
```bash
curl -fsSL https://gist.githubusercontent.com/danielalves96/5a68913d70e5e31b68b7331dc17dfa9c/raw | bash
```
> execute this command in your server terminal, at same path of docker-compose.yaml.
Basically, by paying attention to these points, you can quickly execute the project with the same command we used for localhost:
```bash
docker compose up -d
docker compose pull && docker compose up -d
```
⚠️ This makes sure you're always running the latest beta version of the image, otherwise, Docker might reuse an outdated one from cache.
At this stage, if you encounter any errors, it's worth reviewing your `docker-compose.yaml` and trying again, paying close attention to the points mentioned above.
> *First test without using reverse proxies like Caddy, Traefik, etc... if you plan to use them. Access the services via `server_ip:port` after confirming they work, then make the necessary routing configurations as desired.*
>
> _First test without using reverse proxies like Caddy, Traefik, etc... if you plan to use them. Access the services via `server_ip:port` after confirming they work, then make the necessary routing configurations as desired._
If you haven't changed the execution ports, you'll have access on your server at:
@@ -236,10 +244,9 @@ If you haven't changed the execution ports, you'll have access on your server at
- **Backend:** `[server_ip]:3333`
- **MinIO API:** `[server_ip]:6421`
- **MinIO Console:** `[server_ip]:6422`
- **Postgres Database:** `[server_ip]:5423` (Connection only)
- **Postgres Database:** `[server_ip]:5432` (Connection only)
> *If you've changed any port, simply access the URL with the port you configured.*
>
> _If you've changed any port, simply access the URL with the port you configured._
It's worth noting that this is just a quick start and we're not going into details about any of the developed services, but it's recommended for execution in any environment. However, if your focus is on using Palmr. with high availability in mind, it's recommended to use a container orchestrator prepared for this, such as Kubernetes or similar, but we don't cover this type of configuration in our documentation.

View File

@@ -31,7 +31,6 @@ Before proceeding with the installation, it's essential to ensure that your deve
⚠️ <strong>A critical note regarding package management:</strong> This repository has been specifically developed and thoroughly tested using the pnpm package manager. While technically possible to use alternative package managers such as `npm`, `yarn`, or `bun`, we strongly advise against this approach.
---
## Running the Application

View File

@@ -1,8 +1,6 @@
{
"title": "v2.0.0-beta",
"description": "v2.0.0-beta Documentation",
"root": true,
"icon": "Building2",
"description": "(Deprecated)",
"icon": "Trash2",
"pages": [
"---Introduction---",
"index",
@@ -11,8 +9,8 @@
"installation",
"manual-installation",
"api",
"s3-providers",
"---How to use Palmr.---",
"first-login",
"manage-users",
"uploading-files",
"generate-share",
@@ -25,5 +23,7 @@
"gh-star",
"gh-sponsor",
"..."
]
],
"root": true,
"title": "v2.0.0-beta"
}

View File

@@ -53,6 +53,7 @@ To access the issues section:
4. You'll see a list of all existing issues, both open and closed
The issues tab shows important information like:
- Number of open issues
- Issue labels and categories
- Issue status (open/closed)
@@ -74,6 +75,7 @@ To start creating a new issue:
5. Make sure you have all necessary information ready before starting
Pro Tips:
- Before creating a new issue, search existing issues to avoid duplicates
- Review any contribution guidelines or issue templates
- Consider adding relevant labels when creating your issue
@@ -107,6 +109,7 @@ Once you've filled out the form, click the **Create** button at the bottom of th
### 💡 Tips for Issues
To ensure your issue is addressed quickly and effectively, follow these tips:
- **Be Clear and Specific**: Provide as much detail as possible.
- **Use a Descriptive Title**: A good title helps maintainers understand the issue at a glance.
- **Include Steps to Reproduce**: If its a bug, explain how to reproduce it.
@@ -117,6 +120,7 @@ To ensure your issue is addressed quickly and effectively, follow these tips:
### ⭐ Why Issues Matter
Opening issues is a key part of contributing to open-source projects. Heres why it matters:
1. **Improves the Project**: Your feedback helps identify bugs and suggest new features.
2. **Helps Maintainers**: Clear and detailed issues make it easier for maintainers to address problems.
3. **Encourages Collaboration**: Issues can spark discussions and attract contributors to help solve problems.

View File

@@ -20,7 +20,6 @@ To begin the upload process, locate and click the "Upload File" button. This act
![Upload File Button](/assets/v1/main/upload/upload-file-button.png)
**Example with an image:**
![Preview Example](/assets/v1/main/upload/preview-example.png)

View File

@@ -0,0 +1,236 @@
---
title: API Endpoints
icon: Plug
---
Palmr. provides a comprehensive, well-documented, and fully typed REST API designed for maximum developer productivity and seamless integration. Whether you're building custom applications, automating workflows, or integrating with third-party services, our API offers the flexibility and reliability you need.
> **Overview:** The API is built with Fastify + Zod + TypeScript, ensuring type safety, schema validation, and excellent performance for all operations.
## Prerequisites
### Exposing the API port
To access the API endpoints, you need to expose port **3333** in your Docker configuration. This port is where the Palmr. API server runs.
**Using Docker Compose:**
```yaml
services:
palmr:
image: kyantech/palmr:latest
ports:
- "5487:5487" # Web interface
- "3333:3333" # API port (required for API access)
# ... other configuration
```
**Using Docker run command:**
```bash
docker run -d \
--name palmr \
-p 5487:5487 \
-p 3333:3333 \
-v palmr_data:/app/server \
--restart unless-stopped \
kyantech/palmr:latest
```
> **Note:** Port 3333 exposure is optional if you only need the web interface. However, it's required for direct API access, custom integrations, and accessing the interactive documentation.
## Accessing the API documentation
The API documentation is available through interactive interfaces that allow you to explore, test, and validate all available endpoints directly in your browser.
### Documentation endpoints
**Local development:**
- Scalar documentation: `http://localhost:3333/docs`
- Swagger documentation: `http://localhost:3333/swagger`
**Production environment:**
- Scalar documentation: `{your_domain}:3333/docs`
- Swagger documentation: `{your_domain}:3333/swagger`
> **Important:** We don't provide an online version of the API documentation because endpoints and functionality may vary between different versions of Palmr. Always access the documentation from your specific deployment to ensure accuracy.
## Interactive documentation with Scalar
Our primary API documentation is powered by **Scalar**, a modern documentation platform that provides an exceptional developer experience.
![Palmr API Documentation](/assets/v2/api-docs/scalar.png)
### Why Scalar?
- **Interactive testing** - Test endpoints directly in the documentation
- **Real-time validation** - Immediate feedback on request/response formats
- **Modern interface** - Clean, intuitive design optimized for developer productivity
- **Type-safe integration** - Full TypeScript support with automatic type inference
- **Schema visualization** - Clear representation of request and response structures
### Key features
- **Comprehensive endpoint coverage** - All API endpoints documented with examples
- **Authentication testing** - Built-in support for JWT token authentication
- **Request builders** - Interactive forms for constructing API requests
- **Response visualization** - Formatted display of API responses with syntax highlighting
- **Code generation** - Generate client code in multiple programming languages
## Alternative Swagger documentation
For developers who prefer Swagger or need compatibility with existing tools, we also provide a Swagger-based documentation interface.
![Palmr API Documentation](/assets/v2/api-docs/swagger.png)
### When to use Swagger
- **Legacy tool compatibility** - Integration with existing Swagger-based workflows
- **Team preferences** - When your team is more familiar with Swagger interface
- **OpenAPI specification** - Direct access to OpenAPI spec for code generation
- **Third-party integrations** - Tools that specifically require Swagger format
Both documentation formats provide identical endpoint coverage and functionality, ensuring you can choose the interface that best fits your development workflow.
## API capabilities
The Palmr. API provides comprehensive access to all platform features:
### File operations
- **Upload files** - Single and batch file uploads with progress tracking
- **Download files** - Secure file retrieval with access control
- **File management** - Rename, delete, and organize files
- **Metadata access** - Retrieve file information and properties
### Folder operations
- **Create folders** - Build folder structures for organization
- **Folder management** - Rename, move, delete folders
- **Folder sharing** - Share folders with same controls as files
### Share management
- **Create shares** - Generate public links for file sharing
- **Configure access** - Set passwords, expiration dates, and view limits
- **Track usage** - Monitor share views and download statistics
- **Manage recipients** - Add and remove share recipients
### User operations
- **Authentication** - Login, logout, and session management
- **Profile management** - Update user information and preferences
- **User administration** - Create and manage user accounts (admin only)
### System integration
- **Health checks** - Monitor system status and availability
- **Configuration** - Access and modify system settings
- **Storage operations** - Manage filesystem and S3 storage options
## Authentication
The API uses **HTTP-only cookies** for secure authentication. After logging in through the web interface or API, authentication is automatically handled via secure cookies:
```bash
# Login to establish authenticated session
POST /auth/login
{
"email": "user@example.com",
"password": "your-password"
}
# Subsequent requests automatically include authentication cookies
# No Authorization header needed - cookies are sent automatically
GET /api/files
```
### How authentication works
1. **Login** - Use the `/auth/login` endpoint with your credentials
2. **Cookie storage** - The server sets HTTP-only cookies containing JWT tokens
3. **Automatic authentication** - All subsequent API requests include these cookies automatically
4. **Session management** - Cookies handle session persistence and expiration
### Security features
- **HTTP-only cookies** - Tokens stored securely in HTTP-only cookies, preventing XSS attacks
- **Secure transmission** - Cookies marked as secure and same-site for enhanced protection
- **Token expiration** - Automatic session timeout for security
- **Role-based access** - Different permissions for users and administrators
- **Request validation** - All inputs validated using Zod schemas
## Getting started with the API
### 1. Expose the API port
Ensure port 3333 is exposed in your Docker configuration to access the API endpoints.
### 2. Access the documentation
Visit your Palmr. instance at `:3333/docs` to explore the interactive API documentation.
### 3. Authenticate
Use the login endpoint to establish an authenticated session. Authentication cookies will be automatically set and included in subsequent requests.
### 4. Test endpoints
Use the interactive documentation to test API endpoints and understand request/response formats.
### 5. Build your integration
Implement your custom application using the API endpoints that match your requirements.
## Integration examples
The API enables powerful integrations and automation:
**Workflow automation:**
- Automatically upload files from CI/CD pipelines
- Create shares for build artifacts and reports
- Integrate with project management tools
**Custom applications:**
- Build mobile apps with native file management
- Create specialized interfaces for specific use cases
- Develop backup and sync solutions
**Business integrations:**
- Connect with existing document management systems
- Automate file sharing workflows
- Integrate with CRM and ERP systems
## Best practices
### Performance optimization
- **Use appropriate HTTP methods** - GET for retrieval, POST for creation, etc.
- **Implement pagination** - Handle large datasets efficiently
- **Cache responses** - Store frequently accessed data locally
- **Batch operations** - Group multiple operations when possible
### Error handling
- **Check status codes** - Handle different HTTP response codes appropriately
- **Parse error messages** - Use detailed error information for debugging
- **Implement retries** - Handle temporary failures gracefully
- **Log API interactions** - Maintain audit trails for troubleshooting
### Security considerations
- **Use HTTPS** - Always encrypt API communications to protect authentication cookies
- **Secure cookies** - Authentication handled automatically via HTTP-only cookies
- **Validate inputs** - Sanitize data before sending to API
- **Monitor usage** - Track API calls for unusual activity
## Useful links
- [Scalar Official Website](https://scalar.com/) - Learn more about our primary documentation platform
- [Swagger Official Website](https://swagger.io/) - Information about the alternative documentation format
- [JWT.io](https://jwt.io/) - Understanding JSON Web Tokens for authentication

View File

@@ -0,0 +1,143 @@
---
title: Architecture of Palmr.
icon: ServerCog
---
import { ZoomableImage } from "@/components/ui/zoomable-image";
## Overview
Understanding the architecture of Palmr. is crucial for both deploying and scaling the application. The platform is designed with simplicity and flexibility in mind, offering a streamlined setup that can grow with your needs.
<ZoomableImage src="/assets/v3/architecture/architecture.png" alt="Palmr. Architecture" />
## Technologies used
Each component in the Palmr. architecture plays a vital role in ensuring reliability, performance, and scalability. The stack is built with simplicity, performance, and flexibility in mind - everything is self-hosted, developer-friendly, and designed to scale without adding unnecessary complexity.
### SQLite + Prisma ORM
Palmr. uses **SQLite** as the primary database solution combined with **Prisma ORM** for type-safe database operations. SQLite is a lightweight, serverless database that's perfect for getting started quickly while still being powerful enough for production use. SQLite is fully ACID-compliant, which means it handles transactions safely and reliably. Prisma provides a modern database toolkit that generates a type-safe client, handles migrations, and offers an intuitive query API. Together, they create a powerful combination that eliminates database administration complexity while providing excellent developer experience.
- Provides reliable and secure data storage with zero configuration required
- **Prisma ORM** offers type-safe queries and automatic TypeScript integration
- Lightweight and fast, perfect for both development and production environments
- Fully ACID-compliant with excellent performance for metadata and transactional data
- Self-contained with no external dependencies or server processes needed
- Easy database migrations and schema management through Prisma
### Next.js 15 + React + TypeScript
The frontend of Palmr. is built using **Next.js 15**, along with **React** and **TypeScript**, forming a modern stack that's easy to maintain and super fast for end users. Next.js 15 brings server components, server actions, and a new app router system that makes rendering dynamic content incredibly efficient. This allows us to load only what's needed, when it's needed - which makes the app feel snappy even under load. React provides a clean, component-based structure that makes it easy to break the UI into reusable pieces, and TypeScript helps prevent bugs before they even happen by enforcing static typing and better code navigation.
- **React** enables the creation of a dynamic and responsive user interface with a component-based architecture
- **TypeScript** adds static typing, enhancing code quality and reducing runtime errors
- **Next.js 15** handles routing, server-side rendering, and server components for performance at scale
### Filesystem storage
Palmr. uses **filesystem storage** as the default storage solution, keeping things simple and efficient. Files are organized in a structured directory layout on the local filesystem, making it easy to understand, backup, and manage. This approach eliminates external dependencies and provides excellent performance for most use cases. The system also supports **S3-compatible object storage** as an optional alternative for users who need cloud storage or additional scalability features.
- Simple and reliable file storage with organized directory structure
- No external dependencies required for basic operation
- Excellent performance for local file operations
- Optional S3-compatible storage support for cloud deployments and scalability
#### Performance Considerations with Encryption
By default, filesystem storage operates without encryption for optimal performance, providing fast uploads and downloads with minimal CPU overhead. This approach is ideal for most use cases where performance is prioritized.
If you need to protect sensitive files at rest, you can enable encryption by setting `DISABLE_FILESYSTEM_ENCRYPTION=false` and providing an `ENCRYPTION_KEY` in your configuration. When enabled, Palmr uses AES-256-CBC encryption, which adds CPU overhead during uploads (encryption) and downloads (decryption), particularly for large files or in resource-constrained environments like containers or low-end VMs.
For optimal performance with encryption enabled, ensure your hardware supports AES-NI acceleration (check with `cat /proc/cpuinfo | grep aes` on Linux).
As an alternative, consider using S3-compatible object storage (e.g., AWS S3 or MinIO), which can offload file storage from the local filesystem and potentially reduce local CPU overhead for encryption/decryption. See [S3 Providers](/docs/3.2-beta/s3-providers) for setup instructions.
### Fastify + Zod + TypeScript
The backend of Palmr. is powered by **Fastify**, **Zod**, and **TypeScript**, creating a robust and type-safe API layer. Fastify is a super-fast Node.js web framework optimized for performance and low overhead, designed to handle lots of concurrent requests with minimal resource usage. Zod provides runtime type validation and schema definition, ensuring all incoming data is properly validated before reaching business logic. TypeScript adds compile-time type safety throughout the entire backend codebase. This combination creates a highly reliable and maintainable backend that prevents bugs and security issues while maintaining excellent performance.
- **Fastify** provides fast request handling with a lightweight core
- **Zod** enables runtime schema validation and type inference
- **TypeScript** ensures type safety across the entire backend codebase
- Built-in schema-based validation for secure and reliable API handling
- Supports plugin-based architecture for easy extensibility
- Optimized for high performance with minimal resource usage
## How it works
The Palmr. architecture follows a clean separation of concerns, making it easy to understand and maintain:
1. **Frontend** — React + TypeScript + Next.js 15 handle the user interface and user interactions
2. **Backend** — Fastify + Zod + TypeScript process requests with full type safety and validation
3. **Database** — SQLite + Prisma ORM store and manage data with type-safe operations
4. **File Storage** — Filesystem storage handles file operations with optional S3-compatible support
## API integration and extensibility
One of Palmr.'s key strengths is its **open API architecture**, designed to integrate seamlessly with existing workflows and third-party services. The API can be exposed publicly, allowing for powerful integrations and custom development opportunities.
### Open API endpoints
Palmr. provides comprehensive REST API endpoints that can be integrated with various services and platforms:
**Popular integration possibilities:**
- **Zapier** - Automate file sharing workflows and connect with 5,000+ apps
- **Microsoft Power Automate** - Create automated workflows within Microsoft ecosystem
- **IFTTT** - Simple automation for personal and business use cases
- **n8n** - Self-hosted workflow automation for advanced users
- **GitHub Actions** - Integrate file sharing into CI/CD pipelines
- **Slack/Discord Bots** - Share files directly from chat platforms
- **Mobile Apps** - Build custom mobile applications using the API
- **Desktop Applications** - Create native desktop clients for specific use cases
### Custom development opportunities
The open API architecture enables developers to:
- **Build custom clients** - Create specialized interfaces for specific industries or use cases
- **Develop integrations** - Connect Palmr. with existing business systems and workflows
- **Create automation scripts** - Automate repetitive file management tasks
- **Build mobile apps** - Develop native iOS/Android applications
- **Integrate with CMS** - Connect content management systems for seamless file handling
- **Create backup solutions** - Build automated backup and sync tools
### API benefits
- **RESTful design** - Standard HTTP methods and status codes for easy integration
- **Comprehensive documentation** - Complete API reference with examples and use cases
- **Authentication support** - Secure API access with JWT token-based authentication
- **Schema validation** - Built-in request/response validation using Zod schemas
- **Type safety** - Full TypeScript support for reliable integrations
- **Bulk operations** - Efficient handling of multiple files and batch operations
This open architecture makes Palmr. not just a file-sharing platform, but a **file management ecosystem** that can adapt to any workflow or business requirement. Whether you're a developer looking to integrate file sharing into your application or a business wanting to automate file workflows, Palmr.'s API provides the flexibility and power you need.
## Storage flexibility
Palmr. is designed to be flexible in how you handle file storage:
**Default setup (Filesystem):**
- Files stored directly on the local filesystem
- Simple directory structure for easy management
- Perfect for single-server deployments and development
- No additional configuration required
**Optional S3-compatible storage:**
- Enable S3 storage by setting `ENABLE_S3=true`, look at [S3 Providers](/docs/3.2-beta/s3-providers) for more information.
- Compatible with AWS S3, MinIO, and other S3-compatible services
- Ideal for cloud deployments and distributed setups
- Provides additional scalability and redundancy options
## Useful links
- [SQLite Documentation](https://www.sqlite.org/docs.html)
- [Prisma Documentation](https://www.prisma.io/docs)
- [Next.js Documentation](https://nextjs.org/docs)
- [React Documentation](https://react.dev/)
- [TypeScript Handbook](https://www.typescriptlang.org/docs/)
- [Fastify Documentation](https://fastify.dev/docs/latest/)
- [Zod Documentation](https://zod.dev/)

View File

@@ -0,0 +1,66 @@
---
title: Available Languages
icon: Globe
---
The project leverages next-intl, a powerful and flexible internationalization (i18n) library, to provide comprehensive language support across the entire application. This robust solution enables seamless translation management, date/time formatting, number formatting, and pluralization rules across different locales.
The integration of next-intl ensures consistent internationalization throughout the application's components, pages, and features, while maintaining optimal performance through efficient bundle splitting and lazy loading of language resources. With its TypeScript support and React Server Components compatibility, next-intl serves as the foundation for delivering a truly global and accessible user experience.
## Supported languages
Palmr currently supports 15 languages with complete translations across all application features and interfaces.
---
| Language | Code | Description | Translation |
| -------------------- | ----- | -------------------------------------------------------- | ----------- |
| English | en-US | Primary development language and default fallback option | 100% |
| Portuguese | pt-BR | Standard Brazilian Portuguese support | 100% |
| French | fr-FR | Standard French language support | 100% |
| Spanish | es-ES | Standard Spanish language support | 100% |
| German | de-DE | Standard German language support | 100% |
| Russian | ru-RU | Standard Russian language support | 100% |
| Hindi | hi-IN | Standard Hindi language support | 100% |
| Arabic | ar-SA | Standard Arabic language support with RTL | 100% |
| Japanese | ja-JP | Standard Japanese language support | 100% |
| Korean | ko-KR | Standard Korean language support | 100% |
| Turkish | tr-TR | Standard Turkish language support | 100% |
| Chinese (Simplified) | zh-CN | Standard Simplified Chinese support | 100% |
| Italian | it-IT | Standard Italian language support | 100% |
| Dutch | nl-NL | Standard Dutch language support | 100% |
| Polish | pl-PL | Standard Polish language support | 100% |
## Language selection
The application provides two convenient methods for language selection, ensuring a seamless user experience across different user preferences and scenarios.
### Automatic detection
The application features sophisticated automatic detection of the user's preferred browser language settings. It intelligently utilizes the browser's preconfigured language preferences to set the initial application language, providing an immediate localized experience without requiring user intervention.
### Manual selection
![Language Selector](/assets/v3/languages/languages.png)
Users have complete control to manually select their preferred language through an intuitive language selector interface in the UI. The language selector is easily accessible and provides immediate language switching capabilities.
Selected language preferences are persistently stored in the browser's localStorage, ensuring a consistent experience across sessions and eliminating the need to reselect languages on subsequent visits.
## Default language
English (en-US) serves as the system's fallback language, ensuring consistent functionality even when language detection or selection encounters issues. This means that if a user's preferred language is not available or if there are any problems with language selection, the application will automatically default to English.
This fallback mechanism is crucial for maintaining a seamless user experience and preventing any potential language-related disruptions. Additionally, all new features and updates are first implemented in English before being translated into other supported languages, ensuring that the English version always remains the most up-to-date and comprehensive.
## Language detection
The application employs advanced detection mechanisms to automatically identify and apply the user's browser language settings as the initial language configuration. This process analyzes the browser's language preferences and matches them against available translations.
For maximum flexibility, users can easily override this automatic selection at any time using the convenient language switcher, accessible via the globe icon prominently displayed in the navigation bar.
## RTL support
The application incorporates comprehensive right-to-left (RTL) text handling capabilities, with particular attention paid to Arabic (ar-SA) language requirements. This includes proper text alignment, layout direction, and user interface elements that adapt to RTL reading patterns.
RTL support ensures that Arabic-speaking users receive a native and intuitive experience, with all interface elements properly oriented and text flowing in the correct direction for optimal readability and usability.

View File

@@ -0,0 +1,374 @@
---
title: Cleanup Orphan Files
icon: Trash2
---
This guide provides detailed instructions on how to identify and remove orphan file records from your Palmr database. Orphan files are database entries that reference files that no longer exist in the storage system, typically resulting from failed uploads or interrupted transfers.
## When and why to use this tool
The orphan file cleanup script is designed to maintain database integrity by removing stale file records. Consider using this tool if:
- Users are experiencing "File not found" errors when attempting to download files that appear in the UI
- You've identified failed uploads that left incomplete database records
- You're performing routine database maintenance
- You've migrated storage systems and need to verify file consistency
- You need to free up quota space occupied by phantom file records
> **Note:** This script only removes **database records** for files that don't exist in storage. It does not delete physical files. Files that exist in storage will remain untouched.
## How the cleanup works
Palmr provides a maintenance script that scans all file records in the database and verifies their existence in the storage system (either filesystem or S3). The script operates in two modes:
- **Dry-run mode (default):** Identifies orphan files and displays what would be deleted without making any changes
- **Confirmation mode:** Actually removes the orphan database records after explicit confirmation
The script maintains safety by:
- Checking file existence before marking as orphan
- Providing detailed statistics and file listings
- Requiring explicit `--confirm` flag to delete records
- Working with both filesystem and S3 storage providers
- Preserving all files that exist in storage
## Understanding orphan files
### What are orphan files?
Orphan files occur when:
1. **Failed chunked uploads:** A large file upload starts, creates a database record, but the upload fails before completion
2. **Interrupted transfers:** Network issues or server restarts interrupt file transfers mid-process
3. **Manual deletions:** Files are manually deleted from storage without removing the database record
4. **Storage migrations:** Files are moved or lost during storage system changes
### Why they cause problems
When orphan records exist in the database:
- Users see files in the UI that cannot be downloaded
- Download attempts result in "ENOENT: no such file or directory" errors
- Storage quota calculations become inaccurate
- The system returns 500 errors instead of proper 404 responses (in older versions)
### Renamed files with suffixes
Files with duplicate names are automatically renamed with suffixes (e.g., `file (1).png`, `file (2).png`). Sometimes the upload fails after the database record is created but before the physical file is saved, creating an orphan record with a suffix.
**Example:**
```
Database record: photo (1).png → objectName: user123/1758805195682-Rjn9at692HdR.png
Physical file: Does not exist ❌
```
## Step-by-step instructions
### 1. Access the server environment
**For Docker installations:**
```bash
docker exec -it <container_name> /bin/sh
cd /app/palmr-app
```
**For bare-metal installations:**
```bash
cd /path/to/palmr/apps/server
```
### 2. Run the cleanup script in dry-run mode
First, run the script without the `--confirm` flag to see what would be deleted:
```bash
pnpm cleanup:orphan-files
```
This will:
- Scan all file records in the database
- Check if each file exists in storage
- Display a summary of orphan files
- Show what would be deleted (without actually deleting)
### 3. Review the output
The script will provide detailed information about orphan files:
```text
Starting orphan file cleanup...
Storage mode: Filesystem
Found 7 files in database
❌ Orphan: photo(1).png (cmddjchw80000gmiimqnxga2g/1758805195682-Rjn9at692HdR.png)
❌ Orphan: document.pdf (cmddjchw80000gmiimqnxga2g/1758803757558-JQxlvF816UVo.pdf)
📊 Summary:
Total files in DB: 7
✅ Files with storage: 5
❌ Orphan files: 2
🗑️ Orphan files to be deleted:
- photo(1).png (0.76 MB) - cmddjchw80000gmiimqnxga2g/1758805195682-Rjn9at692HdR.png
- document.pdf (2.45 MB) - cmddjchw80000gmiimqnxga2g/1758803757558-JQxlvF816UVo.pdf
⚠️ Dry run mode. To actually delete orphan records, run with --confirm flag:
pnpm cleanup:orphan-files:confirm
```
### 4. Confirm and execute the cleanup
If you're satisfied with the results and want to proceed with the deletion:
```bash
pnpm cleanup:orphan-files:confirm
```
This will remove the orphan database records and display a confirmation:
```text
🗑️ Deleting orphan file records...
✓ Deleted: photo(1).png
✓ Deleted: document.pdf
✅ Cleanup complete!
Deleted 2 orphan file records
```
## Example session
Below is a complete example of running the cleanup script:
```bash
$ pnpm cleanup:orphan-files
> palmr-api@3.2.3-beta cleanup:orphan-files
> tsx src/scripts/cleanup-orphan-files.ts
Starting orphan file cleanup...
Storage mode: Filesystem
Found 15 files in database
❌ Orphan: video.mp4 (user123/1758803869037-1WhtnrQioeFQ.mp4)
❌ Orphan: image(1).png (user123/1758805195682-Rjn9at692HdR.png)
❌ Orphan: image(2).png (user123/1758803757558-JQxlvF816UVo.png)
📊 Summary:
Total files in DB: 15
✅ Files with storage: 12
❌ Orphan files: 3
🗑️ Orphan files to be deleted:
- video.mp4 (97.09 MB) - user123/1758803869037-1WhtnrQioeFQ.mp4
- image(1).png (0.01 MB) - user123/1758805195682-Rjn9at692HdR.png
- image(2).png (0.76 MB) - user123/1758803757558-JQxlvF816UVo.png
⚠️ Dry run mode. To actually delete orphan records, run with --confirm flag:
pnpm cleanup:orphan-files:confirm
$ pnpm cleanup:orphan-files:confirm
> palmr-api@3.2.3-beta cleanup:orphan-files:confirm
> tsx src/scripts/cleanup-orphan-files.ts --confirm
Starting orphan file cleanup...
Storage mode: Filesystem
Found 15 files in database
❌ Orphan: video.mp4 (user123/1758803869037-1WhtnrQioeFQ.mp4)
❌ Orphan: image(1).png (user123/1758805195682-Rjn9at692HdR.png)
❌ Orphan: image(2).png (user123/1758803757558-JQxlvF816UVo.png)
📊 Summary:
Total files in DB: 15
✅ Files with storage: 12
❌ Orphan files: 3
🗑️ Orphan files to be deleted:
- video.mp4 (97.09 MB) - user123/1758803869037-1WhtnrQioeFQ.mp4
- image(1).png (0.01 MB) - user123/1758805195682-Rjn9at692HdR.png
- image(2).png (0.76 MB) - user123/1758803757558-JQxlvF816UVo.png
🗑️ Deleting orphan file records...
✓ Deleted: video.mp4
✓ Deleted: image(1).png
✓ Deleted: image(2).png
✅ Cleanup complete!
Deleted 3 orphan file records
Script completed successfully
```
## Troubleshooting common issues
### No orphan files found
```text
📊 Summary:
Total files in DB: 10
✅ Files with storage: 10
❌ Orphan files: 0
✨ No orphan files found!
```
**This is good!** It means your database is in sync with your storage system.
### Script cannot connect to database
If you see database connection errors:
1. Verify the database file exists:
```bash
ls -la prisma/palmr.db
```
2. Check database permissions:
```bash
chmod 644 prisma/palmr.db
```
3. Ensure you're in the correct directory:
```bash
pwd # Should show .../palmr/apps/server
```
### Storage provider errors
For **S3 storage:**
- Verify your S3 credentials are configured correctly
- Check that the bucket is accessible
- Ensure network connectivity to S3
For **Filesystem storage:**
- Verify the uploads directory exists and is readable
- Check file system permissions
- Ensure sufficient disk space
### Script fails to delete records
If deletion fails for specific files:
- Check database locks (close other connections)
- Verify you have write permissions to the database
- Review the error message for specific details
## Understanding the output
### File statistics
The script provides several key metrics:
- **Total files in DB:** All file records in your database
- **Files with storage:** Records where the physical file exists
- **Orphan files:** Records where the physical file is missing
### File information
For each orphan file, you'll see:
- **Name:** Display name in the UI
- **Size:** File size as recorded in the database
- **Object name:** Internal storage path
Example: `photo(1).png (0.76 MB) - user123/1758805195682-Rjn9at692HdR.png`
## Prevention and best practices
### Prevent orphan files from occurring
1. **Monitor upload failures:** Check server logs for upload errors
2. **Stable network:** Ensure reliable network connectivity for large uploads
3. **Adequate resources:** Provide sufficient disk space and memory
4. **Regular maintenance:** Run this script periodically as part of maintenance
### When to run cleanup
Consider running the cleanup script:
- **Monthly:** As part of routine database maintenance
- **After incidents:** Following server crashes or storage issues
- **Before migrations:** Before moving to new storage systems
- **When users report errors:** If download failures are reported
### Safe cleanup practices
1. **Always run dry-run first:** Review what will be deleted before confirming
2. **Backup your database:** Create a backup before running with `--confirm`
3. **Check during low usage:** Run during off-peak hours to minimize disruption
4. **Document the cleanup:** Keep records of when and why cleanup was performed
5. **Verify after cleanup:** Check that file counts match expectations
## Technical details
### How files are stored
When files are uploaded to Palmr:
1. Frontend generates a safe object name using random identifiers
2. Backend creates the final `objectName` as: `${userId}/${timestamp}-${randomId}.${extension}`
3. If a duplicate name exists, the **display name** gets a suffix, but `objectName` remains unique
4. Physical file is stored using `objectName`, display name is stored separately in database
### Storage providers
The script works with both storage providers:
- **FilesystemStorageProvider:** Uses `fs.promises.access()` to check file existence
- **S3StorageProvider:** Uses `HeadObjectCommand` to verify objects in S3 bucket
### Database schema
Files table structure:
```typescript
{
name: string // Display name (can have suffixes like "file (1).png")
objectName: string // Physical storage path (always unique)
size: bigint // File size in bytes
extension: string // File extension
userId: string // Owner of the file
folderId: string? // Parent folder (null for root)
}
```
## Related improvements
### Download validation (v3.2.3-beta+)
Starting from version 3.2.3-beta, Palmr includes enhanced download validation:
- Files are checked for existence **before** attempting download
- Returns proper 404 error if file is missing (instead of 500)
- Provides helpful error message to users
This prevents errors when trying to download orphan files that haven't been cleaned up yet.
## Security considerations
- **Read-only by default:** Dry-run mode is safe and doesn't modify data
- **Explicit confirmation:** Requires `--confirm` flag to delete records
- **No file deletion:** Only removes database records, never deletes physical files
- **Audit trail:** All actions are logged to console
- **Permission-based:** Only users with server access can run the script
> **Important:** This script does not delete physical files from storage. It only removes database records for files that don't exist. This is intentional to prevent accidental data loss.
## FAQ
**Q: Will this delete my files?**
A: No. The script only removes database records for files that are already missing from storage. Physical files are never deleted.
**Q: Can I undo the cleanup?**
A: No. Once orphan records are deleted, they cannot be recovered. Always run dry-run mode first and backup your database.
**Q: Why do orphan files have suffixes like (1), (2)?**
A: When duplicate files are uploaded, Palmr renames them with suffixes. If the upload fails after creating the database record, an orphan with a suffix remains.
**Q: How often should I run this script?**
A: Monthly maintenance is usually sufficient. Run more frequently if you experience many upload failures.
**Q: Does this work with S3 storage?**
A: Yes! The script automatically detects your storage provider (filesystem or S3) and works with both.
**Q: What if I have thousands of orphan files?**
A: The script handles large numbers efficiently. Consider running during off-peak hours for very large cleanups.
**Q: Can this fix "File not found" errors?**
A: Yes, if the errors are caused by orphan database records. The script removes those records, preventing future errors.

View File

@@ -0,0 +1,273 @@
---
title: Configuring SMTP
icon: Mail
---
For Palmr to function with all its best features, you need to configure an email server. To make this process easier, there's a built-in configuration panel inside **Settings** in Palmr. However, only users with an **ADMIN** profile can access and configure these settings.
This guide walks you through the complete process of setting up SMTP for your Palmr installation, ensuring that email-dependent features work seamlessly.
## Why configure SMTP?
Configuring SMTP is essential for enabling key email functionalities that enhance the user experience and ensure proper system operation.
The main functionalities that depend on SMTP configuration are:
- **Password Reset** Users who forget their password and cannot access the **Settings** panel need this feature to regain access to their accounts.
- **Email Notifications** Recipients will receive email notifications when new shares are sent to them, keeping them informed about shared content.
Without proper SMTP configuration, these features will not work, potentially leaving users unable to recover their accounts or stay informed about shared files.
Now, let's go through the step-by-step process to configure the **SMTP Server**.
---
## Accessing SMTP settings
To configure SMTP settings, you'll need administrative access to the Palmr settings panel.
### Prerequisites
Before beginning the configuration process:
- Ensure you have **ADMIN** user privileges in Palmr
- Have your SMTP server credentials ready
- For Gmail users, prepare to generate an App Password
### Navigating to settings
To access **Settings**, an **ADMIN** user must click on the profile picture in the **header** and select **Settings** from the dropdown menu.
Once inside the **Settings** panel, click on the **Email** card to expand the SMTP configuration options.
![Closed Settings Card](/assets/v3/smtp/closed-card.png)
After expanding the card, the following SMTP configuration fields will appear:
![Opened Settings Card](/assets/v3/smtp/opened-card.png)
---
## Configuring SMTP server
The SMTP configuration process involves enabling the service and configuring the necessary connection details.
### Enabling SMTP
The first step is to **enable SMTP** by selecting "Yes" in the **SMTP Enabled** field.
![SMTP Enabled](/assets/v3/smtp/smtp-enabled.png)
### Configuration fields
Once SMTP is enabled, you can configure the following fields:
#### Basic SMTP Configuration
**SMTP Server** The SMTP server address provided by your email service. For Gmail, use `smtp.gmail.com` (this is the recommended option and set as default).
**SMTP Port** The server port used for connections. For Gmail, the standard port is **587** (TLS encryption).
**SMTP Username** The username for authenticating with your SMTP server. For Gmail, enter your complete email address.
**SMTP Password** The password for SMTP authentication. For Gmail, you must use an **App Password** (not your regular email password).
#### Email Sender Configuration
**Sender Name** This will appear as the sender's name in all outgoing emails. Use a recognizable name like "Palmr" or your organization name.
**Sender Email** The email address from which notifications will be sent. Use a professional address like "noreply@palmr.app" or "notifications@yourdomain.com".
#### Advanced Configuration Options
**Connection Security** Choose the appropriate security method for your SMTP server:
- **Auto (Recommended)** Automatically selects the best security method based on the port
- **SSL (Port 465)** Uses SSL encryption for the entire connection
- **STARTTLS (Port 587)** Uses STARTTLS to upgrade a plain connection to TLS
- **None (Insecure)** Uses plain SMTP without encryption (only for development/testing)
**No Authentication** Enable this option for internal SMTP servers that don't require username/password authentication. When enabled, the username and password fields will be hidden.
**Trust Self-Signed Certificates** Enable this option to trust self-signed SSL/TLS certificates. This is particularly useful for development environments or internal SMTP servers with self-signed certificates.
#### Field Behavior and Dependencies
**Conditional Field Display**: The SMTP configuration uses intelligent field display:
- **All SMTP fields** are hidden when SMTP is disabled
- **Username and Password fields** are automatically hidden when "No Authentication" is enabled
- **Test Connection button** only appears when SMTP is enabled
**Field Validation**: The system provides real-time validation:
- **Required fields** are checked before testing connections
- **Authentication fields** are validated unless "No Authentication" is enabled
- **Connection testing** validates all settings before saving
#### Testing Configuration
**Test SMTP Connection** Use this button to test your SMTP configuration before saving. This will verify that all settings are correct and the connection works properly.
**Test Button Features**:
- **Real-time validation** of all required fields
- **Informational tooltip** explaining the test process
- **Loading state** with spinner during connection test
- **Success/Error messages** with detailed feedback
- **Uses form values** (not saved settings) for testing
### Important security note
**Important:** If using **Gmail**, you need to generate an **App Password** instead of using your standard email password. This provides better security and is required for applications like Palmr.
For other email services, consult the official documentation of the service provider you are using. We recommend using Gmail for its simplicity, reliability, and reasonable email sending limits.
---
## Generating a Gmail App Password
Gmail requires App Passwords for third-party applications to ensure account security while maintaining functionality.
### Step-by-step process
To generate an App Password for Gmail:
1. **Access Your Account**: Go to [Google My Account](https://myaccount.google.com/)
2. **Navigate to Security**: Select the **Security** section from the menu
3. **Find App Passwords**: Scroll down to locate **App Passwords** (you may need to enable 2-factor authentication first)
4. **Generate Password**: Create a new password specifically for Palmr
5. **Save Securely**: Copy and store the generated password safely
### Additional resources
For a complete guide with screenshots and detailed instructions, refer to: **[How to set up SMTP credentials with Gmail](https://medium.com/rails-to-rescue/how-to-set-up-smtp-credentials-with-gmail-for-your-app-send-email-cf236d11087d)**.
### Gmail configuration summary
When using Gmail, your final settings should be:
- **SMTP Server**: `smtp.gmail.com`
- **SMTP Port**: `587`
- **SMTP Username**: Your Gmail address
- **SMTP Password**: Generated App Password (16 characters)
- **Connection Security**: Auto (Recommended) or STARTTLS (Port 587)
---
## Other email provider configurations
While Gmail is recommended for its simplicity, Palmr supports various email providers. Here are common configurations:
### Outlook/Hotmail
- **SMTP Server**: `smtp-mail.outlook.com`
- **SMTP Port**: `587`
- **Connection Security**: STARTTLS (Port 587)
- **Authentication**: Username and password required
### Yahoo Mail
- **SMTP Server**: `smtp.mail.yahoo.com`
- **SMTP Port**: `587` or `465`
- **Connection Security**: STARTTLS (Port 587) or SSL (Port 465)
- **Authentication**: App-specific password required
### Custom SMTP Server
- **SMTP Server**: Your server's hostname or IP address
- **SMTP Port**: Usually `25`, `587`, or `465`
- **Connection Security**: Choose based on your server's capabilities
- **Authentication**: Configure according to your server's requirements
- **Trust Self-Signed Certificates**: Enable if using self-signed certificates
---
## Testing your configuration
After completing the configuration, it's important to verify that everything works correctly.
### Using the Test Connection feature
Palmr provides a built-in **Test SMTP Connection** button that allows you to verify your configuration before saving:
1. **Fill in your SMTP settings** Complete all required fields in the SMTP configuration
2. **Click "Test Connection"** This will attempt to connect to your SMTP server with the current settings
3. **Review the results** You'll see a success message if the connection works, or an error message with details if it fails
4. **Save your settings** Once the test is successful, save your configuration to make it permanent
**Note:** The test connection uses the values currently entered in the form, not the saved settings. Make sure to save your configuration after a successful test.
### Validation steps
1. **Save Settings**: Apply your SMTP configuration in the Palmr interface
2. **Test Password Reset**: Try the password reset feature with a test account to ensure emails are sent
3. **Test Notifications**: Create a test share to verify that notification emails are delivered
4. **Check Email Delivery**: Confirm that emails arrive in the recipient's inbox (not spam folder)
### Troubleshooting common issues
If emails are not being sent:
- **Verify all fields are filled correctly** Ensure all required fields have valid values
- **For Gmail, ensure you're using the App Password** Not your regular email password
- **Check that your email provider allows SMTP connections** Some providers require specific settings
- **Confirm that port 587 is not blocked by your firewall** Check both local and network firewall settings
- **Verify the SMTP server address** Double-check the hostname for typos
- **Test with different security settings** Try different Connection Security options if one fails
### Troubleshooting self-signed certificate issues
If you're using an SMTP server with self-signed certificates and encountering connection errors:
1. **Enable Trust Self-Signed Certificates** In the SMTP settings, enable the "Trust Self-Signed Certificates" option
2. **Use Appropriate Security Method** Choose the correct security method for your server:
- For servers requiring TLS: Use "STARTTLS (Port 587)" or "SSL (Port 465)"
- For development servers without encryption: Use "None (Insecure)"
3. **Verify Server Configuration** Ensure your SMTP server is properly configured to accept connections on the specified port
4. **Test Connection** Use the "Test Connection" button to verify your configuration before saving
**Note:** The "None (Insecure)" option should only be used in development environments or with trusted internal servers, as it transmits data without encryption.
### Troubleshooting authentication issues
If you're experiencing authentication problems:
- **Check username and password** Ensure they are correct and match your email provider's requirements
- **For Gmail users** Make sure you're using an App Password, not your regular password
- **Enable "No Authentication" if applicable** For internal servers that don't require authentication
- **Verify account settings** Some providers require enabling "Less secure app access" or similar settings
### Common error messages and solutions
The SMTP configuration system provides specific error messages to help you troubleshoot issues:
**"SMTP is not enabled. Please enable SMTP first."**
- **Solution**: Enable the "SMTP Enabled" toggle before testing
**"Please fill in SMTP Host and Port before testing."**
- **Solution**: Ensure both SMTP Server and SMTP Port fields are filled
**"Please fill in SMTP Username and Password, or enable 'No Authentication' option."**
- **Solution**: Either provide authentication credentials or enable "No Authentication"
**"SMTP connection failed: [specific error]"**
- **Solution**: Check the specific error message for details about the connection issue
---
## Finalizing SMTP configuration
After entering the correct information and testing the functionality, save the settings.
Your Palmr installation is now ready to:
- Send password reset emails to users who need account recovery
- Deliver share notifications to recipients automatically
- Provide a complete user experience with reliable email communication
With SMTP properly configured, users can take full advantage of Palmr's email-dependent features, ensuring a smooth and professional experience when sharing files and managing their accounts.

View File

@@ -0,0 +1,442 @@
---
title: How to Contribute
icon: Users
---
## Introduction
Thank you for your interest in contributing to the **Palmr** project! Contributions are what make the open-source community such an amazing place to learn, inspire, and create. Whether you're fixing bugs, adding new features, improving documentation, or sharing ideas, every contribution helps make Palmr better for everyone.
We welcome contributors of all experience levels - from beginners to seasoned developers. This comprehensive guide will walk you through the process of contributing to Palmr, from setting up your development environment to submitting your first pull request.
We're excited to have you join our community of contributors and look forward to seeing what you'll bring to the project.
---
## GitHub account requirements
Before you can contribute, you'll need to be logged into your GitHub account. If you don't have an account yet, creating one is free and opens up the entire world of open-source collaboration.
### Account setup benefits
Having a GitHub account is essential as it allows you to:
- Fork repositories and create your own copies
- Submit pull requests to propose changes
- Interact with other contributors and maintainers
- Track issues and participate in discussions
- Build your open-source portfolio
### Security recommendations
When creating your account:
- Use a professional email address for your GitHub account
- Enable two-factor authentication for enhanced security
- Customize your profile to showcase your interests and skills
- Explore the GitHub community to discover other projects
If you need to create an account, visit [GitHub's signup page](https://github.com/signup) and follow the registration process.
---
## Accessing the repository
Once you're logged into your GitHub account, you'll need to navigate to the Palmr repository to begin your contribution journey.
### Direct access
Visit the Palmr repository directly: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr)
The repository contains all the source code, documentation, and resources for the Palmr project. Take time to explore the repository structure, including the README file, which provides an overview of the project.
### Alternative access methods
You can also find the repository by:
- Searching for "Palmr" in the GitHub search bar
- Looking for the repository owned by **kyantech**
- Accessing it through Kyantech's organization page
### Repository verification
When searching, ensure you're accessing the official repository by:
- Checking the owner and repository name match exactly
- Verifying the description matches the Palmr project
- Confirming recent activity from the maintainers
- Reviewing the number of stars, forks, and watchers
---
## Forking the repository
To contribute to the project, you'll need to create your own copy of the repository. This process is called **forking** and is fundamental to the GitHub collaboration workflow.
### Creating your fork
Here's how to fork the repository:
1. **Locate the Fork Button**: Click the **Fork** button at the top right of the repository page
2. **Select Destination**: Choose where you want to fork the repository (your personal account or an organization)
3. **Wait for Creation**: Allow a few moments while GitHub creates your fork
4. **Automatic Redirect**: You'll be redirected to your forked repository once it's ready
### Fork benefits
Your fork will maintain a connection to the original repository, allowing you to:
- Keep your fork synchronized with the original repository
- Submit pull requests from your fork to the original repository
- Work independently on your own copy without affecting the original
- Experiment with changes before proposing them
---
## Cloning your fork
After forking the repository, you'll need to clone it to your local machine to begin making changes.
### Clone process
Follow these steps to clone your forked repository:
1. **Access Clone Options**: On your forked repository page, click the **Code** button
2. **Copy Repository URL**: Copy the repository URL (HTTPS or SSH, depending on your preference)
3. **Open Terminal**: Open your terminal or command prompt
4. **Execute Clone Command**: Run the following command to clone the repository:
```bash
git clone <repository-url>
```
5. **Navigate to Directory**: Move into the cloned directory:
```bash
cd Palmr
```
### Clone verification
After cloning, verify your setup by:
- Confirming all files are present in your local directory
- Checking that you can access the project files
- Testing that Git is properly configured for the repository
---
## Setting up the base branch
Before making changes, ensure your local repository is properly configured to track the correct branch from the original Palmr repository.
### Remote configuration
Set up your repository to track the upstream repository:
1. **Add Upstream Remote**: Add the original Palmr repository as a remote:
```bash
git remote add upstream https://github.com/kyantech/Palmr.git
```
2. **Fetch Latest Changes**: Retrieve the latest changes from the `next` branch:
```bash
git fetch upstream next
```
3. **Create Feature Branch**: Create a new branch for your contribution based on `upstream/next`:
```bash
git checkout -b your-branch-name upstream/next
```
### Branch naming conventions
When creating your branch, use descriptive names that indicate the purpose of your changes:
- `feature/user-authentication` for new features
- `fix/login-bug` for bug fixes
- `docs/api-documentation` for documentation updates
- `refactor/database-queries` for code improvements
---
## Making your changes
Now you're ready to implement your contributions! This is where your creativity and technical skills come into play.
### Types of contributions
Your contributions could include:
- **Bug Fixes**: Resolving issues and improving stability
- **New Features**: Adding functionality that enhances the project
- **Documentation**: Improving guides, API docs, and examples
- **Testing**: Writing or improving test coverage
- **Performance**: Optimizing code for better efficiency
- **Accessibility**: Making the project more inclusive
- **Translations**: Adding support for different languages
- **Code Quality**: Refactoring and improving code structure
### Development best practices
When making changes, follow these guidelines:
1. **Follow Style Guidelines**: Ensure your code adheres to the project's coding standards
2. **Test Incrementally**: Run tests locally to catch issues early
3. **Keep Changes Focused**: Address a single issue or feature per contribution
4. **Document Changes**: Update or add documentation as needed
5. **Review Your Work**: Double-check changes before committing
### Development workflow
Maintain a productive workflow by:
- Regularly saving your work and committing small, logical changes
- Testing your changes incrementally to identify issues quickly
- Keeping your branch updated with the latest upstream changes
- Seeking feedback early if you're unsure about your approach
---
## Using conventional commits
Once you've made your changes, commit them using **Conventional Commits** format. This standard helps maintain a clean and consistent commit history that's easy to understand and automate.
### Commit message format
Structure your commit messages as follows:
`<type>(<scope>): <description>`
### Commit types and examples
**Common commit types:**
- `feat: add user authentication system`
- `fix(api): resolve null pointer exception in user service`
- `docs: update installation instructions in README`
- `test: add unit tests for user validation`
- `refactor: simplify database connection logic`
- `style: fix code formatting in auth module`
- `chore: update project dependencies`
### Committing your changes
Follow these steps to commit your work:
1. **Stage Changes**: Add your changes to the staging area:
```bash
git add .
```
2. **Commit with Message**: Create a commit with a properly formatted message:
```bash
git commit -m "feat: add new feature for user profiles"
```
### Commit best practices
- Write clear, concise commit messages
- Use the imperative mood ("add" not "added")
- Keep the first line under 50 characters
- Include additional details in the body if necessary
---
## Pushing your changes
After committing your changes locally, you need to push them to your forked repository on GitHub to make them available for review.
### Push process
Synchronize your local changes with your remote repository:
1. **Check for Updates**: Ensure your branch is current with any remote changes:
```bash
git pull origin your-branch-name
```
2. **Push Commits**: Upload your commits to your forked repository:
```bash
git push origin your-branch-name
```
3. **Set Upstream** (first push only): If this is your first push for this branch:
```bash
git push -u origin your-branch-name
```
### Troubleshooting push issues
If you encounter errors while pushing:
- Verify you have the correct permissions on your fork
- Check your remote URL configuration using `git remote -v`
- Ensure you're authenticated with GitHub properly
- Confirm your branch name matches what you're trying to push
---
## Creating a pull request
With your changes pushed to GitHub, you can now create a **Pull Request (PR)** to propose your changes to the main Palmr repository.
### Pull request setup
Create your pull request by following these steps:
1. **Navigate to Your Fork**: Go to your forked repository on GitHub
2. **Initiate PR**: Click the **Pull Request** button or **Compare & pull request** if available
3. **Configure PR Settings**: On the PR creation page, set:
- **Base repository**: `kyantech/Palmr`
- **Base branch**: `next`
- **Head repository**: Your forked repository
- **Compare branch**: Your feature branch (`your-branch-name`)
### Pull request content
Fill out the PR form with comprehensive information:
- **Clear Title**: Write a descriptive title that summarizes your changes
- **Detailed Description**: Explain what your changes do and why they're needed
- **Related Issues**: Reference any issues your PR addresses
- **Testing Information**: Describe how you tested your changes
- **Screenshots**: Include visual evidence if your changes affect the UI
### PR checklist
Before submitting, ensure your PR:
- Has a clear, descriptive title
- Includes a comprehensive description
- References related issues
- Follows the project's contribution guidelines
- Includes appropriate tests
- Updates documentation if necessary
---
## Awaiting review
Once your PR is submitted, the project maintainers will review your changes. This collaborative process ensures code quality and project consistency.
### Review process expectations
During the review process:
- **Monitor Notifications**: Keep an eye on GitHub notifications for comments or requests
- **Respond Promptly**: Address feedback in a timely and professional manner
- **Make Updates**: If changes are requested, update your branch and push new commits
- **Ask Questions**: Don't hesitate to seek clarification if feedback is unclear
- **Stay Patient**: Review times vary depending on maintainer availability and PR complexity
### Handling feedback
When receiving feedback:
- Approach it as a learning opportunity
- Ask questions if you don't understand suggestions
- Make requested changes promptly
- Thank reviewers for their time and input
- Stay engaged throughout the process
### Review timeline
Remember that:
- Maintainers are often volunteers with limited time
- Complex changes may require multiple review rounds
- The review process helps ensure high-quality contributions
- Your patience and cooperation are appreciated
---
## Contribution best practices
To maximize the chances of your contribution being accepted, follow these proven practices:
### Code quality standards
- **Use Conventional Commits**: Maintain consistent commit message formatting
- **Keep PRs Focused**: Address one issue or feature per pull request
- **Write Comprehensive Tests**: Include tests for new features and bug fixes
- **Follow Code Style**: Adhere to the project's coding standards and guidelines
- **Update Documentation**: Keep documentation synchronized with code changes
### Collaboration guidelines
- **Engage Constructively**: Participate in PR discussions with a positive attitude
- **Review Others' Work**: Help the community by reviewing other contributors' pull requests
- **Stay Updated**: Keep your fork synchronized with the main repository
- **Be Patient**: Understand that maintainers balance multiple responsibilities
- **Communicate Clearly**: Express your ideas and questions clearly and respectfully
### Continuous improvement
- **Learn from Feedback**: Use review comments as opportunities to improve your skills
- **Study the Codebase**: Understand the project structure and patterns before contributing
- **Start Small**: Begin with minor contributions to familiarize yourself with the process
- **Build Relationships**: Engage with the community to build lasting connections
---
## Why contribute to open source?
Contributing to open-source projects like Palmr offers numerous personal and professional benefits that extend far beyond the immediate code changes.
### Personal development
**Skill Building**: You'll gain hands-on experience with Git, GitHub, collaborative coding, and industry-standard development practices.
**Portfolio Enhancement**: Open-source contributions demonstrate your skills to potential employers and showcase your commitment to continuous learning.
**Problem-Solving**: Working on real-world projects helps you develop critical thinking and problem-solving abilities.
### Community impact
**Project Improvement**: Your contributions directly help make the project better for all users and contributors.
**Knowledge Sharing**: By contributing, you share your expertise and learn from others in the community.
**Ecosystem Support**: Open-source projects thrive on community contributions, and your work helps sustain the entire ecosystem.
### Professional benefits
**Networking**: Connect with developers, maintainers, and other contributors from around the world.
**Recognition**: Build your reputation in the developer community through quality contributions.
**Career Opportunities**: Many career opportunities arise from open-source involvement and community connections.
---
## Next steps
Congratulations! You now have all the knowledge needed to contribute effectively to the **Palmr** project. Your contributions, whether large or small, make a meaningful difference to the project and its community.
### Getting started
Ready to make your first contribution? Consider starting with:
- **Documentation improvements**: Fix typos, clarify instructions, or add examples
- **Bug fixes**: Address issues reported by other users
- **Feature enhancements**: Implement small improvements to existing functionality
- **Test coverage**: Add tests to improve project reliability
### Staying engaged
Continue your involvement by:
- Following the project's progress and updates
- Participating in community discussions
- Helping other new contributors get started
- Sharing your experience with the broader developer community
Thank you for your interest in contributing to Palmr. We look forward to seeing your contributions and welcoming you to our community of developers working together to make Palmr better for everyone.

View File

@@ -0,0 +1,391 @@
---
title: Memory Management
icon: Download
---
import { Callout } from "fumadocs-ui/components/callout";
import { Tab, Tabs } from "fumadocs-ui/components/tabs";
Palmr implements an intelligent memory management system that prevents crashes during large file downloads (3GB+ by default), maintaining unlimited download capacity through adaptive resource control and an automatic queue system.
## How It Works
### Automatic Resource Detection
The system automatically detects available container/system memory and configures appropriate limits based on available infrastructure:
```typescript
const totalMemoryGB = require("os").totalmem() / 1024 ** 3;
```
### System Configuration
The system supports two configuration approaches that you can choose based on your needs:
<Tabs items={["Manual Configuration", "Auto-scaling (Default)"]}>
<Tab value="Manual Configuration">
Manually configure all parameters for total control over the system:
```bash
# Custom configuration (overrides auto-scaling)
DOWNLOAD_MAX_CONCURRENT=8 # Maximum simultaneous downloads
DOWNLOAD_MEMORY_THRESHOLD_MB=1536 # Memory threshold in MB
DOWNLOAD_QUEUE_SIZE=40 # Maximum queue size
DOWNLOAD_AUTO_SCALE=false # Disable auto-scaling
```
<Callout>
Manual configuration offers total control and predictability for specific environments where you know exactly the available resources.
</Callout>
</Tab>
<Tab value="Auto-scaling (Default)">
Automatic configuration based on detected system memory:
| Available Memory | Concurrent Downloads | Memory Threshold | Queue Size | Recommended Use |
|------------------|----------------------|-------------------|------------|--------------------|
| ≤ 2GB | 1 | 256MB | 5 | Development |
| 2GB - 4GB | 2 | 512MB | 10 | Small Environment |
| 4GB - 8GB | 3 | 1GB | 15 | Standard Production|
| 8GB - 16GB | 5 | 2GB | 25 | High Performance |
| > 16GB | 10 | 4GB | 50 | Enterprise |
<Callout>
Auto-scaling automatically adapts to different environments without manual configuration, perfect for flexible deployment.
</Callout>
</Tab>
</Tabs>
<Callout type="info">If environment variables are configured, they take **priority** over auto-scaling.</Callout>
## Download Queue System
### How It Works
The memory management system only activates for files larger than the configured minimum size (3GB by default). Smaller files bypass the queue system entirely and download immediately without memory management.
When a user requests a download for a large file but all slots are occupied, the system automatically queues the download instead of returning a 429 error. The queue processes downloads in FIFO order (first in, first out).
### Practical Example
Consider a system with 8GB RAM (5 concurrent downloads, queue of 25, 3GB minimum) where users want to download files of various sizes:
```bash
# Small files (< 3GB): Bypass queue entirely
[DOWNLOAD MANAGER] File document.pdf (0.05GB) below threshold (3.0GB), bypassing queue
# Large files 1-5: Start immediately
[DOWNLOAD MANAGER] Immediate start: 1734567890-abc123def
[DOWNLOAD MANAGER] Starting video1.mp4 (5.2GB)
# Large files 6-10: Automatically queued
[DOWNLOAD MANAGER] Queued: 1734567891-def456ghi (Position: 1/25)
[DOWNLOAD MANAGER] Queued file: video2.mp4 (8.1GB)
# When download 1 finishes: download 6 starts automatically
[DOWNLOAD MANAGER] Processing queue: 1734567891-def456ghi (4 remaining)
[DOWNLOAD MANAGER] Starting queued file: video2.mp4 (8.1GB)
```
### System Benefits
**User Experience**
- Users don't receive errors, they simply wait in queue
- Downloads start automatically when slots become available
- Transparent operation without client changes
- Fair processing order with FIFO queue
**Technical Features**
- Limited buffers (64KB per stream) for controlled memory usage
- Automatic backpressure control with pipeline streams
- Adaptive memory throttling based on usage patterns
- Forced garbage collection after large downloads
- Smart timeout handling (30 minutes for queued downloads)
- Automatic cleanup of orphaned downloads every 30 seconds
## Container Compatibility
The system works with Docker, Kubernetes, and any containerized environment:
<Tabs items={["Docker", "Kubernetes", "Docker Compose"]}>
<Tab value="Docker">
```bash
# Example: Container with 8GB
docker run -m 8g palmr/server
# Result: 5 concurrent downloads, queue of 25, threshold 2GB
```
</Tab>
<Tab value="Kubernetes">
```yaml
apiVersion: apps/v1
kind: Deployment
spec:
template:
spec:
containers:
- name: palmr-server
resources:
limits:
memory: "4Gi" # Detects 4GB
cpu: "2"
requests:
memory: "2Gi"
cpu: "1"
# Result: 3 concurrent downloads, queue of 15, threshold 1GB
```
</Tab>
<Tab value="Docker Compose">
```yaml
services:
palmr-server:
image: palmr/server
deploy:
resources:
limits:
memory: 16G # Detects 16GB
# Result: 10 concurrent downloads, queue of 50, threshold 4GB
```
</Tab>
</Tabs>
## Configuration
### Environment Variables
Configure the download memory management system using these environment variables:
| Variable | Default | Description |
| ------------------------------ | ---------- | ----------------------------------------------------- |
| `DOWNLOAD_MAX_CONCURRENT` | auto-scale | Maximum number of simultaneous downloads |
| `DOWNLOAD_MEMORY_THRESHOLD_MB` | auto-scale | Memory limit in MB before throttling |
| `DOWNLOAD_QUEUE_SIZE` | auto-scale | Maximum download queue size |
| `DOWNLOAD_AUTO_SCALE` | `true` | Enable/disable auto-scaling based on system memory |
| `DOWNLOAD_MIN_FILE_SIZE_GB` | `3.0` | Minimum file size in GB to activate memory management |
### Configuration Examples by Scenario
<Tabs items={["Home Server", "Enterprise", "High Performance", "Conservative"]}>
<Tab value="Home Server">
Configuration optimized for personal use or small groups (4GB RAM):
```bash
DOWNLOAD_MAX_CONCURRENT=2
DOWNLOAD_MEMORY_THRESHOLD_MB=1024
DOWNLOAD_QUEUE_SIZE=8
DOWNLOAD_MIN_FILE_SIZE_GB=2.0
DOWNLOAD_AUTO_SCALE=false
```
</Tab>
<Tab value="Enterprise">
Configuration for corporate environments with multiple users (16GB RAM):
```bash
DOWNLOAD_MAX_CONCURRENT=12
DOWNLOAD_MEMORY_THRESHOLD_MB=4096
DOWNLOAD_QUEUE_SIZE=60
DOWNLOAD_MIN_FILE_SIZE_GB=5.0
DOWNLOAD_AUTO_SCALE=false
```
</Tab>
<Tab value="High Performance">
Configuration for maximum performance and throughput (32GB RAM):
```bash
DOWNLOAD_MAX_CONCURRENT=20
DOWNLOAD_MEMORY_THRESHOLD_MB=8192
DOWNLOAD_QUEUE_SIZE=100
DOWNLOAD_MIN_FILE_SIZE_GB=10.0
DOWNLOAD_AUTO_SCALE=false
```
</Tab>
<Tab value="Conservative">
For environments with limited or shared resources:
```bash
DOWNLOAD_MAX_CONCURRENT=3
DOWNLOAD_MEMORY_THRESHOLD_MB=1024
DOWNLOAD_QUEUE_SIZE=15
DOWNLOAD_MIN_FILE_SIZE_GB=1.0
DOWNLOAD_AUTO_SCALE=false
```
</Tab>
</Tabs>
### Additional Configuration
For optimal performance with large downloads, consider these additional settings:
```bash
# Force garbage collection (recommended for large downloads)
NODE_OPTIONS="--expose-gc"
# Adjust timeout for very large downloads
KEEP_ALIVE_TIMEOUT=300000
REQUEST_TIMEOUT=0
```
## Monitoring and Logs
### System Logs
The system provides detailed logs to track operation:
```bash
[DOWNLOAD MANAGER] System Memory: 8.0GB, Max Concurrent: 5, Memory Threshold: 2048MB, Queue Size: 25
[DOWNLOAD] Requesting slot for 1734567890-abc123def: video.mp4 (15.2GB)
[DOWNLOAD MANAGER] Queued: 1734567890-abc123def (Position: 3/25)
[DOWNLOAD MANAGER] Processing queue: 1734567890-abc123def (2 remaining)
[DOWNLOAD] Starting 1734567890-abc123def: video.mp4 (15.2GB)
[MEMORY THROTTLE] video.mp4 - Pausing stream due to high memory usage: 1843MB
[DOWNLOAD] Applying throttling: 100ms delay for 1734567890-abc123def
```
### Configuration Validation
The system automatically validates configurations at startup and provides warnings or errors:
**Warnings**
- `DOWNLOAD_MAX_CONCURRENT > 50`: May cause performance issues
- `DOWNLOAD_MEMORY_THRESHOLD_MB < 128MB`: Downloads may be throttled frequently
- `DOWNLOAD_MEMORY_THRESHOLD_MB > 16GB`: System may run out of memory
- `DOWNLOAD_QUEUE_SIZE > 1000`: May consume significant memory
- `DOWNLOAD_QUEUE_SIZE < DOWNLOAD_MAX_CONCURRENT`: Queue smaller than concurrent downloads
**Errors**
- `DOWNLOAD_MAX_CONCURRENT < 1`: Invalid value
- `DOWNLOAD_QUEUE_SIZE < 1`: Invalid value
## Queue Management APIs
The system provides REST APIs to monitor and manage the download queue:
### Get Queue Status
```http
GET /api/filesystem/download-queue/status
```
**Response:**
```json
{
"data": {
"queueLength": 3,
"maxQueueSize": 25,
"activeDownloads": 5,
"maxConcurrent": 5,
"queuedDownloads": [
{
"downloadId": "1734567890-abc123def",
"position": 1,
"waitTime": 45000,
"fileName": "video.mp4",
"fileSize": 16106127360
}
]
},
"status": "success"
}
```
### Cancel Download
```http
DELETE /api/filesystem/download-queue/{downloadId}
```
**Response:**
```json
{
"downloadId": "1734567890-abc123def",
"message": "Download cancelled successfully"
}
```
### Clear Queue (Admin)
```http
DELETE /api/filesystem/download-queue
```
**Response:**
```json
{
"clearedCount": 8,
"message": "Download queue cleared successfully"
}
```
## Troubleshooting
### Common Issues
**Downloads failing with "Download queue is full"**
_Cause:_ Too many simultaneous downloads with a full queue
_Solutions:_
- Wait for some downloads to finish
- Check for orphaned downloads in queue
- Consider increasing container resources
- Use API to clear queue if necessary
**Downloads stay too long in queue**
_Cause:_ Active downloads are slow or stuck
_Solutions:_
- Check logs for orphaned downloads
- Use API to cancel specific downloads
- Check client network connections
- Monitor memory throttling
**Very slow downloads**
_Cause:_ Active throttling due to high memory usage
_Solutions:_
- Check other processes consuming memory
- Consider increasing container resources
- Monitor throttling logs
- Check number of simultaneous downloads
## Summary
This system enables unlimited downloads (including 50TB+ files) without compromising system stability through:
**Key Features**
- Auto-configuration based on available resources
- Automatic FIFO queue system for pending downloads
- Adaptive control of simultaneous downloads
- Intelligent throttling when needed
**System Benefits**
- Management APIs to monitor and control queue
- Automatic cleanup of resources and orphaned downloads
- Full compatibility with Docker/Kubernetes
- Perfect user experience with no 429 errors
The system maintains high performance for small/medium files while preventing crashes with gigantic files, offering a seamless experience where users never see 429 errors, they simply wait in queue until their download starts automatically.

View File

@@ -0,0 +1,179 @@
---
title: GitHub Sponsors
icon: Heart
---
## Introduction
Sponsoring a project on GitHub is a powerful way to support its development and ensure its long-term sustainability. This guide walks you through the process of sponsoring the **Palmr** project using GitHub Sponsors.
By becoming a sponsor, you directly contribute to the project's growth and help maintain its quality. Your sponsorship enables:
- Continuous development and timely bug fixes
- Implementation of new features and improvements
- Coverage of hosting and infrastructure costs
- Recognition of the developers' dedication and hard work
- Building a community of supporters who value open source development
---
## GitHub account requirements
Before you can sponsor a project, you'll need to be logged into your GitHub account. If you don't have an account yet, creating one is free and provides additional benefits beyond sponsorship.
### Account benefits
Having a GitHub account allows you to:
- Follow project updates and releases
- Report issues and suggest improvements
- Contribute to project discussions
- Access sponsor-exclusive content when available
- Participate in the broader GitHub community
If you need to create an account, visit [GitHub's signup page](https://github.com/signup) and follow the registration process.
---
## Accessing the repository
Once you're logged into your GitHub account, navigate to the Palmr repository to begin the sponsorship process.
### Direct access
Visit the Palmr repository directly: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr)
### Alternative methods
You can also find the repository by:
- Searching for "Palmr" in the GitHub search bar
- Looking for the repository owned by **Kyantech**
- Accessing it through Kyantech's profile page
### Additional repository actions
While you're on the repository page, consider:
- **Starring** the repository to show your support
- **Watching** it to receive notifications about updates
- **Forking** it if you're interested in contributing code
---
## Initiating sponsorship
The sponsorship process begins with locating and clicking the sponsor button on the repository page.
### Finding the sponsor button
On the Palmr repository page, you'll find a **Sponsor** button prominently displayed in the top section of the page. This button is typically highlighted in a distinct color to ensure visibility.
![Palmr Sponsor Button](/assets/v1/sponsor/sponsor-btn.png)
### Quick access
**Pro Tip**: If you've previously sponsored projects, you can access your sponsorship dashboard directly through your GitHub profile under the "Sponsoring" section.
---
## Selecting your sponsorship level
GitHub Sponsors offers flexible sponsorship options to accommodate different budgets and preferences.
### Custom sponsorship options
GitHub Sponsors allows you to sponsor the project with a **custom amount starting at $1**:
1. **Enter Custom Amount**: Look for the option to enter a custom sponsorship amount
2. **Choose Your Amount**: Select any amount you're comfortable with (e.g., $1, $5, $10, or higher)
3. **Select Billing Frequency**: Choose between **monthly** recurring sponsorship or **one-time** payment
4. **Consider Annual Options**: Some projects offer simplified annual sponsorship plans
5. **Review Tier Benefits**: Check for any special benefits available at different sponsorship levels
![Sponsor Page Example](/assets/v1/sponsor/sponsor-page.png)
### Sponsorship recommendations
- **Monthly Sponsorship**: Provides consistent support for ongoing development
- **One-time Sponsorship**: Perfect for showing appreciation for specific features or releases
- **Higher Tiers**: May include additional benefits like early access or direct communication
---
## Completing your sponsorship
After selecting your sponsorship amount and billing preferences, you'll proceed to the payment process.
### Payment process
1. **Review Your Selection**: Confirm your sponsorship amount and billing frequency
2. **Enter Payment Details**: Provide your payment information as prompted
3. **Complete Transaction**: Follow GitHub's secure payment process
4. **Confirmation**: Receive confirmation of your successful sponsorship
Once the process is complete, you'll officially become a **Palmr sponsor** and join our community of supporters.
---
## The impact of your sponsorship
Understanding why sponsorship matters helps illustrate the value of your contribution to the open source ecosystem.
### Project sustainability
**Long-term Maintenance**: Your sponsorship helps ensure the project remains actively maintained and supported over time.
**Innovation Support**: Financial backing gives developers the freedom to experiment with new ideas and implement innovative features.
**Meaningful Recognition**: Sponsoring represents a tangible way to express appreciation for the developers' dedication and hard work.
**Community Recognition**: Many projects publicly acknowledge their sponsors, potentially featuring you in project documentation or websites.
**Open Source Growth**: Your support contributes to the broader open source ecosystem, helping valuable projects thrive and grow.
---
## Post-sponsorship experience
After becoming a sponsor, you'll gain access to additional benefits and recognition within the Palmr community.
### What to expect
Once your sponsorship is confirmed:
1. **Email Confirmation**: You'll receive a confirmation email from GitHub detailing your sponsorship
2. **Sponsor Recognition**: Your name will be added to our sponsors list and acknowledgments
3. **Exclusive Content**: Access to sponsor-only updates, insights, and project information
4. **Community Access**: Invitation to join our private Discord channel for sponsors
5. **Early Access**: Priority access to new features and beta releases when available
### Ongoing benefits
As a sponsor, you become part of an exclusive community that:
- Receives regular updates on project development
- Has opportunities to provide input on project direction
- Gets recognition for supporting open source development
- Enjoys priority support when available
---
## Next steps
Congratulations! You've successfully sponsored the **Palmr** project on GitHub. Your support plays a crucial role in ensuring this open source project continues to evolve and serve the community effectively.
### Welcome to the community
Your sponsorship means more than financial support—it represents a vote of confidence in the project's vision and future. We appreciate your contribution and welcome you to our growing community of supporters.
### Staying connected
Consider following the project's progress through:
- Regular updates in sponsor communications
- Participation in community discussions
- Engagement with new features and releases
- Sharing your experience with others who might benefit from Palmr
Thank you for supporting open source development and helping make Palmr better for everyone.

View File

@@ -0,0 +1,144 @@
---
title: Star on GitHub
icon: Star
---
## Introduction
Starring a project on GitHub is a simple yet powerful way to show appreciation for a repository and bookmark it for future reference. This guide walks you through starring the **Palmr** project on GitHub.
When you star our repository, you help increase its visibility and support the ongoing development of the project. It's a quick action that makes a meaningful difference to the project's growth.
---
## GitHub account setup
Before you can star a project, you'll need to be logged into your GitHub account. If you don't have an account yet, creating one is free and straightforward.
### Creating a New Account
1. Visit [GitHub's signup page](https://github.com/signup)
2. Enter your email address
3. Create a strong password
4. Choose a unique username
5. Complete the verification process
6. Select your preferences and finish the setup
**Important**: Make sure to verify your email address after creating your account to access all GitHub features.
---
## Accessing the repository
There are several ways to find and access the Palmr repository on GitHub:
### Direct Access
The quickest method is to visit the repository directly: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr)
### Using GitHub Search
1. Navigate to GitHub's main page
2. Click the search bar at the top of the page
3. Type "Palmr" in the search field
4. Look for the repository owned by **Kyantech**
5. Click on the repository name to access it
### Through the Organization Profile
1. Visit Kyantech's GitHub profile
2. Navigate to the "Repositories" tab
3. Find and click on "Palmr"
---
## Locating the star button
Once you're on the Palmr repository page, you'll find the star functionality in the repository's action bar.
### Finding the Button
1. Look at the top section of the repository page
2. Find the row of action buttons (Watch, Fork, Star)
3. The Star button is prominently displayed with a star icon
4. You'll see the current star count displayed next to the button
![Palmr Profile Menu](/assets/v1/sponsor/star-btn.png)
---
## Starring the repository
Clicking the star button is straightforward, and you'll receive immediate visual confirmation of your action.
### What happens when you star
After clicking the "Star" button, you'll notice several changes:
1. The button text changes from "Star" to "Unstar"
2. The star count increases by one
3. The button becomes highlighted to indicate it's active
4. The repository is automatically added to your starred repositories list
### Accessing your starred repositories
You can view all your starred repositories anytime by:
- Clicking your profile picture in the top-right corner
- Selecting "Your stars" from the dropdown menu
- Or visiting directly: `https://github.com/[your-username]?tab=stars`
**Note**: To remove your star later, simply click the "Unstar" button at any time.
![Palmr Profile Menu](/assets/v1/sponsor/starred-button.png)
---
## Why your star matters
Starring a repository goes beyond simple bookmarking—it's a meaningful way to support the project and its development team.
### Impact on the Project
**Shows Appreciation**: Starring demonstrates your appreciation for the hard work and effort invested in maintaining and developing the project.
**Increases Visibility**: Repositories with more stars gain higher visibility on GitHub, appearing more prominently in search results and recommendations.
**Motivates Developers**: Seeing stars encourages the development team to continue improving and expanding the project.
**Improves Discoverability**: GitHub's algorithm prioritizes repositories with higher star counts in trending sections and discovery features.
**Personal Benefits**: Starred repositories are saved to your personal list for easy access whenever you need them.
**Supports Open Source**: Your participation helps sustain the open-source ecosystem and the continued development of Palmr.
---
## The bigger picture
While starring takes only a moment, its impact on project growth and development is significant. Here's what your star represents:
- **Project Momentum**: Each star contributes to building momentum and community interest
- **Community Growth**: Stars encourage more developers to discover and participate in the project
- **Valuable Feedback**: Star counts provide insight into the project's value and community reception
- **Development Goals**: Higher star counts help the team set ambitious goals and secure resources
- **Sustainable Development**: Community support through stars helps maintain long-term project sustainability
Your star represents more than a number—it's a vote of confidence in our vision and directly influences Palmr's future development.
---
## Next steps
Congratulations! You've successfully starred the **Palmr** project on GitHub. Thank you for joining our community and supporting the project's growth.
### Additional Ways to Contribute
Consider exploring other ways to engage with the Palmr community:
- **Share the Project**: Tell others about Palmr and help expand our community
- **Report Issues**: Help improve the project by reporting bugs or suggesting enhancements
- **Contribute Code**: Submit pull requests to directly contribute to development
- **Join Discussions**: Participate in community discussions and provide feedback
Every form of engagement helps make Palmr better for everyone in the community.

View File

@@ -0,0 +1,144 @@
---
title: GitHub Architecture
icon: Github
---
import { File, Files, Folder } from "fumadocs-ui/components/files";
This guide provides a comprehensive overview of Palmr.'s GitHub repository structure, explaining how the different components are organized in the codebase. Understanding this architecture will help you navigate the repository, contribute effectively, and understand how the project is structured.
> **Overview:** Palmr. uses a monorepo architecture with clear separation between frontend, backend, and documentation components.
## Project structure
<Files>
<Folder name="apps" defaultOpen>
<Folder name="docs">
<File name="all documentation files" />
</Folder>
<Folder name="server">
<File name="all backend files" />
</Folder>
<Folder name="web">
<File name="all frontend files" />
</Folder>
</Folder>
<File name="other project files" />
</Files>
## Core components
### Frontend application (apps/web)
**Technology stack:**
- Next.js 15 (App Router)
- React 18
- TypeScript
- TailwindCSS
- shadcn/ui components
- next-intl for internationalization
Palmr.'s frontend is built with **Next.js 15**, using the App Router and Server Components for performance, scalability, and flexibility. The structure is modular and feature-based, keeping things easy to evolve as the product grows. UI logic runs on **React 18**, and **TypeScript** adds type safety that prevents a lot of silent bugs. Styles are handled with **TailwindCSS**, letting us build clean, responsive interfaces quickly. For components, we rely on **shadcn/ui**, a headless component library built with Radix UI and Tailwind, it's fast, accessible, and fully customizable.
Internationalization is handled by **next-intl**, which integrates perfectly with Next.js routing. It supports locale-aware routes, per-page translation loading, and plural rules, all without any extra client-side bloat. It's flexible, lightweight, and great for apps with multilingual audiences.
The frontend is organized with:
- A **components-based architecture** for modular UI
- **Custom hooks** to isolate logic and side effects
- A **route protection system** using session cookies and middleware
- A **file management interface** integrated with the backend
- **Folder support** for organizing files hierarchically
- A **reusable modal system** used for file actions, confirmations, and more
- **Dynamic, locale-aware routing** using next-intl
### Backend service (apps/server)
**Technology stack:**
- Fastify
- SQLite
- Filesystem storage (with S3-compatible object storage support)
- Prisma ORM
The backend is built on **Fastify**, a blazing-fast web framework for Node.js. It's lightweight, modular, and optimized for high performance. Every route is validated using JSON schema, which helps keep the API consistent and secure. Auth flows are built using JWTs stored in HTTP-only cookies, and everything from file uploads to token-based sharing goes through this layer.
Data is stored in **SQLite**, which handles user info, file metadata, session tokens, and more. For file storage, the system uses **filesystem storage** by default, keeping files organized in the local file system. The architecture also supports **S3-compatible object storage** as an alternative storage option for scalability. We use **Prisma** as our ORM to simplify database access, it gives us type-safe queries and easy-to-read code.
Key features include:
- **Authentication/authorization** with JWT + cookie sessions
- **File management logic** including uploads, deletes, renames, and folders
- **Storage operations** to handle file organization, usage tracking, and cleanup
- A **share system** that generates tokenized public file links
- Schema-based request validation for all endpoints
- Prisma models that keep the database logic predictable and type-safe
### Documentation (apps/docs)
**Technology stack:**
- Fumadocs
- MDX (Markdown + JSX)
- React-based components
The docs are built using **Fumadocs**, a modern documentation system built on top of Next.js. It uses **MDX**, so you can mix Markdown with interactive React components, perfect for developer tools and open-source projects. Pages are fast, versionable, and easy to customize. The goal is to keep the documentation as close to the codebase as possible, using shared components where needed and reusing UI patterns directly from the app.
It supports sidebar navigation, keyboard shortcuts, dark mode, and even interactive demos or UI previews. The file tree you see above, for example, is powered by a real React component from the docs.
- Built with **Fumadocs**, powered by Next.js
- Supports **MDX** and full React component embedding
- Ideal for technical docs and live code samples
- Styled using the same Tailwind setup from the main app
### Infrastructure
Palmr. is fully containerized using **Docker**, which means every service: frontend, backend, database, storage, runs in its own isolated environment. With `docker-compose`, the whole stack spins up locally with a single command. It's also easy to deploy to services like Fly.io, Render, or your own VPS.
Volumes are used to persist data locally, and containers are networked together so that all services can talk to each other securely.
- **Docker-first architecture** with all services containerized
- Configurable through `.env` and compose overrides
- Local volumes and named networks
- Easy to deploy and scale on any container-compatible infra
## Key features
### File management
Files are at the heart of Palmr. Users can upload files via the frontend, and they're stored directly in the filesystem. Users can also create folders to organize files. The backend handles metadata (name, size, type, ownership), and also handles deletion, renaming, and public sharing. Every file operation is tracked, and all actions can be scoped per user.
- Upload/download with instant feedback
- Create and organize files in folders
- File previews, type validation, and size limits
- Token-based sharing system
- Disk usage tracking by user
### User system
Authentication is done through secure JWTs, stored in HTTP-only cookies for safety. Signup and login flows are simple and fast, and user info is kept in sync across the frontend and backend.
- Cookie-based session management
- Role support and future admin access
- Profile updates and password reset flows
- Logged-in user state handled via custom hooks
### Storage system
The system uses **filesystem storage** for all file operations by default. It's simple, fast, and reliable for most use cases. The architecture also supports **S3-compatible object storage** as an alternative for users who need cloud storage or additional scalability. The backend tracks usage, handles cleanup of orphaned files, and ensures that every file on disk has a matching database record.
- Filesystem-based storage with organized directory structure
- Optional S3-compatible object storage support
- Upload validation and automatic cleanup
- Usage tracking and quotas (per user or global)
- Secure access to stored files with proper permissions
### Internationalization
Palmr. supports multiple languages using **next-intl**, which is deeply integrated into the routing system. It loads only the necessary translations per route, supports nested namespaces, and makes it easy to keep things organized even at scale.
- Per-locale localstorage (`en-US`, `pt-BR`, etc.)
- Translation loading by namespace/page
- Full pluralization and formatting support
- Easy translation management via JSON files

View File

@@ -0,0 +1,50 @@
---
title: Welcome to Palmr.
icon: TreePalm
---
import { Ban, Palette, Shield, Star, Users, Zap } from "lucide-react";
![Palmr Banner](/assets/v2.1/general/banner.png)
**Palmr.** is your go-to **open-source alternative** for file sharing, standing tall against services like **WeTransfer**, **SendGB**, **Send Anywhere**, and **Files.fm**. What sets Palmr. apart? You get to **host it on your own infrastructure** be it a **dedicated server** or **VPS** putting you in the drivers seat for data security and file control. No more third-party dependencies or worrying about pesky limits and steep fees!
## Why Palmr. Rocks?
### No limits, seriously
Forget about arbitrary caps on file sizes or numbers. With Palmr., the only limit is your **servers storage space**. Got the capacity? Then transfer files of any size or quantity without a hitch. No premium plans to unlock, no annoying ads to dodge, and definitely no hidden fees sneaking up on you. Your file sharing freedom is tied to your infrastructure, not artificial restrictions.
### Open source & totally free
Palmr. is 100% **open source** and free no licenses, subscriptions, or surprise costs. This transparency means youve got full control over how you use it. Heres what that looks like:
- Deploy anywhere **VPS**, **dedicated server**, **Docker**, or any cloud platform you fancy.
- Peek under the hood by reviewing the **codebase** to ensure its secure and meets your standards.
- Pitch in with **improvements** or custom features to make Palmr. even better.
- Tweak it for any use case, from personal sharing to business needs or niche applications.
### Your data, your rules
Host Palmr. on your own setup and keep **full control over your data**. By managing storage and transfers yourself, you cut out third-party risks. Your files stay in your environment no external services touching or storing them ensuring top-notch **privacy** and **confidentiality**. Set up security measures that fit your needs, and rest easy knowing no one else is in the loop. Palmr. hands you the reins for ultimate peace of mind, perfect for organizations needing strict data control or regulatory compliance.
### Make it yours
Palmr. is a canvas for customization, letting you shape every detail to match your **brand** and **user experience**:
- Slap on your **logo** for consistent branding across the platform.
- Pick a **custom app name** that screams your identity.
- Hook up an **SMTP server** for seamless email notifications about transfers or updates.
- Rewrite **interface text** to vibe with your audience and keep your brands voice.
### Manage users like a pro
Take charge of your file-sharing world with Palmr.s robust **user and admin management** system:
- Set up multiple **admins** to share the load and keep things running smoothly.
- Add as many **users** as you need, from small crews to huge teams.
- Keep tabs on **storage usage** with handy analytics for smarter resource planning.
### Lightning fast & feather light
Palmr. is built for speed with a sleek, scalable design that handles big file transfers and busy user loads without breaking a sweat. It keeps transfer speeds high and adapts to growing demands effortlessly. Thanks to smart resource use and polished code, you get a snappy experience that scales with your needs while staying rock-solid and stable.

View File

@@ -0,0 +1,282 @@
---
title: Manual Installation
icon: Cog
---
Hey there! Looking to run **Palmr.** your way, with complete control over every piece of the stack? This manual installation guide is for you. No Docker, no pre-built containers just the raw source code to tweak, customize, and deploy as you see fit.
> **Prefer a quicker setup?** If this hands-on approach feels like overkill, check out our [**Quick Start (Docker)**](/docs/3.2-beta/quick-start) guide for a fast, containerized deployment. This manual path is tailored for developers who want to dive deep, modify the codebase, or integrate custom services.
Here's what you'll do at a glance:
1. **Clone** the repository to get the code.
2. **Configure** `.env` files for backend and frontend.
3. **Install** JavaScript dependencies using `pnpm`.
4. **Generate** the Prisma client and run database migrations.
5. **Seed** the database with initial Palmr. data.
6. **Build & start** the backend (Fastify API).
7. **Build & serve** the frontend (Next.js app).
We've broken down each step below feel free to jump to the section you're working on!
## Before you start
Let's make sure your environment is ready to roll. Check that you've got these tools installed and set up on your system:
- <span style={{ color: "#16a34a" }}>Node.js</span> *(Powers our JavaScript/TypeScript apps)*
- <span style={{ color: "#16a34a" }}>pnpm</span> *(Our go-to package manager)*
- <span style={{ color: "#16a34a" }}>Git</span> *(For cloning and managing the repo)*
⚠️ **Heads Up on Package Managers**: Palmr. was built and tested with `pnpm`. While you _could_ try `npm`, `yarn`, or `bun`, we strongly recommend sticking with `pnpm` to avoid compatibility headaches.
---
### System requirements
- **Operating System**: MacOS or Linux (recommended for best results)
- Windows works but hasn't been thoroughly tested.
- **Memory**: At least 4GB RAM is suggested.
- **Storage**: Depends on how much file storage you'll need.
- **CPU**: 2+ cores for smooth performance.
---
## Let's Get Palmr. Running
### Step 1: Clone the repository
First things first, grab a local copy of the Palmr. codebase. Run this command to clone the official repo:
```bash
git clone https://github.com/kyantech/Palmr.git
```
Once it's done, you'll have a new directory with the project structure. Inside, the `apps` folder holds the key pieces: `docs`, `server`, and `web`. For this guide, we're focusing on `server` (our Fastify backend) and `web` (our Next.js frontend).
---
### Step 2: Set up the backend
Let's get the backend up and running. Start by navigating to the server directory:
```bash
cd ./apps/server
```
#### Configure environment variables
Before anything else, we need to set up the environment variables Palmr. relies on. We've included a handy template file called `.env.example` to get you started. Create your own `.env` file with this command:
```bash
cp .env.example .env
```
This copies the template into a new `.env` file with all the necessary settings. Open it up if you need to tweak anything specific to your setup.
#### Install dependencies
Next, let's install the backend dependencies. With Node.js and `pnpm` ready, run:
```bash
pnpm install
```
This pulls in everything needed for the backend, including Prisma, our database ORM.
#### Generate Prisma client
Now, generate the Prisma client tailored for Palmr. with:
```bash
pnpm dlx prisma generate
```
This sets up the interface for smooth database interactions.
#### Deploy Prisma migrations
With the client ready, apply the database schema using:
```bash
pnpm dlx prisma migrate deploy
```
This ensures your database structure is set up with all the required migrations.
#### Seed the database
Let's populate the database with some initial data. Run the seeding script:
```bash
pnpm db:seed
```
This adds the baseline data Palmr. needs to function properly.
#### Build and run the backend
Finally, build the backend app:
```bash
pnpm run build
```
Once the build is complete, start the service:
```bash
pnpm start
```
To confirm everything's working, check out the API documentation at:
```bash
http://localhost:3333/docs
```
This page lists all available API endpoints and how to use them.
---
### Step 3: Set up the frontend
With the backend humming, let's tackle the frontend setup.
#### Navigate to the Frontend Directory
If you're in the `server` folder, move to `web` with:
```bash
cd ../web
```
Or, from the repo root, use:
```bash
cd apps/web
```
#### Configure environment variables
Just like the backend, set up the frontend environment variables:
```bash
cp .env.example .env
```
This creates a `.env` file with the necessary configurations for the frontend.
##### Upload Configuration
Palmr. supports configurable chunked uploading for large files. You can customize the chunk size by setting the following environment variable in your `.env` file:
```bash
NEXT_PUBLIC_UPLOAD_CHUNK_SIZE_MB=100
```
**How it works:**
- If `NEXT_PUBLIC_UPLOAD_CHUNK_SIZE_MB` is set, Palmr. will use this value (in megabytes) as the chunk size for all file uploads that exceed this threshold.
- If not set or left empty, Palmr. automatically calculates optimal chunk sizes based on file size:
- Files ≤ 100MB: uploaded without chunking
- Files > 100MB and ≤ 1GB: 75MB chunks
- Files > 1GB: 150MB chunks
**When to configure:**
- **Default (not set):** Recommended for most use cases. Palmr. will intelligently determine the best chunk size.
- **Custom value:** Set this if you have specific network conditions or want to optimize for your infrastructure (e.g., slower connections may benefit from smaller chunks like 50MB, while fast networks can handle larger chunks like 200MB, or the upload size per payload may be limited by a proxy like Cloudflare)
#### Install dependencies
Install all the frontend dependencies:
```bash
pnpm install
```
#### Build and run the frontend
Build the production version of the frontend:
```bash
pnpm run build
```
Once that's done, serve it up:
```bash
pnpm serve
```
Now, open your browser and head to:
```bash
http://localhost:3000
```
You should see the full Palmr. application ready to go!
---
## Quick notes
This guide sets up Palmr. using the local file system for storage. Want to use an S3-compatible object storage instead? You can configure that in the `.env` file. Check the Palmr. documentation for details on setting up S3 storage just update the environment variables, then build and run as shown here.
### Custom Installation Paths and Symlinks
If you're using a custom installation setup with symlinks (for example, `/opt/palmr_data/uploads -> /mnt/data/uploads`), you might encounter issues with disk space detection. Palmr. includes a `CUSTOM_PATH` environment variable to handle these scenarios:
```bash
# In your .env file (apps/server/.env)
CUSTOM_PATH=/opt/palmr_data
```
This tells Palmr. to check your custom path first when determining available disk space, ensuring proper detection even when using symlinks or non-standard directory structures.
---
## Command cheat sheet
Here's a quick reference for all the commands we've covered perfect for copy-pasting once you're familiar with the steps:
```bash
# --- Backend (Fastify API) ---
cd apps/server
pnpm install
pnpm dlx prisma generate
pnpm dlx prisma migrate deploy
pnpm db:seed
pnpm run build
pnpm start
# --- Frontend (Next.js) ---
cd apps/web
pnpm install
pnpm run build
pnpm serve
```
> **Tip**: Keep this handy in your clipboard for your first setup run.
---
## What's next?
Palmr. is now up and running locally . Here are some suggested next steps:
- **Manage Users**: Dive into the [Users Management](/docs/3.2-beta/manage-users) guide.
- **Switch to Object Storage**: Update `.env` variables to use an S3-compatible bucket (see Quick Notes above).
- **Secure Your Instance**: Put Palmr. behind a reverse proxy like **Nginx** or **Caddy** and enable HTTPS.
- **Learn the Internals**: Explore how everything connects in the [Architecture](/docs/3.2-beta/architecture) overview.
Jump into whichever area fits your needs our docs are designed for exploration in any order.
## Wrapping up
Congrats! You've successfully set up a production-ready instance of Palmr. through this detailed manual process. From cloning the repo to deploying the app, you've tackled every step like a pro.
## Helpful resources
- [Node.js Documentation](https://nodejs.org/en/docs/)
- [pnpm Documentation](https://pnpm.io/)
- [Prisma Documentation](https://www.prisma.io/docs/)

View File

@@ -0,0 +1,35 @@
{
"description": "Latest version",
"icon": "Sparkles",
"pages": [
"---Introduction---",
"index",
"quick-start",
"installation",
"manual-installation",
"screenshots",
"s3-providers",
"---Configuration---",
"configuring-smtp",
"available-languages",
"uid-gid-configuration",
"reverse-proxy-configuration",
"download-memory-management",
"password-reset-without-smtp",
"cleanup-orphan-files",
"oidc-authentication",
"troubleshooting",
"---Developers---",
"architecture",
"github-architecture",
"api",
"translation-management",
"contribute",
"open-an-issue",
"---Sponsor this project---",
"gh-star",
"gh-sponsor"
],
"root": true,
"title": "v3.2-beta"
}

View File

@@ -0,0 +1,370 @@
---
title: Auth0
icon: Lock
---
import { ZoomableImage } from "@/components/ui/zoomable-image";
Auth0 is one of Palmr's officially supported OIDC providers, offering enterprise-grade authentication through Auth0's identity platform. This integration allows users to sign in to Palmr using Auth0's comprehensive authentication system, making it perfect for enterprise organizations, applications requiring advanced security features, and teams that need centralized identity management.
<ZoomableImage src="/assets/v3/oidc/auth0/sign-in-with-auth0.png" alt="Sign in with Auth0" />
## Why use Auth0 authentication?
Auth0 authentication provides several advantages for enterprise and security-focused organizations:
- **Enterprise-grade security** - Advanced security features like MFA, adaptive authentication, and threat detection
- **Centralized identity management** - Single platform to manage users across multiple applications
- **Flexible authentication options** - Support for social logins, enterprise SSO, and custom databases
- **Compliance ready** - Built-in compliance with SOC 2, GDPR, HIPAA, and other standards
- **Advanced customization** - Rules, hooks, and custom branding capabilities
---
## Prerequisites
Before configuring Auth0 authentication, ensure you have:
- **Auth0 account** - Ability to create applications and manage tenants
- **Admin privileges in Palmr** - Required to configure OIDC settings
- **Domain configuration** - For production deployments with custom domains
> **Note:** Auth0 is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
---
## Setting up Auth0 Application
### Creating an Auth0 application
To get started with Auth0 authentication, you'll need to create an application in your Auth0 Dashboard.
1. **Navigate to Auth0 Dashboard**: Go to [manage.auth0.com](https://manage.auth0.com)
<ZoomableImage src="/assets/v3/oidc/auth0/auth0-dashboard.png" alt="Auth0 Dashboard" />
2. **Create new application**: Click **"Applications"** in the left sidebar, then click **"+ Create Application"**
<ZoomableImage src="/assets/v3/oidc/auth0/create-application.png" alt="Auth0 Create Application" />
3. **Select application type**: Choose **"Single Page Application"** for web-based Palmr instances
<ZoomableImage
src="/assets/v3/oidc/auth0/application-type.png"
alt="Auth0 Application Type Selection"
legend="This is a fake application, you have to use your own."
/>
4. **Enter application details**:
- **Name**: Enter a descriptive name like "Palmr File Sharing"
5. **Create application**: Click **"Create"** to generate your Auth0 application
### Configuring application settings
After creating your application, you'll need to configure the settings that Palmr will use. Navigate to the application page and click on the **"Settings"** tab.
<ZoomableImage
src="/assets/v3/oidc/auth0/application-settings.png"
alt="Auth0 Application Settings"
legend="This is a fake application, you have to use your own."
/>
1. **Configure application URLs**:
You'll need to configure several URLs in your Auth0 application settings. Here's what to add for each environment:
### Application Login URIs
| Environment | URL |
| ----------- | ----------------------------------- |
| Production | `https://yourdomain.com/login` |
| Development | Don't add anything here |
| Custom Port | `https://yourdomain.com:5487/login` |
### Allowed Logout URLs
| Environment | URL |
| ----------- | ----------------------------- |
| Production | `https://yourdomain.com` |
| Development | `http://localhost:3000` |
| Custom Port | `https://yourdomain.com:5487` |
### Allowed Web Origins
| Environment | URL |
| ----------- | ----------------------------- |
| Production | `https://yourdomain.com` |
| Development | `http://localhost:3000` |
| Custom Port | `https://yourdomain.com:5487` |
### Allowed Callback URLs
| Environment | URL |
| ----------- | --------------------------------------------------------------- |
| Production | `https://yourdomain.com/api/auth/providers/auth0/callback` |
| Development | `http://localhost:3000/api/auth/providers/auth0/callback` |
| Custom Port | `https://yourdomain.com:5487/api/auth/providers/auth0/callback` |
> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
<ZoomableImage
src="/assets/v3/oidc/auth0/config-urls.png"
alt="Auth0 Application URLs Configuration"
legend="This is a fake application, you have to use your own."
/>
2. **Save changes**: Click **"Save"** to apply your configuration
### Getting OAuth credentials
Now you'll get the credentials that Palmr will use to authenticate with Auth0.
1. **Copy Domain**: Note your Auth0 domain (e.g., `your-tenant.auth0.com`) add `https://` at the beginning
2. **Copy Client ID**: The Client ID is displayed in the **"Client ID"** field
3. **Generate Client Secret**: Click **"Show"** next to Client Secret to reveal it
<ZoomableImage
src="/assets/v3/oidc/auth0/oauth-credentials.png"
alt="Auth0 OAuth Credentials"
legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from Auth0."
/>
4. **Save credentials**: Copy the **Domain**, **Client ID**, and **Client Secret** for later use
> **Important:** Replace `yourdomain.com` with your actual domain. You can add multiple callback URLs for different environments (development, staging, production).
---
## Configuring Palmr
### Accessing OIDC settings
To configure Auth0 authentication in Palmr, you need administrator access to the settings panel.
1. **Login as administrator**: Sign in to Palmr with an admin account
2. **Access settings**: Click your profile picture in the header and select **Settings**
3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
### Enabling Auth0 provider
Auth0 comes pre-configured as an official provider, so the setup process is streamlined.
1. **Locate Auth0 provider**: Find Auth0 in the list of available providers
2. **Enable the provider**: Toggle the status to **Enabled**
<ZoomableImage src="/assets/v3/oidc/auth0/enabled-auth0.png" alt="Palmr Auth0 Provider Enabled" />
After enabling the provider, click on the pen icon to configure the provider.
3. **Configure credentials**:
- **Provider URL**: Paste your Auth0 domain (e.g., `https://your-tenant.auth0.com`) remember to add the `https://` at the beginning
- **Client ID**: Paste the Client ID from Auth0 application
- **Client Secret**: Paste the Client Secret from Auth0 application
- **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`.
<ZoomableImage
src="/assets/v3/oidc/auth0/edit-auth0.png"
alt="Edit Auth0 Provider"
legend="This is a fake application, you have to use your own."
/>
### Advanced configuration options
Configure additional settings to customize the authentication behavior:
**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
**Sort Order**: Control where the Auth0 login button appears relative to other authentication providers.
**Icon**: you can choose the icon you want to use for the Auth0 login button (default is `SiAuth0`).
<ZoomableImage src="/assets/v3/oidc/auth0/auth0-icon.png" alt="Auth0 Icon" />
> **Enterprise tip:** Auth0 authentication works great for enterprise organizations requiring advanced security features and centralized identity management.
---
## Account linking
By default, if a user is already registered in Palmr with their Auth0 email, they will be automatically linked to their Palmr account.
> **Note:** You can't disable account linking. If you want to unlink a user from their Auth0 account, you need to delete the user from Palmr.
---
## Technical configuration
Auth0's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
```yaml
Provider Type: OAuth 2.0 with OIDC Discovery
Issuer URL: https://your-tenant.auth0.com
Authorization Endpoint: /authorize
Token Endpoint: /oauth/token
UserInfo Endpoint: /userinfo
Scopes: openid profile email
```
### Field mappings
Palmr automatically maps Auth0 user information to local user accounts:
- **User ID**: Maps from Auth0's `sub` field
- **Email**: Maps from Auth0's `email` field
- **Full Name**: Maps from Auth0's `name` field
- **First Name**: Maps from Auth0's `given_name` field
- **Last Name**: Maps from Auth0's `family_name` field
- **Avatar**: Maps from Auth0's `picture` field
- **Username**: Maps from Auth0's `nickname` field
### Auth0-specific features
- **Custom Claims**: Can include custom user metadata and app metadata
- **Connection Support**: Works with database, social, and enterprise connections
- **Rules and Hooks**: Can customize authentication flow with custom logic
- **Multi-factor Authentication**: Supports Auth0's MFA features
- **Enterprise SSO**: Integrates with SAML, LDAP, and other enterprise systems
---
## Testing the configuration
### Verifying the setup
After configuring Auth0 authentication, test the integration to ensure everything works correctly.
1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Auth0" button appears
2. **Test authentication flow**: Click the Auth0 sign-in button and complete the authentication process
3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
### Login flow verification
The complete authentication process should work as follows:
1. **User clicks "Sign in with Auth0"**: The browser redirects to Auth0's authorization page
2. **User authenticates**: User completes authentication through Auth0 (login, MFA, etc.)
3. **Auth0 redirects back to Palmr**: User returns to Palmr with authentication tokens
4. **Palmr creates or updates user**: User account is automatically managed with Auth0 information
5. **User accesses Palmr**: User is logged in with their Auth0 identity
---
## Troubleshooting common issues
### Redirect URI mismatch error
**Error message**: `invalid_redirect_uri`
**Cause**: The redirect URI in your request doesn't match what's configured in Auth0 application.
**Solution**:
1. Check the exact URL in the error message
2. Add this exact URL to your Auth0 application's callback URLs
3. Ensure you include the correct protocol (http/https) and port
4. Remove any trailing slashes unless they're in the callback URL
### Access denied error
**Error message**: `access_denied`
**Cause**: User denied permissions or the application isn't properly configured.
**Solution**:
1. Verify that your Auth0 application requests the correct scopes
2. Check that users are granting permissions during the authorization flow
3. Ensure your application is not restricted or disabled
4. Verify the application has proper permissions set up
### Invalid client error
**Error message**: `invalid_client`
**Cause**: Incorrect Client ID, Client Secret, or Domain.
**Solution**:
1. Double-check that you've copied the credentials correctly from Auth0
2. Ensure there are no extra spaces or characters in the credentials
3. Verify you're using the correct domain format (e.g., `your-tenant.auth0.com`)
4. Generate a new Client Secret if necessary
### Domain configuration issues
**Error message**: Domain not found or invalid
**Cause**: Incorrect Auth0 domain or tenant configuration.
**Solution**:
1. Verify your Auth0 domain is correct (e.g., `your-tenant.auth0.com`)
2. Check that your Auth0 tenant is active and not suspended
3. Ensure you're using the correct region for your tenant
4. Verify DNS resolution for your Auth0 domain
### Custom claims not available
**Cause**: Custom claims not properly configured in Auth0 rules or actions.
**Solution**:
1. Check Auth0 rules and actions for custom claim configuration
2. Verify that custom claims are included in the ID token
3. Ensure the claims are properly formatted and accessible
4. Test with a user that has the expected custom claims
---
## Security best practices
### Credential management
- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
- **Use environment variables**: Store sensitive configuration in environment variables, not config files
- **Monitor access logs**: Regularly review authentication logs for suspicious activity
### Scope and permission management
- **Minimal scopes**: Only request `openid`, `profile`, and `email` scopes as required by Palmr
- **User consent**: Ensure users understand what permissions they're granting
- **Regular audits**: Review which users have connected their Auth0 accounts
- **Access reviews**: Periodically check user access and remove inactive accounts
### Production considerations
- **Use HTTPS**: Always use HTTPS in production environments
- **Configure proper domains**: Use production domains in Auth0 application settings
- **Test thoroughly**: Verify the complete authentication flow before going live
- **Plan for failures**: Have fallback authentication methods available
---
## Next steps
With Auth0 authentication configured, you might want to:
- **Configure additional providers**: Set up other OIDC providers for more authentication options
- **Customize user management**: Fine-tune auto-registration and admin assignment rules
- **Review security settings**: Ensure your authentication setup meets your security requirements
- **Monitor usage**: Keep track of authentication patterns and user activity
For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
## Useful resources
- [Auth0 Documentation](https://auth0.com/docs)
- [Auth0 OAuth 2.0 Guide](https://auth0.com/docs/protocols/oauth2)
- [Auth0 OpenID Connect](https://auth0.com/docs/protocols/openid-connect)
- [Auth0 Dashboard](https://manage.auth0.com)

View File

@@ -0,0 +1,384 @@
---
title: Authentik
icon: Key
---
import { ZoomableImage } from "@/components/ui/zoomable-image";
Authentik is one of Palmr's officially supported OIDC providers, offering enterprise-grade authentication through Authentik's identity platform. This integration allows users to sign in to Palmr using Authentik's comprehensive authentication system, making it perfect for enterprise organizations, applications requiring advanced security features, and teams that need centralized identity management with complete control over their authentication infrastructure.
<ZoomableImage src="/assets/v3/oidc/authentik/sign-in-with-authentik.png" alt="Sign in with Authentik" />
## Why use Authentik authentication?
Authentik authentication provides several advantages for enterprise and security-focused organizations:
- **Complete self-hosted control** - Full control over your authentication infrastructure and data
- **Enterprise-grade security** - Advanced security features like MFA, adaptive authentication, and threat detection
- **Centralized identity management** - Single platform to manage users across multiple applications
- **Compliance ready** - Built-in compliance with GDPR, SOC 2, and other enterprise standards
- **Advanced customization** - Policies, flows, and custom branding capabilities
---
## Prerequisites
Before configuring Authentik authentication, ensure you have:
- **Authentik instance** - Self-hosted Authentik installation running and accessible
- **Admin privileges in Palmr** - Required to configure OIDC settings
- **Domain configuration** - For production deployments with custom domains
> **Note:** Authentik is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
---
## Setting up Authentik OAuth2/OpenID Provider
### Creating an Authentik OAuth2/OpenID Provider
To get started with Authentik authentication, you'll need to create an OAuth2/OpenID Provider in your Authentik Admin Interface.
1. **Navigate to Authentik Admin Interface**: Go to your Authentik instance URL (e.g., `https://your-authentik-domain.com`)
<ZoomableImage src="/assets/v3/oidc/authentik/authentik-admin.png" alt="Authentik Admin Interface" />
2. **Create new OAuth2/OpenID Provider**: Click **"Applications"** in the left sidebar, then click **"Providers"** and click **"+ Create"**
<ZoomableImage src="/assets/v3/oidc/authentik/create-provider.png" alt="Authentik Create Provider" />
3. **Select provider type**: Choose **"OAuth2/OpenID Provider"** for OIDC authentication and click on **"Next"** button.
<ZoomableImage
src="/assets/v3/oidc/authentik/provider-type.png"
alt="Authentik Provider Type Selection"
legend="This is a fake application, you have to use your own."
/>
### Configuring provider settings
1. **Enter provider details**:
- **Name**: Enter a descriptive name like "Palmr File Sharing"
- **Authorization Flow**: select **default-provider-authorization-explicit-consent (Authorize Application)**
- **Protocol Settings (Client type)**: select **Confidential**
- **Protocol Settings (Client ID)**: Copy the Client ID from Authentik field (You can edit it if you want) - `(Copy this value and save it for later use)`
- **Protocol Settings (Client Secret)**: Copy the Client Secret from Authentik field (You can edit it if you want) - `(Copy this value and save it for later use)`
- **Protocol Settings (Redirect URIs/Origins (RegEx))**: Select 'Strict' and add the redirect URI for your application (e.g. `https://your-palmr-domain.com/api/auth/providers/authentik/callback`) you can see below the field the example of the redirect URI.
- **Protocol Settings (Signing key)**: select **"authentik Self-signed Certificate"**
<ZoomableImage
src="/assets/v3/oidc/authentik/provider-settings-1.png"
alt="Authentik Provider Settings"
legend="This is a fake application, you have to use your own."
/>
<ZoomableImage
src="/assets/v3/oidc/authentik/provider-settings-2.png"
alt="Authentik Provider Settings"
legend="This is a fake application, you have to use your own."
/>
2. **Configure provider URLs**:
You'll need to configure several URLs in your Authentik provider settings. Here's what to add for each environment:
### Redirect URIs
| Environment | URL |
| ----------- | ------------------------------------------------------------------- |
| Production | `https://yourdomain.com/api/auth/providers/authentik/callback` |
| Development | `http://localhost:3000/api/auth/providers/authentik/callback` |
| Custom Port | `https://yourdomain.com:5487/api/auth/providers/authentik/callback` |
> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
**Save changes**: Click **"Finish"** to apply your configuration.
> **Note:** You can configure other settings for provider if you want, but the necessary settings are already configured in this step.
After clicking on **"Finish"** you will see your provider listed in the provider list, but with an warning message like this: ' Warning: Provider not assigned to any application.'.
<ZoomableImage
src="/assets/v3/oidc/authentik/warning-message.png"
alt="Authentik Provider Warning Message"
legend="This is a fake application, you have to use your own."
/>
### Creating application with created provider
After creating your provider, you need to create an application with the created provider. To do this, you need to click on the **"Applications"** in the left sidebar, then click on **"+ Create"**.
<ZoomableImage
src="/assets/v3/oidc/authentik/applications-page.png"
alt="Authentik Applications Page"
legend="This is a fake application, you have to use your own."
/>
1. **Configure application**:
- **Name**: Enter a descriptive name like "Palmr File Sharing"
- **Slug**: Enter a unique identifier (e.g., `palmr-file-sharing`)
- **Provider**: Select the provider you just created from the list of providers.
<ZoomableImage
src="/assets/v3/oidc/authentik/application-modal.png"
alt="Authentik Application Modal"
legend="This is a fake application, you have to use your own."
/>
The other fields are not important for now, you can leave them as they are. But if you want to change something, you can change them.
2. **Save application**: Click on **"Create"** to save the application.
<ZoomableImage
src="/assets/v3/oidc/authentik/application-modal.png"
alt="Authentik Application Modal"
legend="This is a fake application, you have to use your own."
/>
### Final Authentik step
The last step in Authentik is grab your instance URL. You can find it clicking on the **"providers"** in the side menu on tab **"overview"**.
<ZoomableImage
src="/assets/v3/oidc/authentik/provider-overview.png"
alt="Authentik Instance URL"
legend="This is a fake application, you have to use your own."
/>
You don't need copy the complete URL, just the domain name and protocol and port if you are using a custom port.
For example: `https://your-authentik-domain.com`.
> **Note:** In Authentik we finish the configuration. Let's go to Palmr to configure the provider. Remember you need `Client ID`, `Client Secret` and `Instance URL` to configure the provider in Palmr.
---
## Configuring Palmr
### Accessing OIDC settings
To configure Authentik authentication in Palmr, you need administrator access to the settings panel.
1. **Login as administrator**: Sign in to Palmr with an admin account
2. **Access settings**: Click your profile picture in the header and select **Settings**
3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
### Enabling Authentik provider
Authentik comes pre-configured as an official provider, so the setup process is streamlined.
1. **Locate Authentik provider**: Find Authentik in the list of available providers
2. **Enable the provider**: Toggle the status to **Enabled**
<ZoomableImage src="/assets/v3/oidc/authentik/enabled-authentik.png" alt="Palmr Authentik Provider Enabled" />
After enabling the provider, click on the pen icon to configure the provider.
3. **Configure credentials**:
- **Provider URL**: Paste your Authentik instance URL (e.g., `https://your-authentik-domain.com`)
- **Client ID**: Paste the Client ID from Authentik provider
- **Client Secret**: Paste the Client Secret from Authentik provider
- **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`. You don't need change this if you are not sure.
<ZoomableImage
src="/assets/v3/oidc/authentik/edit-authentik.png"
alt="Edit Authentik Provider"
legend="This is a fake application, you have to use your own."
/>
### Advanced configuration options
Configure additional settings to customize the authentication behavior:
**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
**Sort Order**: Control where the Authentik login button appears relative to other authentication providers.
**Icon**: you can choose the icon you want to use for the Authentik login button (default is `FaShieldAlt`).
<ZoomableImage src="/assets/v3/oidc/authentik/authentik-icon.png" alt="Authentik Icon" />
---
## Account linking
By default, if a user is already registered in Palmr with their Authentik email, they will be automatically linked to their Palmr account.
> **Note:** You can't disable account linking. If you want to unlink a user from their Authentik account, you need to delete the user from Palmr.
---
## Technical configuration
Authentik's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
```yaml
Provider Type: OAuth 2.0 with OIDC Discovery
Issuer URL: https://your-authentik-domain.com
Authorization Endpoint: /application/o/authorize
Token Endpoint: /application/o/token
UserInfo Endpoint: /application/o/userinfo
Scopes: openid profile email
```
### Field mappings
Palmr automatically maps Authentik user information to local user accounts:
- **User ID**: Maps from Authentik's `sub` field
- **Email**: Maps from Authentik's `email` field
- **Full Name**: Maps from Authentik's `name` field
- **First Name**: Maps from Authentik's `given_name` field
- **Last Name**: Maps from Authentik's `family_name` field
- **Avatar**: Maps from Authentik's `picture` field
- **Username**: Maps from Authentik's `preferred_username` field
### Authentik-specific features
- **Custom Claims**: Can include custom user metadata and app metadata
- **Policies Support**: Can customize authentication flow with custom policies
- **Multi-factor Authentication**: Supports Authentik's MFA features
- **Enterprise SSO**: Integrates with SAML, LDAP, and other enterprise systems
- **Self-hosted Only**: Complete control over your authentication infrastructure
---
## Testing the configuration
### Verifying the setup
After configuring Authentik authentication, test the integration to ensure everything works correctly.
1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Authentik" button appears
2. **Test authentication flow**: Click the Authentik sign-in button and complete the authentication process
3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
### Login flow verification
The complete authentication process should work as follows:
1. **User clicks "Sign in with Authentik"**: The browser redirects to Authentik's authorization page
2. **User authenticates**: User completes authentication through Authentik (login, MFA, etc.)
3. **Authentik redirects back to Palmr**: User returns to Palmr with authentication tokens
4. **Palmr creates or updates user**: User account is automatically managed with Authentik information
5. **User accesses Palmr**: User is logged in with their Authentik identity
---
## Troubleshooting common issues
### Redirect URI mismatch error
**Error message**: `invalid_redirect_uri`
**Cause**: The redirect URI in your request doesn't match what's configured in Authentik provider.
**Solution**:
1. Check the exact URL in the error message
2. Add this exact URL to your Authentik provider's redirect URIs
3. Ensure you include the correct protocol (http/https) and port
4. Remove any trailing slashes unless they're in the callback URL
### Access denied error
**Error message**: `access_denied`
**Cause**: User denied permissions or the provider isn't properly configured.
**Solution**:
1. Verify that your Authentik provider requests the correct scopes
2. Check that users are granting permissions during the authorization flow
3. Ensure your provider is not restricted or disabled
4. Verify the provider has proper permissions set up
### Invalid client error
**Error message**: `invalid_client`
**Cause**: Incorrect Client ID, Client Secret, or Instance URL.
**Solution**:
1. Double-check that you've copied the credentials correctly from Authentik
2. Ensure there are no extra spaces or characters in the credentials
3. Verify you're using the correct instance URL format
4. Generate a new Client Secret if necessary
### Instance URL configuration issues
**Error message**: Instance not found or invalid
**Cause**: Incorrect Authentik instance URL or instance configuration.
**Solution**:
1. Verify your Authentik instance URL is correct
2. Check that your Authentik instance is active and accessible
3. Ensure you're using the correct protocol (https://)
4. Verify DNS resolution for your Authentik instance
### Self-hosted connectivity issues
**Cause**: Network connectivity problems with self-hosted Authentik instance.
**Solution**:
1. Check server firewall and network connectivity
2. Verify DNS resolution from your server to the Authentik instance
3. Ensure the Authentik instance is properly configured and running
4. Check SSL certificate validity for the Authentik instance
---
## Security best practices
### Credential management
- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
- **Use environment variables**: Store sensitive configuration in environment variables, not config files
- **Monitor access logs**: Regularly review authentication logs for suspicious activity
### Scope and permission management
- **Minimal scopes**: Only request `openid`, `profile`, and `email` scopes as required by Palmr
- **User consent**: Ensure users understand what permissions they're granting
- **Regular audits**: Review which users have connected their Authentik accounts
- **Access reviews**: Periodically check user access and remove inactive accounts
### Production considerations
- **Use HTTPS**: Always use HTTPS in production environments
- **Configure proper domains**: Use production domains in Authentik provider settings
- **Test thoroughly**: Verify the complete authentication flow before going live
- **Plan for failures**: Have fallback authentication methods available
---
## Next steps
With Authentik authentication configured, you might want to:
- **Configure additional providers**: Set up other OIDC providers for more authentication options
- **Customize user management**: Fine-tune auto-registration and admin assignment rules
- **Review security settings**: Ensure your authentication setup meets your security requirements
- **Monitor usage**: Keep track of authentication patterns and user activity
For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
## Useful resources
- [Authentik Documentation](https://goauthentik.io/docs)
- [Authentik OAuth2/OpenID Provider](https://goauthentik.io/docs/providers/oauth2)
- [Authentik Installation Guide](https://goauthentik.io/docs/installation)
- [Authentik Admin Interface](https://goauthentik.io/docs/administration)

View File

@@ -0,0 +1,342 @@
---
title: Discord
icon: MessageSquare
---
import { ZoomableImage } from "@/components/ui/zoomable-image";
Discord is one of Palmr's officially supported OIDC providers, offering secure authentication through Discord OAuth 2.0. This integration allows users to sign in to Palmr using their existing Discord accounts, making it perfect for gaming communities, developer teams, and organizations already using Discord.
<ZoomableImage src="/assets/v3/oidc/discord/sign-in-with-discord.png" alt="Sign in with Discord" />
## Why use Discord authentication?
Discord authentication provides several advantages for community-focused organizations and teams:
- **Community integration** - Perfect for gaming communities and Discord-centric organizations
- **Familiar experience** - Users already trust and use Discord daily
- **Rich user profiles** - Access to Discord usernames, avatars, and global names
- **Developer-friendly** - Great for technical teams and open-source projects
- **No additional accounts** - Users can access Palmr without creating new credentials
---
## Prerequisites
Before configuring Discord authentication, ensure you have:
- **Discord Developer Portal access** - Ability to create applications on Discord
- **Admin privileges in Palmr** - Required to configure OIDC settings
- **Server ownership or permissions** - If integrating with a Discord server
> **Note:** Discord is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
---
## Setting up Discord Developer Portal
### Creating a Discord application
To get started with Discord authentication, you'll need to create an application in Discord Developer Portal.
1. **Navigate to Discord Developer Portal**: Go to [discord.com/developers/applications](https://discord.com/developers/applications)
<ZoomableImage src="/assets/v3/oidc/discord/developer-portal-home.png" alt="Discord Developer Portal Home" />
2. **Create new application**: Click **"New Application"** button
3. **Enter application details**:
- **Name**: Enter a descriptive name like "Palmr File Sharing"
- **Accept Terms of Service and Developer Policy**: Check the box
<ZoomableImage src="/assets/v3/oidc/discord/create-application-modal.png" alt="Discord Create Application Modal" />
4. **Create application**: Click **"Create"** to generate your application
### Configuring application settings
After creating your application, you'll need to configure basic settings and branding.
1. **Update application information**:
- **Description**: Add a clear description of your Palmr instance
- **Icon**: Upload your organization's logo or Palmr-related icon
- **Cover Image**: Optional banner image for better branding
<ZoomableImage
src="/assets/v3/oidc/discord/application-settings.png"
alt="Discord Application Settings"
legend="This is a fake application, you have to use your own."
/>
2. **Configure application details**:
- **Tags**: Add relevant tags (optional)
- **Privacy Policy URL**: Add your privacy policy URL if required
- **Terms of Service URL**: Add your terms of service URL if required
### Setting up OAuth2 configuration
Now you'll configure the OAuth2 settings that Palmr will use to authenticate users.
1. **Navigate to OAuth2**: In the left sidebar, click **"OAuth2"**
<ZoomableImage src="/assets/v3/oidc/discord/oauth2-general.png" alt="Discord OAuth2 General Settings" />
2. **Configure OAuth2 settings**:
- **Client Secret**: Click **"Reset Secret"** to generate a new client secret
- **Copy credentials**: Save both **Client ID** and **Client Secret** for later use
3. **Add redirect URIs**: In the **"Redirects"** section, add your Palmr callback URLs:
You'll need to configure several URLs in your Discord application settings. Here's what to add for each environment:
### Redirect URIs
| Environment | URL |
| ----------- | ----------------------------------------------------------------- |
| Production | `https://yourdomain.com/api/auth/providers/discord/callback` |
| Development | `http://localhost:3000/api/auth/providers/discord/callback` |
| Custom Port | `https://yourdomain.com:5487/api/auth/providers/discord/callback` |
> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
4. **Select required scopes**:
- **`identify`** - Access to user's basic account information (required)
- **`email`** - Access to user's email address (required for Palmr)
5. **Save changes**: Click **"Save Changes"** to apply your configuration
<ZoomableImage
src="/assets/v3/oidc/discord/required-scopes.png"
alt="Discord Required Scopes"
legend="This is a fake application, you have to use your own."
/>
---
## Configuring Palmr
### Accessing OIDC settings
To configure Discord authentication in Palmr, you need administrator access to the settings panel.
1. **Login as administrator**: Sign in to Palmr with an admin account
2. **Access settings**: Click your profile picture in the header and select **Settings**
3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
### Enabling Discord provider
Discord comes pre-configured as an official provider, so the setup process is streamlined.
1. **Locate Discord provider**: Find Discord in the list of available providers
2. **Enable the provider**: Toggle the status to **Enabled**
<ZoomableImage src="/assets/v3/oidc/discord/palmr-enabled-discord.png" alt="Palmr Discord Provider Enabled" />
After enabling the provider, click on the pen icon to configure the provider.
3. **Configure credentials**:
- **Client ID**: Paste the Client ID from Discord Developer Portal
- **Client Secret**: Paste the Client Secret from Discord Developer Portal
- **Scopes**: Add the scopes you want to use. The default scopes are `identify` and `email`.
<ZoomableImage
src="/assets/v3/oidc/discord/edit-discord.png"
alt="Edit Discord Provider"
legend="This is a fake application, you have to use your own."
/>
### Advanced configuration options
Configure additional settings to customize the authentication behavior:
**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
**Admin Email Domains**: Specify domains that should automatically receive admin privileges. This is less common with Discord since users often use personal emails.
**Sort Order**: Control where the Discord login button appears relative to other authentication providers.
**Icon**: you can choose the icon you want to use for the Discord login button (default is `FaDiscord`).
<ZoomableImage src="/assets/v3/oidc/discord/discord-icon.png" alt="Discord Icon" />
> **Community tip:** Discord authentication works great for gaming communities and development teams. Consider enabling auto-registration for trusted Discord communities.
---
## Account linking
By default, if a user is already registered in Palmr with their Discord email, they will be automatically linked to their Palmr account.
> **Note:** You can't disable account linking. If you want to unlink a user from their Discord account, you need to delete the user from Palmr.
---
## Technical configuration
Discord's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
```yaml
Provider Type: OAuth 2.0 (No OIDC Discovery)
Issuer URL: https://discord.com
Authorization Endpoint: /oauth2/authorize
Token Endpoint: /api/oauth2/token
UserInfo Endpoint: /api/users/@me
Scopes: identify email
```
### Field mappings
Palmr automatically maps Discord user information to local user accounts:
- **User ID**: Maps from Discord's `id` field
- **Email**: Maps from Discord's `email` field
- **Display Name**: Maps from Discord's `global_name` or falls back to `username`
- **Username**: Maps from Discord's `username` field
- **Avatar**: Maps from Discord's `avatar` field (processed as Discord CDN URL)
### Discord-specific features
- **Global Names**: Supports Discord's new global name system while maintaining compatibility with legacy usernames
- **Avatar Processing**: Automatically constructs Discord CDN URLs for user avatars
- **No Discovery**: Uses manually configured endpoints for better reliability
---
## Testing the configuration
### Verifying the setup
After configuring Discord authentication, test the integration to ensure everything works correctly.
1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Discord" button appears
2. **Test authentication flow**: Click the Discord sign-in button and complete the authentication process
3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
### Login flow verification
The complete authentication process should work as follows:
1. **User clicks "Sign in with Discord"**: The browser redirects to Discord's authorization page
2. **User authorizes application**: User grants permissions for `identify` and `email` scopes
3. **Discord redirects back to Palmr**: User returns to Palmr with authentication tokens
4. **Palmr creates or updates user**: User account is automatically managed with Discord information
5. **User accesses Palmr**: User is logged in with their Discord identity
---
## Troubleshooting common issues
### Invalid redirect URI error
**Error message**: `invalid_redirect_uri`
**Cause**: The redirect URI in your request doesn't match what's configured in Discord Developer Portal.
**Solution**:
1. Check the exact URL in the error message
2. Add this exact URL to your Discord application's redirect URIs
3. Ensure you include the correct protocol (http/https) and port
4. Remove any trailing slashes unless they're in the callback URL
### Access denied error
**Error message**: `access_denied`
**Cause**: User denied permissions or the application doesn't have required scopes.
**Solution**:
1. Verify that your Discord application requests `identify` and `email` scopes
2. Check that users are granting permissions during the authorization flow
3. Ensure your application is not restricted or disabled in Discord Developer Portal
4. Verify the application has proper permissions set up
### Invalid client error
**Error message**: `invalid_client`
**Cause**: Incorrect Client ID or Client Secret.
**Solution**:
1. Double-check that you've copied the credentials correctly from Discord Developer Portal
2. Ensure there are no extra spaces or characters in the credentials
3. Generate a new Client Secret if necessary
4. Verify you're using the correct application in Discord Developer Portal
### Missing email scope error
**Error message**: Email not provided or scope missing
**Cause**: Discord application not configured with email scope or user's email is not verified.
**Solution**:
1. Verify that your Discord application requests the `email` scope
2. Check that users have verified their email addresses on Discord
3. Ensure the scope configuration matches what Palmr expects
4. Test with a Discord account that has a verified email
### User information not displaying correctly
**Cause**: Discord username/global name mapping issues.
**Solution**:
1. Check that the user has set a global name in Discord (new feature)
2. Verify field mappings are working correctly in Palmr logs
3. Test with different Discord accounts (some may have legacy usernames)
4. Update user information manually through Palmr admin interface if needed
---
## Security best practices
### Credential management
- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
- **Use environment variables**: Store sensitive configuration in environment variables, not config files
- **Monitor access logs**: Regularly review authentication logs for suspicious activity
### Scope and permission management
- **Minimal scopes**: Only request `identify` and `email` scopes as required by Palmr
- **User consent**: Ensure users understand what permissions they're granting
- **Regular audits**: Review which users have connected their Discord accounts
- **Access reviews**: Periodically check user access and remove inactive accounts
### Production considerations
- **Use HTTPS**: Always use HTTPS in production environments
- **Configure proper domains**: Use production domains in Discord redirect URIs
- **Test thoroughly**: Verify the complete authentication flow before going live
- **Plan for failures**: Have fallback authentication methods available
---
## Next steps
With Discord authentication configured, you might want to:
- **Configure additional providers**: Set up other OIDC providers for more authentication options
- **Customize user management**: Fine-tune auto-registration and admin assignment rules
- **Review security settings**: Ensure your authentication setup meets your security requirements
- **Monitor usage**: Keep track of authentication patterns and user activity
For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
## Useful resources
- [Discord Developer Documentation](https://discord.com/developers/docs)
- [Discord OAuth2 Guide](https://discord.com/developers/docs/topics/oauth2)
- [Discord Applications](https://discord.com/developers/applications)
- [Discord API Reference](https://discord.com/developers/docs/reference)

View File

@@ -0,0 +1,324 @@
---
title: Frontegg
icon: Egg
---
import { ZoomableImage } from "@/components/ui/zoomable-image";
Frontegg is one of Palmr's officially supported OIDC providers, offering enterprise-grade authentication through Frontegg's identity platform. This integration allows users to sign in to Palmr using Frontegg's comprehensive authentication system, making it perfect for enterprise organizations, applications requiring advanced security features, and teams that need centralized identity management with modern developer experience.
<ZoomableImage src="/assets/v3/oidc/frontegg/sign-in-with-frontegg.png" alt="Sign in with Frontegg" />
## Why use Frontegg authentication?
Frontegg authentication provides several advantages for enterprise and developer-focused organizations:
- **Modern developer experience** - Clean APIs, comprehensive SDKs, and developer-friendly tools
- **Enterprise-grade security** - Advanced security features like MFA, adaptive authentication, and threat detection
- **Centralized identity management** - Single platform to manage users across multiple applications
- **Compliance ready** - Built-in compliance with GDPR, SOC 2, and other enterprise standards
- **Advanced customization** - Themes, flows, and custom branding capabilities
---
## Prerequisites
Before configuring Frontegg authentication, ensure you have:
- **Frontegg account** - Ability to create applications and manage tenants
- **Admin privileges in Palmr** - Required to configure OIDC settings
- **Domain configuration** - For production deployments with custom domains
> **Note:** Frontegg is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
---
## Setting up Frontegg Application
### Creating a Frontegg application
To get started with Frontegg authentication, you'll need to create an application in your Frontegg Admin Portal.
1. **Navigate to Frontegg Admin Portal**: Go to [https://portal.frontegg.com/development/applications](https://portal.frontegg.com/development/applications) for example. (Development environment) for production environment you need to go to [https://portal.frontegg.com/production/applications](https://portal.frontegg.com/production/applications) - This can change depending on your environment.
<ZoomableImage src="/assets/v3/oidc/frontegg/frontegg-admin.png" alt="Frontegg Admin Portal" />
2. **Create new application**: Click **"Create new"**
3. **Fill application details**:
- **Name**: Enter a descriptive name like "Palmr File Sharing"
- **Description**: Add a clear description of your Palmr instance
- **Type**: Choose **"Web"** for web-based Palmr instances
- **Frontend stack**: Choose **"React"** for web-based Palmr instances
- **App URL**: Add the URL of your Palmr instance, see table below for the example of the URL.
| Environment | URL |
| ----------- | ------------------------------------------------------------------ |
| Production | `https://yourdomain.com/api/auth/providers/frontegg/callback` |
| Development | `http://localhost:3000/api/auth/providers/frontegg/callback` |
| Custom Port | `https://yourdomain.com:5487/api/auth/providers/frontegg/callback` |
> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
<ZoomableImage
src="/assets/v3/oidc/frontegg/application-details.png"
alt="Frontegg Application Details"
legend="This is a fake application, you have to use your own."
/>
5. **Create application**: Click **"Create"** to generate your Frontegg application
### Configuring application settings
After creating your application, you'll need to get the settings that Palmr will use. You gonna be redirected to the application page, where you can see the application details.
<ZoomableImage
src="/assets/v3/oidc/frontegg/application-page.png"
alt="Frontegg Application Page"
legend="This is a fake application, you have to use your own."
/>
### Getting OAuth credentials
Now you'll get the credentials that Palmr will use to authenticate with Frontegg.
1. **Copy Domain**: Note your Frontegg domain (e.g., `your-tenant.frontegg.com`) - You can find it in the application page at field **"Login URL"**. But copy just the domain, without the path.
2. **Copy Client ID**: You can find it in the application page at field **"ID"** in the application page.
3. **Copy Client Secret**: You can find it in the application page at field **"API key"** in the application page.
In Frontegg we finished the configuration, but we need to configure Palmr to use it.
---
## Configuring Palmr
### Accessing OIDC settings
To configure Frontegg authentication in Palmr, you need administrator access to the settings panel.
1. **Login as administrator**: Sign in to Palmr with an admin account
2. **Access settings**: Click your profile picture in the header and select **Settings**
3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
### Enabling Frontegg provider
Frontegg comes pre-configured as an official provider, so the setup process is streamlined.
1. **Locate Frontegg provider**: Find Frontegg in the list of available providers
2. **Enable the provider**: Toggle the status to **Enabled**
<ZoomableImage src="/assets/v3/oidc/frontegg/enabled-frontegg.png" alt="Palmr Frontegg Provider Enabled" />
After enabling the provider, click on the pen icon to configure the provider.
3. **Configure credentials**:
- **Provider URL**: Paste your Frontegg domain (e.g., `https://your-tenant.frontegg.com`) - It's the same **"Login URL"** you copied in the previous step.
- **Client ID**: Paste the Client ID from Frontegg application - It's the same **"ID"** you copied in the previous step.
- **Client Secret**: Paste the Client Secret from Frontegg application - It's the same **"API key"** you copied in the previous step.
- **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`. You don't need to change this, but you can if you want.
<ZoomableImage
src="/assets/v3/oidc/frontegg/edit-frontegg.png"
alt="Edit Frontegg Provider"
legend="This is a fake application, you have to use your own."
/>
### Advanced configuration options
Configure additional settings to customize the authentication behavior:
**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
**Sort Order**: Control where the Frontegg login button appears relative to other authentication providers.
**Icon**: you can choose the icon you want to use for the Frontegg login button (default is `TbEggs`).
<ZoomableImage src="/assets/v3/oidc/frontegg/frontegg-icon.png" alt="Frontegg Icon" />
> **Developer tip:** Frontegg authentication works great for organizations requiring modern developer experience and enterprise-grade security features.
---
## Account linking
By default, if a user is already registered in Palmr with their Frontegg email, they will be automatically linked to their Palmr account.
> **Note:** You can't disable account linking. If you want to unlink a user from their Frontegg account, you need to delete the user from Palmr.
---
## Technical configuration
Frontegg's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
```yaml
Provider Type: OAuth 2.0 with OIDC Discovery
Issuer URL: https://your-tenant.frontegg.com
Authorization Endpoint: /oauth/authorize
Token Endpoint: /oauth/token
UserInfo Endpoint: /oauth/userinfo
Scopes: openid profile email
```
### Field mappings
Palmr automatically maps Frontegg user information to local user accounts:
- **User ID**: Maps from Frontegg's `sub` field
- **Email**: Maps from Frontegg's `email` field
- **Full Name**: Maps from Frontegg's `name` field
- **First Name**: Maps from Frontegg's `given_name` field
- **Last Name**: Maps from Frontegg's `family_name` field
- **Avatar**: Maps from Frontegg's `picture` field
- **Username**: Maps from Frontegg's `preferred_username` field
### Frontegg-specific features
- **Custom Claims**: Can include custom user metadata and app metadata
- **Themes Support**: Can customize authentication UI with custom themes
- **Multi-factor Authentication**: Supports Frontegg's MFA features
- **Enterprise SSO**: Integrates with SAML, LDAP, and other enterprise systems
- **Modern APIs**: Clean REST APIs and comprehensive SDKs
---
## Testing the configuration
### Verifying the setup
After configuring Frontegg authentication, test the integration to ensure everything works correctly.
1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Frontegg" button appears
2. **Test authentication flow**: Click the Frontegg sign-in button and complete the authentication process
3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
### Login flow verification
The complete authentication process should work as follows:
1. **User clicks "Sign in with Frontegg"**: The browser redirects to Frontegg's authorization page
2. **User authenticates**: User completes authentication through Frontegg (login, MFA, etc.)
3. **Frontegg redirects back to Palmr**: User returns to Palmr with authentication tokens
4. **Palmr creates or updates user**: User account is automatically managed with Frontegg information
5. **User accesses Palmr**: User is logged in with their Frontegg identity
---
## Troubleshooting common issues
### Redirect URI mismatch error
**Error message**: `invalid_redirect_uri`
**Cause**: The redirect URI in your request doesn't match what's configured in Frontegg application.
**Solution**:
1. Check the exact URL in the error message
2. Add this exact URL to your Frontegg application's redirect URIs
3. Ensure you include the correct protocol (http/https) and port
4. Remove any trailing slashes unless they're in the callback URL
### Access denied error
**Error message**: `access_denied`
**Cause**: User denied permissions or the application isn't properly configured.
**Solution**:
1. Verify that your Frontegg application requests the correct scopes
2. Check that users are granting permissions during the authorization flow
3. Ensure your application is not restricted or disabled
4. Verify the application has proper permissions set up
### Invalid client error
**Error message**: `invalid_client`
**Cause**: Incorrect Client ID, Client Secret, or Domain.
**Solution**:
1. Double-check that you've copied the credentials correctly from Frontegg
2. Ensure there are no extra spaces or characters in the credentials
3. Verify you're using the correct domain format (e.g., `your-tenant.frontegg.com`)
4. Generate a new Client Secret if necessary
### Domain configuration issues
**Error message**: Domain not found or invalid
**Cause**: Incorrect Frontegg domain or tenant configuration.
**Solution**:
1. Verify your Frontegg domain is correct (e.g., `your-tenant.frontegg.com`)
2. Check that your Frontegg tenant is active and not suspended
3. Ensure you're using the correct region for your tenant
4. Verify DNS resolution for your Frontegg domain
### Custom claims not available
**Cause**: Custom claims not properly configured in Frontegg.
**Solution**:
1. Check Frontegg custom claims configuration
2. Verify that custom claims are included in the ID token
3. Ensure the claims are properly formatted and accessible
4. Test with a user that has the expected custom claims
---
## Security best practices
### Credential management
- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
- **Use environment variables**: Store sensitive configuration in environment variables, not config files
- **Monitor access logs**: Regularly review authentication logs for suspicious activity
### Scope and permission management
- **Minimal scopes**: Only request `openid`, `profile`, and `email` scopes as required by Palmr
- **User consent**: Ensure users understand what permissions they're granting
- **Regular audits**: Review which users have connected their Frontegg accounts
- **Access reviews**: Periodically check user access and remove inactive accounts
### Production considerations
- **Use HTTPS**: Always use HTTPS in production environments
- **Configure proper domains**: Use production domains in Frontegg application settings
- **Test thoroughly**: Verify the complete authentication flow before going live
- **Plan for failures**: Have fallback authentication methods available
---
## Next steps
With Frontegg authentication configured, you might want to:
- **Configure additional providers**: Set up other OIDC providers for more authentication options
- **Customize user management**: Fine-tune auto-registration and admin assignment rules
- **Review security settings**: Ensure your authentication setup meets your security requirements
- **Monitor usage**: Keep track of authentication patterns and user activity
For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
## Useful resources
- [Frontegg Documentation](https://docs.frontegg.com)
- [Frontegg OAuth 2.0 Guide](https://docs.frontegg.com/oauth2)
- [Frontegg OpenID Connect](https://docs.frontegg.com/openid-connect)
- [Frontegg Admin Portal](https://admin.frontegg.com)

View File

@@ -0,0 +1,305 @@
---
title: GitHub
icon: Github
---
import { ZoomableImage } from "@/components/ui/zoomable-image";
GitHub is one of Palmr's officially supported OIDC providers, offering secure authentication through GitHub OAuth 2.0. This integration allows users to sign in to Palmr using their existing GitHub accounts, making it perfect for developer teams, open-source projects, and organizations already using GitHub for version control and collaboration.
<ZoomableImage src="/assets/v3/oidc/github/sign-in-with-github.png" alt="Sign in with GitHub" />
## Why use GitHub authentication?
GitHub authentication provides several advantages for developer-focused organizations and teams:
- **Developer-friendly** - Perfect for teams already using GitHub for development
- **Open-source integration** - Ideal for open-source projects and communities
- **Rich developer profiles** - Access to GitHub usernames, avatars, and organization memberships
- **Repository access** - Can leverage GitHub's permission system for additional features
- **No additional accounts** - Developers can access Palmr with their existing GitHub credentials
---
## Prerequisites
Before configuring GitHub authentication, ensure you have:
- **GitHub account** - Ability to create OAuth Apps on GitHub
- **Admin privileges in Palmr** - Required to configure OIDC settings
> **Note:** GitHub is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
---
## Setting up GitHub OAuth App
### Creating a GitHub OAuth App
To get started with GitHub authentication, you'll need to create an OAuth App in your GitHub Developer Settings.
1. **Navigate to GitHub Developer Settings**: Go to [github.com/settings/developers](https://github.com/settings/developers)
2. **Create new OAuth App**: Click **"New OAuth App"** button
<ZoomableImage src="/assets/v3/oidc/github/developer-settings.png" alt="GitHub Developer Settings" />
3. **Enter application details**:
- **Application name**: Enter a descriptive name like "Palmr File Sharing"
- **Homepage URL**: Enter your Palmr instance URL (e.g., `https://yourdomain.com`)
- **Application description**: Add a clear description of your Palmr instance
- **Authorization callback URL**: Enter your callback URL (see below)
<ZoomableImage
src="/assets/v3/oidc/github/oauth-app-details.png"
alt="GitHub OAuth App Details"
legend="This is a fake application, you have to use your own."
/>
**Set up callback URLs**: In the **"Authorization callback URL"** field, add your Palmr callback URL:
You'll need to configure several URLs in your GitHub OAuth App settings. Here's what to add for each environment:
### Authorization Callback URLs
| Environment | URL |
| ----------- | ---------------------------------------------------------------- |
| Production | `https://yourdomain.com/api/auth/providers/github/callback` |
| Development | `http://localhost:3000/api/auth/providers/github/callback` |
| Custom Port | `https://yourdomain.com:5487/api/auth/providers/github/callback` |
> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
> **Note:** You can add multiple callback URLs for different environments (development, staging, production).
4. **Create application**: Click **"Register application"** to generate your OAuth App
### Getting OAuth credentials
Now you'll get the credentials that Palmr will use to authenticate with GitHub.
1. **Copy Client ID**: The Client ID is displayed on your OAuth App page
2. **Generate Client Secret**: Click **"Generate a new client secret"** to create a new secret
<ZoomableImage
src="/assets/v3/oidc/github/oauth-credentials.png"
alt="GitHub OAuth Credentials"
legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from GitHub."
/>
3. **Save credentials**: Copy both the **Client ID** and **Client Secret** for later use
> **Important:** Replace `yourdomain.com` with your actual domain. You can add multiple callback URLs for different environments (development, staging, production) by creating separate OAuth Apps.
---
## Configuring Palmr
### Accessing OIDC settings
To configure GitHub authentication in Palmr, you need administrator access to the settings panel.
1. **Login as administrator**: Sign in to Palmr with an admin account
2. **Access settings**: Click your profile picture in the header and select **Settings**
3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
### Enabling GitHub provider
GitHub comes pre-configured as an official provider, so the setup process is streamlined.
1. **Locate GitHub provider**: Find GitHub in the list of available providers
2. **Enable the provider**: Toggle the status to **Enabled**
<ZoomableImage src="/assets/v3/oidc/github/enabled-github.png" alt="Palmr GitHub Provider Enabled" />
After enabling the provider, click on the pen icon to configure the provider.
3. **Configure credentials**:
- **Client ID**: Paste the Client ID from GitHub OAuth App
- **Client Secret**: Paste the Client Secret from GitHub OAuth App
- **Scopes**: Add the scopes you want to use. The default scopes are `user:email`.
<ZoomableImage
src="/assets/v3/oidc/github/edit-github.png"
alt="Edit GitHub Provider"
legend="This is a fake application, you have to use your own."
/>
### Advanced configuration options
Configure additional settings to customize the authentication behavior:
**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
**Admin Email Domains**: Specify domains that should automatically receive admin privileges. For example, entering `yourcompany.com` will grant admin access to anyone with an email from that domain.
**Sort Order**: Control where the GitHub login button appears relative to other authentication providers.
**Icon**: you can choose the icon you want to use for the GitHub login button (default is `SiGithub`).
<ZoomableImage src="/assets/v3/oidc/github/github-icon.png" alt="GitHub Icon" />
> **Developer tip:** GitHub authentication works great for development teams and open-source projects.
---
## Account linking
By default, if a user is already registered in Palmr with their GitHub email, they will be automatically linked to their Palmr account.
> **Note:** You can't disable account linking. If you want to unlink a user from their GitHub account, you need to delete the user from Palmr.
---
## Technical configuration
GitHub's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
```yaml
Provider Type: OAuth 2.0 with OIDC Discovery
Issuer URL: https://github.com
Authorization Endpoint: /login/oauth/authorize
Token Endpoint: /login/oauth/access_token
UserInfo Endpoint: https://api.github.com/user
Scopes: user:email
```
### Field mappings
Palmr automatically maps GitHub user information to local user accounts:
- **User ID**: Maps from GitHub's `id` field
- **Email**: Maps from GitHub's `email` field (from user:email scope)
- **Full Name**: Maps from GitHub's `name` field
- **Username**: Maps from GitHub's `login` field
- **Avatar**: Maps from GitHub's `avatar_url` field
---
## Testing the configuration
### Verifying the setup
After configuring GitHub authentication, test the integration to ensure everything works correctly.
1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with GitHub" button appears
2. **Test authentication flow**: Click the GitHub sign-in button and complete the authentication process
3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
### Login flow verification
The complete authentication process should work as follows:
1. **User clicks "Sign in with GitHub"**: The browser redirects to GitHub's authorization page
2. **User authorizes application**: User grants permissions for the requested scopes
3. **GitHub redirects back to Palmr**: User returns to Palmr with authentication tokens
4. **Palmr creates or updates user**: User account is automatically managed with GitHub information
5. **User accesses Palmr**: User is logged in with their GitHub identity
---
## Troubleshooting common issues
### Redirect URI mismatch error
**Error message**: `The redirect_uri MUST match the registered callback URL for this application`
**Cause**: The redirect URI in your request doesn't match what's configured in GitHub OAuth App.
**Solution**:
1. Check the exact URL in the error message
2. Add this exact URL to your GitHub OAuth App's callback URL
3. Ensure you include the correct protocol (http/https) and port
4. Remove any trailing slashes unless they're in the callback URL
### Access denied error
**Error message**: `access_denied`
**Cause**: User denied permissions or the OAuth App isn't properly configured.
**Solution**:
1. Verify that your GitHub OAuth App requests the correct scopes
2. Check that users are granting permissions during the authorization flow
3. Ensure your OAuth App is not restricted or disabled
4. Verify the application has proper permissions set up
### Invalid client error
**Error message**: `invalid_client`
**Cause**: Incorrect Client ID or Client Secret.
**Solution**:
1. Double-check that you've copied the credentials correctly from GitHub
2. Ensure there are no extra spaces or characters in the credentials
3. Generate a new Client Secret if necessary
4. Verify you're using the correct OAuth App in GitHub
### Email not available error
**Error message**: Email not provided or scope missing
**Cause**: GitHub OAuth App not configured with `user:email` scope or user's email is private.
**Solution**:
1. Verify that your GitHub OAuth App requests the `user:email` scope
2. Check that users have public email addresses or have granted email access
3. Ensure the scope configuration matches what Palmr expects
4. Test with a GitHub account that has a public email address
---
## Security best practices
### Credential management
- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
- **Use environment variables**: Store sensitive configuration in environment variables, not config files
- **Monitor access logs**: Regularly review authentication logs for suspicious activity
### Scope and permission management
- **Minimal scopes**: Only request `user:email` scopes as required by Palmr
- **User consent**: Ensure users understand what permissions they're granting
- **Regular audits**: Review which users have connected their GitHub accounts
- **Access reviews**: Periodically check user access and remove inactive accounts
### Production considerations
- **Use HTTPS**: Always use HTTPS in production environments
- **Configure proper domains**: Use production domains in GitHub OAuth App
- **Test thoroughly**: Verify the complete authentication flow before going live
- **Plan for failures**: Have fallback authentication methods available
---
## Next steps
With GitHub authentication configured, you might want to:
- **Configure additional providers**: Set up other OIDC providers for more authentication options
- **Customize user management**: Fine-tune auto-registration and admin assignment rules
- **Review security settings**: Ensure your authentication setup meets your security requirements
- **Monitor usage**: Keep track of authentication patterns and user activity
For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
## Useful resources
- [GitHub OAuth Apps Documentation](https://docs.github.com/en/apps/oauth-apps)
- [GitHub OAuth Scopes](https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps)
- [GitHub Developer Settings](https://github.com/settings/developers)
- [GitHub API Documentation](https://docs.github.com/en/rest)

View File

@@ -0,0 +1,335 @@
---
title: Google
icon: Chrome
---
import { ZoomableImage } from "@/components/ui/zoomable-image";
Google is one of Palmr's officially supported OIDC providers, offering secure and reliable authentication through Google OAuth 2.0. This integration allows users to sign in to Palmr using their existing Google accounts, providing a seamless single sign-on experience.
<ZoomableImage src="/assets/v3/oidc/google/sign-in-with-google.png" alt="Sign in with Google" />
## Why use Google authentication?
Google authentication provides several advantages for both administrators and users:
- **Seamless login experience** - Users can access Palmr with their existing Google accounts
- **Enhanced security** - Leverage Google's robust security infrastructure and two-factor authentication
- **Reduced password fatigue** - No need to create and remember additional passwords
- **Enterprise integration** - Perfect for organizations already using Google Workspace
- **Automatic user provisioning** - New users are created automatically upon first login
---
## Prerequisites
Before configuring Google authentication, ensure you have:
- **Google Cloud Console access** - Ability to create and manage projects
- **Admin privileges in Palmr** - Required to configure OIDC settings
- **Domain ownership** - For production deployments with custom domains
> **Note:** Google is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
---
## Setting up Google Cloud Console
### Creating a Google Cloud project
To get started with Google authentication, you'll need to set up a project in Google Cloud Console.
1. **Navigate to Google Cloud Console**: Go to [console.cloud.google.com](https://console.cloud.google.com/)
<ZoomableImage src="/assets/v3/oidc/google/cloud-console-home.png" alt="Google Cloud Console Home" />
2. **Create or select a project**: Choose an existing project or create a new one for your Palmr installation
<ZoomableImage src="/assets/v3/oidc/google/select-project-modal.png" alt="Google Cloud Console Select Project Modal" />
3. **Enable the project**: Ensure the project is active and selected
### Configuring OAuth consent screen
The OAuth consent screen is what users see when they authenticate with Google.
1. **Access OAuth consent screen**: Navigate to **APIs & Services** > **OAuth consent screen**
<ZoomableImage
src="/assets/v3/oidc/google/oauth-consent-dropdown.png"
alt="Google Cloud Console OAuth Consent Dropdown"
/>
2. **Choose user type**:
- **Internal** - For Google Workspace organizations (users within your domain only)
- **External** - For public use (any Google user can authenticate)
<ZoomableImage src="/assets/v3/oidc/google/user-type-select.png" alt="Google Cloud Console User Type Select" />
3. **Fill required information**:
- **Application name**: Enter a descriptive name like "Palmr File Sharing"
- **User support email**: Provide a valid support email address
- **Developer contact information**: Add your contact email for Google communications
> **Tip:** For business use, choose "Internal" if you have Google Workspace. This restricts access to your organization's users and simplifies the approval process.
### Creating OAuth 2.0 credentials
Now you'll create the actual credentials that Palmr will use to authenticate with Google.
1. **Navigate to Credentials**: Go to **APIs & Services** > **Credentials**
<ZoomableImage src="/assets/v3/oidc/google/credentials-select.png" alt="Google Cloud Console Credentials select" />
2. **Create OAuth client**: Click **+ CREATE CREDENTIALS** > **OAuth client ID**
<ZoomableImage
src="/assets/v3/oidc/google/create-oauth-client-id.png"
alt="Google Cloud Console Create OAuth Client ID"
/>
3. **Select application type**: Choose **Web application**
<ZoomableImage src="/assets/v3/oidc/google/web-app-select.png" alt="Google Cloud Console Web App Select" />
4. **Configure authorized URIs and authorized redirect URIs**:
You'll need to configure several URLs in your Google Cloud Console credentials. Here's what to add for each environment:
### Authorized URIs
| Environment | URL |
| ----------- | ----------------------------- |
| Production | `https://yourdomain.com` |
| Development | `http://localhost:3000` |
| Custom Port | `https://yourdomain.com:5487` |
### Authorized Redirect URIs
| Environment | URL |
| ----------- | ---------------------------------------------------------------- |
| Production | `https://yourdomain.com/api/auth/providers/google/callback` |
| Development | `http://localhost:3000/api/auth/providers/google/callback` |
| Custom Port | `https://yourdomain.com:5487/api/auth/providers/google/callback` |
> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
<ZoomableImage src="/assets/v3/oidc/google/allowed-urls.png" alt="Google Cloud Console Allowed URLs" />
5. **Create and save credentials**: Click **Create** and copy both the **Client ID** and **Client Secret**
<ZoomableImage
src="/assets/v3/oidc/google/oauth-client-created.png"
alt="Google Cloud Console Client ID and Client Secret"
legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from Google Cloud Console."
/>
> **Important:** Replace `yourdomain.com` with your actual domain. You can add multiple URIs for different environments (development, staging, production).
---
## Configuring Palmr
### Accessing OIDC settings
To configure Google authentication in Palmr, you need administrator access to the settings panel.
1. **Login as administrator**: Sign in to Palmr with an admin account
2. **Access settings**: Click your profile picture in the header and select **Settings**
3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
### Enabling Google provider
Google comes pre-configured as an official provider, so the setup process is streamlined.
1. **Locate Google provider**: Find Google in the list of available providers
2. **Enable the provider**: Toggle the status to **Enabled**
<ZoomableImage src="/assets/v3/oidc/google/palmr-enabled-google.png" alt="Palmr Authentication Providers" />
After enabling the provider, click on the pen icon to configure the provider.
3. **Configure credentials**:
- **Client ID**: Paste the Client ID from Google Cloud Console
- **Client Secret**: Paste the Client Secret from Google Cloud Console
- **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`.
<ZoomableImage src="/assets/v3/oidc/google/edit-google.png" alt="Edit Google Provider" />
### Advanced configuration options
Configure additional settings to customize the authentication behavior:
**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
**Admin Email Domains**: Specify domains that should automatically receive admin privileges. For example, entering `yourcompany.com` will grant admin access to anyone with an email from that domain.
**Sort Order**: Control where the Google login button appears relative to other authentication providers.
**Icon**: you can choose the icon you want to use for the Google login button (default is `FcGoogle`).
<ZoomableImage src="/assets/v3/oidc/google/google-icon.png" alt="Google Icon" />
> **Security consideration:** Be cautious with auto-registration and admin domains. Only enable these if you trust the user base or have domain restrictions in place.
---
## Account linking
By default, if a user is already registered in Palmr with their Google email, they will be automatically linked to their Palmr account.
> **Note:** You can't disable account linking. If you want to unlink a user from their Google account, you need to delete the user from Palmr.
---
## Technical configuration
Google's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
```yaml
Provider Type: OAuth 2.0 with OIDC Discovery
Issuer URL: https://accounts.google.com
Authorization Endpoint: /o/oauth2/v2/auth
Token Endpoint: /o/oauth2/token
UserInfo Endpoint: https://www.googleapis.com/oauth2/v3/userinfo
Scopes: openid profile email
```
### Field mappings
Palmr automatically maps Google user information to local user accounts:
- **User ID**: Maps from Google's `sub` field
- **Email**: Maps from Google's `email` field
- **Full Name**: Maps from Google's `name` field
- **First Name**: Maps from Google's `given_name` field
- **Last Name**: Maps from Google's `family_name` field
- **Avatar**: Maps from Google's `picture` field
---
## Testing the configuration
### Verifying the setup
After configuring Google authentication, test the integration to ensure everything works correctly.
1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Google" button appears
2. **Test authentication flow**: Click the Google sign-in button and complete the authentication process
3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
### Login flow verification
The complete authentication process should work as follows:
1. **User clicks "Sign in with Google"**: The browser redirects to Google's authentication page
2. **User authenticates with Google**: User enters their Google credentials or confirms existing session
3. **Google redirects back to Palmr**: User returns to Palmr with authentication tokens
4. **Palmr creates or updates user**: User account is automatically managed based on your configuration
5. **User accesses Palmr**: User is logged in and can use all features according to their permissions
---
## Troubleshooting common issues
### Redirect URI mismatch error
**Error message**: `Error 400: redirect_uri_mismatch`
**Cause**: The redirect URI in your request doesn't match what's configured in Google Cloud Console.
**Solution**:
1. Check the exact URL in the error message
2. Add this exact URL to your Google Cloud Console credentials
3. Ensure you include the correct protocol (http/https) and port
4. Remove any trailing slashes unless they're in the error message
### Access denied error
**Error message**: `Error 403: access_denied`
**Cause**: User denied permissions or the OAuth consent screen isn't properly configured.
**Solution**:
1. Verify the OAuth consent screen is published (for External user type)
2. Check that required scopes are correctly configured
3. For Internal applications, ensure the user belongs to your Google Workspace organization
4. Review and simplify the permissions you're requesting
### Invalid client error
**Error message**: `Error 401: invalid_client`
**Cause**: Incorrect Client ID or Client Secret.
**Solution**:
1. Double-check that you've copied the credentials correctly from Google Cloud Console
2. Ensure there are no extra spaces or characters in the credentials
3. Regenerate credentials if necessary
4. Verify you're using the correct project in Google Cloud Console
### Discovery endpoint issues
**Cause**: Network connectivity problems or DNS resolution issues.
**Solution**:
1. Check server firewall and network connectivity
2. Verify DNS resolution from your server
3. Consider proxy or CDN configurations that might block the request
---
## Security best practices
### Credential management
- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
- **Rotate credentials regularly**: Generate new credentials periodically for enhanced security
- **Use environment variables**: Store sensitive configuration in environment variables, not config files
- **Monitor access logs**: Regularly review authentication logs for suspicious activity
### Domain and user restrictions
- **Limit admin domains**: Only add trusted domains to the admin list
- **Review auto-registration**: Consider disabling auto-registration if you need manual user approval
- **Use Internal OAuth**: For organizations with Google Workspace, use Internal OAuth consent screen
- **Regular access reviews**: Periodically review user access and remove inactive accounts
### Production considerations
- **Use HTTPS**: Always use HTTPS in production environments
- **Configure proper domains**: Use production domains in Google Cloud Console
- **Test thoroughly**: Verify the complete authentication flow before going live
- **Plan for failures**: Have fallback authentication methods available
---
## Next steps
With Google authentication configured, you might want to:
- **Configure additional providers**: Set up other OIDC providers for more authentication options
- **Customize user management**: Fine-tune auto-registration and admin assignment rules
- **Review security settings**: Ensure your authentication setup meets your security requirements
- **Monitor usage**: Keep track of authentication patterns and user activity
For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
## Useful resources
- [Google Identity Platform Documentation](https://developers.google.com/identity)
- [OAuth 2.0 for Web Server Applications](https://developers.google.com/identity/protocols/oauth2/web-server)
- [OpenID Connect](https://developers.google.com/identity/protocols/oauth2/openid-connect)
- [Google Cloud Console](https://console.cloud.google.com/apis/credentials)

View File

@@ -0,0 +1,86 @@
---
title: Introduction
icon: IdCard
---
import { ZoomableImage } from "@/components/ui/zoomable-image";
Palmr supports OpenID Connect (OIDC) authentication, allowing users to sign in using external identity providers such as Google, Zitadel, Auth0, and other OIDC-compliant services. This feature provides seamless single sign-on (SSO) capabilities and centralized user management.
OIDC authentication in Palmr is built using the industry-standard OpenID Connect protocol. The implementation supports automatic user provisioning, and flexible configuration options.
## Why use OIDC authentication?
OIDC authentication provides several advantages for organizations and users:
**Centralized Authentication**: Users can authenticate using their existing organizational credentials without creating separate accounts for Palmr.
**Enhanced Security**: OIDC provides robust security features including token-based authentication, PKCE flow, and standardized protocols.
**Single Sign-On**: Users can access Palmr. seamlessly if they're already authenticated with their identity provider.
**User Management**: Administrators can manage user access centrally through their existing identity provider.
**Compliance**: OIDC helps meet organizational security and compliance requirements by leveraging existing identity infrastructure.
---
## Prerequisites
Before configuring OIDC authentication, ensure you have:
- **Administrative Access**: ADMIN privileges in Palmr. to configure OIDC settings
- **Identity Provider**: An OIDC-compliant identity provider (Google, Zitadel, Auth0, etc.)
- **Application Registration**: Your Palmr. application registered with your identity provider
- **OIDC Credentials**: Client ID, Client Secret, and Issuer URL from your identity provider
### Supported identity providers
Palmr's OIDC implementation is compatible with any OpenID Connect compliant provider, including as official providers:
- **[Google](/docs/3.2-beta/oidc-authentication/google)**
- **[Discord](/docs/3.2-beta/oidc-authentication/discord)**
- **[Github](/docs/3.2-beta/oidc-authentication/github)**
- **[Zitadel](/docs/3.2-beta/oidc-authentication/zitadel)**
- **[Auth0](/docs/3.2-beta/oidc-authentication/auth0)**
- **[Authentik](/docs/3.2-beta/oidc-authentication/authentik)**
- **[Frontegg](/docs/3.2-beta/oidc-authentication/frontegg)**
- **[Kinde Auth](/docs/3.2-beta/oidc-authentication/kinde-auth)**
Although these are the official providers (internally tested with 100% success), you can connect any OIDC provider by providing your credentials and connection URL. We've developed a practical way to integrate virtually all OIDC providers available in the market. In this documentation, you can consult how to configure each of the official providers, as well as include other providers not listed as official. Just below, you will find instructions on how to access the OIDC provider configuration. For specific details about configuring each provider, select the desired option in the sidebar, in the "OIDC Authentication" section.
<ZoomableImage
src="/assets/v3/oidc/all-providers.png"
alt="All OIDC Providers"
legend="You can use how many providers you want, but we recommend using at least 2 providers to ensure the best user experience."
/>
---
## Configuring OIDC settings
OIDC configuration is managed through Palmr's administrative settings panel, accessible only to users with ADMIN privileges.
### Accessing OIDC configuration
To configure OIDC authentication:
1. **Access Settings**: Click on your profile picture in the header and select **Settings**
2. **Navigate to Authentication**: Find the **Authentication Providers** configuration section
3. **Enable OIDC**: Toggle the OIDC authentication option to enable it
> **Note:** Consult the documentation of each provider to configure it.
<ZoomableImage
src="/assets/v3/oidc/auth-providers.png"
alt="OIDC Settings"
legend="Consult the documentation of each provider to configure it."
/>
---
## Next steps
Select one of the cards below to continue configuring your authentication provider.
<OIDCProviderCards />

View File

@@ -0,0 +1,369 @@
---
title: Kinde Auth
icon: Users
---
import { ZoomableImage } from "@/components/ui/zoomable-image";
Kinde Auth is one of Palmr's officially supported OIDC providers, offering modern authentication through Kinde's developer-friendly identity platform. This integration allows users to sign in to Palmr using Kinde's comprehensive authentication system, making it perfect for developers, startups, and organizations that need a modern, scalable authentication solution with excellent developer experience.
<ZoomableImage src="/assets/v3/oidc/kinde/sign-in-with-kinde.png" alt="Sign in with Kinde" />
## Why use Kinde Auth authentication?
Kinde Auth authentication provides several advantages for modern applications and development teams:
- **Developer-first experience** - Clean APIs, comprehensive SDKs, and excellent documentation
- **Modern authentication** - Built with modern web standards and best practices
- **Scalable infrastructure** - Enterprise-grade reliability with startup-friendly pricing
- **Compliance ready** - Built-in compliance with GDPR, SOC 2, and other standards
- **Advanced features** - Multi-factor authentication, social logins, and custom branding
---
## Prerequisites
Before configuring Kinde Auth authentication, ensure you have:
- **Kinde account** - Ability to create applications and manage tenants
- **Admin privileges in Palmr** - Required to configure OIDC settings
- **Domain configuration** - For production deployments with custom domains
> **Note:** Kinde Auth is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
---
## Setting up Kinde Auth Application
### Creating a Kinde application
To get started with Kinde Auth authentication, you'll need to create an application in your Kinde Dashboard.
1. **Navigate to Kinde Dashboard**: Go to [your-tenant.kinde.com/admin](https://your-tenant.kinde.com/admin)
<ZoomableImage src="/assets/v3/oidc/kinde/kinde-dashboard.png" alt="Kinde Dashboard" />
2. **Create new application**: Click **"Add application"** button in the center of the page.
3. **Select application type**: Choose **"Back-end web"** for web-based Palmr instances
4. **Enter application details**:
- **Name**: Enter a descriptive name like "Palmr File Sharing"
<ZoomableImage src="/assets/v3/oidc/kinde/application-type.png" alt="Kinde Application Type Selection" />
5. **Create application**: Click **"Save"** to generate your Kinde application
### Configuring application settings
After creating your application, you'll be redirected to the application page.
<ZoomableImage src="/assets/v3/oidc/kinde/application-page.png" alt="Kinde Application Page" />
Click on the **"Details"** tab on the sidebar to configure the application settings and get the OAuth credentials.
<ZoomableImage
src="/assets/v3/oidc/kinde/application-details.png"
alt="Kinde Application Details"
legend="This is a fake application, you have to use your own."
/>
### Getting OAuth credentials
Now you'll get the credentials that Palmr will use to authenticate with Kinde.
1. **Copy Domain**: Note your Kinde domain (e.g., `your-tenant.kinde.com`)
2. **Copy Client ID**: The Client ID is displayed in the **"Client ID"** field
3. **Copy Client Secret**: The Client Secret is displayed in the **"Client secret"** field
<ZoomableImage
src="/assets/v3/oidc/kinde/oauth-credentials.png"
alt="Kinde OAuth Credentials"
legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from Kinde."
/>
4. **Save credentials**: Copy the **Domain**, **Client ID**, and **Client Secret** for later use
> **Note:** For now you only need this configuration, you can come back here later to configure the application as you want.
###**Configure application URLs**:
You'll need to configure several URLs in your Kinde application settings. Here's what to add for each environment:
#### Allowed callback URLs
| Environment | URL |
| ----------- | --------------------------------------------------------------- |
| Production | `https://yourdomain.com/api/auth/providers/kinde/callback` |
| Development | `http://localhost:3000/api/auth/providers/kinde/callback` |
| Custom Port | `https://yourdomain.com:5487/api/auth/providers/kinde/callback` |
#### Application homepage URI
| Environment | URL |
| ----------- | ----------------------------- |
| Production | `https://yourdomain.com` |
| Development | `http://localhost:3000` |
| Custom Port | `https://yourdomain.com:5487` |
#### Application login URI
| Environment | URL |
| ----------- | ----------------------------------- |
| Production | `https://yourdomain.com/login` |
| Development | `http://localhost:3000/login` |
| Custom Port | `https://yourdomain.com:5487/login` |
#### Allowed logout redirect URLs
| Environment | URL |
| ----------- | ----------------------------- |
| Production | `https://yourdomain.com` |
| Development | `http://localhost:3000` |
| Custom Port | `https://yourdomain.com:5487` |
> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
<ZoomableImage
src="/assets/v3/oidc/kinde/config-urls.png"
alt="Kinde Application URLs Configuration"
legend="This is a fake application, you have to use your own."
/>
2. **Save changes**: Click **"Save"** on the top right corner to apply your configuration
---
## Configuring Palmr
### Accessing OIDC settings
To configure Kinde Auth authentication in Palmr, you need administrator access to the settings panel.
1. **Login as administrator**: Sign in to Palmr with an admin account
2. **Access settings**: Click your profile picture in the header and select **Settings**
3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
### Enabling Kinde Auth provider
Kinde Auth comes pre-configured as an official provider, so the setup process is streamlined.
1. **Locate Kinde Auth provider**: Find Kinde Auth in the list of available providers
2. **Enable the provider**: Toggle the status to **Enabled**
<ZoomableImage src="/assets/v3/oidc/kinde/enabled-kinde.png" alt="Palmr Kinde Auth Provider Enabled" />
After enabling the provider, click on the pen icon to configure the provider.
3. **Configure credentials**:
- **Provider URL**: Paste your Kinde domain (e.g., `https://your-tenant.kinde.com`)
- **Client ID**: Paste the Client ID from Kinde application
- **Client Secret**: Paste the Client Secret from Kinde application
- **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`. You don't need change this if you are not sure.
<ZoomableImage
src="/assets/v3/oidc/kinde/edit-kinde.png"
alt="Edit Kinde Auth Provider"
legend="This is a fake application, you have to use your own."
/>
### Advanced configuration options
Configure additional settings to customize the authentication behavior:
**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
**Sort Order**: Control where the Kinde Auth login button appears relative to other authentication providers.
**Icon**: you can choose the icon you want to use for the Kinde Auth login button (default is `FaKey`).
<ZoomableImage src="/assets/v3/oidc/kinde/kinde-icon.png" alt="Kinde Auth Icon" />
> **Developer tip:** Kinde Auth authentication works great for modern applications requiring excellent developer experience and scalable authentication infrastructure.
---
## Account linking
By default, if a user is already registered in Palmr with their Kinde Auth email, they will be automatically linked to their Palmr account.
> **Note:** You can't disable account linking. If you want to unlink a user from their Kinde Auth account, you need to delete the user from Palmr.
---
## Technical configuration
Kinde Auth's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
```yaml
Provider Type: OAuth 2.0 with OIDC Discovery
Issuer URL: https://your-tenant.kinde.com
Authorization Endpoint: /oauth2/auth
Token Endpoint: /oauth2/token
UserInfo Endpoint: /oauth2/user_profile
Scopes: openid profile email
```
### Field mappings
Palmr automatically maps Kinde Auth user information to local user accounts:
- **User ID**: Maps from Kinde's `id` field
- **Email**: Maps from Kinde's `preferred_email` field
- **Full Name**: Maps from Kinde's `first_name` and `last_name` fields
- **First Name**: Maps from Kinde's `first_name` field
- **Last Name**: Maps from Kinde's `last_name` field
- **Avatar**: Maps from Kinde's `picture` field
- **Username**: Maps from Kinde's `preferred_username` field
### Kinde Auth-specific features
- **Custom Claims**: Can include custom user metadata and app metadata
- **Social Logins**: Supports integration with various social providers
- **Multi-factor Authentication**: Supports Kinde's MFA features
- **Modern APIs**: Clean REST APIs and comprehensive SDKs
- **Developer Tools**: Excellent documentation and developer experience
---
## Testing the configuration
### Verifying the setup
After configuring Kinde Auth authentication, test the integration to ensure everything works correctly.
1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Kinde" button appears
2. **Test authentication flow**: Click the Kinde Auth sign-in button and complete the authentication process
3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
### Login flow verification
The complete authentication process should work as follows:
1. **User clicks "Sign in with Kinde"**: The browser redirects to Kinde's authorization page
2. **User authenticates**: User completes authentication through Kinde (login, MFA, etc.)
3. **Kinde redirects back to Palmr**: User returns to Palmr with authentication tokens
4. **Palmr creates or updates user**: User account is automatically managed with Kinde information
5. **User accesses Palmr**: User is logged in with their Kinde identity
---
## Troubleshooting common issues
### Redirect URI mismatch error
**Error message**: `invalid_redirect_uri`
**Cause**: The redirect URI in your request doesn't match what's configured in Kinde application.
**Solution**:
1. Check the exact URL in the error message
2. Add this exact URL to your Kinde application's redirect URIs
3. Ensure you include the correct protocol (http/https) and port
4. Remove any trailing slashes unless they're in the callback URL
### Access denied error
**Error message**: `access_denied`
**Cause**: User denied permissions or the application isn't properly configured.
**Solution**:
1. Verify that your Kinde application requests the correct scopes
2. Check that users are granting permissions during the authorization flow
3. Ensure your application is not restricted or disabled
4. Verify the application has proper permissions set up
### Invalid client error
**Error message**: `invalid_client`
**Cause**: Incorrect Client ID, Client Secret, or Domain.
**Solution**:
1. Double-check that you've copied the credentials correctly from Kinde
2. Ensure there are no extra spaces or characters in the credentials
3. Verify you're using the correct domain format (e.g., `your-tenant.kinde.com`)
4. Generate a new Client Secret if necessary
### Domain configuration issues
**Error message**: Domain not found or invalid
**Cause**: Incorrect Kinde domain or tenant configuration.
**Solution**:
1. Verify your Kinde domain is correct (e.g., `your-tenant.kinde.com`)
2. Check that your Kinde tenant is active and not suspended
3. Ensure you're using the correct region for your tenant
4. Verify DNS resolution for your Kinde domain
### Custom claims not available
**Cause**: Custom claims not properly configured in Kinde.
**Solution**:
1. Check Kinde custom claims configuration
2. Verify that custom claims are included in the ID token
3. Ensure the claims are properly formatted and accessible
4. Test with a user that has the expected custom claims
---
## Security best practices
### Credential management
- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
- **Use environment variables**: Store sensitive configuration in environment variables, not config files
- **Monitor access logs**: Regularly review authentication logs for suspicious activity
### Scope and permission management
- **Minimal scopes**: Only request `openid`, `profile`, and `email` scopes as required by Palmr
- **User consent**: Ensure users understand what permissions they're granting
- **Regular audits**: Review which users have connected their Kinde Auth accounts
- **Access reviews**: Periodically check user access and remove inactive accounts
### Production considerations
- **Use HTTPS**: Always use HTTPS in production environments
- **Configure proper domains**: Use production domains in Kinde application settings
- **Test thoroughly**: Verify the complete authentication flow before going live
- **Plan for failures**: Have fallback authentication methods available
---
## Next steps
With Kinde Auth authentication configured, you might want to:
- **Configure additional providers**: Set up other OIDC providers for more authentication options
- **Customize user management**: Fine-tune auto-registration and admin assignment rules
- **Review security settings**: Ensure your authentication setup meets your security requirements
- **Monitor usage**: Keep track of authentication patterns and user activity
For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
## Useful resources
- [Kinde Documentation](https://kinde.com/docs)
- [Kinde OAuth 2.0 Guide](https://kinde.com/docs/developer-tools/oauth2)
- [Kinde OpenID Connect](https://kinde.com/docs/developer-tools/openid-connect)
- [Kinde Dashboard](https://app.kinde.com)

View File

@@ -0,0 +1,18 @@
{
"defaultOpen": false,
"icon": "Key",
"pages": [
"index",
"google",
"discord",
"github",
"zitadel",
"auth0",
"authentik",
"frontegg",
"kinde-auth",
"pocket-id",
"other"
],
"title": "OIDC Authentication"
}

View File

@@ -0,0 +1,467 @@
---
title: Other Providers
icon: Settings
---
import { ZoomableImage } from "@/components/ui/zoomable-image";
Palmr supports custom OIDC (OpenID Connect) and OAuth 2.0 providers, allowing you to integrate with any identity provider that follows these standards. This flexibility enables organizations to use their existing identity infrastructure, whether it's a custom authentication system, enterprise SSO solution, or any other OIDC-compliant provider.
<ZoomableImage src="/assets/v3/oidc/custom/custom-provider-login.png" alt="Custom OIDC Providers" />
## Why use custom OIDC providers?
Custom OIDC providers offer several advantages for organizations with specific authentication requirements:
- **Flexibility** - Integrate with any OIDC-compliant identity provider
- **Enterprise integration** - Connect with existing enterprise SSO systems
- **Custom authentication flows** - Support for specialized authentication requirements
- **No vendor lock-in** - Use your preferred identity provider
- **Compliance** - Meet specific security and compliance requirements
---
## Prerequisites
Before configuring a custom OIDC provider, ensure you have:
- **OIDC/OAuth 2.0 provider** - A working identity provider that supports OIDC or OAuth 2.0
- **Admin privileges in Palmr** - Required to configure authentication settings
- **Provider documentation** - Access to your provider's OIDC configuration details
> **Note:** The configuration process requires technical knowledge of OIDC/OAuth 2.0 standards. You'll need to obtain the necessary credentials and endpoints from your identity provider.
---
## Understanding OIDC Configuration
### Configuration Methods
Palmr supports two methods for configuring custom providers:
#### 1. Auto Discovery
For providers that support OIDC Discovery, Palmr can automatically discover the required endpoints using the issuer URL.
**Requirements:**
- Provider must support OIDC Discovery
- Issuer URL must be accessible
- Provider must expose a `.well-known/openid_configuration` endpoint
#### 2. Manual Endpoint Configuration (Recommended)
For providers that don't support OIDC Discovery or require custom endpoints.
**Required endpoints:**
- Authorization endpoint
- Token endpoint
- User info endpoint
### Required Information
You'll need the following information from your identity provider:
- **Provider URL/Issuer URL** - The base URL of your identity provider
- **Client ID** - The OAuth client identifier
- **Client Secret** - The OAuth client secret
- **Scopes** - The OAuth scopes required for authentication
- **Endpoints** (if using manual configuration):
- Authorization endpoint
- Token endpoint
- User info endpoint
---
## Configuring Palmr
### Accessing Authentication Settings
To configure a custom OIDC provider in Palmr, you need administrator access to the settings panel.
1. **Login as administrator**: Sign in to Palmr with an admin account
2. **Access settings**: Click your profile picture in the header and select **Settings**
3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
### Adding a Custom Provider
1. **Add new provider**: Click the **"Add Provider"** button in the Authentication Providers section
<ZoomableImage src="/assets/v3/oidc/custom/add-provider.png" alt="Add Provider" />
2. **Configure basic information**:
- **Provider Name**: Enter a unique identifier (e.g., `custom-provider`)
- **Display Name**: Enter the name users will see (e.g., `Custom SSO`)
- **Type**: Select `OIDC` for OpenID Connect or `OAuth2` for OAuth 2.0
- **Icon**: Choose an appropriate icon for the login button
<ZoomableImage src="/assets/v3/oidc/custom/provider-basic-info.png" alt="Provider Basic Info" />
### Configuration Method Selection
Choose between auto discovery and manual endpoint configuration:
#### Auto Discovery Configuration
1. **Select Auto Discovery**: Choose the "Auto Discovery" option
2. **Provider URL**: Enter your identity provider's issuer URL (e.g., `https://your-provider.com`)
3. **Palmr will try to automatically discover**:
- Authorization endpoint
- Token endpoint
- User info endpoint
- Supported scopes
> **Note:** If the auto discovery fails, you can switch to manual endpoint configuration and fill the endpoints manually (recommended).
#### Manual Endpoint Configuration
1. **Select Manual Endpoints**: Choose the "Manual Endpoints" option
2. **Provider URL**: Enter your identity provider's base URL
3. **Configure endpoints**:
- **Authorization Endpoint**: The OAuth authorization endpoint
- **Token Endpoint**: The OAuth token endpoint
- **User Info Endpoint**: The user information endpoint
<ZoomableImage src="/assets/v3/oidc/custom/manual-endpoints.png" alt="Manual Endpoints" />
> **Note:** `User info endpoint` can be a full URL or a relative path. (e.g. `/userinfo` or `https://other-any-url.com/userinfo`)
> **Note:** `Token endpoint` and `Authorization endpoint` must be just the path. (e.g. `/oauth/token` or `/oauth/authorize`), Palmr will automatically add the base URL to the endpoints based on the `Provider URL` you provided.
### OAuth Credentials
Configure the OAuth credentials obtained from your identity provider:
1. **Client ID**: Enter the OAuth client identifier
2. **Client Secret**: Enter the OAuth client secret
3. **Scopes**: Configure the required OAuth scopes
**Common OIDC scopes:**
- `openid` - Required for OIDC
- `profile` - Access to user profile information
- `email` - Access to user email address
**Common OAuth 2.0 scopes:**
- `profile` - Access to user profile information
- `email` - Access to user email address
### Advanced Configuration
Configure additional settings to customize the authentication behavior:
**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
**Admin Email Domains**: Specify domains that should automatically receive admin privileges. For example, entering `yourcompany.com` will grant admin access to anyone with an email from that domain.
**Sort Order**: Control where the custom provider login button appears relative to other authentication providers.
---
## Callback URL Configuration
Palmr will display the required callback URL that you need to configure in your identity provider:
### Callback URL Format
```
https://yourdomain.com/api/auth/providers/{provider-name}/callback
```
### Environment-specific URLs
| Environment | Callback URL |
| ----------- | ------------------------------------------------------------------------- |
| Production | `https://yourdomain.com/api/auth/providers/custom-provider/callback` |
| Development | `http://localhost:3000/api/auth/providers/custom-provider/callback` |
| Custom Port | `https://yourdomain.com:5487/api/auth/providers/custom-provider/callback` |
> **Important:** Replace `yourdomain.com` with your actual domain and `custom-provider` with your actual provider name.
### Final Considerations
> **Note:** Don't forget enable your provider in the `Authentication Providers` section after add it.
After configuring your custom provider, it will be available in the `Authentication Providers` section.
<ZoomableImage src="/assets/v3/oidc/custom/enabled-provider.png" alt="Enabled Provider" />
---
## Testing the Configuration
### Verifying the Setup
After configuring your custom provider, test the integration to ensure everything works correctly.
1. **Check login page**: Navigate to your Palmr login page and verify your custom provider button appears
2. **Test authentication flow**: Click the custom provider sign-in button and complete the authentication process
3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
### Troubleshooting
Common issues and solutions:
**"Invalid redirect URI" error:**
- Verify the callback URL is correctly configured in your identity provider
- Ensure the provider name in the callback URL matches your configured provider name
**"Invalid client credentials" error:**
- Verify the Client ID and Client Secret are correct
- Ensure the credentials are for the correct application/environment
**"Invalid scope" error:**
- Verify the configured scopes are supported by your identity provider
- Check that required scopes (like `openid` for OIDC) are included
**"User info endpoint error":**
- Verify the user info endpoint URL is correct
- Ensure the endpoint returns the expected user information format
---
## Security Considerations
When configuring custom OIDC providers, consider the following security best practices:
### Credential Security
- **Secure storage**: Ensure Client Secrets are stored securely
- **Regular rotation**: Rotate Client Secrets periodically
- **Environment separation**: Use different credentials for development and production
### Provider Security
- **HTTPS only**: Ensure all endpoints use HTTPS in production
- **Valid certificates**: Verify SSL certificates are valid and trusted
- **Access controls**: Implement appropriate access controls on your identity provider
### Palmr Configuration
- **Admin access**: Restrict access to authentication settings to authorized administrators
- **Audit logging**: Monitor authentication events and user access
- **Regular testing**: Periodically test the authentication flow
---
## Account Linking
By default, if a user is already registered in Palmr with their email address, they will be automatically linked to their account when they authenticate through your custom provider.
> **Note:** You can't disable account linking. If you want to unlink a user from their custom provider account, you need to delete the user from Palmr.
---
## Technical Configuration
### OIDC Discovery
If your provider supports OIDC Discovery, Palmr will automatically fetch the configuration from:
```
{issuer-url}/.well-known/openid_configuration
```
This endpoint should return a JSON document containing:
```json
{
"authorization_endpoint": "https://your-provider.com/oauth/authorize",
"grant_types_supported": ["authorization_code"],
"issuer": "https://your-provider.com",
"response_types_supported": ["code"],
"scopes_supported": ["openid", "profile", "email"],
"token_endpoint": "https://your-provider.com/oauth/token",
"userinfo_endpoint": "https://your-provider.com/oauth/userinfo"
}
```
### Manual Configuration
For manual endpoint configuration, ensure your endpoints follow OAuth 2.0/OIDC standards:
- **Authorization Endpoint**: Handles user authentication and authorization
- **Token Endpoint**: Exchanges authorization codes for access tokens
- **User Info Endpoint**: Returns user information using the access token
---
## Support and Troubleshooting
If you encounter issues with your custom OIDC provider configuration:
1. **Check provider documentation**: Verify your configuration against your provider's documentation
2. **Review logs**: Check Palmr server logs for detailed error messages
3. **Test endpoints**: Verify all endpoints are accessible and return expected responses
4. **Community support**: Seek help from the Palmr community or your provider's support team
> **Note:** Custom provider configurations require technical expertise in OIDC/OAuth 2.0. Ensure you have access to your provider's technical documentation and support resources.
## Requesting Provider Support
If you've successfully configured a custom OIDC provider and would like to request it to be added as an officially supported provider in Palmr, you can open a detailed issue with all the necessary configuration information.
### Why Request Official Support?
Having your provider officially supported offers several benefits:
- **Easier setup** - Pre-configured providers require minimal configuration
- **Better documentation** - Official setup guides and troubleshooting
- **Community support** - Others can benefit from your configuration
- **Maintenance** - The Palmr team maintains and updates the provider
### Before Opening an Issue
Ensure you have:
- **Working configuration** - Your provider must be fully functional and tested
- **Complete documentation** - All setup steps and requirements documented
- **Provider information** - All necessary URLs, endpoints, and configuration details
- **Testing completed** - Thoroughly tested authentication flow and user management
### Issue Template
Use the following template when opening your issue. Copy and paste it, then fill in all the required information:
```markdown
## Provider Support Request: [Provider Name]
### Provider Information
**Provider Name:** [e.g., CustomOIDC, EnterpriseSSO, CompanyAuth]
**Provider Type:** [OIDC / OAuth 2.0]
**Provider Website:** [URL to provider's website]
**Provider Documentation:** [URL to OIDC/OAuth documentation]
### Configuration Details
#### Basic Information
- **Provider URL/Issuer:** `https://your-provider.com`
- **Client ID:** [Your OAuth client ID]
- **Client Secret:** [Your OAuth client secret]
- **Scopes:** `openid profile email` [List all required scopes]
#### Endpoints
- **Authorization Endpoint:** `/oauth/authorize` [or full URL if different]
- **Token Endpoint:** `/oauth/token` [or full URL if different]
- **User Info Endpoint:** `/oauth/userinfo` [or full URL if different]
- **Discovery Endpoint:** `/.well-known/openid_configuration` [if supported]
#### OIDC Discovery Information
**Does your provider support OIDC Discovery?** [Yes/No]
**Discovery URL:** `https://your-provider.com/.well-known/openid_configuration` [if yes]
### Setup Instructions
#### Prerequisites
- [List any required software, accounts, or permissions]
- [Any specific requirements for the provider]
#### Step-by-Step Configuration
1. [Detailed step 1]
2. [Detailed step 2]
3. [Detailed step 3]
4. [Continue with all necessary steps]
#### Palmr Configuration
**Provider Name:** `custom-provider` [suggested internal name]
**Display Name:** `Custom SSO` [name users will see]
**Icon:** [suggested icon or describe what icon to use]
### Testing Information
#### Tested Environments
- **Operating Systems:** [Windows, macOS, Linux, etc.]
- **Browsers:** [Chrome, Firefox, Safari, Edge, etc.]
- **Palmr Version:** [Version you tested with]
#### Authentication Flow
- [ ] User can successfully authenticate
- [ ] User account is created automatically (if enabled)
- [ ] Admin domain restrictions work correctly
- [ ] User profile information is retrieved correctly
- [ ] Account linking works with existing users
#### Known Issues
[List any known limitations, restrictions, or special considerations]
### Screenshots
**Provider Login Page:** [Screenshot of the provider's login page]
**Palmr Configuration:** [Screenshot of your Palmr provider configuration]
**Authentication Flow:** [Screenshots of the authentication process]
### Additional Information
#### Special Requirements
[Any special configuration requirements, custom headers, or unique settings]
#### Security Considerations
[Any security-specific requirements or recommendations]
#### Performance Notes
[Any performance implications or recommendations]
### Contact Information
**Your Name:** [Optional - for follow-up questions]
**Email:** [Optional - for follow-up questions]
**GitHub Username:** [Your GitHub username]
### Checklist
Before submitting this issue, please ensure:
- [ ] All required information is provided
- [ ] Configuration has been tested and works
- [ ] Screenshots are included (if applicable)
- [ ] Setup instructions are complete and accurate
- [ ] No sensitive information (like actual client secrets) is included
```
### What Happens Next?
1. **Issue Review** - The Palmr team will review your request
2. **Additional Questions** - You may be asked for more information
3. **Implementation** - If approved, the provider will be added to Palmr
4. **Documentation** - Official documentation will be created
5. **Release** - The provider will be available in the next release
### Tips for a Successful Request
- **Be thorough** - Include all necessary information
- **Test everything** - Ensure your configuration works completely
- **Provide screenshots** - Visual aids help with implementation
- **Document clearly** - Write clear, step-by-step instructions
- **Check existing providers** - Make sure your provider isn't already supported
### Need Help?
If you need assistance with your request:
- **Check existing issues** - Review other provider requests for examples
- **Join the community** - Participate in discussions and ask questions
- **Read the documentation** - Ensure you understand the OIDC/OAuth requirements

View File

@@ -0,0 +1,279 @@
---
title: Pocket ID
icon: IdCardLanyard
---
import { ZoomableImage } from "@/components/ui/zoomable-image";
Pocket ID is one of Palmr's officially supported OIDC providers, offering a robust and flexible identity management solution. This integration allows users to sign in to Palmr using Pocket ID's authentication system, making it perfect for organizations that need a self-hosted identity provider with OIDC support.
<ZoomableImage src="/assets/v3/oidc/pocket-id/sign-in-with-pocket-id.png" alt="Sign in with Pocket ID" />
## Why use Pocket ID authentication?
Pocket ID authentication provides several advantages for organizations seeking a self-hosted identity solution:
- **Self-hosted control** - Full control over your authentication infrastructure and data
- **OIDC compliance** - Standard OpenID Connect implementation for seamless integration
- **Flexible deployment** - Deploy on any infrastructure that suits your needs
- **Automatic discovery** - Supports OIDC discovery for streamlined configuration
- **Simple configuration** - Intuitive setup process with minimal complexity
- **Data sovereignty** - Keep all authentication data within your infrastructure
- **Cost-effective** - No per-user pricing, perfect for growing organizations
---
## Prerequisites
Before configuring Pocket ID authentication, ensure you have:
- **Pocket ID instance** - A running Pocket ID server accessible via HTTPS
- **Admin privileges in Palmr** - Required to configure OIDC settings
- **Domain configuration** - For production deployments with custom domains
> **Note:** Pocket ID is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
---
## Setting up Pocket ID Application
### Creating a Pocket ID application
To get started with Pocket ID authentication, you'll need to create an application in your Pocket ID admin interface.
1. **Navigate to Pocket ID Admin**: Go to your Pocket ID instance URL (e.g., `https://your-pocket-id.domain.com`)
<ZoomableImage src="/assets/v3/oidc/pocket-id/pocket-id-console.png" alt="Pocket ID Console" />
2. **Navigate to OIDC Clients**: Click **"OIDC Clients"** in the applications in the left sidebar, you will be redirected to the OIDC Clients page
<ZoomableImage src="/assets/v3/oidc/pocket-id/oidc-clients.png" alt="OIDC Clients" />
3. **Create a new OIDC Client**: Click **"Add OIDC Client"** button in the OIDC Clients page
<ZoomableImage src="/assets/v3/oidc/pocket-id/create-oidc-client-button.png" alt="Create OIDC Client Button" />
Configure the following settings:
- **Name**: "Palmr File Sharing" (or your preferred name)
- **Public Client**: "Diasabled"
- **PKCE**: "Disabled"
- **Logo**: "Upload a logo image"
<ZoomableImage src="/assets/v3/oidc/pocket-id/create-oidc-client.png" alt="Create OIDC Client" />
### Configuring application URLs
You'll need to configure several URLs in your Pocket ID application settings. Here's what to add for each environment:
### Redirect URIs
| Environment | URL |
| ----------- | ------------------------------------------------------------------ |
| Production | `https://yourdomain.com/api/auth/providers/pocketid/callback` |
| Development | `http://localhost:3000/api/auth/providers/pocketid/callback` |
| Custom Port | `https://yourdomain.com:5487/api/auth/providers/pocketid/callback` |
### Post Logout Redirect URIs
| Environment | URL |
| ----------- | ----------------------------- |
| Production | `https://yourdomain.com` |
| Development | `http://localhost:3000` |
| Custom Port | `https://yourdomain.com:5487` |
> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
<ZoomableImage src="/assets/v3/oidc/pocket-id/config-urls.png" alt="Pocket ID Application URLs Configuration" />
### Getting OAuth credentials
After creating your application, you'll receive your OAuth credentials:
<ZoomableImage
src="/assets/v3/oidc/pocket-id/credentials.png"
alt="Pocket ID OAuth Credentials"
legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from Pocket ID."
/>
Save these credentials securely - you'll need them to configure Palmr:
- Client ID
- Client Secret
- Provider URL (your Pocket ID instance URL)
---
## Configuring Palmr
### Accessing OIDC settings
To configure Pocket ID authentication in Palmr:
1. **Login as administrator**: Sign in to Palmr with an admin account
2. **Access settings**: Click your profile picture in the header and select **Settings**
3. **Navigate to authentication**: Find and click on the **Authentication Providers** section
<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
### Enabling Pocket ID provider
1. **Locate Pocket ID**: Find Pocket ID in the list of available providers
2. **Enable the provider**: Toggle the status to **Enabled**
<ZoomableImage src="/assets/v3/oidc/pocket-id/enabled-pocket-id.png" alt="Palmr Pocket ID Provider Enabled" />
3. **Configure credentials**:
- **Provider URL**: Your Pocket ID server URL (e.g., `https://auth.yourdomain.com`)
- **Client ID**: Paste the Client ID from your Pocket ID application
- **Client Secret**: Paste the Client Secret from your Pocket ID application
<ZoomableImage
src="/assets/v3/oidc/pocket-id/edit-pocket-id.png"
alt="Edit Pocket ID Provider"
legend="This is a fake application, you have to use your own credentials."
/>
### Advanced configuration options
Configure additional settings to customize the authentication behavior:
**Auto Registration**: Enable to automatically create user accounts when someone authenticates for the first time.
**Sort Order**: Control where the Pocket ID login button appears relative to other authentication providers.
**Icon**: Choose a custom icon for the Pocket ID login button (default is `Key`).
<ZoomableImage src="/assets/v3/oidc/pocket-id/pocket-id-icon.png" alt="Pocket ID Icon" />
---
## Account linking
By default, if a user is already registered in Palmr with their Pocket ID email, they will be automatically linked to their Palmr account.
> **Note:** You can't disable account linking. If you want to unlink a user from their Pocket ID account, you need to delete the user from Palmr.
---
## Technical configuration
Pocket ID's technical configuration is handled automatically through OIDC discovery, but understanding the setup can help with troubleshooting:
```yaml
Provider Type: OAuth 2.0 with OIDC Discovery
Issuer URL: https://your-pocket-id.domain.com
Authorization Endpoint: /authorize
Token Endpoint: /api/oidc/token
UserInfo Endpoint: /api/oidc/userinfo
Scopes: openid profile email
```
### Field mappings
Palmr automatically maps Pocket ID user information to local user accounts:
- **User ID**: Maps from Pocket ID's `sub` field
- **Email**: Maps from Pocket ID's `email` field
- **Name**: Maps from Pocket ID's `name` field, falls back to `preferred_username`
- **First Name**: Maps from Pocket ID's `given_name` field
- **Last Name**: Maps from Pocket ID's `family_name` field
- **Avatar**: Maps from Pocket ID's `picture` field
---
## Testing the configuration
### Verifying the setup
After configuring Pocket ID authentication, test the integration:
1. **Check login page**: Verify the "Sign in with Pocket ID" button appears
2. **Test authentication flow**: Click the button and complete authentication
3. **Verify user creation**: Confirm new user account creation (if auto-registration is enabled)
### Login flow verification
The complete authentication process should work as follows:
1. User clicks "Sign in with Pocket ID"
2. User is redirected to Pocket ID login page
3. User authenticates with their credentials
4. Pocket ID redirects back to Palmr
5. Palmr creates or updates the user account
6. User gains access to Palmr
---
## Troubleshooting common issues
### Redirect URI mismatch
**Error**: `invalid_redirect_uri`
**Solution**:
1. Verify the exact callback URL in your Pocket ID application
2. Check for protocol mismatches (http vs https)
3. Ensure no trailing slashes unless specified
4. Add development URLs if testing locally
### Authentication failures
**Error**: `access_denied` or `unauthorized_client`
**Solution**:
1. Verify Client ID and Secret are correct
2. Check if the application is enabled in Pocket ID
3. Ensure required scopes are configured
4. Verify the user has necessary permissions
### Discovery endpoint issues
**Error**: Cannot fetch OIDC configuration
**Solution**:
1. Verify your Pocket ID server is accessible
2. Check if the discovery endpoint (`/.well-known/openid-configuration`) is available
3. Ensure SSL certificates are valid
4. Check network connectivity and firewall rules
---
## Security best practices
### Credential management
- **Secure storage**: Keep Client Secret secure and never commit to version control
- **Regular rotation**: Periodically rotate Client Secret
- **Environment variables**: Store credentials in environment variables
- **Access monitoring**: Regular review of authentication logs
### Production considerations
- **HTTPS required**: Always use HTTPS in production
- **Valid certificates**: Ensure SSL certificates are valid
- **Regular updates**: Keep Pocket ID server updated
- **Backup strategy**: Regular backups of Pocket ID configuration
---
## Next steps
After configuring Pocket ID authentication:
- **Monitor usage**: Track authentication patterns
- **Configure MFA**: Set up multi-factor authentication if needed
- **User management**: Review auto-registration settings
- **Backup verification**: Test backup and restore procedures
For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
## Useful resources
- [Pocket ID Documentation](https://docs.pocket-id.org)
- [OIDC Specification](https://openid.net/specs/openid-connect-core-1_0.html)
- [Palmr OIDC Overview](/docs/3.2-beta/oidc-authentication)

View File

@@ -0,0 +1,423 @@
---
title: Zitadel
icon: Shield
---
import { ZoomableImage } from "@/components/ui/zoomable-image";
Zitadel is one of Palmr's officially supported OIDC providers, offering enterprise-grade authentication through Zitadel's identity platform. This integration allows users to sign in to Palmr using Zitadel's comprehensive authentication system, making it perfect for enterprise organizations, applications requiring advanced security features, and teams that need centralized identity management with both cloud and self-hosted deployment options.
<ZoomableImage src="/assets/v3/oidc/zitadel/sign-in-with-zitadel.png" alt="Sign in with Zitadel" />
## Why use Zitadel authentication?
Zitadel authentication provides several advantages for enterprise and security-focused organizations:
- **Enterprise-grade security** - Advanced security features like MFA, adaptive authentication, and threat detection
- **Flexible deployment** - Choose between cloud-hosted or self-hosted deployment options
- **Centralized identity management** - Single platform to manage users across multiple applications
- **Compliance ready** - Built-in compliance with GDPR, SOC 2, and other enterprise standards
- **Advanced customization** - Actions, flows, and custom branding capabilities
---
## Prerequisites
Before configuring Zitadel authentication, ensure you have:
- **Zitadel instance** - Either cloud-hosted or self-hosted Zitadel installation
- **Admin privileges in Palmr** - Required to configure OIDC settings
- **Domain configuration** - For production deployments with custom domains
> **Note:** Zitadel is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
---
## Setting up Zitadel Application
### Creating a Zitadel application
To get started with Zitadel authentication, you'll need to create an application in your Zitadel Console.
1. **Navigate to Zitadel Console**: Go to your Zitadel instance URL (e.g., `your-instance.zitadel.cloud` for cloud or `your self-hosted URL`)
<ZoomableImage src="/assets/v3/oidc/zitadel/zitadel-console.png" alt="Zitadel Console" />
2. **Create new application**: Click **"Create Application"** button in the home screen.
3. **Enter application details**:
- Enter a descriptive name like "Palmr File Sharing" for your project, ou select an existing project.
- Select Framework: Select "`Other (OIDC, SAML, API)`"
<ZoomableImage src="/assets/v3/oidc/zitadel/create-application.png" alt="Zitadel Create Application" />
4. **Create application**: Click **"Create"** to generate your Zitadel application
After creating your application, you'll be redirected to the application configuration page step-by-step. in this page you can configure your application.
### Configuring application settings
5. **Select application type**: in the first step:
- Choose **"Web"** for web-based Palmr instances
- Add a descriptive name for your application (e.g. "Palmr File Sharing")
<ZoomableImage
src="/assets/v3/oidc/zitadel/step-1.png"
alt="Zitadel Application Type Selection"
legend="This is a fake application, you have to use your own."
/>
click on **"Continue"** to advance to the next step.
6. **Select application type**: in the second step:
- Choose **"CODE"** for authentication method and click on **"Continue"** to advance to the next step.
<ZoomableImage
src="/assets/v3/oidc/zitadel/step-2.png"
alt="Zitadel Application Authentication Method Selection"
legend="This is a fake application, you have to use your own."
/>
7. **Configure application URLs**:
You'll need to configure several URLs in your Zitadel application settings. Here's what to add for each environment:
### Redirect URIs
| Environment | URL |
| ----------- | ----------------------------------------------------------------- |
| Production | `https://yourdomain.com/api/auth/providers/zitadel/callback` |
| Development | `http://localhost:3000/api/auth/providers/zitadel/callback` |
| Custom Port | `https://yourdomain.com:5487/api/auth/providers/zitadel/callback` |
### Post Logout Redirect URIs
| Environment | URL |
| ----------- | ----------------------------- |
| Production | `https://yourdomain.com` |
| Development | `http://localhost:3000` |
| Custom Port | `https://yourdomain.com:5487` |
> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
> **Note:** If you using http:// (not https://) in your redirect URIs, you need to enable `Development mode` switch.
> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
<ZoomableImage
src="/assets/v3/oidc/zitadel/config-urls.png"
alt="Zitadel Application URLs Configuration"
legend="This is a fake application, you have to use your own."
/>
Click on **"Continue"** to advance to the last step. That is just a summary of the configuration you have done.
8. **Save changes**: Click **"Save"** to apply your configuration
<ZoomableImage
src="/assets/v3/oidc/zitadel/config-overview.png"
alt="Zitadel Application Summary"
legend="This is a fake application, you have to use your own."
/>
You can click on **"Create"** to create your application.
### Getting OAuth credentials
After creating your application, a modal will appear with the credentials that Palmr will use to authenticate with Zitadel.
<ZoomableImage
src="/assets/v3/oidc/zitadel/credentials-modal.png"
alt="Zitadel OAuth Credentials"
legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from Zitadel."
/>
you can copy the credentials and save them in a safe place for later use.
### Final Zitadel configuration
**Confirm the Zitadel application configuration**:
After closing the modal, you'll be redirected to the Zitadel application page.
<ZoomableImage
src="/assets/v3/oidc/zitadel/application-page.png"
alt="Zitadel Application Page"
legend="This is a fake application, you have to use your own."
/>
Confirm the application configuration fields:
- **Application Type**: The Application Type has been set to **"Web"**
- **Response Type**: The Response Type has been set to **"Code"**
- **Authentication Method**: The Authentication Method has been set to **"Basic"**
- **Grant Types**: The Grant Types has been set to **"Authorization Code"**
- **Refresh Token**: The Refresh Token has been set to **"Disabled"**
You can edit the application configuration if you want to change something and click on **"Save"** to save the application configuration.
> **Note:** If you edit your client ID, you need to update the credentials that you saved in the previous step.
Select the **"Token Settings"** section in the side menu, you can configure the token settings for your application.
The default Auth Token Type is **"Bearer"** and you can change it to **"JWT"** and click on **"Save"** to save the token settings.
<ZoomableImage
src="/assets/v3/oidc/zitadel/token-settings.png"
alt="Zitadel Auth Token Settings"
legend="This is a fake application, you have to use your own."
/>
Click on **Redirect Settings** section in the side menu, you can configure the redirect settings for your application. Just confirm the previous URLs you have configured in the previous step. If you want to add more redirect URLs, you can add them by clicking on **"+"** button. If you need to edit the redirect URLs, you can edit them by clicking on the pen icon.
<ZoomableImage
src="/assets/v3/oidc/zitadel/redirect-settings-page.png"
alt="Zitadel Redirect Settings"
legend="This is a fake application, you have to use your own."
/>
The last step in Zitadel is grab your instance URL. You can find it clicking on the **"URLs"** in the side menu.
<ZoomableImage
src="/assets/v3/oidc/zitadel/urls-page.png"
alt="Zitadel Instance URL"
legend="This is a fake application, you have to use your own."
/>
You dont need copy the complete URL, just the domain name and protocol and port if you are using a custom port.
For example: `https://palmr-zaxijp.us1.zitadel.cloud` (image bellow case) or `https://zitadel.yourdomain.com` or `https://zitadel.yourdomain.com:5487` if you are using a custom port.
> **Note:** In Zitadel we finish the configuration. Let's go to Palmr to configure the provider. Remember you need `Client ID`, `Client Secret` and `Instance URL` to configure the provider in Palmr.
---
## Configuring Palmr
### Accessing OIDC settings
To configure Zitadel authentication in Palmr, you need administrator access to the settings panel.
1. **Login as administrator**: Sign in to Palmr with an admin account
2. **Access settings**: Click your profile picture in the header and select **Settings**
3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
### Enabling Zitadel provider
Zitadel comes pre-configured as an official provider, so the setup process is streamlined.
1. **Locate Zitadel provider**: Find Zitadel in the list of available providers
2. **Enable the provider**: Toggle the status to **Enabled**
<ZoomableImage src="/assets/v3/oidc/zitadel/enabled-zitadel.png" alt="Palmr Zitadel Provider Enabled" />
After enabling the provider, click on the pen icon to configure the provider.
3. **Configure credentials**:
- **Provider URL**: Paste your Zitadel instance URL (e.g., `https://your-instance.zitadel.cloud`)
- **Client ID**: Paste the Client ID from Zitadel application
- **Client Secret**: Paste the Client Secret from Zitadel application
- **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`. You don't need change this if you are not sure.
<ZoomableImage
src="/assets/v3/oidc/zitadel/edit-zitadel.png"
alt="Edit Zitadel Provider"
legend="This is a fake application, you have to use your own."
/>
### Advanced configuration options
Configure additional settings to customize the authentication behavior:
**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
**Sort Order**: Control where the Zitadel login button appears relative to other authentication providers.
**Icon**: you can choose the icon you want to use for the Zitadel login button (default is `FaShieldAlt`).
<ZoomableImage src="/assets/v3/oidc/zitadel/zitadel-icon.png" alt="Zitadel Icon" />
> **Enterprise tip:** Zitadel authentication works great for enterprise organizations requiring advanced security features and centralized identity management with deployment flexibility.
---
## Account linking
By default, if a user is already registered in Palmr with their Zitadel email, they will be automatically linked to their Palmr account.
> **Note:** You can't disable account linking. If you want to unlink a user from their Zitadel account, you need to delete the user from Palmr.
---
## Technical configuration
Zitadel's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
```yaml
Provider Type: OAuth 2.0 with OIDC Discovery
Issuer URL: https://your-instance.zitadel.cloud
Authorization Endpoint: /oauth/v2/authorize
Token Endpoint: /oauth/v2/token
UserInfo Endpoint: /oidc/v1/userinfo
Scopes: openid profile email
```
### Field mappings
Palmr automatically maps Zitadel user information to local user accounts:
- **User ID**: Maps from Zitadel's `sub` field
- **Email**: Maps from Zitadel's `email` field
- **Full Name**: Maps from Zitadel's `name` field
- **First Name**: Maps from Zitadel's `given_name` field
- **Last Name**: Maps from Zitadel's `family_name` field
- **Avatar**: Maps from Zitadel's `picture` field
- **Username**: Maps from Zitadel's `preferred_username` field
### Zitadel-specific features
- **Custom Claims**: Can include custom user metadata and app metadata
- **Actions Support**: Can customize authentication flow with custom actions
- **Multi-factor Authentication**: Supports Zitadel's MFA features
- **Enterprise SSO**: Integrates with SAML, LDAP, and other enterprise systems
- **Self-hosted Support**: Full functionality with self-hosted Zitadel instances
---
## Testing the configuration
### Verifying the setup
After configuring Zitadel authentication, test the integration to ensure everything works correctly.
1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Zitadel" button appears
2. **Test authentication flow**: Click the Zitadel sign-in button and complete the authentication process
3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
### Login flow verification
The complete authentication process should work as follows:
1. **User clicks "Sign in with Zitadel"**: The browser redirects to Zitadel's authorization page
2. **User authenticates**: User completes authentication through Zitadel (login, MFA, etc.)
3. **Zitadel redirects back to Palmr**: User returns to Palmr with authentication tokens
4. **Palmr creates or updates user**: User account is automatically managed with Zitadel information
5. **User accesses Palmr**: User is logged in with their Zitadel identity
---
## Troubleshooting common issues
### Redirect URI mismatch error
**Error message**: `invalid_redirect_uri`
**Cause**: The redirect URI in your request doesn't match what's configured in Zitadel application.
**Solution**:
1. Check the exact URL in the error message
2. Add this exact URL to your Zitadel application's redirect URIs
3. Ensure you include the correct protocol (http/https) and port
4. Remove any trailing slashes unless they're in the callback URL
### Access denied error
**Error message**: `access_denied`
**Cause**: User denied permissions or the application isn't properly configured.
**Solution**:
1. Verify that your Zitadel application requests the correct scopes
2. Check that users are granting permissions during the authorization flow
3. Ensure your application is not restricted or disabled
4. Verify the application has proper permissions set up
### Invalid client error
**Error message**: `invalid_client`
**Cause**: Incorrect Client ID, Client Secret, or Instance URL.
**Solution**:
1. Double-check that you've copied the credentials correctly from Zitadel
2. Ensure there are no extra spaces or characters in the credentials
3. Verify you're using the correct instance URL format
4. Generate a new Client Secret if necessary
### Instance URL configuration issues
**Error message**: Instance not found or invalid
**Cause**: Incorrect Zitadel instance URL or instance configuration.
**Solution**:
1. Verify your Zitadel instance URL is correct
2. Check that your Zitadel instance is active and accessible
3. Ensure you're using the correct protocol (https://)
4. Verify DNS resolution for your Zitadel instance
### Self-hosted connectivity issues
**Cause**: Network connectivity problems with self-hosted Zitadel instance.
**Solution**:
1. Check server firewall and network connectivity
2. Verify DNS resolution from your server to the Zitadel instance
3. Ensure the Zitadel instance is properly configured and running
4. Check SSL certificate validity for the Zitadel instance
---
## Security best practices
### Credential management
- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
- **Use environment variables**: Store sensitive configuration in environment variables, not config files
- **Monitor access logs**: Regularly review authentication logs for suspicious activity
### Scope and permission management
- **Minimal scopes**: Only request `openid`, `profile`, and `email` scopes as required by Palmr
- **User consent**: Ensure users understand what permissions they're granting
- **Regular audits**: Review which users have connected their Zitadel accounts
- **Access reviews**: Periodically check user access and remove inactive accounts
### Production considerations
- **Use HTTPS**: Always use HTTPS in production environments
- **Configure proper domains**: Use production domains in Zitadel application settings
- **Test thoroughly**: Verify the complete authentication flow before going live
- **Plan for failures**: Have fallback authentication methods available
---
## Next steps
With Zitadel authentication configured, you might want to:
- **Configure additional providers**: Set up other OIDC providers for more authentication options
- **Customize user management**: Fine-tune auto-registration and admin assignment rules
- **Review security settings**: Ensure your authentication setup meets your security requirements
- **Monitor usage**: Keep track of authentication patterns and user activity
For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.2-beta/oidc-authentication).
## Useful resources
- [Zitadel Documentation](https://zitadel.com/docs)
- [Zitadel OAuth 2.0 Guide](https://zitadel.com/docs/apis/openidoauth)
- [Zitadel OpenID Connect](https://zitadel.com/docs/apis/openidoauth/oidc)
- [Zitadel Console](https://cloud.zitadel.com)

View File

@@ -0,0 +1,333 @@
---
title: How to Open an Issue
icon: Ticket
---
## Introduction
Opening an issue on GitHub is an essential way to report bugs, request features, or ask questions about a project. This guide walks you through the process of creating an issue for the **Palmr** project on GitHub.
Issues serve as a vital communication tool in open source development, helping track bugs, feature requests, and general questions. They create a transparent record of project discussions and improvements, fostering collaboration between users and maintainers.
Whether you've discovered a bug that needs fixing, have an idea for a new feature, or need clarification about functionality, creating an issue is the first step to getting your voice heard and contributing to the project's improvement.
---
## GitHub account requirements
Before you can open an issue, you'll need to be logged into your GitHub account. If you don't have an account yet, creating one is free and provides access to the entire GitHub ecosystem.
### Account benefits
Having a GitHub account allows you to:
- Create and manage issues across all repositories
- Comment on existing issues and participate in discussions
- Receive notifications about updates and responses
- Collaborate with developers and maintainers
- Track your contributions and engagement history
### Getting started
If you need to create an account:
1. Visit [GitHub's signup page](https://github.com/signup)
2. Complete the registration process
3. Verify your email address
4. Log in to your new account
Make sure you're logged in before proceeding to the next steps.
---
## Accessing the repository
There are several convenient ways to access the Palmr repository and begin the issue creation process.
### Direct access
The quickest method is to visit the repository directly: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr)
### Alternative access methods
You can also find the repository through:
**GitHub Search**:
- Click the search bar at the top of any GitHub page
- Type "Palmr" or "kyantech/Palmr" for more specific results
- Look for the repository owned by **Kyantech**
- Click on the repository name to access it
**Organization Profile**:
- Visit [Kyantech's GitHub profile](https://github.com/kyantech)
- Navigate to the "Repositories" tab
- Find and click on "Palmr" in the repository list
### Repository verification
When accessing the repository, verify you're in the correct location by checking:
- The repository owner is **kyantech**
- The repository name is **Palmr**
- The description matches the project you're looking for
- Recent activity indicates an active project
---
## Navigating to issues
Once you're on the repository page, you'll need to access the issues section to create your new issue.
### Finding the issues tab
To access the issues section:
1. **Locate Navigation Bar**: Look at the navigation bar near the top of the repository page
2. **Find Issues Tab**: The **Issues** tab is typically located between "Code" and "Pull requests"
3. **Click Issues**: Click on the **Issues** tab to open the issues section
4. **Review Existing Issues**: You'll see a list of all existing issues, both open and closed
### Understanding the issues interface
The issues tab displays important information including:
- **Issue Count**: Number of open and closed issues
- **Labels and Categories**: Color-coded labels for organization
- **Issue Status**: Visual indicators for open/closed status
- **Recent Activity**: Timeline of recent issue updates
- **Assigned Contributors**: Who's working on specific issues
- **Search and Filter Options**: Tools to find specific issues
![Palmr Profile Menu](/assets/v1/developers/issues-tab.png)
---
## Creating a new issue
With the issues section open, you can now create your new issue to report a bug, request a feature, or ask a question.
### Initiating issue creation
To start creating your issue:
1. **Locate New Issue Button**: Look for the green **New Issue** button, typically on the right side of the issues page
2. **Click to Create**: Click the button to open the issue creation interface
3. **Select Template**: If multiple issue templates are available, choose the most appropriate one for your needs
4. **Review Requirements**: Take time to read through any template requirements or guidelines
### Pre-creation checklist
Before creating your issue, consider these important steps:
- **Search Existing Issues**: Check if your issue has already been reported to avoid duplicates
- **Review Guidelines**: Read any contribution guidelines or issue templates provided
- **Gather Information**: Collect all necessary details, screenshots, or error messages
- **Consider Labels**: Think about which labels might be appropriate for your issue
- **Reference Related Items**: Note any related issues or pull requests that might be relevant
### Best practices for issue creation
- **Use Clear Language**: Write in a way that's easy for others to understand
- **Be Specific**: Provide concrete details rather than vague descriptions
- **Include Context**: Explain the circumstances surrounding your issue
- **Add Visual Evidence**: Screenshots or recordings can be very helpful
- **Format Properly**: Use markdown formatting to improve readability
![Palmr Profile Menu](/assets/v1/developers/new-issue-btn.png)
---
## Completing the issue form
The issue creation form is your opportunity to provide comprehensive information about your bug report, feature request, or question.
### Essential form fields
You'll encounter several key fields that need your attention:
**Issue Title**:
- Write a clear, concise title that summarizes the issue
- Use descriptive language that helps others understand the problem at a glance
- Avoid vague titles like "Bug" or "Problem"
- Include key terms that others might search for
**Issue Description**:
- Provide a detailed explanation of your issue
- For bugs: Include steps to reproduce, expected behavior, and actual behavior
- For features: Explain the functionality you'd like and why it would be valuable
- For questions: Be specific about what you need clarification on
### Additional form options
**Labels (Optional)**:
- Add relevant labels to categorize your issue (e.g., `bug`, `enhancement`, `question`)
- Labels help maintainers organize and prioritize issues effectively
- Choose labels that accurately represent your issue type and priority
**Attachments (Optional)**:
- Include screenshots to illustrate visual problems or desired features
- Attach log files or error messages for technical issues
- Add mockups or diagrams for feature requests
- Include any relevant documentation or examples
### Writing effective descriptions
For **Bug Reports**, include:
- Clear steps to reproduce the issue
- Expected vs. actual behavior
- System information (OS, browser, version)
- Error messages or console output
- Screenshots or screen recordings
For **Feature Requests**, include:
- Detailed description of the desired functionality
- Use cases and benefits
- Potential implementation suggestions
- Examples from other projects (if applicable)
For **Questions**, include:
- Specific area of confusion
- What you've already tried
- Relevant code snippets or configurations
- Context about your use case
![Palmr Profile Menu](/assets/v1/developers/new-issue-form.png)
---
## Submitting your issue
After carefully completing the issue form, you're ready to submit your contribution to the project.
### Final review
Before submitting, take a moment to:
- **Review Content**: Read through your title and description for clarity
- **Check Formatting**: Ensure proper markdown formatting and readability
- **Verify Attachments**: Confirm all screenshots and files are properly attached
- **Validate Information**: Double-check that all details are accurate and complete
### Submission process
1. **Click Submit**: Click the **Create** button at the bottom of the form
2. **Confirmation**: Your issue will be created and assigned a unique number
3. **Visibility**: The issue becomes immediately visible to maintainers and contributors
4. **Notifications**: You'll receive notifications for any updates or responses
### Post-submission expectations
After submitting your issue:
- **Track Progress**: Monitor your issue for responses and updates
- **Stay Engaged**: Participate in any follow-up discussions
- **Provide Clarification**: Be ready to answer questions or provide additional information
- **Be Patient**: Remember that maintainers may need time to review and respond
---
## Issue management best practices
To ensure your issue receives appropriate attention and contributes effectively to the project, follow these proven practices.
### Communication guidelines
**Be Clear and Specific**: Provide comprehensive details that help others understand your issue without ambiguity.
**Use Descriptive Titles**: Craft titles that immediately convey the nature and scope of your issue.
**Include Reproduction Steps**: For bugs, provide step-by-step instructions that others can follow to reproduce the problem.
**Maintain Professional Tone**: Remember that maintainers and contributors are often volunteers dedicating their time to help.
### Technical best practices
**Provide System Information**: Include relevant details about your environment, versions, and configuration.
**Format Code Properly**: Use markdown code blocks for any code snippets, error messages, or configuration files.
**Update Regularly**: Keep your issue current with new information or changes in status.
**Reference Related Issues**: Link to related issues or pull requests when relevant.
### Community engagement
**Respond Promptly**: When maintainers ask questions or request clarification, respond in a timely manner.
**Help Others**: If you see similar issues, share your experience or solutions.
**Follow Up**: Update the issue if you find a solution or workaround independently.
**Express Gratitude**: Thank contributors and maintainers for their time and assistance.
---
## The importance of quality issues
Understanding why well-crafted issues matter helps you contribute more effectively to the open source ecosystem.
### Project improvement
**Bug Identification**: Your detailed bug reports help identify and fix problems that affect all users.
**Feature Development**: Thoughtful feature requests guide project development and prioritization.
**Documentation Enhancement**: Questions about unclear functionality often lead to improved documentation.
### Maintainer support
**Efficient Triage**: Clear, detailed issues help maintainers quickly understand and categorize problems.
**Reduced Back-and-forth**: Comprehensive initial reports minimize the need for follow-up questions.
**Priority Assessment**: Well-documented issues help maintainers assess impact and urgency.
### Community collaboration
**Knowledge Sharing**: Issues create a searchable knowledge base for future users with similar problems.
**Contributor Attraction**: Interesting issues often attract new contributors who want to help solve problems.
**Discussion Platform**: Issues provide a space for community members to collaborate on solutions.
---
## Next steps
Congratulations on creating your issue for the **Palmr** project! Your contribution is valuable and helps make the project better for the entire community.
### Staying engaged
After creating your issue, consider these ways to remain involved:
- **Monitor Progress**: Keep track of responses and updates to your issue
- **Participate Actively**: Engage in discussions and provide additional information when requested
- **Help Others**: Assist other community members with similar issues when possible
- **Share Knowledge**: Document any solutions or workarounds you discover
### Expanding your contribution
Beyond issue creation, you can contribute to the project in other ways:
- **Code Contributions**: Consider submitting pull requests to fix bugs or implement features
- **Documentation**: Help improve project documentation based on your experience
- **Community Support**: Answer questions and help other users in issues and discussions
- **Project Promotion**: Share Palmr with others who might benefit from the project
### Building relationships
- **Follow the Project**: Star the repository to show support and stay updated
- **Connect with Contributors**: Engage respectfully with maintainers and other contributors
- **Join Discussions**: Participate in broader project discussions and planning
- **Spread Awareness**: Help others discover and benefit from the Palmr project
Thank you for being part of the open source community and contributing to making Palmr better for everyone. Your participation, whether through issues, code, or community engagement, helps drive the project forward and benefits users worldwide.

View File

@@ -0,0 +1,180 @@
---
title: Password Reset Without SMTP
icon: Lock
---
This guide provides detailed instructions on how to reset a user password directly inside the Docker container for Palmr, without requiring SMTP configuration. This method is particularly useful for administrators who do not have email services set up or need to regain access to accounts in emergency situations.
## When and why to use this method
Resetting a password without SMTP is an alternative approach for specific scenarios where the standard email-based reset is not feasible. Consider using this method if:
- An admin user is locked out and cannot access their email for a password reset.
- SMTP services are not configured or are experiencing issues.
- You need to perform emergency system recovery and restore access quickly.
- You are setting up an initial environment and need to configure accounts.
- You are conducting controlled testing in a development setup.
> **Warning:** This process bypasses the normal email-based password reset mechanism, which could pose a security risk if not handled properly. Use this method only when necessary, ensure it is performed by trusted administrators, and always document the reason for the reset.
## How the password reset works
Palmr provides a CLI script that allows administrators to reset passwords directly within the Docker container. This script is designed to maintain security by enforcing interactive confirmation at every step, validating input data, and securely encrypting the new password using bcrypt with 10 salt rounds (consistent with the system's security standards). The script does not send email notifications, log invalid login attempts, or alter other user settings—it focuses solely on password reset.
## Step-by-step instructions
Follow these steps to reset a user password using the provided script. Ensure you have access to the Docker container before proceeding.
### 1. List Docker containers and identify the correct one
Before accessing the Palmr container, you need to identify its name or ID. Open a terminal on your host machine and list all running Docker containers by running the following command:
```bash
docker ps
```
This command will display a list of active containers, including their names, IDs, images, and other details. Look for the container running the Palmr application. If you used a specific name when setting up the container (e.g., `palmr-app`), it will appear under the `NAMES` column. If no name was specified, note the `CONTAINER ID` (a short string of characters) for the container associated with the Palmr image (likely something like `palmr` or a custom image name).
> **Note:** If you don't see the Palmr container, ensure it is running. You can start it using `docker start <container_name_or_id>` if it's stopped. If you're unsure about the setup, refer to the Palmr installation guide.
### 2. Access the Docker container
Once you've identified the correct container, access it by running the following command:
```bash
docker exec -it <container_name_or_id> /bin/sh
```
Replace `<container_name_or_id>` with the name or ID of your Palmr container. This command opens an interactive shell session inside the container, allowing you to execute commands directly.
### 3. Navigate to the application directory
Once inside the container, navigate to the application directory where the reset script is located:
```bash
cd /app/palmr-app
```
This directory contains the necessary scripts and configurations for managing Palmr's backend operations.
### 4. Run the password reset script
Execute the password reset script to start the interactive process:
```bash
./reset-password.sh
```
The script will prompt you to enter the email address of the user whose password you wish to reset. It will then display the user's information for verification, ask for confirmation to proceed, and request a new password (minimum 8 characters) which must be entered twice to ensure accuracy. Each step requires explicit confirmation to prevent accidental changes.
> **Note:** If you need to see a list of all users in the system before proceeding, you can run `./reset-password.sh --list`. For additional help, use `./reset-password.sh --help`.
### Example session
Below is an example of how the interactive session might look when running the script:
```
$ ./reset-password.sh
Palmr Password Reset Tool
===============================
This script allows you to reset a user's password directly from the Docker terminal.
WARNING: This bypasses normal security checks. Use only when necessary!
Enter user email: user@example.com
User found:
Name: John Smith
Username: john.smith
Email: user@example.com
Status: Active
Admin: No
Do you want to reset the password for this user? (y/n): y
Enter new password requirements:
- Minimum 8 characters
Enter new password: ********
Confirm new password: ********
Hashing password...
Updating password in database...
Cleaning up existing password reset tokens...
Password reset successful!
User: John Smith (user@example.com)
The user can now login with the new password.
Security Note: The password has been encrypted using bcrypt with 10 salt rounds.
```
## Troubleshooting common issues
If you encounter issues while running the script, refer to the following solutions to resolve common problems:
- **Error: "tsx is not available"**
This error indicates missing dependencies. The script will attempt to install them automatically, but if it fails, manually install them by running:
```bash
pnpm install
# or
npm install
```
- **Error: "Prisma client not found"**
This error occurs if the Prisma client is not generated. The script should handle this automatically, but if it fails, generate it manually with:
```bash
npx prisma generate
```
- **Error: "Database connection failed"**
If the script cannot connect to the database, check the following:
- Ensure the database service is running within the container.
- Confirm that the `prisma/palmr.db` file exists and has the correct permissions.
- Verify that the container has access to the database volume.
- **Error: "Script must be run from application directory"**
This error appears if you are not in the correct directory. Navigate to the application directory with:
```bash
cd /app/palmr-app
```
- **Error: "User not found"**
If the email provided does not match any user, double-check the email address. You can list all users to find the correct one by running:
```bash
./reset-password.sh --list
```
Ensure the user exists in the system before attempting the reset.
- **Error: "Password does not meet requirements"**
The new password must be at least 8 characters long. Ensure it meets this requirement and re-enter it carefully, confirming it matches the second entry.
- **Error: "Confirmation does not match"**
If the two password entries do not match, the script will prompt you to try again. Ensure both entries are identical.
- **General Script Failure or Unexpected Behavior**
If the script fails for an unknown reason, check the error message for details. Ensure your Palmr installation is up to date, and consider restarting the container if there are transient issues. If problems persist, consult the Palmr documentation or community for additional support.
## Security and best practices
To maintain the integrity and security of your Palmr instance while using this password reset method, adhere to the following guidelines:
- **Interactive Confirmation:** The script enforces interactive mode, requiring explicit confirmation at each step to prevent unauthorized or accidental resets. There are no shortcuts or automated options.
- **Access Restriction:** Only administrators with direct access to the Docker container can use this script, ensuring that unauthorized users cannot reset passwords.
- **Password Encryption:** New passwords are encrypted using bcrypt with 10 salt rounds, matching Palmr's standard security practices.
- **Documentation and Notification:** Always document the date, time, and reason for performing a password reset. Notify the affected user through alternative means (if possible) to inform them of the change.
- **Backup Recommendation:** Before using this script in a production environment, consider backing up your database to prevent data loss in case of an error.
- **Post-Reset Actions:** After resetting a password, verify that the user can log in successfully and check system logs for any unusual activity related to the reset.
- **Limit Usage:** Use this method sparingly and only in situations where SMTP-based reset is not an option. It is not intended for routine password management.
- **Secure Environment:** Ensure that access to the Docker container and host machine is secured with strong passwords, restricted permissions, and, if possible, two-factor authentication to prevent unauthorized access to administrative tools.
> **Tip:** Treat this method as a last resort. Whenever possible, configure SMTP to enable the standard email-based password reset process, which provides an additional layer of security and user verification.
## Security philosophy
This script is built with a strong focus on security, prioritizing mandatory interactivity, multiple confirmations, and strict input validation. There are no "quick modes" or bypass options—every password reset requires careful and deliberate action from the administrator to ensure accountability and minimize risks.

View File

@@ -0,0 +1,409 @@
---
title: Quick Start (Docker)
icon: "Rocket"
---
import { Callout } from "fumadocs-ui/components/callout";
import { Tab, Tabs } from "fumadocs-ui/components/tabs";
import { Card, CardGrid } from "@/components/ui/card";
Welcome to the fastest way to deploy <span className="font-bold">Palmr.</span> - your secure, self-hosted file sharing solution. This guide will have you up and running in minutes, whether you're new to self-hosting or an experienced developer.
Palmr. offers flexible deployment options to match your infrastructure needs. This guide focuses on Docker deployment with our recommended filesystem storage, perfect for most use cases.
## Prerequisites
Before you begin, make sure you have:
- **Docker** - Container runtime ([installation guide](https://docs.docker.com/get-docker/))
- **Docker Compose** - Multi-container orchestration ([installation guide](https://docs.docker.com/compose/install/))
- **2GB+ available disk space** for the application and your files
- **Port 5487** available for the web interface
- **Port 3333** available for API access (optional)
<Callout>
**Platform Support**: Palmr. is developed on macOS and extensively tested on Linux servers. While we haven't formally
tested other platforms, Docker's cross-platform nature should ensure compatibility. Report any issues on our [GitHub
repository](https://github.com/kyantech/Palmr/issues).
</Callout>
## Storage Options
Palmr. supports two storage approaches for persistent data:
- **Named Volumes (Recommended)** - Docker-managed storage with optimal performance and no permission issues
- **Bind Mounts** - Direct host filesystem access, ideal for development and direct file management
## Deployment Options
Choose your storage method based on your needs:
<Tabs items={['Named Volumes (Recommended)', 'Bind Mounts']}>
<Tab value="Named Volumes (Recommended)">
Docker-managed storage that provides the best balance of performance, security, and ease of use:
- **No Permission Issues**: Docker handles all permission management automatically
- **Performance**: Optimized for container workloads with better I/O performance
- **Production Ready**: Recommended for production deployments
### Configuration
Create a `docker-compose.yml` file:
```yaml
services:
palmr:
image: kyantech/palmr:latest
container_name: palmr
restart: unless-stopped
ports:
- "5487:5487" # Web interface
# - "3333:3333" # API (optional)
environment:
# Optional: Uncomment and configure as needed (if you don`t use, you can remove)
# - ENABLE_S3=true # Set to true to enable S3-compatible storage
# - DISABLE_FILESYSTEM_ENCRYPTION=true # Set to false to enable file encryption
# - ENCRYPTION_KEY=your-secure-key-min-32-chars # Required only if encryption is enabled
# - PALMR_UID=1000 # UID for the container processes (default is 1000)
# - PALMR_GID=1000 # GID for the container processes (default is 1000)
# - SECURE_SITE=false # Set to true for HTTPS/reverse proxy (enables cross-origin cookies for Safari)
# - DEFAULT_LANGUAGE=en-US # Default language for the application (optional, defaults to en-US)
# - PRESIGNED_URL_EXPIRATION=3600 # Duration in seconds for presigned URL expiration (optional, defaults to 3600 seconds / 1 hour)
# - DOWNLOAD_MAX_CONCURRENT=5 # Maximum simultaneous downloads (auto-scales if not set)
# - DOWNLOAD_MEMORY_THRESHOLD_MB=2048 # Memory threshold in MB before throttling (auto-scales if not set)
# - DOWNLOAD_QUEUE_SIZE=25 # Maximum queue size for pending downloads (auto-scales if not set)
# - DOWNLOAD_MIN_FILE_SIZE_GB=3.0 # Minimum file size in GB to activate memory management (default: 3.0)
# - DOWNLOAD_AUTO_SCALE=true # Enable auto-scaling based on system memory (default: true)
# - NODE_OPTIONS=--expose-gc # Enable garbage collection for large downloads (recommended for production)
# - NEXT_PUBLIC_UPLOAD_CHUNK_SIZE_MB=100 # Chunk size in MB for large file uploads (OPTIONAL - auto-calculates if not set)
volumes:
- palmr_data:/app/server
volumes:
palmr_data:
```
<Callout type="info">
**Having upload or permission issues?** Add `PALMR_UID=1000` and `PALMR_GID=1000` to your environment variables. Check our [UID/GID Configuration](/docs/3.2-beta/uid-gid-configuration) guide for more details.
</Callout>
### Deploy
```bash
docker-compose up -d
```
</Tab>
<Tab value="Bind Mounts">
Direct mapping to host filesystem directories, providing direct file access:
- **Direct Access**: Files are directly accessible from your host system
- **Development Friendly**: Easy to inspect, modify, or backup files manually
- **Platform Dependent**: May require UID/GID configuration, especially on NAS systems
### Configuration
Create a `docker-compose.yml` file:
```yaml
services:
palmr:
image: kyantech/palmr:latest
container_name: palmr
restart: unless-stopped
ports:
- "5487:5487" # Web interface
# - "3333:3333" # API (optional)
environment:
# Optional: Uncomment and configure as needed (if you don`t use, you can remove)
# - ENABLE_S3=true # Set to true to enable S3-compatible storage
# - DISABLE_FILESYSTEM_ENCRYPTION=false # Set to false to enable file encryption
# - ENCRYPTION_KEY=your-secure-key-min-32-chars # Required only if encryption is enabled
# - PALMR_UID=1000 # UID for the container processes (default is 1000)
# - PALMR_GID=1000 # GID for the container processes (default is 1000)
# - SECURE_SITE=false # Set to true for HTTPS/reverse proxy (enables cross-origin cookies for Safari)
# - DEFAULT_LANGUAGE=en-US # Default language for the application (optional, defaults to en-US)
# - PRESIGNED_URL_EXPIRATION=3600 # Duration in seconds for presigned URL expiration (optional, defaults to 3600 seconds / 1 hour)
# - DOWNLOAD_MAX_CONCURRENT=5 # Maximum simultaneous downloads (auto-scales if not set)
# - DOWNLOAD_MEMORY_THRESHOLD_MB=2048 # Memory threshold in MB before throttling (auto-scales if not set)
# - DOWNLOAD_QUEUE_SIZE=25 # Maximum queue size for pending downloads (auto-scales if not set)
# - DOWNLOAD_MIN_FILE_SIZE_GB=3.0 # Minimum file size in GB to activate memory management (default: 3.0)
# - DOWNLOAD_AUTO_SCALE=true # Enable auto-scaling based on system memory (default: true)
# - NODE_OPTIONS=--expose-gc # Enable garbage collection for large downloads (recommended for production)
volumes:
- ./data:/app/server
```
<Callout type="info">
**Having upload or permission issues?** Add `PALMR_UID=1000` and `PALMR_GID=1000` to your environment variables. Check our [UID/GID Configuration](/docs/3.2-beta/uid-gid-configuration) guide for more details.
</Callout>
### Deploy
```bash
docker-compose up -d
```
</Tab>
</Tabs>
## Configuration
Customize Palmr's behavior with these environment variables:
| Variable | Default | Description |
| ---------------------------------- | -------------- | ------------------------------------------------------------------------------------------------------------------------------------- |
| `ENABLE_S3` | `false` | Enable S3-compatible storage backends |
| `S3_ENDPOINT` | - | S3 server endpoint URL (required when using S3) |
| `S3_PORT` | - | S3 server port (optional when using S3) |
| `S3_USE_SSL` | - | Enable SSL for S3 connections (optional when using S3) |
| `S3_ACCESS_KEY` | - | S3 access key for authentication (required when using S3) |
| `S3_SECRET_KEY` | - | S3 secret key for authentication (required when using S3) |
| `S3_REGION` | - | S3 region configuration (optional when using S3) |
| `S3_BUCKET_NAME` | - | S3 bucket name for file storage (required when using S3) |
| `S3_FORCE_PATH_STYLE` | `false` | Force path-style S3 URLs (optional when using S3) |
| `S3_REJECT_UNAUTHORIZED` | `true` | Enable strict SSL certificate validation for S3 (set to `false` for self-signed certificates) |
| `ENCRYPTION_KEY` | - | **Required when encryption is enabled**: 32+ character key for file encryption |
| `DISABLE_FILESYSTEM_ENCRYPTION` | `true` | Disable file encryption for better performance (set to `false` to enable encryption) |
| `PRESIGNED_URL_EXPIRATION` | `3600` | Duration in seconds for presigned URL expiration (applies to both filesystem and S3 storage) |
| `CUSTOM_PATH` | - | Custom base path for disk space detection in manual installations with symlinks |
| `SECURE_SITE` | `false` | Enable secure cookies for HTTPS/reverse proxy deployments. Required for Safari cross-site tracking compatibility when frontend and backend are on different domains |
| `DEFAULT_LANGUAGE` | `en-US` | Default application language ([see available languages](/docs/3.2-beta/available-languages)) |
| `PALMR_UID` | `1000` | User ID for container processes (helps with file permissions) |
| `PALMR_GID` | `1000` | Group ID for container processes (helps with file permissions) |
| `NODE_OPTIONS` | - | Node.js options (recommended: `--expose-gc` for garbage collection in production) |
| `DOWNLOAD_MAX_CONCURRENT` | auto-scale | Maximum number of simultaneous downloads (see [Download Memory Management](/docs/3.2-beta/download-memory-management)) |
| `DOWNLOAD_MEMORY_THRESHOLD_MB` | auto-scale | Memory threshold in MB before throttling |
| `DOWNLOAD_QUEUE_SIZE` | auto-scale | Maximum queue size for pending downloads |
| `DOWNLOAD_MIN_FILE_SIZE_GB` | `3.0` | Minimum file size in GB to activate memory management |
| `NEXT_PUBLIC_UPLOAD_CHUNK_SIZE_MB` | auto-calculate | Chunk size in MB for large file uploads (see [Chunked Upload Configuration](/docs/3.2-beta/quick-start#chunked-upload-configuration)) |
| `DOWNLOAD_AUTO_SCALE` | `true` | Enable auto-scaling based on system memory |
<Callout type="info">
**Performance First**: Palmr runs without encryption by default for optimal speed and lower resource usage—perfect for
most use cases.
</Callout>
<Callout type="warn">
**Encryption Notice**: To enable encryption, set `DISABLE_FILESYSTEM_ENCRYPTION=false` and provide a 32+ character
`ENCRYPTION_KEY`. **Important**: This choice is permanent—switching encryption modes after uploading files will break
access to existing uploads.
</Callout>
<Callout>
**Using a Reverse Proxy?** Set `SECURE_SITE=true` and check our [Reverse Proxy
Configuration](/docs/3.2-beta/reverse-proxy-configuration) guide for proper HTTPS setup.
</Callout>
### Generate Encryption Keys (Optional)
Need file encryption? Generate a secure key:
<KeyGenerator />
> **Pro Tip**: Only enable encryption if you're handling sensitive data. For most users, the default unencrypted mode provides better performance.
## Access Your Instance
Once deployed, open Palmr in your browser:
- **Web Interface**: `http://localhost:5487` (local) or `http://YOUR_SERVER_IP:5487` (remote)
- **API Documentation**: `http://localhost:3333/docs` (if port 3333 is exposed)
<Callout type="info">
**Learn More**: For complete API documentation, authentication, and integration examples, see our [API
Reference](/docs/3.2-beta/api) guide
</Callout>
<Callout type="warn">
**Production Ready?** Configure HTTPS with a valid SSL certificate for secure production deployments.
</Callout>
---
## Docker CLI Alternative
Prefer Docker commands over Compose? Here are the equivalent commands:
<Tabs items={["Named Volume", "Bind Mount"]}>
<Tab value="Named Volume">
```bash
docker run -d \
--name palmr \
# Optional: Uncomment and configure as needed (if you don`t use, you can remove)
# -e ENABLE_S3=true \ # Set to true to enable S3-compatible storage (OPTIONAL - default is false)
# -e DISABLE_FILESYSTEM_ENCRYPTION=false \ # Set to false to enable file encryption (ENCRYPTION_KEY becomes required) | (OPTIONAL - default is true)
# -e ENCRYPTION_KEY=your-secure-key-min-32-chars # Required only if encryption is enabled
# -e PALMR_UID=1000 # UID for the container processes (default is 1000)
# -e PALMR_GID=1000 # GID for the container processes (default is 1000)
# -e SECURE_SITE=false # Set to true for HTTPS/reverse proxy (enables cross-origin cookies for Safari)
# -e DEFAULT_LANGUAGE=en-US # Default language for the application (optional, defaults to en-US)
-p 5487:5487 \
-p 3333:3333 \
-v palmr_data:/app/server \
--restart unless-stopped \
kyantech/palmr:latest
```
<Callout type="info">
**Permission Issues?** Add `-e PALMR_UID=1000 -e PALMR_GID=1000` to the command above. See our [UID/GID Configuration](/docs/3.2-beta/uid-gid-configuration) guide for details.
</Callout>
</Tab>
<Tab value="Bind Mount">
```bash
docker run -d \
--name palmr \
# Optional: Uncomment and configure as needed (if you don`t use, you can remove)
# -e ENABLE_S3=true \ # Set to true to enable S3-compatible storage (OPTIONAL - default is false)
# -e DISABLE_FILESYSTEM_ENCRYPTION=true \ # Set to false to enable file encryption (ENCRYPTION_KEY becomes required) | (OPTIONAL - default is true)
# -e ENCRYPTION_KEY=your-secure-key-min-32-chars # Required only if encryption is enabled
# -e PALMR_UID=1000 # UID for the container processes (default is 1000)
# -e PALMR_GID=1000 # GID for the container processes (default is 1000)
# -e SECURE_SITE=false # Set to true for HTTPS/reverse proxy (enables cross-origin cookies for Safari)
# -e DEFAULT_LANGUAGE=en-US # Default language for the application (optional, defaults to en-US)
-p 5487:5487 \
-p 3333:3333 \
-v $(pwd)/data:/app/server \
--restart unless-stopped \
kyantech/palmr:latest
```
<Callout type="info">
**Permission Issues?** Add `-e PALMR_UID=1000 -e PALMR_GID=1000` to the command above. See our [UID/GID Configuration](/docs/3.2-beta/uid-gid-configuration) guide for details.
</Callout>
</Tab>
</Tabs>
---
## Common Configuration Options
### Presigned URL Expiration
Palmr. uses temporary URLs (presigned URLs) for secure file access. These URLs expire after a configurable time period to enhance security.
**Default:** 1 hour (3600 seconds)
You can customize this for all storage types (filesystem or S3) by adding:
```yaml
environment:
- PRESIGNED_URL_EXPIRATION=7200 # 2 hours
```
**When to adjust:**
- **Shorter time (1800 = 30 min):** Higher security, but users may need to refresh download links
- **Longer time (7200-21600 = 2-6 hours):** Better for large file transfers, but URLs stay valid longer
- **Default (3600 = 1 hour):** Good balance for most use cases
### File Encryption
For filesystem storage, you can enable file encryption:
```yaml
environment:
- DISABLE_FILESYSTEM_ENCRYPTION=false
- ENCRYPTION_KEY=your-secure-32-character-key-here
```
**Note:** S3 storage handles encryption through your S3 provider's encryption features.
### Chunked Upload Configuration
Palmr supports configurable chunked uploading for large files. You can customize the chunk size by setting the following environment variable:
```yaml
environment:
- NEXT_PUBLIC_UPLOAD_CHUNK_SIZE_MB=100 # Chunk size in MB
```
**How it works:**
- If `NEXT_PUBLIC_UPLOAD_CHUNK_SIZE_MB` is set, Palmr will use this value (in megabytes) as the chunk size for all file uploads that exceed this threshold.
- If not set or left empty, Palmr automatically calculates optimal chunk sizes based on file size:
- Files ≤ 100MB: uploaded without chunking
- Files > 100MB and ≤ 1GB: 75MB chunks
- Files > 1GB: 150MB chunks
**When to configure:**
- **Default (not set):** Recommended for most use cases. Palmr will intelligently determine the best chunk size.
- **Custom value:** Set this if you have specific network conditions or want to optimize for your infrastructure (e.g., slower connections may benefit from smaller chunks like 50MB, while fast networks can handle larger chunks like 200MB, or the upload size per payload may be limited by a proxy like Cloudflare)
---
## Maintenance
### Updates
Keep Palmr up to date with the latest features and security patches:
```bash
docker-compose pull
docker-compose up -d
```
### Backup Your Data
**Named Volumes:**
```bash
docker run --rm -v palmr_data:/data -v $(pwd):/backup alpine tar czf /backup/palmr-backup.tar.gz -C /data .
```
**Bind Mounts:**
```bash
tar czf palmr-backup.tar.gz ./data
```
### Restore From Backup
**Named Volumes:**
```bash
docker-compose down
docker run --rm -v palmr_data:/data -v $(pwd):/backup alpine tar xzf /backup/palmr-backup.tar.gz -C /data
docker-compose up -d
```
**Bind Mounts:**
```bash
docker-compose down
tar xzf palmr-backup.tar.gz
docker-compose up -d
```
---
## What's Next?
Your Palmr instance is ready! Here's what you can explore:
### Advanced Configuration
- **[UID/GID Configuration](/docs/3.2-beta/uid-gid-configuration)** - Configure user permissions for NAS systems and custom environments
- **[Download Memory Management](/docs/3.2-beta/download-memory-management)** - Configure large file download handling and queue system
- **[S3 Storage](/docs/3.2-beta/s3-configuration)** - Scale with Amazon S3 or compatible storage providers
- **[Manual Installation](/docs/3.2-beta/manual-installation)** - Manual installation and custom configurations
### Integration & Development
- **[API Reference](/docs/3.2-beta/api)** - Integrate Palmr. with your applications
<Callout type="info">
**Need help?** Check our [Troubleshooting Guide](/docs/3.2-beta/troubleshooting) for common issues and solutions.
</Callout>
---
**Questions?** Visit our [GitHub Issues](https://github.com/kyantech/Palmr/issues) or join the community discussions.

View File

@@ -0,0 +1,201 @@
---
title: Reverse Proxy Configuration
icon: "Shield"
---
When deploying **Palmr.** behind a reverse proxy (like Traefik, Nginx, or Cloudflare), you need to configure secure cookie settings to ensure proper authentication. This guide covers the `SECURE_SITE` environment variable and related proxy configurations.
## Overview
Reverse proxies terminate SSL/TLS connections and forward requests to Palmr., which can cause authentication issues if cookies aren't configured properly for HTTPS environments. The `SECURE_SITE` environment variable controls cookie security settings to handle these scenarios.
## The SECURE_SITE Environment Variable
The `SECURE_SITE` variable configures how Palmr. handles authentication cookies based on your deployment environment:
### Configuration Options
| Value | Cookie Settings | Use Case |
| ------- | ------------------------------------- | ----------------------------------- |
| `true` | `secure: true`, `sameSite: "none"` | HTTPS/Production with reverse proxy |
| `false` | `secure: false`, `sameSite: "lax"` | HTTP/Development (default) |
> **🔒 Safari Cross-Site Tracking**: When `SECURE_SITE=true`, cookies use `sameSite: "none"` to support Safari's Cross-Site Tracking prevention when the frontend and backend are on different domains/subdomains.
### When to Use SECURE_SITE=true
Set `SECURE_SITE=true` in the following scenarios:
- ✅ **Reverse Proxy with HTTPS**: Traefik, Nginx, HAProxy with SSL termination
- ✅ **Cloud Providers**: Cloudflare, AWS ALB, Azure Application Gateway
- ✅ **CDN with HTTPS**: Any CDN that terminates SSL
- ✅ **Production Deployments**: When users access via HTTPS
### When to Use SECURE_SITE=false
Keep `SECURE_SITE=false` (default) for:
- ✅ **Local Development**: Running on `http://localhost`
- ✅ **Direct HTTP Access**: No reverse proxy involved
- ✅ **Testing Environments**: When using HTTP
- ✅ **HTTP Reverse Proxy**: Nginx, Apache, etc. without SSL termination
---
## HTTP Reverse Proxy Setup
**Docker Compose for HTTP Nginx:**
```yaml
environment:
- SECURE_SITE=false # HTTP = false
```
> **⚠️ HTTP Security**: Remember that HTTP transmits data in plain text. Consider using HTTPS in production environments.
---
## Troubleshooting Authentication Issues
### Common Symptoms
If you experience authentication issues behind a reverse proxy:
- ❌ Login appears successful but redirects to login page
- ❌ "No Authorization was found in request.cookies" errors
- ❌ API requests return 401 Unauthorized
- ❌ User registration fails silently
### Diagnostic Steps
1. **Check Browser Developer Tools**:
- Look for cookies in Application/Storage tab
- Verify cookie has `Secure` flag when using HTTPS
- Check if `SameSite` attribute is appropriate
2. **Verify Environment Variables**:
```bash
docker exec -it palmr env | grep SECURE_SITE
```
3. **Test Cookie Settings**:
- With `SECURE_SITE=false`: Should work on HTTP
- With `SECURE_SITE=true`: Should work on HTTPS
### Common Fixes
**Problem**: Authentication fails with reverse proxy
**Solution**: Set `SECURE_SITE=true` and ensure proper headers:
```yaml
environment:
- SECURE_SITE=true
```
**Problem**: Mixed content errors
**Solution**: Ensure proxy passes correct headers:
```yaml
# Traefik
- "traefik.http.middlewares.palmr-headers.headers.customrequestheaders.X-Forwarded-Proto=https"
# Nginx
proxy_set_header X-Forwarded-Proto $scheme;
```
**Problem**: Authentication fails with HTTP reverse proxy
**Solution**: Use `SECURE_SITE=false` and ensure proper cookie headers:
```yaml
environment:
- SECURE_SITE=false # For HTTP proxy
```
```nginx
# Nginx - Add these headers for cookie handling
proxy_set_header Cookie $http_cookie;
proxy_pass_header Set-Cookie;
```
**Problem**: SQLite "readonly database" error with bind mounts
**Solution**: Configure proper UID/GID permissions:
```yaml
environment:
- PALMR_UID=1000 # Your host UID (check with: id)
- PALMR_GID=1000 # Your host GID
- DISABLE_FILESYSTEM_ENCRYPTION=true # Set to false to enable file encryption
# - ENCRYPTION_KEY=your-key-here # Required only if encryption is enabled
```
> **💡 Note**: Check your host UID/GID with `id` command and use those values. See [UID/GID Configuration](/docs/3.2-beta/uid-gid-configuration) for detailed setup.
---
## Security Considerations
> **⚠️ Important**: Always use HTTPS in production environments. The `SECURE_SITE=true` setting ensures cookies are only sent over encrypted connections.
---
## Advanced Configuration
### Multiple Domains
If serving Palmr. on multiple domains, ensure consistent cookie settings:
```yaml
environment:
- SECURE_SITE=true # Use for all HTTPS domains
```
### Development vs Production
Use environment-specific configurations:
**Development (HTTP):**
```yaml
environment:
- SECURE_SITE=false
```
**Production (HTTPS):**
```yaml
environment:
- SECURE_SITE=true
```
### Health Checks
Add health checks to ensure proper proxy configuration:
```yaml
services:
palmr:
# ... other config
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:5487/api/health"]
interval: 30s
timeout: 10s
retries: 3
```
---
## Need Help?
If you're still experiencing issues after following this guide:
1. **Check the Logs**: `docker logs palmr`
2. **Verify Headers**: Use browser dev tools or `curl -I`
3. **Test Direct Access**: Try accessing Palmr. directly (bypassing proxy)
4. **Open an Issue**: [Report bugs on GitHub](https://github.com/kyantech/Palmr/issues)
> **💡 Pro Tip**: When reporting issues, include your reverse proxy configuration and any relevant error messages from both Palmr. and your proxy logs.

View File

@@ -0,0 +1,375 @@
---
title: S3 Providers
icon: Package
---
This guide provides comprehensive configuration instructions for integrating Palmr. with various S3-compatible storage providers. Whether you're using cloud services like AWS S3 or self-hosted solutions like MinIO, this guide will help you set up reliable object storage for your files.
> **Overview:** Palmr. supports any S3-compatible storage provider, giving you flexibility to choose the solution that best fits your needs and budget.
> **Note:** Some configuration options (like presigned URL expiration) apply to **all storage types**, including filesystem storage. These are marked accordingly in the documentation.
## When to use S3-compatible storage
Consider using S3-compatible storage when you need:
- **Cloud storage** for distributed deployments
- **Scalability** beyond local filesystem limitations
- **Redundancy** and backup capabilities
- **CDN integration** for faster file delivery
- **Multi-region** file distribution
## Environment variables
### General configuration (applies to all storage types)
| Variable | Description | Required | Default |
| -------------------------- | ------------------------------------------------ | -------- | --------------- |
| `PRESIGNED_URL_EXPIRATION` | Duration in seconds for presigned URL expiration | No | `3600` (1 hour) |
### S3-specific configuration
To enable S3-compatible storage, set `ENABLE_S3=true` and configure the following environment variables:
| Variable | Description | Required | Default |
| ------------------------ | ---------------------------------------- | -------- | ----------------- |
| `S3_ENDPOINT` | S3 provider endpoint URL | Yes | - |
| `S3_PORT` | Connection port | No | Based on protocol |
| `S3_USE_SSL` | Enable SSL/TLS encryption | Yes | `true` |
| `S3_ACCESS_KEY` | Access key for authentication | Yes | - |
| `S3_SECRET_KEY` | Secret key for authentication | Yes | - |
| `S3_REGION` | Storage region | Yes | - |
| `S3_BUCKET_NAME` | Bucket/container name | Yes | - |
| `S3_FORCE_PATH_STYLE` | Use path-style URLs | No | `false` |
| `S3_REJECT_UNAUTHORIZED` | Enable strict SSL certificate validation | No | `true` |
## Provider configurations
Below are tested configurations for popular S3-compatible providers. Replace the example values with your actual credentials and settings.
> **Security Note:** Never commit real credentials to version control. Use environment files or secure secret management systems.
### AWS S3
Amazon S3 is the original S3 service, offering global availability and extensive features.
```bash
ENABLE_S3=true
S3_ENDPOINT=s3.amazonaws.com
S3_USE_SSL=true
S3_ACCESS_KEY=your-access-key-id
S3_SECRET_KEY=your-secret-access-key
S3_REGION=us-east-1
S3_BUCKET_NAME=your-bucket-name
S3_FORCE_PATH_STYLE=false
# PRESIGNED_URL_EXPIRATION=3600 # Optional: 1 hour (default)
```
**Getting credentials:**
1. Go to AWS IAM Console
2. Create a new user with S3 permissions
3. Generate access keys for programmatic access
### MinIO (Self-hosted)
MinIO is perfect for self-hosted deployments and development environments.
```bash
ENABLE_S3=true
S3_ENDPOINT=localhost
S3_PORT=9000
S3_USE_SSL=false
S3_ACCESS_KEY=your-minio-access-key
S3_SECRET_KEY=your-minio-secret-key
S3_REGION=us-east-1
S3_BUCKET_NAME=your-bucket-name
S3_FORCE_PATH_STYLE=true
```
**Setup notes:**
- Use `S3_FORCE_PATH_STYLE=true` for MinIO
- Default MinIO port is 9000
- SSL can be disabled for local development
**For MinIO with self-signed SSL certificates:**
```bash
ENABLE_S3=true
S3_ENDPOINT=your-minio-domain.com
S3_PORT=9000
S3_USE_SSL=true
S3_ACCESS_KEY=your-minio-access-key
S3_SECRET_KEY=your-minio-secret-key
S3_REGION=us-east-1
S3_BUCKET_NAME=your-bucket-name
S3_FORCE_PATH_STYLE=true
S3_REJECT_UNAUTHORIZED=false # Allows self-signed certificates
```
### Google Cloud Storage
Google Cloud Storage offers competitive pricing and global infrastructure.
```bash
ENABLE_S3=true
S3_ENDPOINT=storage.googleapis.com
S3_USE_SSL=true
S3_ACCESS_KEY=your-hmac-access-id
S3_SECRET_KEY=your-hmac-secret
S3_REGION=us-central1
S3_BUCKET_NAME=your-bucket-name
S3_FORCE_PATH_STYLE=false
```
**Getting credentials:**
1. Enable Cloud Storage API in Google Cloud Console
2. Create HMAC keys for S3 compatibility
3. Use the generated access ID and secret
### DigitalOcean Spaces
DigitalOcean Spaces provides simple, scalable object storage.
```bash
ENABLE_S3=true
S3_ENDPOINT=nyc3.digitaloceanspaces.com
S3_USE_SSL=true
S3_ACCESS_KEY=your-spaces-access-key
S3_SECRET_KEY=your-spaces-secret-key
S3_REGION=nyc3
S3_BUCKET_NAME=your-space-name
S3_FORCE_PATH_STYLE=false
```
**Available regions:**
- `nyc3` (New York)
- `ams3` (Amsterdam)
- `sgp1` (Singapore)
- `fra1` (Frankfurt)
### Backblaze B2
Backblaze B2 offers cost-effective storage with S3-compatible API.
```bash
ENABLE_S3=true
S3_ENDPOINT=s3.us-west-002.backblazeb2.com
S3_USE_SSL=true
S3_ACCESS_KEY=your-key-id
S3_SECRET_KEY=your-application-key
S3_REGION=us-west-002
S3_BUCKET_NAME=your-bucket-name
S3_FORCE_PATH_STYLE=false
# PRESIGNED_URL_EXPIRATION=7200 # Optional: 2 hours for large files
```
**Cost advantage:**
- Significantly lower storage costs
- Free egress to Cloudflare CDN
- Pay-as-you-go pricing model
### Wasabi
Wasabi provides hot cloud storage with predictable pricing.
```bash
ENABLE_S3=true
S3_ENDPOINT=s3.wasabisys.com
S3_USE_SSL=true
S3_ACCESS_KEY=your-access-key
S3_SECRET_KEY=your-secret-key
S3_REGION=us-east-1
S3_BUCKET_NAME=your-bucket-name
S3_FORCE_PATH_STYLE=false
```
**Benefits:**
- No egress fees
- Fast performance
- Simple pricing structure
### Azure Blob Storage
Azure Blob Storage with S3-compatible API for Microsoft ecosystem integration.
```bash
ENABLE_S3=true
S3_ENDPOINT=your-account.blob.core.windows.net
S3_USE_SSL=true
S3_ACCESS_KEY=your-access-key
S3_SECRET_KEY=your-secret-key
S3_REGION=eastus
S3_BUCKET_NAME=your-container-name
S3_FORCE_PATH_STYLE=false
```
**Setup requirements:**
- Enable S3-compatible API in Azure
- Use container name as bucket name
- Configure appropriate access policies
## Presigned URL configuration
Palmr. uses presigned URLs to provide secure, temporary access to files stored in **both S3-compatible storage and filesystem storage**. These URLs have a configurable expiration time to balance security and usability.
> **Note:** This configuration applies to **all storage types** (S3, filesystem, etc.), not just S3-compatible storage.
### Understanding presigned URLs
Presigned URLs are temporary URLs that allow direct access to files without exposing storage credentials or requiring authentication. They automatically expire after a specified time period, enhancing security by limiting access duration.
**How it works:**
- **S3 Storage:** URLs are signed by AWS/S3-compatible provider credentials
- **Filesystem Storage:** URLs use temporary tokens that are validated by Palmr server
**Default behavior:**
- Upload URLs: 1 hour (3600 seconds)
- Download URLs: 1 hour (3600 seconds)
### Configuring expiration time
You can customize the expiration time using the `PRESIGNED_URL_EXPIRATION` environment variable:
```bash
# Set URLs to expire after 2 hours (7200 seconds)
PRESIGNED_URL_EXPIRATION=7200
# Set URLs to expire after 30 minutes (1800 seconds)
PRESIGNED_URL_EXPIRATION=1800
# Set URLs to expire after 6 hours (21600 seconds)
PRESIGNED_URL_EXPIRATION=21600
```
### Choosing the right expiration time
**Shorter expiration (15-30 minutes):**
- [+] Higher security
- [+] Reduced risk of unauthorized access
- [-] May interrupt long uploads/downloads
- [-] Users may need to refresh links more often
**Longer expiration (2-6 hours):**
- [+] Better user experience for large files
- [+] Fewer interruptions during transfers
- [-] Longer exposure window if URLs are compromised
- [-] Potential for increased storage costs if users leave downloads incomplete
**Recommended settings:**
- **High security environments:** 1800 seconds (30 minutes)
- **Standard usage:** 3600 seconds (1 hour) - default
- **Large file transfers:** 7200-21600 seconds (2-6 hours)
### Example configurations
**For Backblaze B2 with extended expiration:**
```bash
ENABLE_S3=true
S3_ENDPOINT=s3.us-west-002.backblazeb2.com
S3_USE_SSL=true
S3_ACCESS_KEY=your-key-id
S3_SECRET_KEY=your-application-key
S3_REGION=us-west-002
S3_BUCKET_NAME=your-bucket-name
S3_FORCE_PATH_STYLE=false
PRESIGNED_URL_EXPIRATION=7200 # 2 hours for large file transfers
```
**For high-security environments:**
```bash
ENABLE_S3=true
S3_ENDPOINT=s3.amazonaws.com
S3_USE_SSL=true
S3_ACCESS_KEY=your-access-key-id
S3_SECRET_KEY=your-secret-access-key
S3_REGION=us-east-1
S3_BUCKET_NAME=your-bucket-name
S3_FORCE_PATH_STYLE=false
PRESIGNED_URL_EXPIRATION=1800 # 30 minutes for enhanced security
```
## Configuration best practices
### Security considerations
- **Use IAM policies** to limit access to specific buckets and operations
- **Enable encryption** at rest and in transit
- **Rotate credentials** regularly
- **Monitor access logs** for unusual activity
- **Use HTTPS** for all connections (`S3_USE_SSL=true`)
### Performance optimization
- **Choose regions** close to your users or server location
- **Configure CDN** for faster file delivery
- **Use appropriate bucket policies** for public file access
- **Monitor bandwidth** usage and costs
### Troubleshooting common issues
**Connection errors:**
- Verify endpoint URL and port settings
- Check firewall and network connectivity
- Ensure SSL/TLS settings match provider requirements
**SSL certificate errors (self-signed certificates):**
If you encounter errors like `unable to verify the first certificate` or `UNABLE_TO_VERIFY_LEAF_SIGNATURE`, you're likely using self-signed SSL certificates. This is common with self-hosted MinIO or other S3-compatible services.
**Solution:**
Set `S3_REJECT_UNAUTHORIZED=false` in your environment variables to allow self-signed certificates:
```bash
S3_REJECT_UNAUTHORIZED=false
```
**Note:** SSL certificate validation is enabled by default (`true`) for security. Set it to `false` only when using self-hosted S3 services with self-signed certificates.
**Authentication failures:**
- Confirm access key and secret key are correct
- Verify IAM permissions for bucket operations
- Check if credentials have expired
**Bucket access issues:**
- Ensure bucket exists and is accessible
- Verify region settings match bucket location
- Check bucket policies and ACL settings
## Testing your configuration
After configuring your S3 provider, test the connection by:
1. **Upload a test file** through the Palmr. interface
2. **Verify file appears** in your S3 bucket
3. **Download the file** to confirm retrieval works
4. **Check file permissions** and access controls
> **Tip:** Start with a development bucket to test your configuration before using production storage.
## Switching between providers
To switch from filesystem to S3 storage or between S3 providers:
1. **Backup existing files** if switching from filesystem storage
2. **Update environment variables** with new provider settings
3. **Restart the Palmr. container** to apply changes
4. **Test file operations** to ensure everything works correctly
Remember that existing files won't be automatically migrated when switching storage providers.

View File

@@ -0,0 +1,130 @@
---
title: Screenshots
icon: Image
---
import { ZoomableImage } from "@/components/ui/zoomable-image";
Here you can find a collection of screenshots showcasing various features and interfaces of the Palmr. web application. These images provide a visual overview of the user experience, highlighting key functionalities such as file sharing, user management, and settings configuration. Explore the screenshots below to get a better understanding of how Palmr works and what to expect from the platform.
> **Note:** All screenshots shown are taken in dark mode, but Palmr. also offers a light mode theme for users who prefer brighter interfaces.
## Authentication & Access
### Home page
The main landing page where users can access the platform and learn about Palmr.'s features.
<ZoomableImage src="/assets/v3/screenshots/home.png" alt="Home Page - Main landing page of Palmr" />
### Login page
Secure authentication interface where users enter their credentials to access their Palmr account.
<ZoomableImage src="/assets/v3/screenshots/login.png" alt="Login Page - User authentication interface" />
### Forgot password
Password recovery interface that allows users to reset their passwords when they can't access their accounts.
<ZoomableImage src="/assets/v3/screenshots/forgot-password.png" alt="Forgot Password - Password recovery interface" />
## Main Application Interface
### Dashboard
The central hub after login, providing an overview of recent activity, quick actions, and system status.
<ZoomableImage
src="/assets/v3/screenshots/dashboard.png"
alt="Dashboard - Main application hub with overview and quick actions"
/>
## File Management
### Files list view
Comprehensive file browser displaying all uploaded files in a detailed list format with metadata, actions, sorting options, and folder navigation.
<ZoomableImage
src="/assets/v3/screenshots/files-list.png"
alt="Files List View - Detailed file browser with metadata and actions"
/>
### Files card view
Alternative file browser layout showing files as visual cards, perfect for quick browsing, visual file identification, and folder navigation.
<ZoomableImage
src="/assets/v3/screenshots/files-card.png"
alt="Files Card View - Visual card-based file browser layout"
/>
### Receive files
File upload interface where users can drag and drop or select files to upload to their Palmr storage.
<ZoomableImage
src="/assets/v3/screenshots/receive-files.png"
alt="Receive Files - File upload interface with drag and drop functionality"
/>
## Sharing & Collaboration
### Shares page
Management interface for all shared files and folders, showing share status, permissions, and access controls for both individual files and folders.
<ZoomableImage
src="/assets/v3/screenshots/shares.png"
alt="Shares Page - Share management with permissions and access controls"
/>
## User & System Management
### User management
Administrative interface for managing user accounts, permissions, roles, and system access controls.
<ZoomableImage
src="/assets/v3/screenshots/user-management.png"
alt="User Management - Administrative interface for user accounts and permissions"
/>
### Profile settings
Personal account management where users can update their profile information, preferences, and account settings.
<ZoomableImage
src="/assets/v3/screenshots/profile.png"
alt="Profile Settings - Personal account management and preferences"
/>
### System settings
Comprehensive system configuration interface for administrators to manage platform settings, integrations, and system behavior.
<ZoomableImage
src="/assets/v3/screenshots/settings.png"
alt="System Settings - Administrative configuration interface"
/>
## Reverse share page themes
### WeTransfer theme
Special sharing interface with WeTransfer-inspired design, providing a familiar experience for file sharing with custom theming.
<ZoomableImage
src="/assets/v3/screenshots/wetransfer.png"
alt="WeTransfer Theme - WeTransfer-inspired sharing interface with custom theming"
/>
### Default reverse theme
Alternative dark theme interface showing Palmr's theming capabilities and customization options for different user preferences.
<ZoomableImage
src="/assets/v3/screenshots/default-reverse.png"
alt="Default Reverse Theme - Dark theme interface showcasing customization options"
/>

View File

@@ -0,0 +1,438 @@
---
title: Translation Management
icon: Languages
---
import { Callout } from "fumadocs-ui/components/callout";
import { Tab, Tabs } from "fumadocs-ui/components/tabs";
Palmr includes a comprehensive translation key management system that automates synchronization and validation of the application's internationalization files.
## Overview
The translation management system consists of Python scripts that help maintain consistency across all supported languages:
- **Synchronization**: Automatically add missing translation keys
- **Validation**: Check translation status and completeness
- **Key Management**: Manage translation keys structure and consistency
- **Reporting**: Generate detailed translation reports
## Quick Start
<Tabs items={['npm/pnpm', 'Python Direct']}>
<Tab value="npm/pnpm">
```bash
# Complete workflow (recommended)
pnpm run translations
# Check translation status
pnpm run translations:check
# Synchronize missing keys
pnpm run translations:sync
# Test workflow without changes (dry run)
pnpm run translations:dry-run
# Show help
pnpm run translations:help
```
</Tab>
<Tab value="Python Direct">
```bash
cd apps/web/scripts
# Complete workflow (recommended)
python3 run_translations.py all
# Individual commands
python3 run_translations.py check
python3 run_translations.py sync
python3 run_translations.py all --dry-run
python3 run_translations.py help
```
</Tab>
</Tabs>
## Available Scripts
### Main Commands (npm/pnpm)
| Command | Description |
| ------------------------------- | ----------------------------------------- |
| `pnpm run translations` | Complete workflow: sync + check |
| `pnpm run translations:check` | Check translation status and completeness |
| `pnpm run translations:sync` | Synchronize missing keys from en-US.json |
| `pnpm run translations:dry-run` | Test workflow without making changes |
| `pnpm run translations:help` | Show detailed help and examples |
## Workflow
### 1. Adding New Translation Keys
When you add new text to the application:
1. **Add to English**: Update `apps/web/messages/en-US.json` with your new keys
2. **Sync translations**: Run `pnpm run translations:sync` to add missing keys to all languages
3. **Manual translation**: Translate strings marked with `[TO_TRANSLATE]` manually
4. **Test in UI**: Verify translations work correctly in the application interface
<Callout type="important">
**Manual translation required**: All strings marked with `[TO_TRANSLATE]` must be manually translated by native
speakers or professional translators for accuracy.
</Callout>
### 2. Checking Translation Status
<Callout>Always run `pnpm run translations:check` before releases to ensure completeness.</Callout>
```bash
# Generate detailed translation report
pnpm run translations:check
```
The report shows:
- **Completeness percentage** for each language
- **Untranslated strings** marked with `[TO_TRANSLATE]`
- **Identical strings** that may need localization
- **Missing keys** compared to English reference
### 3. Manual Translation Process
For all translation strings:
1. **Find untranslated strings**: Look for `[TO_TRANSLATE] Original text` in language files
2. **Replace with translation**: Remove the prefix and add proper translation
3. **Validate**: Run `pnpm run translations:check` to verify completeness
## File Structure
```
apps/web/
├── messages/ # Translation files
│ ├── en-US.json # Reference language (English)
│ ├── pt-BR.json # Portuguese (Brazil)
│ ├── es-ES.json # Spanish
│ └── ... # Other languages
└── scripts/ # Management scripts
├── run_translations.py # Main wrapper
├── sync_translations.py # Synchronization
├── check_translations.py # Status checking
└── clean_translations.py # Cleanup utilities
```
## Prerequisites
- **Python 3.6 or higher** - Required for running the translation scripts
- **No external dependencies** - Scripts use only Python standard libraries
- **UTF-8 support** - Ensure your terminal supports UTF-8 for proper display of translations
## Script Details
### Main Wrapper (`run_translations.py`)
The main script provides a unified interface for all translation operations:
#### Available Commands
- `check` - Check translation status and generate reports
- `sync` - Synchronize missing keys from reference language
- `all` - Run complete workflow (sync + check)
- `help` - Show detailed help with examples
#### How it Works
1. Validates parameters and working directory
2. Calls appropriate individual scripts with passed parameters
3. Provides unified error handling and progress reporting
4. Supports all parameters from individual scripts
### Synchronization Script (`sync_translations.py`)
Maintains consistency across all language files:
#### Process
1. **Load reference**: Reads `en-US.json` as source of truth
2. **Scan languages**: Finds all `*.json` files in messages directory
3. **Compare keys**: Identifies missing keys in each language file
4. **Add missing keys**: Copies structure from reference with `[TO_TRANSLATE]` prefix
5. **Save updates**: Maintains JSON formatting and UTF-8 encoding
#### Key Features
- **Recursive key detection**: Handles nested JSON objects
- **Safe updates**: Preserves existing translations
- **Consistent formatting**: Maintains proper JSON structure
- **Progress reporting**: Shows detailed sync results
### Status Check Script (`check_translations.py`)
Provides comprehensive translation analysis:
#### Generated Reports
- **Completion percentage**: How much of each language is translated
- **Untranslated count**: Strings still marked with `[TO_TRANSLATE]`
- **Identical strings**: Text identical to English (may need localization)
- **Missing keys**: Keys present in reference but not in target language
#### Analysis Features
- **Visual indicators**: Icons show completion status (✅ 🟡 🔴)
- **Detailed breakdowns**: Per-language analysis with specific keys
- **Quality insights**: Identifies potential translation issues
- **Export friendly**: Output can be redirected to files for reports
## Advanced Usage
### Custom Parameters
You can pass additional parameters to the underlying Python scripts for more control:
#### Synchronization Parameters (`sync`)
```bash
# Sync without marking new keys as [TO_TRANSLATE]
python3 scripts/run_translations.py sync --no-mark-untranslated
# Use a different reference file (default: en-US.json)
python3 scripts/run_translations.py sync --reference pt-BR.json
# Specify custom messages directory
python3 scripts/run_translations.py sync --messages-dir /path/to/messages
# Dry run mode - see what would be changed
python3 scripts/run_translations.py sync --dry-run
```
#### Check Parameters (`check`)
```bash
# Use different reference file for comparison
python3 scripts/run_translations.py check --reference pt-BR.json
# Check translations in custom directory
python3 scripts/run_translations.py check --messages-dir /path/to/messages
```
### Parameter Reference
| Parameter | Commands | Description |
| ------------------------ | --------------- | --------------------------------------------- |
| `--dry-run` | `sync`, `all` | Preview changes without modifying files |
| `--messages-dir` | All | Custom directory containing translation files |
| `--reference` | `sync`, `check` | Reference file to use (default: en-US.json) |
| `--no-mark-untranslated` | `sync` | Don't add [TO_TRANSLATE] prefix to new keys |
### Dry Run Mode
Always test changes first:
```bash
# Test complete workflow (recommended)
pnpm run translations:dry-run
# Alternative: Direct Python commands
python3 scripts/run_translations.py all --dry-run
python3 scripts/run_translations.py sync --dry-run
```
### Common Use Cases
#### Scenario 1: Adding Keys Without Marking for Translation
```bash
# Sync new keys without auto-marking for translation
python3 scripts/run_translations.py sync --no-mark-untranslated
# Manually mark specific keys that need translation
# Edit files to add [TO_TRANSLATE] prefix where needed
```
#### Scenario 2: Custom Project Structure
```bash
# Work with translations in different directory
python3 scripts/run_translations.py all --messages-dir ../custom-translations
```
#### Scenario 3: Quality Assurance
```bash
# Use different language as reference for comparison
python3 scripts/run_translations.py check --reference pt-BR.json
# This helps identify inconsistencies when you have high-quality translations
```
## Translation Keys Format
Translation files use nested JSON structure:
```json
{
"common": {
"actions": {
"save": "Save",
"cancel": "Cancel",
"delete": "Delete"
},
"messages": {
"success": "Operation completed successfully",
"error": "An error occurred"
}
},
"dashboard": {
"title": "Dashboard",
"welcome": "Welcome to Palmr"
}
}
```
## Manual Translation
<Callout type="warning">
**Professional translation recommended**: For production applications, consider using professional translation
services or native speakers to ensure high-quality, culturally appropriate translations.
</Callout>
The system marks strings that need translation with the `[TO_TRANSLATE]` prefix:
```json
{
"key": "[TO_TRANSLATE] Original English text"
}
```
After manual translation:
```json
{
"key": "Texto original em inglês"
}
```
### Translation Review Process
1. **Identify**: Use `pnpm run translations:check` to find untranslated strings
2. **Translate**: Replace `[TO_TRANSLATE]` strings with proper translations
3. **Review**: Check each translation for:
- **Context accuracy**: Does it make sense in the UI?
- **Technical terms**: Are they correctly translated?
- **Tone consistency**: Matches the application's voice?
- **Cultural appropriateness**: Suitable for target audience?
4. **Test**: Verify translations in the actual application interface
5. **Document**: Note any translation decisions for future reference
### Common Review Points
- **Button labels**: Ensure they fit within UI constraints
- **Error messages**: Must be clear and helpful to users
- **Navigation items**: Should be intuitive in target language
- **Technical terms**: Some may be better left in English
- **Placeholders**: Maintain formatting and variable names
## Development Guidelines
<Callout type="important">
**Primary Language**: Always use `en-US.json` as the parent language for development. All new translation keys must be
added to English first.
</Callout>
### Translation Workflow for Development
1. **English First**: Add all new text to `apps/web/messages/en-US.json`
2. **Sync keys**: Use scripts to generate key structure for other languages
3. **Manual translation**: All strings must be manually translated for accuracy
4. **Quality Check**: Run translation validation before merging PRs
### Why English as Parent Language?
- **Consistency**: Ensures all languages have the same keys structure
- **Reference**: English serves as the source of truth for meaning
- **Key management**: Scripts use English as source for key synchronization
- **Documentation**: Most technical documentation is in English
## Best Practices
### For Developers
1. **Always use English as reference**: Add new keys to `en-US.json` first - never add keys directly to other languages
2. **Use semantic key names**: `dashboard.welcome` instead of `text1`
3. **Test key sync**: Run `pnpm run translations:dry-run` before committing
4. **Coordinate with translators**: Ensure translation team is aware of new keys
5. **Maintain consistency**: Use existing patterns for similar UI elements
### For Translators
1. **Focus on [TO_TRANSLATE] strings**: These need immediate attention
2. **Check identical strings**: May need localization even if identical to English
3. **Use proper formatting**: Maintain HTML tags and placeholders
4. **Test in context**: Verify translations work in the actual UI
5. **Maintain glossary**: Keep consistent terminology across translations
## Troubleshooting
### Common Issues
**Python not found**: Ensure Python 3.6+ is installed and in PATH
**Permission errors**: Ensure write permissions to message files
**Encoding issues**: Ensure your terminal supports UTF-8
### Getting Help
- Run `pnpm run translations:help` for detailed command examples
- Review generated translation reports for specific issues
- Check the official documentation for complete reference
## Output Examples
### Synchronization Output
```
Loading reference file: en-US.json
Reference file contains 980 keys
Processing 14 translation files...
Processing: pt-BR.json
🔍 Found 12 missing keys
✅ Updated successfully (980/980 keys)
============================================================
SUMMARY
============================================================
✅ ar-SA.json - 980/980 keys
🔄 pt-BR.json - 980/980 keys (+12 added)
```
### Translation Status Report
```
📊 TRANSLATION REPORT
Reference: en-US.json (980 strings)
================================================================================
LANGUAGE COMPLETENESS STRINGS UNTRANSLATED POSSIBLE MATCHES
--------------------------------------------------------------------------------
✅ pt-BR 100.0% 980/980 0 (0.0%) 5
⚠️ fr-FR 100.0% 980/980 12 (2.5%) 3
🟡 de-DE 95.2% 962/980 0 (0.0%) 8
================================================================================
```
## Contributing
When contributing translations:
1. **Follow the workflow**: Use the provided scripts for consistency
2. **Test thoroughly**: Run complete checks before submitting
3. **Document changes**: Note any significant translation decisions
4. **Maintain quality**: Ensure manual translations are accurate and appropriate
The translation management system ensures consistency and makes it easy to maintain high-quality localization across all supported languages.

View File

@@ -0,0 +1,420 @@
---
title: Troubleshooting
icon: "Bug"
---
Common issues and solutions for Palmr. deployment and usage.
## 🚨 Permission Denied Errors
**Most common issue**: Permission denied when uploading files or accessing data directories.
### Quick Diagnosis
```bash
# Check if this is a permission issue
docker-compose logs palmr | grep -i "permission\|denied\|eacces"
# Common error messages:
# EACCES: permission denied, open '/app/server/uploads/file.txt'
# Error: EACCES: permission denied, mkdir '/app/server/temp-uploads'
```
### The Root Cause
**Palmr. defaults**: UID 1001, GID 1001
**Linux standard**: UID 1000, GID 1000
When using bind mounts, your host directories may have different ownership than Palmr's default UID/GID.
### Solution 1: Environment Variables (Recommended)
Set Palmr. to use your host system's UID/GID:
```bash
# Find your UID/GID
id
# Output: uid=1000(user) gid=1000(group) groups=1000(group),27(sudo)
```
Add to your `docker-compose.yaml`:
```yaml
services:
palmr:
environment:
- PALMR_UID=1000 # Your UID
- PALMR_GID=1000 # Your GID
# ... rest of config
```
Restart the container:
```bash
docker-compose down && docker-compose up -d
```
### Solution 2: Change Host Directory Ownership
If you prefer to keep Palmr's defaults:
```bash
# For single data directory
chown -R 1001:1001 ./data
# For separate upload/temp directories
mkdir -p uploads temp-uploads
chown -R 1001:1001 uploads temp-uploads
```
### Solution 3: Docker Volume (Avoid the Issue)
Use Docker named volumes instead of bind mounts:
```yaml
volumes:
- palmr_data:/app/server # Named volume (no permission issues)
# Instead of:
# - ./data:/app/server # Bind mount (permission issues)
volumes:
palmr_data:
```
---
## 🐳 Container Issues
### Container Won't Start
**Check logs first:**
```bash
docker-compose logs palmr
```
**Common issues:**
1. **Port already in use**
```bash
# Check what's using port 5487
sudo lsof -i :5487
# Or change port in docker-compose.yaml
ports:
- "5488:5487" # Use different host port
```
2. **Invalid encryption key**
```bash
# Error: Encryption key must be at least 32 characters (only if encryption is enabled)
# Fix: Either disable encryption or provide a valid key
environment:
- DISABLE_FILESYSTEM_ENCRYPTION=true # Disable encryption (default)
# OR enable encryption with:
# - DISABLE_FILESYSTEM_ENCRYPTION=false
# - ENCRYPTION_KEY=your-very-long-secure-key-at-least-32-characters
```
3. **Missing environment variables**
```bash
# Check variables are set (encryption is optional)
docker exec palmr env | grep -E "DISABLE_FILESYSTEM_ENCRYPTION|ENCRYPTION_KEY|DATABASE_URL"
```
### Container Starts But App Doesn't Load
```bash
# Check if services are running inside container
docker exec palmr ps aux
# Check if ports are bound correctly
docker port palmr
# Test API directly
curl http://localhost:3333/health
```
---
## 📁 File Upload Issues
### Files Not Uploading
1. **Check disk space:**
```bash
df -h
# Ensure you have enough space in upload directory
```
2. **Check file permissions in container:**
```bash
docker exec palmr ls -la /app/server/uploads/
# Should show ownership by palmr user (UID 1001)
```
3. **Check upload limits:**
- Default max file size is configurable
- Check browser network tab for 413 errors
### Files Upload But Can't Be Downloaded
```bash
# Check file exists and is readable
docker exec palmr ls -la /app/server/uploads/
# Check file ownership
docker exec palmr stat /app/server/uploads/your-file.txt
```
---
## 🔑 Authentication Issues
### Can't Login to Admin Account
1. **Reset admin password:**
```bash
# Using the built-in reset script
docker exec -it palmr /app/palmr-app/reset-password.sh
```
2. **Check database permissions:**
```bash
docker exec palmr ls -la /app/server/prisma/
# palmr.db should be writable by palmr user (UID 1001)
```
### OIDC Authentication Not Working
See our [OIDC Configuration Guide](/docs/3.0-beta/oidc-authentication) for detailed setup.
### Safari: Images Don't Render and Downloads Are Corrupted
**Symptoms:**
- Images show as broken/loading icon in Safari
- Downloaded files are corrupted
- Works fine on localhost but fails on production domain
- Only affects Safari with "Cross-Site Tracking Prevention" enabled
**Cause:**
Safari blocks cookies when the frontend and backend are on different domains/subdomains due to Cross-Site Tracking prevention.
**Solution:**
1. **Enable secure cookies in your server `.env`:**
```bash
SECURE_SITE=true
```
2. **Ensure HTTPS is enabled:**
The `sameSite: none` cookie attribute requires HTTPS. Make sure your reverse proxy (nginx, Traefik, etc.) is configured with SSL/TLS.
3. **Restart the server:**
```bash
docker-compose down && docker-compose up -d
```
**Verification:**
- Check browser dev tools → Application → Cookies
- Look for the `token` cookie with:
- ✅ `Secure` flag enabled
- ✅ `SameSite=None`
- ✅ `HttpOnly` flag enabled
> **💡 Note**: This requires HTTPS. If using HTTP in development, keep `SECURE_SITE=false`.
---
## 🌐 Network Issues
### Can't Access Web Interface
1. **From localhost:**
```bash
# Test if container is responding
curl http://localhost:5487
# Check if port is bound
docker port palmr 5487
```
2. **From external network:**
```bash
# Check firewall
sudo ufw status
# Test from external IP
curl http://YOUR_SERVER_IP:5487
```
### API Not Accessible
```bash
# Check if API port is exposed
docker port palmr 3333
# Test API health
curl http://localhost:3333/health
# Check API documentation
curl http://localhost:3333/docs
```
---
## 💾 Database Issues
### Database Connection Errors
```bash
# Check database file exists and is writable
docker exec palmr ls -la /app/server/prisma/palmr.db
# Check database logs
docker-compose logs palmr | grep -i database
# Verify Prisma schema (run from palmr-app directory)
docker exec palmr sh -c "cd /app/palmr-app && npx prisma db push"
```
### Database Corruption
```bash
# Stop container
docker-compose down
# Backup existing database
cp ./data/prisma/palmr.db ./data/prisma/palmr.db.backup
# Let Palmr recreate database on startup
rm ./data/prisma/palmr.db
# Start container (will recreate database)
docker-compose up -d
```
---
## 🚀 Performance Issues
### Slow File Uploads
1. **Check available disk space:**
```bash
df -h
```
2. **Monitor container resources:**
```bash
docker stats palmr
```
3. **Check temp directory permissions:**
```bash
docker exec palmr ls -la /app/server/temp-uploads/
```
### High Memory Usage
```bash
# Check container memory usage
docker stats palmr
# Check Node.js memory usage
docker exec palmr ps aux | grep node
```
---
## 🔍 Diagnostic Commands
### Complete Health Check
```bash
#!/bin/bash
echo "=== Palmr. Health Check ==="
echo "1. Container Status:"
docker ps | grep palmr
echo "2. Container Logs (last 20 lines):"
docker-compose logs --tail=20 palmr
echo "3. Port Status:"
docker port palmr
echo "4. File Permissions:"
docker exec palmr ls -la /app/server/
echo "5. Application Files:"
docker exec palmr ls -la /app/palmr-app/
echo "6. Environment Variables:"
docker exec palmr env | grep -E "PALMR_|DISABLE_FILESYSTEM_ENCRYPTION|ENCRYPTION_|DATABASE_"
echo "7. API Health:"
curl -s http://localhost:3333/health || echo "API not accessible"
echo "8. Web Interface:"
curl -s -o /dev/null -w "%{http_code}" http://localhost:5487 || echo "Web interface not accessible"
echo "9. Disk Space:"
df -h
echo "=== End Health Check ==="
```
### Log Analysis
```bash
# Check for common errors
docker-compose logs palmr 2>&1 | grep -E "error|Error|ERROR|failed|Failed|FAILED"
# Check permission issues
docker-compose logs palmr 2>&1 | grep -E "permission|denied|EACCES"
# Check startup sequence
docker-compose logs palmr 2>&1 | grep -E "🌴|🔧|🚀|✅"
```
---
## 📞 Getting Help
If none of these solutions work:
1. **Gather diagnostic information:**
```bash
# Run the complete health check above
# Save the output to a file
```
2. **Check our documentation:**
- [UID/GID Configuration](/docs/3.0-beta/uid-gid-configuration)
- [Quick Start Guide](/docs/3.0-beta/quick-start)
- [API Reference](/docs/3.0-beta/api)
3. **Open an issue on GitHub:**
- Include your `docker-compose.yaml`
- Include relevant log output
- Describe your system (OS, Docker version, etc.)
- [GitHub Issues](https://github.com/kyantech/Palmr/issues)
4. **Check existing issues:**
- Search [closed issues](https://github.com/kyantech/Palmr/issues?q=is%3Aissue+is%3Aclosed) for similar problems
- Look for recent [discussions](https://github.com/kyantech/Palmr/discussions)

View File

@@ -0,0 +1,339 @@
---
title: UID/GID Configuration
icon: "Users"
---
Configure user and group permissions for seamless bind mount compatibility across different host systems, particularly NAS environments.
## Overview
Palmr. supports runtime UID/GID configuration to resolve permission conflicts when using bind mounts. This eliminates the need for manual permission management on your host system.
**⚠️ Important**: Palmr uses **UID 1000, GID 1000** by default, which matches the standard Linux convention. However, some systems may use different UID/GID values, which can cause permission issues with bind mounts.
## The Permission Problem
### Why This Happens
- **Palmr Default**: UID 1000, GID 1000 (container)
- **Linux Standard**: UID 1000, GID 1000 (most host systems)
- **Result**: Usually compatible, but some systems may use different values
### Common Error Scenarios
```bash
# When you see errors like:
EACCES: permission denied, open '/app/server/uploads/file.txt'
```
```bash
# Or when checking permissions:
$ ls -la uploads/
drwxr-xr-x 2 user user 4096 Jan 15 10:00 uploads/
# Container tries to write with different UID/GID than directory owner
```
## Quick Fix
### Option 1: Set Palmr to Use Standard UID/GID (Recommended)
Add these environment variables to your `docker-compose.yaml`:
```yaml
services:
palmr:
image: kyantech/palmr:latest
container_name: palmr
environment:
- PALMR_UID=1000
- PALMR_GID=1000
ports:
- "5487:5487"
volumes:
- ./uploads:/app/server/uploads:rw
- ./temp-uploads:/app/server/temp-uploads:rw
restart: unless-stopped
```
### Option 2: Change Host Directory Permissions
If you prefer to keep Palmr's defaults:
```bash
# Create directories with correct ownership
mkdir -p uploads temp-uploads
chown -R 1001:1001 uploads temp-uploads
```
## Environment Variables
Configure permissions using these optional environment variables:
| Variable | Description | Default | Example |
| ----------- | -------------------------------- | ------- | ------- |
| `PALMR_UID` | User ID for container processes | `1001` | `1000` |
| `PALMR_GID` | Group ID for container processes | `1001` | `1000` |
---
## Finding Your Host UID/GID
Determine your host system's user and group IDs:
```bash
# Check current user
id
# Output example
uid=1000(user) gid=1000(group) groups=1000(group),27(sudo)
```
Use the `uid` and `gid` values for your `PALMR_UID` and `PALMR_GID` configuration.
---
## Configuration Examples
### Standard Linux System (Most Common)
```yaml
services:
palmr:
image: kyantech/palmr:latest
container_name: palmr
environment:
- PALMR_UID=1000
- PALMR_GID=1000
ports:
- "5487:5487"
volumes:
- ./data:/app/server
restart: unless-stopped
```
### Synology NAS
```yaml
services:
palmr:
image: kyantech/palmr:latest
container_name: palmr
environment:
- PALMR_UID=1026
- PALMR_GID=100
ports:
- "5487:5487"
volumes:
- /volume1/docker/palmr:/app/server
restart: unless-stopped
```
### QNAP NAS
```yaml
services:
palmr:
image: kyantech/palmr:latest
container_name: palmr
environment:
- PALMR_UID=1000
- PALMR_GID=100
ports:
- "5487:5487"
volumes:
- /share/Container/palmr:/app/server
restart: unless-stopped
```
---
## Troubleshooting
### Common Permission Errors
**Error**: `EACCES: permission denied`
```bash
# 1. Check your current UID/GID
id
# 2. Check directory ownership
ls -la uploads/ temp-uploads/
# 3. Fix via environment variables (preferred)
# Add to docker-compose.yaml:
# - PALMR_UID=1000
# - PALMR_GID=1000
# 4. Or fix via chown (alternative)
chown -R 1001:1001 uploads temp-uploads
```
**Error**: Container starts but files aren't accessible
```bash
# Check container's UID/GID configuration
docker-compose logs palmr | grep -E "🔧|Runtime UID/GID"
# Check file ownership inside container
docker exec palmr ls -la /app/server/
```
### Verification Commands
Verify UID/GID settings are applied correctly:
```bash
# View startup logs for UID/GID configuration
docker-compose logs palmr | head -20
# Check file ownership in container
docker exec palmr ls -la /app/server/
# Verify process is running with correct UID/GID
docker exec palmr ps aux | grep node
# Check environment variables
docker exec palmr env | grep PALMR
```
### Advanced Troubleshooting
**NAS-specific debugging:**
```bash
# Synology - Check mount point ownership
ls -la /volume1/docker/palmr/
# QNAP - Check mount point ownership
ls -la /share/Container/palmr/
# Check NAS user configuration
cat /etc/passwd | grep -v nobody
```
**Docker bind mount issues:**
```bash
# Check if directories exist and are writable
test -w uploads && echo "uploads writable" || echo "uploads NOT writable"
test -w temp-uploads && echo "temp-uploads writable" || echo "temp-uploads NOT writable"
# Create directories with correct permissions
mkdir -p uploads temp-uploads
sudo chown -R $(id -u):$(id -g) uploads temp-uploads
```
---
## When to Configure
UID/GID configuration is **required** when:
- ✅ Using bind mounts (most common case)
- ✅ Encountering "permission denied" errors
- ✅ Deploying on NAS systems (Synology, QNAP, etc.)
- ✅ Host system uses different default UID/GID values
- ✅ Running multiple containers that need to share files
UID/GID configuration is **optional** when:
- ❌ Using Docker named volumes (Docker manages permissions)
- ❌ Not using bind mounts
- ❌ No permission errors occurring
---
## Migration Guide
### Existing Installations
To add UID/GID configuration to running installations:
1. **Stop the container**
```bash
docker-compose down
```
2. **Backup your data**
```bash
cp -r ./data ./data-backup
# or
cp -r ./uploads ./uploads-backup
cp -r ./temp-uploads ./temp-uploads-backup
```
3. **Check your UID/GID**
```bash
id
```
4. **Update configuration**
Add UID/GID variables to your `docker-compose.yaml`:
```yaml
environment:
- PALMR_UID=1000
- PALMR_GID=1000
```
5. **Restart with new configuration**
```bash
docker-compose up -d
```
---
## Implementation Details
The UID/GID configuration process:
1. **Detection** - Environment variables are read during container startup
2. **Ownership Update** - File permissions are adjusted to match target UID/GID
3. **Privilege Drop** - Application runs with specified user permissions via `su-exec`
4. **Logging** - Configuration changes are logged for verification
This approach provides automatic permission management without user creation or system modification.
---
## Build-Time Configuration
For custom base images with different default values:
```bash
docker build \
--build-arg PALMR_UID=2000 \
--build-arg PALMR_GID=2000 \
-t palmr:custom .
```
Runtime environment variables override build-time defaults.
---
## Benefits
- **Zero Configuration** - Works automatically when environment variables are set
- **Universal Compatibility** - Supports any valid UID/GID combination
- **NAS Optimized** - Tested with major NAS platforms
- **Backward Compatible** - Existing deployments continue without modification
- **Performance Optimized** - Lightweight implementation using `su-exec`
## Summary
For most users experiencing permission issues with bind mounts:
1. **Find your UID/GID**: Run `id` command
2. **Add to docker-compose.yaml**:
```yaml
environment:
- PALMR_UID=1000
- PALMR_GID=1000
```
3. **Restart**: `docker-compose down && docker-compose up -d`
This ensures compatibility between Palmr's UID/GID and your host system's file ownership.

View File

@@ -1,3 +1,3 @@
{
"pages": ["2.0.0-beta", "1.1.7-beta"]
"pages": ["3.2-beta", "2.0.0-beta"]
}

View File

@@ -0,0 +1,67 @@
/* eslint-disable import/no-anonymous-default-export */
import path from "node:path";
import { fileURLToPath } from "node:url";
import { FlatCompat } from "@eslint/eslintrc";
import js from "@eslint/js";
import typescriptEslintEslintPlugin from "@typescript-eslint/eslint-plugin";
import tsParser from "@typescript-eslint/parser";
import prettier from "eslint-plugin-prettier";
const __filename = fileURLToPath(import.meta.url);
const __dirname = path.dirname(__filename);
const compat = new FlatCompat({
baseDirectory: __dirname,
recommendedConfig: js.configs.recommended,
allConfig: js.configs.all,
});
export default [
...compat.extends("next", "next/core-web-vitals", "prettier"),
{
plugins: {
prettier,
},
rules: {
"prettier/prettier": "error",
camelcase: "off",
"import/prefer-default-export": "off",
"react/jsx-filename-extension": "off",
"react/jsx-props-no-spreading": "off",
"react/no-unused-prop-types": "off",
"react/require-default-props": "off",
"react/no-unescaped-entities": "off",
"@next/next/no-img-element": "off",
"import/extensions": [
"error",
"ignorePackages",
{
ts: "never",
tsx: "never",
js: "never",
jsx: "never",
},
],
},
},
{
files: ["**/*.+(ts|tsx)"],
plugins: {
"@typescript-eslint": typescriptEslintEslintPlugin,
},
languageOptions: {
parser: tsParser,
},
rules: {
"@typescript-eslint/explicit-function-return-type": "off",
"@typescript-eslint/explicit-module-boundary-types": "off",
"no-use-before-define": [0],
"@typescript-eslint/no-use-before-define": [1],
"@typescript-eslint/no-explicit-any": "off",
"@typescript-eslint/no-var-requires": "off",
},
},
// Ignore ESLint errors in @/ui directory
{
ignores: ["src/components/ui/**/*", "src/components/magicui/**/*"],
},
];

View File

@@ -1,4 +1,4 @@
import { createMDX } from 'fumadocs-mdx/next';
import { createMDX } from "fumadocs-mdx/next";
const withMDX = createMDX();
@@ -15,15 +15,15 @@ const config = {
qualities: [100],
remotePatterns: [
{
protocol: 'https',
hostname: '**'
protocol: "https",
hostname: "**",
},
{
protocol: 'http',
hostname: '**'
}
]
}
protocol: "http",
hostname: "**",
},
],
},
};
export default withMDX(config);

View File

@@ -1,36 +1,64 @@
{
"name": "docs-v2",
"version": "0.0.0",
"name": "palmr-docs",
"version": "3.2.5-beta",
"description": "Docs for Palmr",
"private": true,
"author": "Daniel Luiz Alves <daniel@kyantech.com.br>",
"keywords": [
"palmr",
"docs",
"documentation",
"mdx",
"nextjs",
"react",
"typescript"
],
"license": "Apache-2.0",
"packageManager": "pnpm@10.6.0",
"scripts": {
"build": "next build",
"dev": "next dev --turbo",
"dev": "next dev -p 3001",
"start": "next start",
"postinstall": "fumadocs-mdx"
"postinstall": "fumadocs-mdx",
"lint": "eslint \"src/**/*.+(ts|tsx)\"",
"lint:fix": "eslint \"src/**/*.+(ts|tsx)\" --fix",
"format": "prettier . --write",
"format:check": "prettier . --check",
"type-check": "npx tsc --noEmit",
"validate": "pnpm lint && pnpm type-check"
},
"dependencies": {
"class-variance-authority": "^0.7.1",
"clsx": "^2.1.1",
"fumadocs-core": "15.2.7",
"fumadocs-mdx": "11.6.0",
"fumadocs-mdx": "11.6.10",
"fumadocs-ui": "15.2.7",
"lucide-react": "^0.488.0",
"motion": "^12.9.1",
"next": "15.3.0",
"lucide-react": "^0.525.0",
"motion": "^12.23.0",
"next": "15.3.4",
"react": "^19.1.0",
"react-dom": "^19.1.0",
"tailwind-merge": "^3.2.0"
},
"devDependencies": {
"@tailwindcss/postcss": "^4.1.3",
"@eslint/eslintrc": "3.3.1",
"@eslint/js": "9.30.0",
"@ianvs/prettier-plugin-sort-imports": "4.4.2",
"@tailwindcss/postcss": "^4.1.11",
"@types/mdx": "^2.0.13",
"@types/node": "22.14.0",
"@types/react": "^19.1.0",
"@types/react-dom": "^19.1.2",
"eslint": "^8",
"eslint-config-next": "15.3.0",
"postcss": "^8.5.3",
"tailwindcss": "^4.1.3",
"@types/react": "^19.1.8",
"@types/react-dom": "^19.1.6",
"@typescript-eslint/eslint-plugin": "8.35.1",
"@typescript-eslint/parser": "8.35.1",
"eslint": "9.30.0",
"eslint-config-next": "15.3.4",
"eslint-config-prettier": "9.1.0",
"eslint-plugin-prettier": "5.5.1",
"postcss": "^8.5.6",
"prettier": "3.6.2",
"prettier-plugin-sort-json": "4.1.1",
"tailwindcss": "^4.1.11",
"tw-animate-css": "^1.2.8",
"typescript": "^5.8.3"
}

5739
apps/docs/pnpm-lock.yaml generated

File diff suppressed because it is too large Load Diff

View File

@@ -1,5 +1,5 @@
export default {
plugins: {
'@tailwindcss/postcss': {},
"@tailwindcss/postcss": {},
},
};

Binary file not shown.

After

Width:  |  Height:  |  Size: 19 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 7.3 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 171 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 31 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 885 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 105 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 166 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 168 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 292 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 151 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 239 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 125 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 167 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 150 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 174 KiB

Some files were not shown because too many files have changed in this diff Show More