From dd1f7ba5444927fa59b9bd9b7c5881a89d9de3a7 Mon Sep 17 00:00:00 2001 From: Owen Date: Thu, 14 May 2026 21:46:26 -0700 Subject: [PATCH 1/3] Make crowdsec --crowdsec --- install/main.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/install/main.go b/install/main.go index 13e506d06..b3979ace9 100644 --- a/install/main.go +++ b/install/main.go @@ -4,6 +4,7 @@ import ( "crypto/rand" "embed" "encoding/base64" + "flag" "fmt" "io" "io/fs" @@ -68,6 +69,9 @@ const ( func main() { + crowdsecFlag := flag.Bool("crowdsec", false, "Enable the CrowdSec installation prompt") + flag.Parse() + // print a banner about prerequisites - opening port 80, 443, 51820, and 21820 on the VPS and firewall and pointing your domain to the VPS IP with a records. Docs are at http://localhost:3000/Getting%20Started/dns-networking fmt.Println("Welcome to the Pangolin installer!") @@ -206,7 +210,7 @@ func main() { } } - if !checkIsCrowdsecInstalledInCompose() { + if *crowdsecFlag && !checkIsCrowdsecInstalledInCompose() { fmt.Println("\n=== CrowdSec Install ===") // check if crowdsec is installed if readBool("Would you like to install CrowdSec?", false) { From 530b5082bd89ecfba9651eb9c24bff7ffa9cdf84 Mon Sep 17 00:00:00 2001 From: miloschwartz Date: Sat, 16 May 2026 12:34:17 -0700 Subject: [PATCH 2/3] make online/connected styling consistent --- src/components/ClientInfoCard.tsx | 8 ++++---- src/components/ExitNodeInfoCard.tsx | 4 ++-- src/components/ExitNodesTable.tsx | 4 ++-- src/components/HealthChecksTable.tsx | 6 +++--- src/components/MachineClientsTable.tsx | 4 ++-- src/components/PendingSitesTable.tsx | 4 ++-- src/components/ResourceInfoBox.tsx | 4 ++-- src/components/SiteInfoCard.tsx | 4 ++-- src/components/SitesTable.tsx | 4 ++-- src/components/UserDevicesTable.tsx | 4 ++-- 10 files changed, 23 insertions(+), 23 deletions(-) diff --git a/src/components/ClientInfoCard.tsx b/src/components/ClientInfoCard.tsx index 4815c85fb..9962c8f93 100644 --- a/src/components/ClientInfoCard.tsx +++ b/src/components/ClientInfoCard.tsx @@ -61,14 +61,14 @@ export default function SiteInfoCard({}: ClientInfoCardProps) { {t("status")} {client.online ? ( -
+
- {t("online")} + {t("connected")}
) : ( -
+
- {t("offline")} + {t("disconnected")}
)} diff --git a/src/components/ExitNodeInfoCard.tsx b/src/components/ExitNodeInfoCard.tsx index 5f50d892a..46791ec4f 100644 --- a/src/components/ExitNodeInfoCard.tsx +++ b/src/components/ExitNodeInfoCard.tsx @@ -26,12 +26,12 @@ export default function ExitNodeInfoCard({}: ExitNodeInfoCardProps) { {t("status")} {remoteExitNode.online ? ( -
+
{t("online")}
) : ( -
+
{t("offline")}
diff --git a/src/components/ExitNodesTable.tsx b/src/components/ExitNodesTable.tsx index 73e96a96c..27b44706f 100644 --- a/src/components/ExitNodesTable.tsx +++ b/src/components/ExitNodesTable.tsx @@ -140,14 +140,14 @@ export default function ExitNodesTable({ const originalRow = row.original; if (originalRow.online) { return ( - +
{t("online")} ); } else { return ( - +
{t("offline")} diff --git a/src/components/HealthChecksTable.tsx b/src/components/HealthChecksTable.tsx index 68976bf40..2e85d55bd 100644 --- a/src/components/HealthChecksTable.tsx +++ b/src/components/HealthChecksTable.tsx @@ -519,21 +519,21 @@ export default function HealthChecksTable({ const health = row.original.hcHealth; if (health === "healthy") { return ( - +
{t("standaloneHcHealthStateHealthy")} ); } else if (health === "unhealthy") { return ( - +
{t("standaloneHcHealthStateUnhealthy")} ); } else { return ( - +
{t("standaloneHcHealthStateUnknown")} diff --git a/src/components/MachineClientsTable.tsx b/src/components/MachineClientsTable.tsx index 4ef22c83d..a70e6d8e5 100644 --- a/src/components/MachineClientsTable.tsx +++ b/src/components/MachineClientsTable.tsx @@ -285,14 +285,14 @@ export default function MachineClientsTable({ const originalRow = row.original; if (originalRow.online) { return ( - +
{t("connected")} ); } else { return ( - +
{t("disconnected")} diff --git a/src/components/PendingSitesTable.tsx b/src/components/PendingSitesTable.tsx index d32aee95e..8cdfc424d 100644 --- a/src/components/PendingSitesTable.tsx +++ b/src/components/PendingSitesTable.tsx @@ -228,14 +228,14 @@ export default function PendingSitesTable({ ) { if (originalRow.online) { return ( - +
{t("online")} ); } else { return ( - +
{t("offline")} diff --git a/src/components/ResourceInfoBox.tsx b/src/components/ResourceInfoBox.tsx index b53558012..d66912d14 100644 --- a/src/components/ResourceInfoBox.tsx +++ b/src/components/ResourceInfoBox.tsx @@ -89,12 +89,12 @@ export default function ResourceInfoBox({}: ResourceInfoBoxType) { Socket {isAvailable ? ( - +
Online ) : ( - +
Offline diff --git a/src/components/SiteInfoCard.tsx b/src/components/SiteInfoCard.tsx index 91a924e58..4f366731e 100644 --- a/src/components/SiteInfoCard.tsx +++ b/src/components/SiteInfoCard.tsx @@ -34,12 +34,12 @@ export default function SiteInfoCard({}: SiteInfoCardProps) { {t("status")} {site.online ? ( -
+
{t("online")}
) : ( -
+
{t("offline")}
diff --git a/src/components/SitesTable.tsx b/src/components/SitesTable.tsx index c29314874..1e50b543f 100644 --- a/src/components/SitesTable.tsx +++ b/src/components/SitesTable.tsx @@ -226,14 +226,14 @@ export default function SitesTable({ ) { if (originalRow.online) { return ( - +
{t("online")} ); } else { return ( - +
{t("offline")} diff --git a/src/components/UserDevicesTable.tsx b/src/components/UserDevicesTable.tsx index 0a130cc16..1908f1100 100644 --- a/src/components/UserDevicesTable.tsx +++ b/src/components/UserDevicesTable.tsx @@ -436,14 +436,14 @@ export default function UserDevicesTable({ const originalRow = row.original; if (originalRow.online) { return ( - +
{t("connected")} ); } else { return ( - +
{t("disconnected")} From 3b93fd99a17c5f6f78830d84ca7694d474cf45cc Mon Sep 17 00:00:00 2001 From: Owen Date: Sat, 16 May 2026 20:44:36 -0700 Subject: [PATCH 3/3] Remove workflows --- .github/workflows/restart-runners.yml | 39 ------- .github/workflows/saas.yml | 160 -------------------------- 2 files changed, 199 deletions(-) delete mode 100644 .github/workflows/restart-runners.yml delete mode 100644 .github/workflows/saas.yml diff --git a/.github/workflows/restart-runners.yml b/.github/workflows/restart-runners.yml deleted file mode 100644 index 6c0f7cbc1..000000000 --- a/.github/workflows/restart-runners.yml +++ /dev/null @@ -1,39 +0,0 @@ -name: Restart Runners - -on: - schedule: - - cron: '0 0 */7 * *' - -permissions: - id-token: write - contents: read - -jobs: - ec2-maintenance-prod: - runs-on: ubuntu-latest - permissions: write-all - steps: - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v6 - with: - role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_ROLE_NAME }} - role-duration-seconds: 3600 - aws-region: ${{ secrets.AWS_REGION }} - - - name: Verify AWS identity - run: aws sts get-caller-identity - - - name: Start EC2 instance - run: | - aws ec2 start-instances --instance-ids ${{ secrets.EC2_INSTANCE_ID_ARM_RUNNER }} - aws ec2 start-instances --instance-ids ${{ secrets.EC2_INSTANCE_ID_AMD_RUNNER }} - echo "EC2 instances started" - - - name: Wait - run: sleep 600 - - - name: Stop EC2 instance - run: | - aws ec2 stop-instances --instance-ids ${{ secrets.EC2_INSTANCE_ID_ARM_RUNNER }} - aws ec2 stop-instances --instance-ids ${{ secrets.EC2_INSTANCE_ID_AMD_RUNNER }} - echo "EC2 instances stopped" diff --git a/.github/workflows/saas.yml b/.github/workflows/saas.yml deleted file mode 100644 index 7c3d0adac..000000000 --- a/.github/workflows/saas.yml +++ /dev/null @@ -1,160 +0,0 @@ -name: SAAS Pipeline - -# CI/CD workflow for building, publishing, mirroring, signing container images and building release binaries. -# Actions are pinned to specific SHAs to reduce supply-chain risk. This workflow triggers on tag push events. - -permissions: - contents: read - packages: write # for GHCR push - id-token: write # for Cosign Keyless (OIDC) Signing - -on: - push: - tags: - - "[0-9]+.[0-9]+.[0-9]+-s.[0-9]+" - -concurrency: - group: ${{ github.ref }} - cancel-in-progress: true - -jobs: - pre-run: - runs-on: ubuntu-latest - permissions: write-all - steps: - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v6 - with: - role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_ROLE_NAME }} - role-duration-seconds: 3600 - aws-region: ${{ secrets.AWS_REGION }} - - - name: Verify AWS identity - run: aws sts get-caller-identity - - - name: Start EC2 instances - run: | - aws ec2 start-instances --instance-ids ${{ secrets.EC2_INSTANCE_ID_ARM_RUNNER }} - echo "EC2 instances started" - - - release-arm: - name: Build and Release (ARM64) - runs-on: [self-hosted, linux, arm64, us-east-1] - needs: [pre-run] - if: >- - ${{ - needs.pre-run.result == 'success' - }} - # Job-level timeout to avoid runaway or stuck runs - timeout-minutes: 120 - env: - # Target images - AWS_IMAGE: ${{ secrets.aws_account_id }}.dkr.ecr.us-east-1.amazonaws.com/${{ github.event.repository.name }} - - steps: - - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - - name: Download MaxMind GeoLite2 databases - env: - MAXMIND_LICENSE_KEY: ${{ secrets.MAXMIND_LICENSE_KEY }} - run: | - echo "Downloading MaxMind GeoLite2 databases..." - - # Download GeoLite2-Country - curl -L "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country&license_key=${MAXMIND_LICENSE_KEY}&suffix=tar.gz" \ - -o GeoLite2-Country.tar.gz - - # Download GeoLite2-ASN - curl -L "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-ASN&license_key=${MAXMIND_LICENSE_KEY}&suffix=tar.gz" \ - -o GeoLite2-ASN.tar.gz - - # Extract the .mmdb files - tar -xzf GeoLite2-Country.tar.gz --strip-components=1 --wildcards '*.mmdb' - tar -xzf GeoLite2-ASN.tar.gz --strip-components=1 --wildcards '*.mmdb' - - # Verify files exist - if [ ! -f "GeoLite2-Country.mmdb" ]; then - echo "ERROR: Failed to download GeoLite2-Country.mmdb" - exit 1 - fi - - if [ ! -f "GeoLite2-ASN.mmdb" ]; then - echo "ERROR: Failed to download GeoLite2-ASN.mmdb" - exit 1 - fi - - # Clean up tar files - rm -f GeoLite2-Country.tar.gz GeoLite2-ASN.tar.gz - - echo "MaxMind databases downloaded successfully" - ls -lh GeoLite2-*.mmdb - - - name: Monitor storage space - run: | - THRESHOLD=75 - USED_SPACE=$(df / | grep / | awk '{ print $5 }' | sed 's/%//g') - echo "Used space: $USED_SPACE%" - if [ "$USED_SPACE" -ge "$THRESHOLD" ]; then - echo "Used space is below the threshold of 75% free. Running Docker system prune." - echo y | docker system prune -a - else - echo "Storage space is above the threshold. No action needed." - fi - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v6 - with: - role-to-assume: arn:aws:iam::${{ secrets.aws_account_id }}:role/${{ secrets.AWS_ROLE_NAME }} - role-duration-seconds: 3600 - aws-region: ${{ secrets.AWS_REGION }} - - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v2 - - - name: Extract tag name - id: get-tag - run: echo "TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV - shell: bash - - - name: Update version in package.json - run: | - TAG=${{ env.TAG }} - sed -i "s/export const APP_VERSION = \".*\";/export const APP_VERSION = \"$TAG\";/" server/lib/consts.ts - cat server/lib/consts.ts - shell: bash - - - name: Build and push Docker images (Docker Hub - ARM64) - run: | - TAG=${{ env.TAG }} - make build-saas tag=$TAG - echo "Built & pushed ARM64 images to: ${{ env.AWS_IMAGE }}:${TAG}" - shell: bash - - post-run: - needs: [pre-run, release-arm] - if: >- - ${{ - always() && - needs.pre-run.result == 'success' && - (needs.release-arm.result == 'success' || needs.release-arm.result == 'skipped' || needs.release-arm.result == 'failure') - }} - runs-on: ubuntu-latest - permissions: write-all - steps: - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v6 - with: - role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_ROLE_NAME }} - role-duration-seconds: 3600 - aws-region: ${{ secrets.AWS_REGION }} - - - name: Verify AWS identity - run: aws sts get-caller-identity - - - name: Stop EC2 instances - run: | - aws ec2 stop-instances --instance-ids ${{ secrets.EC2_INSTANCE_ID_ARM_RUNNER }} - echo "EC2 instances stopped"