Add regional redis cache

Ref #2978

.cursor/rules/Localization.mdc

@@ -0,0 +1,5 @@
+---
+alwaysApply: true
+---
+
+Always localize strings and use the `t` function to convert keys to strings. Add the keys to the en-us.json file. Never edit the other language files, as en-us.json is the single source of truth.

.cursor/rules/Nomenclature.mdc

@@ -0,0 +1,7 @@
+---
+description: 
+alwaysApply: true
+---
+
+Proxy resources = public resources
+Private resources = client resources = site resources

.dockerignore

@@ -28,8 +28,9 @@ LICENSE
 CONTRIBUTING.md
 dist
 .git
-migrations/
+server/migrations/
 config/
 build.ts
 tsconfig.json
-migrations/
+Dockerfile*
+drizzle.config.ts

.github/CODEOWNERS

@@ -0,0 +1 @@
+* @oschwartz10612 @miloschwartz

.github/workflows/cicd.yml

@@ -1,4 +1,4 @@
-name: Public Pipeline
+name: Public CICD Pipeline
 
 # CI/CD workflow for building, publishing, mirroring, signing container images and building release binaries.
 # Actions are pinned to specific SHAs to reduce supply-chain risk. This workflow triggers on tag push events.
@@ -29,7 +29,7 @@ jobs:
         permissions: write-all
         steps:
             - name: Configure AWS credentials
-              uses: aws-actions/configure-aws-credentials@v5
+              uses: aws-actions/configure-aws-credentials@v6
               with:
                   role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_ROLE_NAME }}
                   role-duration-seconds: 3600
@@ -62,7 +62,7 @@ jobs:
 
         steps:
             - name: Checkout code
-              uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+              uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
             - name: Monitor storage space
               run: |
@@ -77,7 +77,7 @@ jobs:
                   fi
 
             - name: Log in to Docker Hub
-              uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+              uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
               with:
                   registry: docker.io
                   username: ${{ secrets.DOCKER_HUB_USERNAME }}
@@ -134,7 +134,7 @@ jobs:
 
         steps:
             - name: Checkout code
-              uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+              uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
             - name: Monitor storage space
               run: |
@@ -149,7 +149,7 @@ jobs:
                   fi
 
             - name: Log in to Docker Hub
-              uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+              uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
               with:
                   registry: docker.io
                   username: ${{ secrets.DOCKER_HUB_USERNAME }}
@@ -201,10 +201,10 @@ jobs:
         timeout-minutes: 30
         steps:
             - name: Checkout code
-              uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+              uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
             - name: Log in to Docker Hub
-              uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+              uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
               with:
                   registry: docker.io
                   username: ${{ secrets.DOCKER_HUB_USERNAME }}
@@ -256,7 +256,7 @@ jobs:
 
         steps:
             - name: Checkout code
-              uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+              uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
             - name: Extract tag name
               id: get-tag
@@ -264,9 +264,9 @@ jobs:
               shell: bash
 
             - name: Install Go
-              uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
+              uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
               with:
-                  go-version: 1.24
+                  go-version: 1.25
 
             - name: Update version in package.json
               run: |
@@ -289,25 +289,17 @@ jobs:
                   echo "LATEST_BADGER_TAG=$LATEST_TAG" >> $GITHUB_ENV
               shell: bash
 
-            - name: Update install/main.go
-              run: |
-                  PANGOLIN_VERSION=${{ env.TAG }}
-                  GERBIL_VERSION=${{ env.LATEST_GERBIL_TAG }}
-                  BADGER_VERSION=${{ env.LATEST_BADGER_TAG }}
-                  sed -i "s/config.PangolinVersion = \".*\"/config.PangolinVersion = \"$PANGOLIN_VERSION\"/" install/main.go
-                  sed -i "s/config.GerbilVersion = \".*\"/config.GerbilVersion = \"$GERBIL_VERSION\"/" install/main.go
-                  sed -i "s/config.BadgerVersion = \".*\"/config.BadgerVersion = \"$BADGER_VERSION\"/" install/main.go
-                  echo "Updated install/main.go with Pangolin version $PANGOLIN_VERSION, Gerbil version $GERBIL_VERSION, and Badger version $BADGER_VERSION"
-                  cat install/main.go
-              shell: bash
-
             - name: Build installer
               working-directory: install
               run: |
-                  make go-build-release
+                  make go-build-release \
+                    PANGOLIN_VERSION=${{ env.TAG }} \
+                    GERBIL_VERSION=${{ env.LATEST_GERBIL_TAG }} \
+                    BADGER_VERSION=${{ env.LATEST_BADGER_TAG }}
+              shell: bash
 
             - name: Upload artifacts from /install/bin
-              uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+              uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
               with:
                   name: install-bin
                   path: install/bin/
@@ -415,35 +407,25 @@ jobs:
               shell: bash
 
             - name: Login to GitHub Container Registry (for cosign)
-              uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+              uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
               with:
                 registry: ghcr.io
                 username: ${{ github.actor }}
                 password: ${{ secrets.GITHUB_TOKEN }}
 
             - name: Install cosign
-              # cosign is used to sign and verify container images (key and keyless)
-              uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
+              # cosign is used to sign container images using keyless (OIDC) signing
+              uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
 
-            - name: Dual-sign and verify (GHCR & Docker Hub)
-              # Sign each image by digest using keyless (OIDC) and key-based signing,
-              # then verify both the public key signature and the keyless OIDC signature.
+            - name: Sign (GHCR, keyless)
+              # Sign each GHCR image by digest using keyless (OIDC) signing via Sigstore/Rekor.
+              # Signatures are stored in the registry alongside the image.
               env:
                   TAG: ${{ env.TAG }}
-                  COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
-                  COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
-                  COSIGN_PUBLIC_KEY: ${{ secrets.COSIGN_PUBLIC_KEY }}
                   COSIGN_YES: "true"
               run: |
                   set -euo pipefail
 
-                  issuer="https://token.actions.githubusercontent.com"
-                  id_regex="^https://github.com/${{ github.repository }}/.+"  # accept this repo (all workflows/refs)
-
-                  # Track failures
-                  FAILED_TAGS=()
-                  SUCCESSFUL_TAGS=()
-
                   # Determine if this is an RC release
                   IS_RC="false"
                   if [[ "$TAG" == *"-rc."* ]]; then
@@ -471,126 +453,47 @@ jobs:
                       )
                   fi
 
-                  # Sign each image variant for both registries
-                  for BASE_IMAGE in "${GHCR_IMAGE}" "${DOCKERHUB_IMAGE}"; do
-                    for IMAGE_TAG in "${IMAGE_TAGS[@]}"; do
-                      echo "Processing ${BASE_IMAGE}:${IMAGE_TAG}"
-                      TAG_FAILED=false
+                  FAILED_TAGS=()
+                  SUCCESSFUL_TAGS=()
 
-                      # Wrap the entire tag processing in error handling
-                      (
-                        set -e
-                        DIGEST="$(skopeo inspect --retry-times 3 docker://${BASE_IMAGE}:${IMAGE_TAG} | jq -r '.Digest')"
-                        REF="${BASE_IMAGE}@${DIGEST}"
-                        echo "Resolved digest: ${REF}"
+                  for IMAGE_TAG in "${IMAGE_TAGS[@]}"; do
+                    echo "Processing ${GHCR_IMAGE}:${IMAGE_TAG}"
+                    TAG_FAILED=false
 
-                        echo "==> cosign sign (keyless) --recursive ${REF}"
-                        cosign sign --recursive "${REF}"
+                    (
+                      set -e
+                      DIGEST="$(skopeo inspect --retry-times 3 docker://${GHCR_IMAGE}:${IMAGE_TAG} | jq -r '.Digest')"
+                      REF="${GHCR_IMAGE}@${DIGEST}"
+                      echo "Resolved digest: ${REF}"
 
-                        echo "==> cosign sign (key) --recursive ${REF}"
-                        cosign sign --key env://COSIGN_PRIVATE_KEY --recursive "${REF}"
+                      echo "==> cosign sign (keyless) --recursive ${REF}"
+                      cosign sign --recursive "${REF}"
+                    ) || TAG_FAILED=true
 
-                        # Retry wrapper for verification to handle registry propagation delays
-                        retry_verify() {
-                          local cmd="$1"
-                          local attempts=6
-                          local delay=5
-                          local i=1
-                          until eval "$cmd"; do
-                            if [ $i -ge $attempts ]; then
-                              echo "Verification failed after $attempts attempts"
-                              return 1
-                            fi
-                            echo "Verification not yet available. Retry $i/$attempts after ${delay}s..."
-                            sleep $delay
-                            i=$((i+1))
-                            delay=$((delay*2))
-                            # Cap the delay to avoid very long waits
-                            if [ $delay -gt 60 ]; then delay=60; fi
-                          done
-                          return 0
-                        }
-
-                        echo "==> cosign verify (public key) ${REF}"
-                        if retry_verify "cosign verify --key env://COSIGN_PUBLIC_KEY '${REF}' -o text"; then
-                          VERIFIED_INDEX=true
-                        else
-                          VERIFIED_INDEX=false
-                        fi
-
-                        echo "==> cosign verify (keyless policy) ${REF}"
-                        if retry_verify "cosign verify --certificate-oidc-issuer '${issuer}' --certificate-identity-regexp '${id_regex}' '${REF}' -o text"; then
-                          VERIFIED_INDEX_KEYLESS=true
-                        else
-                          VERIFIED_INDEX_KEYLESS=false
-                        fi
-
-                        # If index verification fails, attempt to verify child platform manifests
-                        if [ "${VERIFIED_INDEX}" != "true" ] || [ "${VERIFIED_INDEX_KEYLESS}" != "true" ]; then
-                          echo "Index verification not available; attempting child manifest verification for ${BASE_IMAGE}:${IMAGE_TAG}"
-                          CHILD_VERIFIED=false
-
-                          for ARCH in arm64 amd64; do
-                            CHILD_TAG="${IMAGE_TAG}-${ARCH}"
-                            echo "Resolving child digest for ${BASE_IMAGE}:${CHILD_TAG}"
-                            CHILD_DIGEST="$(skopeo inspect --retry-times 3 docker://${BASE_IMAGE}:${CHILD_TAG} | jq -r '.Digest' || true)"
-                            if [ -n "${CHILD_DIGEST}" ] && [ "${CHILD_DIGEST}" != "null" ]; then
-                              CHILD_REF="${BASE_IMAGE}@${CHILD_DIGEST}"
-                              echo "==> cosign verify (public key) child ${CHILD_REF}"
-                              if retry_verify "cosign verify --key env://COSIGN_PUBLIC_KEY '${CHILD_REF}' -o text"; then
-                                CHILD_VERIFIED=true
-                                echo "Public key verification succeeded for child ${CHILD_REF}"
-                              else
-                                echo "Public key verification failed for child ${CHILD_REF}"
-                              fi
-
-                              echo "==> cosign verify (keyless policy) child ${CHILD_REF}"
-                              if retry_verify "cosign verify --certificate-oidc-issuer '${issuer}' --certificate-identity-regexp '${id_regex}' '${CHILD_REF}' -o text"; then
-                                CHILD_VERIFIED=true
-                                echo "Keyless verification succeeded for child ${CHILD_REF}"
-                              else
-                                echo "Keyless verification failed for child ${CHILD_REF}"
-                              fi
-                            else
-                              echo "No child digest found for ${BASE_IMAGE}:${CHILD_TAG}; skipping"
-                            fi
-                          done
-
-                          if [ "${CHILD_VERIFIED}" != "true" ]; then
-                            echo "Failed to verify index and no child manifests verified for ${BASE_IMAGE}:${IMAGE_TAG}"
-                            exit 1
-                          fi
-                        fi
-                      ) || TAG_FAILED=true
-
-                      if [ "$TAG_FAILED" = "true" ]; then
-                        echo "⚠️  WARNING: Failed to sign/verify ${BASE_IMAGE}:${IMAGE_TAG}"
-                        FAILED_TAGS+=("${BASE_IMAGE}:${IMAGE_TAG}")
-                      else
-                        echo "✓ Successfully signed and verified ${BASE_IMAGE}:${IMAGE_TAG}"
-                        SUCCESSFUL_TAGS+=("${BASE_IMAGE}:${IMAGE_TAG}")
-                      fi
-                    done
+                    if [ "$TAG_FAILED" = "true" ]; then
+                      echo "⚠️  WARNING: Failed to sign ${GHCR_IMAGE}:${IMAGE_TAG}"
+                      FAILED_TAGS+=("${GHCR_IMAGE}:${IMAGE_TAG}")
+                    else
+                      echo "✓ Successfully signed ${GHCR_IMAGE}:${IMAGE_TAG}"
+                      SUCCESSFUL_TAGS+=("${GHCR_IMAGE}:${IMAGE_TAG}")
+                    fi
                   done
 
-                  # Report summary
                   echo ""
                   echo "=========================================="
-                  echo "Sign and Verify Summary"
+                  echo "Sign Summary"
                   echo "=========================================="
                   echo "Successful: ${#SUCCESSFUL_TAGS[@]}"
                   echo "Failed: ${#FAILED_TAGS[@]}"
-                  echo ""
 
                   if [ ${#FAILED_TAGS[@]} -gt 0 ]; then
                     echo "Failed tags:"
                     for tag in "${FAILED_TAGS[@]}"; do
                       echo "  - $tag"
                     done
-                    echo ""
-                    echo "⚠️  WARNING: Some tags failed to sign/verify, but continuing anyway"
+                    echo "⚠️  WARNING: Some tags failed to sign, but continuing anyway"
                   else
-                    echo "✓ All images signed and verified successfully!"
+                    echo "✓ All images signed successfully!"
                   fi
               shell: bash
 
@@ -609,7 +512,7 @@ jobs:
         permissions: write-all
         steps:
             - name: Configure AWS credentials
-              uses: aws-actions/configure-aws-credentials@v5
+              uses: aws-actions/configure-aws-credentials@v6
               with:
                   role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_ROLE_NAME }}
                   role-duration-seconds: 3600

.github/workflows/linting.yml

@@ -21,10 +21,10 @@ jobs:
         runs-on: ubuntu-latest
         steps:
             - name: Checkout code
-              uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+              uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
             - name: Set up Node.js
-              uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
+              uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
               with:
                 node-version: '24'
 

.github/workflows/mirror.yaml

@@ -23,7 +23,7 @@ jobs:
           skopeo --version
 
       - name: Install cosign
-        uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
+        uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
 
       - name: Input check
         run: |

.github/workflows/restart-runners.yml

@@ -14,7 +14,7 @@ jobs:
     permissions: write-all
     steps:
       - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v5
+        uses: aws-actions/configure-aws-credentials@v6
         with:
           role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_ROLE_NAME }}
           role-duration-seconds: 3600

.github/workflows/saas.yml

@@ -23,7 +23,7 @@ jobs:
         permissions: write-all
         steps:
             - name: Configure AWS credentials
-              uses: aws-actions/configure-aws-credentials@v5
+              uses: aws-actions/configure-aws-credentials@v6
               with:
                   role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_ROLE_NAME }}
                   role-duration-seconds: 3600
@@ -54,7 +54,42 @@ jobs:
 
         steps:
             - name: Checkout code
-              uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+              uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+
+            - name: Download MaxMind GeoLite2 databases
+              env:
+                MAXMIND_LICENSE_KEY: ${{ secrets.MAXMIND_LICENSE_KEY }}
+              run: |
+                echo "Downloading MaxMind GeoLite2 databases..."
+
+                # Download GeoLite2-Country
+                curl -L "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country&license_key=${MAXMIND_LICENSE_KEY}&suffix=tar.gz" \
+                  -o GeoLite2-Country.tar.gz
+
+                # Download GeoLite2-ASN
+                curl -L "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-ASN&license_key=${MAXMIND_LICENSE_KEY}&suffix=tar.gz" \
+                  -o GeoLite2-ASN.tar.gz
+
+                # Extract the .mmdb files
+                tar -xzf GeoLite2-Country.tar.gz --strip-components=1 --wildcards '*.mmdb'
+                tar -xzf GeoLite2-ASN.tar.gz --strip-components=1 --wildcards '*.mmdb'
+
+                # Verify files exist
+                if [ ! -f "GeoLite2-Country.mmdb" ]; then
+                  echo "ERROR: Failed to download GeoLite2-Country.mmdb"
+                  exit 1
+                fi
+
+                if [ ! -f "GeoLite2-ASN.mmdb" ]; then
+                  echo "ERROR: Failed to download GeoLite2-ASN.mmdb"
+                  exit 1
+                fi
+
+                # Clean up tar files
+                rm -f GeoLite2-Country.tar.gz GeoLite2-ASN.tar.gz
+
+                echo "MaxMind databases downloaded successfully"
+                ls -lh GeoLite2-*.mmdb
 
             - name: Monitor storage space
               run: |
@@ -69,7 +104,7 @@ jobs:
                   fi
 
             - name: Configure AWS credentials
-              uses: aws-actions/configure-aws-credentials@v5
+              uses: aws-actions/configure-aws-credentials@v6
               with:
                   role-to-assume: arn:aws:iam::${{ secrets.aws_account_id }}:role/${{ secrets.AWS_ROLE_NAME }}
                   role-duration-seconds: 3600
@@ -110,7 +145,7 @@ jobs:
         permissions: write-all
         steps:
             - name: Configure AWS credentials
-              uses: aws-actions/configure-aws-credentials@v5
+              uses: aws-actions/configure-aws-credentials@v6
               with:
                   role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_ROLE_NAME }}
                   role-duration-seconds: 3600

.github/workflows/stale-bot.yml

@@ -14,7 +14,7 @@ jobs:
   stale:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1
+      - uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0
         with:
           days-before-stale: 14
           days-before-close: 14

.github/workflows/test.yml

@@ -14,10 +14,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Install Node
-        uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
         with:
           node-version: '24'
 
@@ -37,7 +37,7 @@ jobs:
         run: npm run db:generate
 
       - name: Apply database migrations
-        run: npm run db:sqlite:push
+        run: npm run db:push
 
       - name: Test with tsc
         run: npx tsc --noEmit
@@ -62,7 +62,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Build Docker image sqlite
         run: make dev-build-sqlite
@@ -71,7 +71,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Build Docker image pg
         run: make dev-build-pg

.gitignore

@@ -51,4 +51,6 @@ dynamic/
 scratch/
 tsconfig.json
 hydrateSaas.ts
-CLAUDE.md
+CLAUDE.md
+drizzle.config.ts
+server/setup/migrations.ts

.vscode/settings.json

@@ -10,7 +10,7 @@
         "editor.defaultFormatter": "esbenp.prettier-vscode"
     },
     "[typescript]": {
-        "editor.defaultFormatter": "vscode.typescript-language-features"
+        "editor.defaultFormatter": "esbenp.prettier-vscode"
     },
     "[typescriptreact]": {
         "editor.defaultFormatter": "esbenp.prettier-vscode"

Dockerfile

@@ -1,32 +1,71 @@
-FROM node:24-alpine AS builder
+# FROM node:24-slim AS base
+FROM public.ecr.aws/docker/library/node:24-slim AS base
 
 WORKDIR /app
 
-ARG BUILD=oss
-ARG DATABASE=sqlite
+RUN apt-get update && apt-get install -y python3 make g++ && rm -rf /var/lib/apt/lists/*
 
-RUN apk add --no-cache python3 make g++
-
-# COPY package.json package-lock.json ./
 COPY package*.json ./
+
+FROM base AS builder-dev
+
 RUN npm ci
 
 COPY . .
 
+ARG BUILD=oss
+ARG DATABASE=sqlite
+
 RUN if [ "$BUILD" = "oss" ]; then rm -rf server/private; fi && \
     npm run set:$DATABASE && \
     npm run set:$BUILD && \
-    npm run db:$DATABASE:generate && \
+    npm run db:generate && \
     npm run build && \
-    npm run build:cli
+    npm run build:cli && \
+    test -f dist/server.mjs
 
-# test to make sure the build output is there and error if not
-RUN test -f dist/server.mjs
+# Create placeholder files for MaxMind databases to avoid COPY errors
+# Real files should be present for saas builds, placeholders for oss builds
+RUN touch /app/GeoLite2-Country.mmdb /app/GeoLite2-ASN.mmdb
 
-# Prune dev dependencies and clean up to prepare for copy to runner
-RUN npm prune --omit=dev && npm cache clean --force
+FROM base AS builder
 
-FROM node:24-alpine AS runner
+RUN npm ci --omit=dev
+
+# FROM node:24-slim AS runner
+FROM public.ecr.aws/docker/library/node:24-slim AS runner
+
+WORKDIR /app
+
+RUN apt-get update && apt-get install -y curl tzdata && rm -rf /var/lib/apt/lists/*
+
+COPY --from=builder /app/node_modules ./node_modules
+COPY --from=builder /app/package.json ./package.json
+
+COPY --from=builder-dev /app/.next/standalone ./
+COPY --from=builder-dev /app/.next/static ./.next/static
+COPY --from=builder-dev /app/dist ./dist
+COPY --from=builder-dev /app/server/migrations ./dist/init
+
+COPY ./cli/wrapper.sh /usr/local/bin/pangctl
+RUN chmod +x /usr/local/bin/pangctl ./dist/cli.mjs
+
+COPY server/db/names.json ./dist/names.json
+COPY server/db/ios_models.json ./dist/ios_models.json
+COPY server/db/mac_models.json ./dist/mac_models.json
+COPY public ./public
+
+# Copy MaxMind databases for SaaS builds
+ARG BUILD=oss
+
+RUN mkdir -p ./maxmind
+
+# Copy MaxMind databases (placeholders exist for oss builds, real files for saas)
+COPY --from=builder-dev /app/GeoLite2-Country.mmdb ./maxmind/GeoLite2-Country.mmdb
+COPY --from=builder-dev /app/GeoLite2-ASN.mmdb ./maxmind/GeoLite2-ASN.mmdb
+
+# Remove MaxMind databases for non-saas builds (keep only for saas)
+RUN if [ "$BUILD" != "saas" ]; then rm -rf ./maxmind; fi
 
 # OCI Image Labels - Build Args for dynamic values
 ARG VERSION="dev"
@@ -38,28 +77,6 @@ ARG LICENSE="AGPL-3.0"
 ARG IMAGE_TITLE="Pangolin"
 ARG IMAGE_DESCRIPTION="Identity-aware VPN and proxy for remote access to anything, anywhere"
 
-WORKDIR /app
-
-# Only curl and tzdata needed at runtime - no build tools!
-RUN apk add --no-cache curl tzdata
-
-# Copy pre-built node_modules from builder (already pruned to production only)
-# This includes the compiled native modules like better-sqlite3
-COPY --from=builder /app/node_modules ./node_modules
-COPY --from=builder /app/.next/standalone ./
-COPY --from=builder /app/.next/static ./.next/static
-COPY --from=builder /app/dist ./dist
-COPY --from=builder /app/server/migrations ./dist/init
-COPY --from=builder /app/package.json ./package.json
-
-COPY ./cli/wrapper.sh /usr/local/bin/pangctl
-RUN chmod +x /usr/local/bin/pangctl ./dist/cli.mjs
-
-COPY server/db/names.json ./dist/names.json
-COPY server/db/ios_models.json ./dist/ios_models.json
-COPY server/db/mac_models.json ./dist/mac_models.json
-COPY public ./public
-
 # OCI Image Labels
 # https://github.com/opencontainers/image-spec/blob/main/annotations.md
 LABEL org.opencontainers.image.source="https://github.com/fosrl/pangolin" \

Dockerfile.dev

@@ -1,7 +1,9 @@
-FROM node:22-alpine
+FROM node:24-alpine
 
 WORKDIR /app
 
+RUN apk add --no-cache python3 make g++
+
 COPY package*.json ./
 
 # Install dependencies

README.md

@@ -35,43 +35,53 @@
 
 </div>
 
-<p align="center">
-    <a href="https://docs.pangolin.net/careers/join-us">
-        <img src="https://img.shields.io/badge/🚀_We're_Hiring!-Join_Our_Team-brightgreen?style=for-the-badge" alt="We're Hiring!" />
-    </a>
-</p>
-
 <p align="center">
     <strong>
-        Start testing Pangolin at <a href="https://app.pangolin.net/auth/signup">app.pangolin.net</a>
+        Get started with Pangolin at <a href="https://app.pangolin.net/auth/signup">app.pangolin.net</a>
     </strong>
 </p>
 
-Pangolin is an open-source, identity-based remote access platform built on WireGuard that enables secure, seamless connectivity to private and public resources. Pangolin combines reverse proxy and VPN capabilities into one platform, providing browser-based access to web applications and client-based access to any private resources, all with zero-trust security and granular access control.
+Pangolin is an open-source, identity-based remote access platform built on WireGuard® that enables secure, seamless connectivity to private and public resources. Pangolin combines reverse proxy and VPN capabilities into one platform, providing browser-based access to web applications and client-based access to any private resources with NAT traversal, all with granular access controls.
 
 ## Installation
 
-- Check out the [quick install guide](https://docs.pangolin.net/self-host/quick-install) for how to install and set up Pangolin.
-- Install from the [DigitalOcean marketplace](https://marketplace.digitalocean.com/apps/pangolin-ce-1?refcode=edf0480eeb81) for a one-click pre-configured installer.
+- Get started for free with [Pangolin Cloud](https://app.pangolin.net/).
+- Or, check out the [quick install guide](https://docs.pangolin.net/self-host/quick-install) for how to self-host Pangolin.
+  - Install from the [DigitalOcean marketplace](https://marketplace.digitalocean.com/apps/pangolin-ce-1?refcode=edf0480eeb81) for a one-click pre-configured installer.
 
-<img src="public/screenshots/hero.png" />
+<img src="public/screenshots/hero.png" alt="Pangolin" width="100%" />
 
 ## Deployment Options
 
-| <img width=500 /> | Description |
-|-----------------|--------------|
-| **Self-Host: Community Edition** | Free, open source, and licensed under AGPL-3. |
-| **Self-Host: Enterprise Edition** | Licensed under Fossorial Commercial License. Free for personal and hobbyist use, and for businesses earning under \$100K USD annually. |
-| **Pangolin Cloud** | Fully managed service with instant setup and pay-as-you-go pricing — no infrastructure required. Or, self-host your own [remote node](https://docs.pangolin.net/manage/remote-node/nodes) and connect to our control plane. |
+- **Pangolin Cloud** - Fully managed service - no infrastructure required.
+- **Self-Host: Community Edition** - Free, open source, and licensed under AGPL-3.
+- **Self-Host: Enterprise Edition** - Licensed under Fossorial Commercial License. Free for personal and hobbyist use, and for businesses making less than \$100K USD gross annual revenue.
 
 ## Key Features
 
-| <img width=500 />                                                                                                                                                                                                                                                                                                                                                                | <img width=500 />                                                  |
-|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------|
-| **Connect remote networks with sites**<br /><br />Pangolin's lightweight site connectors create secure tunnels from remote networks without requiring public IP addresses or open ports. Sites make any network anywhere available for authorized access.                                                                                                                                                                                   | <img src="public/screenshots/sites.png" width=500 /><tr></tr>               |
-| **Browser-based reverse proxy access**<br /><br />Expose web applications through identity and context-aware tunneled reverse proxies. Pangolin handles routing, load balancing, health checking, and automatic SSL certificates without exposing your network directly to the internet. Users access applications through any web browser with authentication and granular access control.                                                                                                  | <img src="public/clip.gif" width=500 /><tr></tr>          |
-| **Client-based private resource access**<br /><br />Access private resources like SSH servers, databases, RDP, and entire network ranges through Pangolin clients. Intelligent NAT traversal enables connections even through restrictive firewalls, while DNS aliases provide friendly names and fast connections to resources across all your sites.                                                                                                                                                                                                | <img src="public/screenshots/private-resources.png" width=500 /><tr></tr>               |
-| **Zero-trust granular access**<br /><br />Grant users access to specific resources, not entire networks. Unlike traditional VPNs that expose full network access, Pangolin's zero-trust model ensures users can only reach the applications and services you explicitly define, reducing security risk and attack surface.                                                                                                                                                                                    | <img src="public/screenshots/user-devices.png" width=500 /><tr></tr> |
+### Connect remote networks with sites and NAT traversal
+
+Pangolin's site connectors provide gateways into networks so you can access any networked resources. Sites use outbound tunnels and intelligent NAT traversal to make networks behind restrictive firewalls available for authorized access without public IPs or open ports. Easily deploy a site as a binary or container on any platform.
+
+<img src="public/screenshots/sites.png" alt="Sites" width="100%" />
+
+### Browser-based reverse proxy access
+
+Expose web applications through identity and context-aware tunneled reverse proxies. Users access applications through any web browser with authentication and granular access control without installing a client. Pangolin handles routing, load balancing, health checking, and automatic SSL certificates without exposing your network directly to the internet.
+
+<img src="public/clip.gif" alt="Reverse proxy access" width="100%" />
+
+### Client-based private resource access
+
+Access private resources like SSH servers, databases, RDP, and entire network ranges through Pangolin clients. Intelligent NAT traversal enables connections even through restrictive firewalls, while DNS aliases provide friendly names and fast connections to resources across all your sites. Add redundancy by routing traffic through multiple connectors in your network.
+
+<img src="public/screenshots/private-resources.png" alt="Private resources" width="100%" />
+
+### Give users and roles access to resources
+
+Use Pangolin's built in users or bring your own identity provider and set up role based access control (RBAC). Grant users access to specific resources, not entire networks. Unlike traditional VPNs that expose full network access, Pangolin's zero-trust model ensures users can only reach the applications, services, and routes you explicitly define.
+
+<img src="public/screenshots/users.png" alt="Users from identity provider with roles" width="100%" />
 
 ## Download Clients
 
@@ -85,17 +95,16 @@ Download the Pangolin client for your platform:
 
 ## Get Started
 
+### Sign up now
+
+Create a free account at [app.pangolin.net](https://app.pangolin.net) to get started with Pangolin Cloud.
+
 ### Check out the docs
 
 We encourage everyone to read the full documentation first, which is
 available at [docs.pangolin.net](https://docs.pangolin.net). This README provides only a very brief subset of
 the docs to illustrate some basic ideas.
 
-### Sign up and try now
-
-For Pangolin's managed service, you will first need to create an account at
-[app.pangolin.net](https://app.pangolin.net). We have a generous free tier to get started.
-
 ## Licensing
 
 Pangolin is dual licensed under the AGPL-3 and the [Fossorial Commercial License](https://pangolin.net/fcl.html). For inquiries about commercial licensing, please contact us at [contact@pangolin.net](mailto:contact@pangolin.net).
@@ -103,7 +112,3 @@ Pangolin is dual licensed under the AGPL-3 and the [Fossorial Commercial License
 ## Contributions
 
 Please see [CONTRIBUTING](./CONTRIBUTING.md) in the repository for guidelines and best practices.
-
----
-
-WireGuard® is a registered trademark of Jason A. Donenfeld.

SECURITY.md

@@ -3,7 +3,7 @@
 If you discover a security vulnerability, please follow the steps below to responsibly disclose it to us:
 
 1. **Do not create a public GitHub issue or discussion post.** This could put the security of other users at risk.
-2. Send a detailed report to [security@pangolin.net](mailto:security@pangolin.net) or send a **private** message to a maintainer on [Discord](https://discord.gg/HCJR8Xhme4). Include:
+2. Send a detailed report to [security@pangolin.net](mailto:security@pangolin.net) with the following information:
 
 -   Description and location of the vulnerability.
 -   Potential impact of the vulnerability.

bruno/API Keys/Create API Key.bru

@@ -1,17 +0,0 @@
-meta {
-  name: Create API Key
-  type: http
-  seq: 1
-}
-
-put {
-  url: http://localhost:3000/api/v1/api-key
-  body: json
-  auth: inherit
-}
-
-body:json {
-  {
-    "isRoot": true
-  }
-}

bruno/API Keys/Delete API Key.bru

@@ -1,11 +0,0 @@
-meta {
-  name: Delete API Key
-  type: http
-  seq: 2
-}
-
-delete {
-  url: http://localhost:3000/api/v1/api-key/dm47aacqxxn3ubj
-  body: none
-  auth: inherit
-}

bruno/API Keys/List API Key Actions.bru

@@ -1,11 +0,0 @@
-meta {
-  name: List API Key Actions
-  type: http
-  seq: 6
-}
-
-get {
-  url: http://localhost:3000/api/v1/api-key/ex0izu2c37fjz9x/actions
-  body: none
-  auth: inherit
-}

bruno/API Keys/List Org API Keys.bru

@@ -1,11 +0,0 @@
-meta {
-  name: List Org API Keys
-  type: http
-  seq: 4
-}
-
-get {
-  url: http://localhost:3000/api/v1/org/home-lab/api-keys
-  body: none
-  auth: inherit
-}

bruno/API Keys/List Root API Keys.bru

@@ -1,11 +0,0 @@
-meta {
-  name: List Root API Keys
-  type: http
-  seq: 3
-}
-
-get {
-  url: http://localhost:3000/api/v1/root/api-keys
-  body: none
-  auth: inherit
-}

bruno/API Keys/Set API Key Actions.bru

@@ -1,17 +0,0 @@
-meta {
-  name: Set API Key Actions
-  type: http
-  seq: 5
-}
-
-post {
-  url: http://localhost:3000/api/v1/api-key/ex0izu2c37fjz9x/actions
-  body: json
-  auth: inherit
-}
-
-body:json {
-  {
-    "actionIds": ["listSites"]
-  }
-}

bruno/API Keys/Set API Key Orgs.bru

@@ -1,17 +0,0 @@
-meta {
-  name: Set API Key Orgs
-  type: http
-  seq: 7
-}
-
-post {
-  url: http://localhost:3000/api/v1/api-key/ex0izu2c37fjz9x/orgs
-  body: json
-  auth: inherit
-}
-
-body:json {
-  {
-    "orgIds": ["home-lab"]
-  }
-}

bruno/API Keys/folder.bru

@@ -1,3 +0,0 @@
-meta {
-  name: API Keys
-}

bruno/Auth/2fa-disable.bru

@@ -1,18 +0,0 @@
-meta {
-  name: 2fa-disable
-  type: http
-  seq: 6
-}
-
-post {
-  url: http://localhost:3000/api/v1/auth/2fa/disable
-  body: json
-  auth: none
-}
-
-body:json {
-  {
-      "password": "aaaaa-1A",
-      "code": "377289"
-  }
-}

bruno/Auth/2fa-enable.bru

@@ -1,17 +0,0 @@
-meta {
-  name: 2fa-enable
-  type: http
-  seq: 4
-}
-
-post {
-  url: http://localhost:3000/api/v1/auth/2fa/enable
-  body: json
-  auth: none
-}
-
-body:json {
-  {
-      "code": "374138"
-  }
-}

bruno/Auth/2fa-request.bru

@@ -1,17 +0,0 @@
-meta {
-  name: 2fa-request
-  type: http
-  seq: 5
-}
-
-post {
-  url: http://localhost:3000/api/v1/auth/2fa/request
-  body: json
-  auth: none
-}
-
-body:json {
-  {
-      "password": "aaaaa-1A"
-  }
-}

bruno/Auth/change-password.bru

@@ -1,18 +0,0 @@
-meta {
-  name: change-password
-  type: http
-  seq: 9
-}
-
-post {
-  url: http://localhost:3000/api/v1/auth/change-password
-  body: json
-  auth: none
-}
-
-body:json {
-  {
-      "oldPassword": "",
-      "newPassword": ""
-  }
-}

bruno/Auth/login.bru

@@ -1,18 +0,0 @@
-meta {
-  name: login
-  type: http
-  seq: 1
-}
-
-post {
-  url: http://localhost:3000/api/v1/auth/login
-  body: json
-  auth: none
-}
-
-body:json {
-  {
-    "email": "admin@fosrl.io",
-    "password": "Password123!"
-  }
-}

bruno/Auth/logout.bru

@@ -1,11 +0,0 @@
-meta {
-  name: logout
-  type: http
-  seq: 3
-}
-
-post {
-  url: http://localhost:4000/api/v1/auth/logout
-  body: none
-  auth: none
-}

bruno/Auth/reset-password-request.bru

@@ -1,17 +0,0 @@
-meta {
-  name: reset-password-request
-  type: http
-  seq: 10
-}
-
-post {
-  url: http://localhost:3000/api/v1/auth/reset-password/request
-  body: json
-  auth: none
-}
-
-body:json {
-  {
-      "email": "milo@pangolin.net"
-  }
-}

bruno/Auth/reset-password.bru

@@ -1,19 +0,0 @@
-meta {
-  name: reset-password
-  type: http
-  seq: 11
-}
-
-post {
-  url: http://localhost:3000/api/v1/auth/reset-password
-  body: json
-  auth: none
-}
-
-body:json {
-  {
-      "token": "3uhsbom72dwdhboctwrtntyd6jrlg4jtf5oaxy4k",
-      "newPassword": "aaaaa-1A",
-      "code": "6irqCGR3"
-  }
-}

bruno/Auth/signup.bru

@@ -1,18 +0,0 @@
-meta {
-  name: signup
-  type: http
-  seq: 2
-}
-
-put {
-  url: http://localhost:3000/api/v1/auth/signup
-  body: json
-  auth: none
-}
-
-body:json {
-  {
-    "email": "numbat@pangolin.net",
-    "password": "Password123!"
-  }
-}

bruno/Auth/verify-email-request.bru

@@ -1,11 +0,0 @@
-meta {
-  name: verify-email-request
-  type: http
-  seq: 8
-}
-
-post {
-  url: http://localhost:3000/api/v1/auth/verify-email/request
-  body: none
-  auth: none
-}

bruno/Auth/verify-email.bru

@@ -1,17 +0,0 @@
-meta {
-  name: verify-email
-  type: http
-  seq: 7
-}
-
-post {
-  url: http://localhost:3000/api/v1/auth/verify-email
-  body: json
-  auth: none
-}
-
-body:json {
-  {
-      "code": "50317187"
-  }
-}

bruno/Auth/verify-user.bru

@@ -1,15 +0,0 @@
-meta {
-  name: verify-user
-  type: http
-  seq: 4
-}
-
-get {
-  url: http://localhost:3001/api/v1/badger/verify-user?sessionId=mb52273jkb6t3oys2bx6ur5x7rcrkl26c7warg3e
-  body: none
-  auth: none
-}
-
-params:query {
-  sessionId: mb52273jkb6t3oys2bx6ur5x7rcrkl26c7warg3e
-}

bruno/Clients/createClient.bru

@@ -1,22 +0,0 @@
-meta {
-  name: createClient
-  type: http
-  seq: 1
-}
-
-put {
-  url: http://localhost:3000/api/v1/site/1/client
-  body: json
-  auth: none
-}
-
-body:json {
-  {
-      "siteId": 1,
-      "name": "test",
-      "type": "olm",
-      "subnet": "100.90.129.4/30",
-      "olmId": "029yzunhx6nh3y5",
-      "secret": "l0ymp075y3d4rccb25l6sqpgar52k09etunui970qq5gj7x6"
-  }
-}

bruno/Clients/pickClientDefaults.bru

@@ -1,11 +0,0 @@
-meta {
-  name: pickClientDefaults
-  type: http
-  seq: 2
-}
-
-get {
-  url: http://localhost:3000/api/v1/site/1/pick-client-defaults
-  body: none
-  auth: none
-}

bruno/IDP/Create OIDC Provider.bru

@@ -1,22 +0,0 @@
-meta {
-  name: Create OIDC Provider
-  type: http
-  seq: 1
-}
-
-put {
-  url: http://localhost:3000/api/v1/org/home-lab/idp/oidc
-  body: json
-  auth: inherit
-}
-
-body:json {
-  {
-    "clientId": "JJoSvHCZcxnXT2sn6CObj6a21MuKNRXs3kN5wbys",
-    "clientSecret": "2SlGL2wOGgMEWLI9yUuMAeFxre7qSNJVnXMzyepdNzH1qlxYnC4lKhhQ6a157YQEkYH3vm40KK4RCqbYiF8QIweuPGagPX3oGxEj2exwutoXFfOhtq4hHybQKoFq01Z3",
-    "authUrl": "http://localhost:9000/application/o/authorize/",
-    "tokenUrl": "http://localhost:9000/application/o/token/",
-    "scopes": ["email", "openid", "profile"],
-    "userIdentifier": "email"
-  }
-}

bruno/IDP/Generate OIDC URL.bru

@@ -1,11 +0,0 @@
-meta {
-  name: Generate OIDC URL
-  type: http
-  seq: 2
-}
-
-get {
-  url: http://localhost:3000/api/v1
-  body: none
-  auth: inherit
-}

bruno/IDP/folder.bru

@@ -1,3 +0,0 @@
-meta {
-  name: IDP
-}

bruno/Internal/Traefik Config.bru

@@ -1,11 +0,0 @@
-meta {
-  name: Traefik Config
-  type: http
-  seq: 1
-}
-
-get {
-  url: http://localhost:3001/api/v1/traefik-config
-  body: none
-  auth: inherit
-}

bruno/Internal/folder.bru

@@ -1,3 +0,0 @@
-meta {
-  name: Internal
-}

bruno/Newt/Create Newt.bru

@@ -1,11 +0,0 @@
-meta {
-  name: Create Newt
-  type: http
-  seq: 2
-}
-
-get {
-  url: http://localhost:3000/api/v1/newt
-  body: none
-  auth: none
-}

bruno/Newt/Get Token.bru

@@ -1,18 +0,0 @@
-meta {
-  name: Get Token
-  type: http
-  seq: 1
-}
-
-get {
-  url: http://localhost:3000/api/v1/auth/newt/get-token
-  body: json
-  auth: none
-}
-
-body:json {
-  {
-   "newtId": "o0d4rdxq3stnz7b",
-    "secret": "sy7l09fnaesd03iwrfp9m3qf0ryn19g0zf3dqieaazb4k7vk"
-  }
-}

bruno/Olm/createOlm.bru

@@ -1,15 +0,0 @@
-meta {
-  name: createOlm
-  type: http
-  seq: 1
-}
-
-put {
-  url: http://localhost:3000/api/v1/olm
-  body: none
-  auth: inherit
-}
-
-settings {
-  encodeUrl: true
-}

bruno/Olm/folder.bru

@@ -1,8 +0,0 @@
-meta {
-  name: Olm
-  seq: 15
-}
-
-auth {
-  mode: inherit
-}

bruno/Orgs/Check Id.bru

@@ -1,11 +0,0 @@
-meta {
-  name: Check Id
-  type: http
-  seq: 2
-}
-
-get {
-  url: http://localhost:3000/api/v1/org/checkId
-  body: none
-  auth: none
-}

bruno/Orgs/listOrgs.bru

@@ -1,11 +0,0 @@
-meta {
-  name: listOrgs
-  type: http
-  seq: 1
-}
-
-get {
-  url: 
-  body: none
-  auth: none
-}

bruno/Remote Exit Node/createRemoteExitNode.bru

@@ -1,11 +0,0 @@
-meta {
-  name: createRemoteExitNode
-  type: http
-  seq: 1
-}
-
-put {
-  url: http://localhost:4000/api/v1/org/org_i21aifypnlyxur2/remote-exit-node
-  body: none
-  auth: none
-}

bruno/Resources/listResourcesByOrg.bru

@@ -1,11 +0,0 @@
-meta {
-  name: listResourcesByOrg
-  type: http
-  seq: 1
-}
-
-get {
-  url: 
-  body: none
-  auth: none
-}

bruno/Resources/listResourcesBySite.bru

@@ -1,16 +0,0 @@
-meta {
-  name: listResourcesBySite
-  type: http
-  seq: 2
-}
-
-get {
-  url: http://localhost:3000/api/v1/site/1/resources?limit=10&offset=0
-  body: none
-  auth: none
-}
-
-params:query {
-  limit: 10
-  offset: 0
-}

bruno/Sites/Get Site.bru

@@ -1,11 +0,0 @@
-meta {
-  name: Get Site
-  type: http
-  seq: 2
-}
-
-get {
-  url: http://localhost:3000/api/v1/org/test/sites/mexican-mole-lizard-windy
-  body: none
-  auth: none
-}

bruno/Sites/listSites.bru

@@ -1,11 +0,0 @@
-meta {
-  name: listSites
-  type: http
-  seq: 1
-}
-
-get {
-  url: 
-  body: none
-  auth: none
-}

bruno/Targets/listTargets.bru

@@ -1,16 +0,0 @@
-meta {
-  name: listTargets
-  type: http
-  seq: 1
-}
-
-get {
-  url: http://localhost:3000/api/v1/resource/web.main.localhost/targets?limit=10&offset=0
-  body: none
-  auth: none
-}
-
-params:query {
-  limit: 10
-  offset: 0
-}

bruno/Test.bru

@@ -1,11 +0,0 @@
-meta {
-  name: Test
-  type: http
-  seq: 2
-}
-
-get {
-  url: http://localhost:3000/api/v1
-  body: none
-  auth: inherit
-}

bruno/Traefik/traefik-config.bru

@@ -1,11 +0,0 @@
-meta {
-  name: traefik-config
-  type: http
-  seq: 1
-}
-
-get {
-  url: http://localhost:3001/api/v1/traefik-config
-  body: none
-  auth: none
-}

bruno/Users/adminListUsers.bru

@@ -1,11 +0,0 @@
-meta {
-  name: adminListUsers
-  type: http
-  seq: 2
-}
-
-get {
-  url: http://localhost:3000/api/v1/users
-  body: none
-  auth: none
-}

bruno/Users/adminRemoveUser.bru

@@ -1,11 +0,0 @@
-meta {
-  name: adminRemoveUser
-  type: http
-  seq: 3
-}
-
-delete {
-  url: http://localhost:3000/api/v1/user/ky5r7ivqs8wc7u4
-  body: none
-  auth: none
-}

bruno/Users/getUser.bru

@@ -1,11 +0,0 @@
-meta {
-  name: getUser
-  type: http
-  seq: 1
-}
-
-get {
-  url: 
-  body: none
-  auth: none
-}

bruno/bruno.json

@@ -1,13 +0,0 @@
-{
-  "version": "1",
-  "name": "Pangolin",
-  "type": "collection",
-  "ignore": [
-    "node_modules",
-    ".git"
-  ],
-  "presets": {
-    "requestType": "http",
-    "requestUrl": "http://localhost:3000/api/v1"
-  }
-}

cli/commands/generateOrgCaKeys.ts

@@ -0,0 +1,121 @@
+import { CommandModule } from "yargs";
+import { db, orgs } from "@server/db";
+import { eq } from "drizzle-orm";
+import { encrypt } from "@server/lib/crypto";
+import { configFilePath1, configFilePath2 } from "@server/lib/consts";
+import { generateCA } from "@server/lib/sshCA";
+import fs from "fs";
+import yaml from "js-yaml";
+
+type GenerateOrgCaKeysArgs = {
+    orgId: string;
+    secret?: string;
+    force?: boolean;
+};
+
+export const generateOrgCaKeys: CommandModule<{}, GenerateOrgCaKeysArgs> = {
+    command: "generate-org-ca-keys",
+    describe:
+        "Generate SSH CA public/private key pair for an organization and store them in the database (private key encrypted with server secret)",
+    builder: (yargs) => {
+        return yargs
+            .option("orgId", {
+                type: "string",
+                demandOption: true,
+                describe: "The organization ID"
+            })
+            .option("secret", {
+                type: "string",
+                describe:
+                    "Server secret used to encrypt the CA private key. If omitted, read from config file (config.yml or config.yaml)."
+            })
+            .option("force", {
+                type: "boolean",
+                default: false,
+                describe:
+                    "Overwrite existing CA keys for the org if they already exist"
+            });
+    },
+    handler: async (argv: {
+        orgId: string;
+        secret?: string;
+        force?: boolean;
+    }) => {
+        try {
+            const { orgId, force } = argv;
+            let secret = argv.secret;
+
+            if (!secret) {
+                const configPath = fs.existsSync(configFilePath1)
+                    ? configFilePath1
+                    : fs.existsSync(configFilePath2)
+                      ? configFilePath2
+                      : null;
+
+                if (!configPath) {
+                    console.error(
+                        "Error: No server secret provided and config file not found. " +
+                            "Expected config.yml or config.yaml in the config directory, or pass --secret."
+                    );
+                    process.exit(1);
+                }
+
+                const configContent = fs.readFileSync(configPath, "utf8");
+                const config = yaml.load(configContent) as {
+                    server?: { secret?: string };
+                };
+
+                if (!config?.server?.secret) {
+                    console.error(
+                        "Error: No server.secret in config file. Pass --secret or set server.secret in config."
+                    );
+                    process.exit(1);
+                }
+                secret = config.server.secret;
+            }
+
+            const [org] = await db
+                .select({
+                    orgId: orgs.orgId,
+                    sshCaPrivateKey: orgs.sshCaPrivateKey,
+                    sshCaPublicKey: orgs.sshCaPublicKey
+                })
+                .from(orgs)
+                .where(eq(orgs.orgId, orgId))
+                .limit(1);
+
+            if (!org) {
+                console.error(`Error: Organization with orgId "${orgId}" not found.`);
+                process.exit(1);
+            }
+
+            if (org.sshCaPrivateKey != null || org.sshCaPublicKey != null) {
+                if (!force) {
+                    console.error(
+                        "Error: This organization already has CA keys. Use --force to overwrite."
+                    );
+                    process.exit(1);
+                }
+            }
+
+            const ca = generateCA(`pangolin-ssh-ca-${orgId}`);
+            const encryptedPrivateKey = encrypt(ca.privateKeyPem, secret);
+
+            await db
+                .update(orgs)
+                .set({
+                    sshCaPrivateKey: encryptedPrivateKey,
+                    sshCaPublicKey: ca.publicKeyOpenSSH
+                })
+                .where(eq(orgs.orgId, orgId));
+
+            console.log("SSH CA keys generated and stored for org:", orgId);
+            console.log("\nPublic key (OpenSSH format):");
+            console.log(ca.publicKeyOpenSSH);
+            process.exit(0);
+        } catch (error) {
+            console.error("Error generating org CA keys:", error);
+            process.exit(1);
+        }
+    }
+};

cli/commands/rotateServerSecret.ts

@@ -1,5 +1,5 @@
 import { CommandModule } from "yargs";
-import { db, idpOidcConfig, licenseKey } from "@server/db";
+import { db, idpOidcConfig, licenseKey, certificates, eventStreamingDestinations, alertWebhookActions } from "@server/db";
 import { encrypt, decrypt } from "@server/lib/crypto";
 import { configFilePath1, configFilePath2 } from "@server/lib/consts";
 import { eq } from "drizzle-orm";
@@ -129,9 +129,15 @@ export const rotateServerSecret: CommandModule<
             console.log("\nReading encrypted data from database...");
             const idpConfigs = await db.select().from(idpOidcConfig);
             const licenseKeys = await db.select().from(licenseKey);
+            const certs = await db.select().from(certificates);
+            const streamingDestinations = await db.select().from(eventStreamingDestinations);
+            const webhookActions = await db.select().from(alertWebhookActions);
 
             console.log(`Found ${idpConfigs.length} OIDC IdP configuration(s)`);
             console.log(`Found ${licenseKeys.length} license key(s)`);
+            console.log(`Found ${certs.length} certificate(s)`);
+            console.log(`Found ${streamingDestinations.length} event streaming destination(s)`);
+            console.log(`Found ${webhookActions.length} alert webhook action(s)`);
 
             // Prepare all decrypted and re-encrypted values
             console.log("\nDecrypting and re-encrypting values...");
@@ -149,8 +155,27 @@ export const rotateServerSecret: CommandModule<
                 encryptedInstanceId: string;
             };
 
+            type CertUpdate = {
+                certId: number;
+                encryptedCertFile: string | null;
+                encryptedKeyFile: string | null;
+            };
+
+            type StreamingDestinationUpdate = {
+                destinationId: number;
+                encryptedConfig: string;
+            };
+
+            type WebhookActionUpdate = {
+                webhookActionId: number;
+                encryptedConfig: string;
+            };
+
             const idpUpdates: IdpUpdate[] = [];
             const licenseKeyUpdates: LicenseKeyUpdate[] = [];
+            const certUpdates: CertUpdate[] = [];
+            const streamingDestinationUpdates: StreamingDestinationUpdate[] = [];
+            const webhookActionUpdates: WebhookActionUpdate[] = [];
 
             // Process idpOidcConfig entries
             for (const idpConfig of idpConfigs) {
@@ -217,6 +242,70 @@ export const rotateServerSecret: CommandModule<
                 }
             }
 
+            // Process certificate entries
+            for (const cert of certs) {
+                try {
+                    const encryptedCertFile = cert.certFile
+                        ? encrypt(decrypt(cert.certFile, oldSecret), newSecret)
+                        : null;
+                    const encryptedKeyFile = cert.keyFile
+                        ? encrypt(decrypt(cert.keyFile, oldSecret), newSecret)
+                        : null;
+
+                    certUpdates.push({
+                        certId: cert.certId,
+                        encryptedCertFile,
+                        encryptedKeyFile
+                    });
+                } catch (error) {
+                    console.error(
+                        `Error processing certificate ${cert.certId} (${cert.domain}):`,
+                        error
+                    );
+                    throw error;
+                }
+            }
+
+            // Process eventStreamingDestinations entries
+            for (const dest of streamingDestinations) {
+                try {
+                    const decryptedConfig = decrypt(dest.config, oldSecret);
+                    const encryptedConfig = encrypt(decryptedConfig, newSecret);
+
+                    streamingDestinationUpdates.push({
+                        destinationId: dest.destinationId,
+                        encryptedConfig
+                    });
+                } catch (error) {
+                    console.error(
+                        `Error processing event streaming destination ${dest.destinationId}:`,
+                        error
+                    );
+                    throw error;
+                }
+            }
+
+            // Process alertWebhookActions entries
+            for (const webhook of webhookActions) {
+                try {
+                    if (webhook.config == null) continue;
+
+                    const decryptedConfig = decrypt(webhook.config, oldSecret);
+                    const encryptedConfig = encrypt(decryptedConfig, newSecret);
+
+                    webhookActionUpdates.push({
+                        webhookActionId: webhook.webhookActionId,
+                        encryptedConfig
+                    });
+                } catch (error) {
+                    console.error(
+                        `Error processing alert webhook action ${webhook.webhookActionId}:`,
+                        error
+                    );
+                    throw error;
+                }
+            }
+
             // Perform all database updates in a single transaction
             console.log("\nUpdating database in transaction...");
             await db.transaction(async (trx) => {
@@ -250,10 +339,50 @@ export const rotateServerSecret: CommandModule<
                         instanceId: update.encryptedInstanceId
                     });
                 }
+
+                // Update certificate entries
+                for (const update of certUpdates) {
+                    await trx
+                        .update(certificates)
+                        .set({
+                            certFile: update.encryptedCertFile,
+                            keyFile: update.encryptedKeyFile
+                        })
+                        .where(eq(certificates.certId, update.certId));
+                }
+
+                // Update event streaming destination entries
+                for (const update of streamingDestinationUpdates) {
+                    await trx
+                        .update(eventStreamingDestinations)
+                        .set({ config: update.encryptedConfig })
+                        .where(
+                            eq(
+                                eventStreamingDestinations.destinationId,
+                                update.destinationId
+                            )
+                        );
+                }
+
+                // Update alert webhook action entries
+                for (const update of webhookActionUpdates) {
+                    await trx
+                        .update(alertWebhookActions)
+                        .set({ config: update.encryptedConfig })
+                        .where(
+                            eq(
+                                alertWebhookActions.webhookActionId,
+                                update.webhookActionId
+                            )
+                        );
+                }
             });
 
             console.log(`Rotated ${idpUpdates.length} OIDC IdP configuration(s)`);
             console.log(`Rotated ${licenseKeyUpdates.length} license key(s)`);
+            console.log(`Rotated ${certUpdates.length} certificate(s)`);
+            console.log(`Rotated ${streamingDestinationUpdates.length} event streaming destination(s)`);
+            console.log(`Rotated ${webhookActionUpdates.length} alert webhook action(s)`);
 
             // Update config file with new secret
             console.log("\nUpdating config file...");
@@ -270,6 +399,9 @@ export const rotateServerSecret: CommandModule<
             console.log(`\nSummary:`);
             console.log(`  - OIDC IdP configurations: ${idpUpdates.length}`);
             console.log(`  - License keys: ${licenseKeyUpdates.length}`);
+            console.log(`  - Certificates: ${certUpdates.length}`);
+            console.log(`  - Event streaming destinations: ${streamingDestinationUpdates.length}`);
+            console.log(`  - Alert webhook actions: ${webhookActionUpdates.length}`);
             console.log(
                 `\n  IMPORTANT: Restart the server for the new secret to take effect.`
             );

cli/index.ts

@@ -8,6 +8,7 @@ import { clearExitNodes } from "./commands/clearExitNodes";
 import { rotateServerSecret } from "./commands/rotateServerSecret";
 import { clearLicenseKeys } from "./commands/clearLicenseKeys";
 import { deleteClient } from "./commands/deleteClient";
+import { generateOrgCaKeys } from "./commands/generateOrgCaKeys";
 
 yargs(hideBin(process.argv))
     .scriptName("pangctl")
@@ -17,5 +18,6 @@ yargs(hideBin(process.argv))
     .command(rotateServerSecret)
     .command(clearLicenseKeys)
     .command(deleteClient)
+    .command(generateOrgCaKeys)
     .demandCommand()
     .help().argv;

config/db/.gitignore

@@ -0,0 +1 @@
+*-journal

docker-compose.example.yml

@@ -4,6 +4,12 @@ services:
     image: fosrl/pangolin:latest
     container_name: pangolin
     restart: unless-stopped
+    deploy:
+      resources:
+        limits:
+          memory: 1g
+        reservations:
+          memory: 256m
     volumes:
       - ./config:/app/config
     healthcheck:

docker-compose.pgr.yml

@@ -7,8 +7,8 @@ services:
       POSTGRES_DB: postgres # Default database name
       POSTGRES_USER: postgres # Default user
       POSTGRES_PASSWORD: password # Default password (change for production!)
-    # volumes:
-    #   - ./config/postgres:/var/lib/postgresql/data
+    volumes:
+      - ./config/postgres:/var/lib/postgresql/data
     ports:
       - "5432:5432" # Map host port 5432 to container port 5432
     restart: no

drizzle.config.ts

@@ -1,14 +0,0 @@
-import { defineConfig } from "drizzle-kit";
-import path from "path";
-
-const schema = [path.join("server", "db", "pg", "schema")];
-
-export default defineConfig({
-    dialect: "postgresql",
-    schema: schema,
-    out: path.join("server", "migrations"),
-    verbose: true,
-    dbCredentials: {
-        url: process.env.DATABASE_URL as string
-    }
-});

esbuild.mjs

@@ -281,7 +281,7 @@ esbuild
             })
         ],
         sourcemap: "inline",
-        target: "node22"
+        target: "node24"
     })
     .then((result) => {
         // Check if there were any errors in the build result

install/Makefile

@@ -1,41 +1,24 @@
-all: update-versions go-build-release put-back
-dev-all: dev-update-versions dev-build dev-clean
+all: go-build-release
+
+# Build with version injection via ldflags
+# Versions can be passed via: make go-build-release PANGOLIN_VERSION=x.x.x GERBIL_VERSION=x.x.x BADGER_VERSION=x.x.x
+# Or fetched automatically if not provided (requires curl and jq)
+
+PANGOLIN_VERSION ?= $(shell curl -s https://api.github.com/repos/fosrl/pangolin/tags | jq -r '.[0].name')
+GERBIL_VERSION ?= $(shell curl -s https://api.github.com/repos/fosrl/gerbil/tags | jq -r '.[0].name')
+BADGER_VERSION ?= $(shell curl -s https://api.github.com/repos/fosrl/badger/tags | jq -r '.[0].name')
+
+LDFLAGS = -X main.pangolinVersion=$(PANGOLIN_VERSION) \
+          -X main.gerbilVersion=$(GERBIL_VERSION) \
+          -X main.badgerVersion=$(BADGER_VERSION)
 
 go-build-release:
-	CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o bin/installer_linux_amd64
-	CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -o bin/installer_linux_arm64
+	@echo "Building with versions - Pangolin: $(PANGOLIN_VERSION), Gerbil: $(GERBIL_VERSION), Badger: $(BADGER_VERSION)"
+	CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "$(LDFLAGS)" -o bin/installer_linux_amd64
+	CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -ldflags "$(LDFLAGS)" -o bin/installer_linux_arm64
 
 clean:
 	rm -f bin/installer_linux_amd64
 	rm -f bin/installer_linux_arm64
 
-update-versions:
-	@echo "Fetching latest versions..."
-	cp main.go main.go.bak && \
-	$(MAKE) dev-update-versions
-
-put-back:
-	mv main.go.bak main.go
-
-dev-update-versions:
-	if [ -z "$(tag)" ]; then \
-		PANGOLIN_VERSION=$$(curl -s https://api.github.com/repos/fosrl/pangolin/tags | jq -r '.[0].name'); \
-	else \
-		PANGOLIN_VERSION=$(tag); \
-	fi && \
-	GERBIL_VERSION=$$(curl -s https://api.github.com/repos/fosrl/gerbil/tags | jq -r '.[0].name') && \
-	BADGER_VERSION=$$(curl -s https://api.github.com/repos/fosrl/badger/tags | jq -r '.[0].name') && \
-	echo "Latest versions - Pangolin: $$PANGOLIN_VERSION, Gerbil: $$GERBIL_VERSION, Badger: $$BADGER_VERSION" && \
-	sed -i "s/config.PangolinVersion = \".*\"/config.PangolinVersion = \"$$PANGOLIN_VERSION\"/" main.go && \
-	sed -i "s/config.GerbilVersion = \".*\"/config.GerbilVersion = \"$$GERBIL_VERSION\"/" main.go && \
-	sed -i "s/config.BadgerVersion = \".*\"/config.BadgerVersion = \"$$BADGER_VERSION\"/" main.go && \
-	echo "Updated main.go with latest versions"
-
-dev-build: go-build-release
-
-dev-clean:
-	@echo "Restoring version values ..."
-	sed -i "s/config.PangolinVersion = \".*\"/config.PangolinVersion = \"replaceme\"/" main.go && \
-	sed -i "s/config.GerbilVersion = \".*\"/config.GerbilVersion = \"replaceme\"/" main.go && \
-	sed -i "s/config.BadgerVersion = \".*\"/config.BadgerVersion = \"replaceme\"/" main.go
-	@echo "Restored version strings in main.go"
+.PHONY: all go-build-release clean

install/config.go

@@ -99,11 +99,6 @@ func ReadAppConfig(configPath string) (*AppConfigValues, error) {
 	return values, nil
 }
 
-// findPattern finds the start of a pattern in a string
-func findPattern(s, pattern string) int {
-	return bytes.Index([]byte(s), []byte(pattern))
-}
-
 func copyDockerService(sourceFile, destFile, serviceName string) error {
 	// Read source file
 	sourceData, err := os.ReadFile(sourceFile)
@@ -118,19 +113,19 @@ func copyDockerService(sourceFile, destFile, serviceName string) error {
 	}
 
 	// Parse source Docker Compose YAML
-	var sourceCompose map[string]interface{}
+	var sourceCompose map[string]any
 	if err := yaml.Unmarshal(sourceData, &sourceCompose); err != nil {
 		return fmt.Errorf("error parsing source Docker Compose file: %w", err)
 	}
 
 	// Parse destination Docker Compose YAML
-	var destCompose map[string]interface{}
+	var destCompose map[string]any
 	if err := yaml.Unmarshal(destData, &destCompose); err != nil {
 		return fmt.Errorf("error parsing destination Docker Compose file: %w", err)
 	}
 
 	// Get services section from source
-	sourceServices, ok := sourceCompose["services"].(map[string]interface{})
+	sourceServices, ok := sourceCompose["services"].(map[string]any)
 	if !ok {
 		return fmt.Errorf("services section not found in source file or has invalid format")
 	}
@@ -142,10 +137,10 @@ func copyDockerService(sourceFile, destFile, serviceName string) error {
 	}
 
 	// Get or create services section in destination
-	destServices, ok := destCompose["services"].(map[string]interface{})
+	destServices, ok := destCompose["services"].(map[string]any)
 	if !ok {
 		// If services section doesn't exist, create it
-		destServices = make(map[string]interface{})
+		destServices = make(map[string]any)
 		destCompose["services"] = destServices
 	}
 
@@ -187,17 +182,21 @@ func backupConfig() error {
 	return nil
 }
 
-func MarshalYAMLWithIndent(data interface{}, indent int) ([]byte, error) {
+func MarshalYAMLWithIndent(data any, indent int) (resp []byte, err error) {
 	buffer := new(bytes.Buffer)
 	encoder := yaml.NewEncoder(buffer)
 	encoder.SetIndent(indent)
 
-	err := encoder.Encode(data)
-	if err != nil {
+	if err := encoder.Encode(data); err != nil {
 		return nil, err
 	}
 
-	defer encoder.Close()
+	defer func() {
+		if cerr := encoder.Close(); cerr != nil && err == nil {
+			err = cerr
+		}
+	}()
+
 	return buffer.Bytes(), nil
 }
 
@@ -209,7 +208,7 @@ func replaceInFile(filepath, oldStr, newStr string) error {
 	}
 
 	// Replace the string
-	newContent := strings.Replace(string(content), oldStr, newStr, -1)
+	newContent := strings.ReplaceAll(string(content), oldStr, newStr)
 
 	// Write the modified content back to the file
 	err = os.WriteFile(filepath, []byte(newContent), 0644)
@@ -228,28 +227,28 @@ func CheckAndAddTraefikLogVolume(composePath string) error {
 	}
 
 	// Parse YAML into a generic map
-	var compose map[string]interface{}
+	var compose map[string]any
 	if err := yaml.Unmarshal(data, &compose); err != nil {
 		return fmt.Errorf("error parsing compose file: %w", err)
 	}
 
 	// Get services section
-	services, ok := compose["services"].(map[string]interface{})
+	services, ok := compose["services"].(map[string]any)
 	if !ok {
 		return fmt.Errorf("services section not found or invalid")
 	}
 
 	// Get traefik service
-	traefik, ok := services["traefik"].(map[string]interface{})
+	traefik, ok := services["traefik"].(map[string]any)
 	if !ok {
 		return fmt.Errorf("traefik service not found or invalid")
 	}
 
 	// Check volumes
 	logVolume := "./config/traefik/logs:/var/log/traefik"
-	var volumes []interface{}
+	var volumes []any
 
-	if existingVolumes, ok := traefik["volumes"].([]interface{}); ok {
+	if existingVolumes, ok := traefik["volumes"].([]any); ok {
 		// Check if volume already exists
 		for _, v := range existingVolumes {
 			if v.(string) == logVolume {
@@ -295,13 +294,13 @@ func MergeYAML(baseFile, overlayFile string) error {
 	}
 
 	// Parse base YAML into a map
-	var baseMap map[string]interface{}
+	var baseMap map[string]any
 	if err := yaml.Unmarshal(baseContent, &baseMap); err != nil {
 		return fmt.Errorf("error parsing base YAML: %v", err)
 	}
 
 	// Parse overlay YAML into a map
-	var overlayMap map[string]interface{}
+	var overlayMap map[string]any
 	if err := yaml.Unmarshal(overlayContent, &overlayMap); err != nil {
 		return fmt.Errorf("error parsing overlay YAML: %v", err)
 	}
@@ -324,8 +323,8 @@ func MergeYAML(baseFile, overlayFile string) error {
 }
 
 // mergeMap recursively merges two maps
-func mergeMap(base, overlay map[string]interface{}) map[string]interface{} {
-	result := make(map[string]interface{})
+func mergeMap(base, overlay map[string]any) map[string]any {
+	result := make(map[string]any)
 
 	// Copy all key-values from base map
 	for k, v := range base {
@@ -336,8 +335,8 @@ func mergeMap(base, overlay map[string]interface{}) map[string]interface{} {
 	for k, v := range overlay {
 		// If both maps have the same key and both values are maps, merge recursively
 		if baseVal, ok := base[k]; ok {
-			if baseMap, isBaseMap := baseVal.(map[string]interface{}); isBaseMap {
-				if overlayMap, isOverlayMap := v.(map[string]interface{}); isOverlayMap {
+			if baseMap, isBaseMap := baseVal.(map[string]any); isBaseMap {
+				if overlayMap, isOverlayMap := v.(map[string]any); isOverlayMap {
 					result[k] = mergeMap(baseMap, overlayMap)
 					continue
 				}

install/config/crowdsec/traefik_config.yml

@@ -81,11 +81,19 @@ entryPoints:
     transport:
       respondingTimeouts:
         readTimeout: "30m"
+    http3:
+      advertisedPort: 443
     http:
       tls:
         certResolver: "letsencrypt"
-      middlewares: 
+      middlewares:
         - crowdsec@file
+      encodedCharacters:
+        allowEncodedSlash: true
+        allowEncodedQuestionMark: true
 
 serversTransport:
-  insecureSkipVerify: true
+  insecureSkipVerify: true
+
+ping:
+  entryPoint: "web"

install/config/docker-compose.yml

@@ -4,6 +4,12 @@ services:
     image: docker.io/fosrl/pangolin:{{if .IsEnterprise}}ee-{{end}}{{.PangolinVersion}}
     container_name: pangolin
     restart: unless-stopped
+    deploy:
+      resources:
+        limits:
+          memory: 1g
+        reservations:
+          memory: 256m
     volumes:
       - ./config:/app/config
     healthcheck:
@@ -32,15 +38,14 @@ services:
       - 51820:51820/udp
       - 21820:21820/udp
       - 443:443
+      - 443:443/udp # For http3 QUIC if desired
       - 80:80
 {{end}}
   traefik:
     image: docker.io/traefik:v3.6
     container_name: traefik
     restart: unless-stopped
-{{if .InstallGerbil}}
-    network_mode: service:gerbil # Ports appear on the gerbil service
-{{end}}{{if not .InstallGerbil}}
+{{if .InstallGerbil}}    network_mode: service:gerbil # Ports appear on the gerbil service{{end}}{{if not .InstallGerbil}}
     ports:
       - 443:443
       - 80:80

install/config/traefik/traefik_config.yml

@@ -40,6 +40,8 @@ entryPoints:
     transport:
       respondingTimeouts:
         readTimeout: "30m"
+    http3:
+      advertisedPort: 443
     http:
       tls:
         certResolver: "letsencrypt"

install/containers.go

@@ -144,12 +144,13 @@ func installDocker() error {
 }
 
 func startDockerService() error {
-	if runtime.GOOS == "linux" {
+	switch runtime.GOOS {
+	case "linux":
 		cmd := exec.Command("systemctl", "enable", "--now", "docker")
 		cmd.Stdout = os.Stdout
 		cmd.Stderr = os.Stderr
 		return cmd.Run()
-	} else if runtime.GOOS == "darwin" {
+	case "darwin":
 		// On macOS, Docker is usually started via the Docker Desktop application
 		fmt.Println("Please start Docker Desktop manually on macOS.")
 		return nil
@@ -302,7 +303,7 @@ func pullContainers(containerType SupportedContainer) error {
 		return nil
 	}
 
-	return fmt.Errorf("Unsupported container type: %s", containerType)
+	return fmt.Errorf("unsupported container type: %s", containerType)
 }
 
 // startContainers starts the containers using the appropriate command.
@@ -325,7 +326,7 @@ func startContainers(containerType SupportedContainer) error {
 		return nil
 	}
 
-	return fmt.Errorf("Unsupported container type: %s", containerType)
+	return fmt.Errorf("unsupported container type: %s", containerType)
 }
 
 // stopContainers stops the containers using the appropriate command.
@@ -347,7 +348,7 @@ func stopContainers(containerType SupportedContainer) error {
 		return nil
 	}
 
-	return fmt.Errorf("Unsupported container type: %s", containerType)
+	return fmt.Errorf("unsupported container type: %s", containerType)
 }
 
 // restartContainer restarts a specific container using the appropriate command.
@@ -369,5 +370,5 @@ func restartContainer(container string, containerType SupportedContainer) error
 		return nil
 	}
 
-	return fmt.Errorf("Unsupported container type: %s", containerType)
+	return fmt.Errorf("unsupported container type: %s", containerType)
 }

install/crowdsec.go

@@ -6,12 +6,13 @@ import (
 	"log"
 	"os"
 	"os/exec"
+	"path/filepath"
 	"strings"
 
 	"gopkg.in/yaml.v3"
 )
 
-func installCrowdsec(config Config) error {
+func installCrowdsec(config Config, installDir string) error {
 
 	if err := stopContainers(config.InstallationContainerType); err != nil {
 		return fmt.Errorf("failed to stop containers: %v", err)
@@ -27,9 +28,20 @@ func installCrowdsec(config Config) error {
 		os.Exit(1)
 	}
 
-	os.MkdirAll("config/crowdsec/db", 0755)
-	os.MkdirAll("config/crowdsec/acquis.d", 0755)
-	os.MkdirAll("config/traefik/logs", 0755)
+	if err := os.MkdirAll("config/crowdsec/db", 0755); err != nil {
+		fmt.Printf("Error creating config files: %v\n", err)
+		os.Exit(1)
+	}
+	if err := os.MkdirAll("config/crowdsec/acquis.d", 0755); err != nil {
+		fmt.Printf("Error creating config files: %v\n", err)
+		os.Exit(1)
+	}
+	if err := os.MkdirAll("config/traefik/logs", 0755); err != nil {
+		fmt.Printf("Error creating config files: %v\n", err)
+		os.Exit(1)
+	}
+
+	setupTraefikLogRotate(installDir)
 
 	if err := copyDockerService("config/crowdsec/docker-compose.yml", "docker-compose.yml", "crowdsec"); err != nil {
 		fmt.Printf("Error copying docker service: %v\n", err)
@@ -153,34 +165,34 @@ func CheckAndAddCrowdsecDependency(composePath string) error {
 	}
 
 	// Parse YAML into a generic map
-	var compose map[string]interface{}
+	var compose map[string]any
 	if err := yaml.Unmarshal(data, &compose); err != nil {
 		return fmt.Errorf("error parsing compose file: %w", err)
 	}
 
 	// Get services section
-	services, ok := compose["services"].(map[string]interface{})
+	services, ok := compose["services"].(map[string]any)
 	if !ok {
 		return fmt.Errorf("services section not found or invalid")
 	}
 
 	// Get traefik service
-	traefik, ok := services["traefik"].(map[string]interface{})
+	traefik, ok := services["traefik"].(map[string]any)
 	if !ok {
 		return fmt.Errorf("traefik service not found or invalid")
 	}
 
 	// Get dependencies
-	dependsOn, ok := traefik["depends_on"].(map[string]interface{})
+	dependsOn, ok := traefik["depends_on"].(map[string]any)
 	if ok {
 		// Append the new block for crowdsec
-		dependsOn["crowdsec"] = map[string]interface{}{
+		dependsOn["crowdsec"] = map[string]any{
 			"condition": "service_healthy",
 		}
 	} else {
 		// No dependencies exist, create it
-		traefik["depends_on"] = map[string]interface{}{
-			"crowdsec": map[string]interface{}{
+		traefik["depends_on"] = map[string]any{
+			"crowdsec": map[string]any{
 				"condition": "service_healthy",
 			},
 		}
@@ -199,3 +211,69 @@ func CheckAndAddCrowdsecDependency(composePath string) error {
 	fmt.Println("Added dependency of crowdsec to traefik")
 	return nil
 }
+
+// setupTraefikLogRotate writes a logrotate config for the Traefik access log
+// that CrowdSec depends on. This is only needed when CrowdSec is installed
+// because the default Pangolin install does not enable Traefik access logs.
+//
+// copytruncate is used so Traefik does not need to be restarted or sent a
+// signal after rotation — it keeps writing to the same file descriptor while
+// the rotated copy is made and the original is truncated in place.
+func setupTraefikLogRotate(installDir string) {
+	const logrotateDir = "/etc/logrotate.d"
+	const logrotateFile = "/etc/logrotate.d/pangolin-traefik"
+
+	logPath := filepath.Join(installDir, "config/traefik/logs/access.log")
+
+	if os.Geteuid() != 0 {
+		fmt.Println("\n[logrotate] Skipping automatic logrotate setup: not running as root.")
+		fmt.Println("[logrotate] To prevent unbounded growth of the Traefik access log used by CrowdSec,")
+		fmt.Println("[logrotate] create the file /etc/logrotate.d/pangolin-traefik manually with:")
+		printLogrotateConfig(logPath)
+		return
+	}
+
+	config := fmt.Sprintf(`# Logrotate config for Traefik access logs used by CrowdSec.
+# Generated by the Pangolin installer. Safe to edit.
+%s {
+    daily
+    rotate 7
+    compress
+    delaycompress
+    missingok
+    notifempty
+    copytruncate
+}
+`, logPath)
+
+	if err := os.MkdirAll(logrotateDir, 0755); err != nil {
+		fmt.Printf("[logrotate] Warning: could not create %s: %v\n", logrotateDir, err)
+		return
+	}
+
+	if err := os.WriteFile(logrotateFile, []byte(config), 0644); err != nil {
+		fmt.Printf("[logrotate] Warning: could not write %s: %v\n", logrotateFile, err)
+		fmt.Println("[logrotate] Set it up manually:")
+		printLogrotateConfig(logPath)
+		return
+	}
+
+	fmt.Printf("[logrotate] Wrote logrotate config to %s\n", logrotateFile)
+	fmt.Println("[logrotate] Traefik access logs will be rotated daily, keeping 7 compressed copies.")
+}
+
+// printLogrotateConfig prints a logrotate config block to stdout so users can
+// set it up manually when the installer cannot write to /etc.
+func printLogrotateConfig(logPath string) {
+	fmt.Printf(`
+  %s {
+      daily
+      rotate 7
+      compress
+      delaycompress
+      missingok
+      notifempty
+      copytruncate
+  }
+`, logPath)
+}

install/go.mod

@@ -1,10 +1,38 @@
 module installer
 
-go 1.24.0
+go 1.25.0
 
 require (
-	golang.org/x/term v0.39.0
+	github.com/charmbracelet/huh v1.0.0
+	github.com/charmbracelet/lipgloss v1.1.0
+	golang.org/x/term v0.42.0
 	gopkg.in/yaml.v3 v3.0.1
 )
 
-require golang.org/x/sys v0.40.0 // indirect
+require (
+	github.com/atotto/clipboard v0.1.4 // indirect
+	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
+	github.com/catppuccin/go v0.3.0 // indirect
+	github.com/charmbracelet/bubbles v0.21.1-0.20250623103423-23b8fd6302d7 // indirect
+	github.com/charmbracelet/bubbletea v1.3.6 // indirect
+	github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc // indirect
+	github.com/charmbracelet/x/ansi v0.9.3 // indirect
+	github.com/charmbracelet/x/cellbuf v0.0.13 // indirect
+	github.com/charmbracelet/x/exp/strings v0.0.0-20240722160745-212f7b056ed0 // indirect
+	github.com/charmbracelet/x/term v0.2.1 // indirect
+	github.com/dustin/go-humanize v1.0.1 // indirect
+	github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f // indirect
+	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mattn/go-localereader v0.0.1 // indirect
+	github.com/mattn/go-runewidth v0.0.16 // indirect
+	github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect
+	github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 // indirect
+	github.com/muesli/cancelreader v0.2.2 // indirect
+	github.com/muesli/termenv v0.16.0 // indirect
+	github.com/rivo/uniseg v0.4.7 // indirect
+	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
+	golang.org/x/sync v0.15.0 // indirect
+	golang.org/x/sys v0.43.0 // indirect
+	golang.org/x/text v0.23.0 // indirect
+)

install/go.sum

@@ -1,7 +1,80 @@
-golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ=
-golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
-golang.org/x/term v0.39.0 h1:RclSuaJf32jOqZz74CkPA9qFuVTX7vhLlpfj/IGWlqY=
-golang.org/x/term v0.39.0/go.mod h1:yxzUCTP/U+FzoxfdKmLaA0RV1WgE0VY7hXBwKtY/4ww=
+github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ=
+github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE=
+github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z4=
+github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI=
+github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k=
+github.com/aymanbagabas/go-osc52/v2 v2.0.1/go.mod h1:uYgXzlJ7ZpABp8OJ+exZzJJhRNQ2ASbcXHWsFqH8hp8=
+github.com/aymanbagabas/go-udiff v0.3.1 h1:LV+qyBQ2pqe0u42ZsUEtPiCaUoqgA9gYRDs3vj1nolY=
+github.com/aymanbagabas/go-udiff v0.3.1/go.mod h1:G0fsKmG+P6ylD0r6N/KgQD/nWzgfnl8ZBcNLgcbrw8E=
+github.com/catppuccin/go v0.3.0 h1:d+0/YicIq+hSTo5oPuRi5kOpqkVA5tAsU6dNhvRu+aY=
+github.com/catppuccin/go v0.3.0/go.mod h1:8IHJuMGaUUjQM82qBrGNBv7LFq6JI3NnQCF6MOlZjpc=
+github.com/charmbracelet/bubbles v0.21.1-0.20250623103423-23b8fd6302d7 h1:JFgG/xnwFfbezlUnFMJy0nusZvytYysV4SCS2cYbvws=
+github.com/charmbracelet/bubbles v0.21.1-0.20250623103423-23b8fd6302d7/go.mod h1:ISC1gtLcVilLOf23wvTfoQuYbW2q0JevFxPfUzZ9Ybw=
+github.com/charmbracelet/bubbletea v1.3.6 h1:VkHIxPJQeDt0aFJIsVxw8BQdh/F/L2KKZGsK6et5taU=
+github.com/charmbracelet/bubbletea v1.3.6/go.mod h1:oQD9VCRQFF8KplacJLo28/jofOI2ToOfGYeFgBBxHOc=
+github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc h1:4pZI35227imm7yK2bGPcfpFEmuY1gc2YSTShr4iJBfs=
+github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc/go.mod h1:X4/0JoqgTIPSFcRA/P6INZzIuyqdFY5rm8tb41s9okk=
+github.com/charmbracelet/huh v1.0.0 h1:wOnedH8G4qzJbmhftTqrpppyqHakl/zbbNdXIWJyIxw=
+github.com/charmbracelet/huh v1.0.0/go.mod h1:5YVc+SlZ1IhQALxRPpkGwwEKftN/+OlJlnJYlDRFqN4=
+github.com/charmbracelet/lipgloss v1.1.0 h1:vYXsiLHVkK7fp74RkV7b2kq9+zDLoEU4MZoFqR/noCY=
+github.com/charmbracelet/lipgloss v1.1.0/go.mod h1:/6Q8FR2o+kj8rz4Dq0zQc3vYf7X+B0binUUBwA0aL30=
+github.com/charmbracelet/x/ansi v0.9.3 h1:BXt5DHS/MKF+LjuK4huWrC6NCvHtexww7dMayh6GXd0=
+github.com/charmbracelet/x/ansi v0.9.3/go.mod h1:3RQDQ6lDnROptfpWuUVIUG64bD2g2BgntdxH0Ya5TeE=
+github.com/charmbracelet/x/cellbuf v0.0.13 h1:/KBBKHuVRbq1lYx5BzEHBAFBP8VcQzJejZ/IA3iR28k=
+github.com/charmbracelet/x/cellbuf v0.0.13/go.mod h1:xe0nKWGd3eJgtqZRaN9RjMtK7xUYchjzPr7q6kcvCCs=
+github.com/charmbracelet/x/conpty v0.1.0 h1:4zc8KaIcbiL4mghEON8D72agYtSeIgq8FSThSPQIb+U=
+github.com/charmbracelet/x/conpty v0.1.0/go.mod h1:rMFsDJoDwVmiYM10aD4bH2XiRgwI7NYJtQgl5yskjEQ=
+github.com/charmbracelet/x/errors v0.0.0-20240508181413-e8d8b6e2de86 h1:JSt3B+U9iqk37QUU2Rvb6DSBYRLtWqFqfxf8l5hOZUA=
+github.com/charmbracelet/x/errors v0.0.0-20240508181413-e8d8b6e2de86/go.mod h1:2P0UgXMEa6TsToMSuFqKFQR+fZTO9CNGUNokkPatT/0=
+github.com/charmbracelet/x/exp/golden v0.0.0-20241011142426-46044092ad91 h1:payRxjMjKgx2PaCWLZ4p3ro9y97+TVLZNaRZgJwSVDQ=
+github.com/charmbracelet/x/exp/golden v0.0.0-20241011142426-46044092ad91/go.mod h1:wDlXFlCrmJ8J+swcL/MnGUuYnqgQdW9rhSD61oNMb6U=
+github.com/charmbracelet/x/exp/strings v0.0.0-20240722160745-212f7b056ed0 h1:qko3AQ4gK1MTS/de7F5hPGx6/k1u0w4TeYmBFwzYVP4=
+github.com/charmbracelet/x/exp/strings v0.0.0-20240722160745-212f7b056ed0/go.mod h1:pBhA0ybfXv6hDjQUZ7hk1lVxBiUbupdw5R31yPUViVQ=
+github.com/charmbracelet/x/term v0.2.1 h1:AQeHeLZ1OqSXhrAWpYUtZyX1T3zVxfpZuEQMIQaGIAQ=
+github.com/charmbracelet/x/term v0.2.1/go.mod h1:oQ4enTYFV7QN4m0i9mzHrViD7TQKvNEEkHUMCmsxdUg=
+github.com/charmbracelet/x/termios v0.1.1 h1:o3Q2bT8eqzGnGPOYheoYS8eEleT5ZVNYNy8JawjaNZY=
+github.com/charmbracelet/x/termios v0.1.1/go.mod h1:rB7fnv1TgOPOyyKRJ9o+AsTU/vK5WHJ2ivHeut/Pcwo=
+github.com/charmbracelet/x/xpty v0.1.2 h1:Pqmu4TEJ8KeA9uSkISKMU3f+C1F6OGBn8ABuGlqCbtI=
+github.com/charmbracelet/x/xpty v0.1.2/go.mod h1:XK2Z0id5rtLWcpeNiMYBccNNBrP2IJnzHI0Lq13Xzq4=
+github.com/creack/pty v1.1.24 h1:bJrF4RRfyJnbTJqzRLHzcGaZK1NeM5kTC9jGgovnR1s=
+github.com/creack/pty v1.1.24/go.mod h1:08sCNb52WyoAwi2QDyzUCTgcvVFhUzewun7wtTfvcwE=
+github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
+github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
+github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f h1:Y/CXytFA4m6baUTXGLOoWe4PQhGxaX0KpnayAqC48p4=
+github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f/go.mod h1:vw97MGsxSvLiUE2X8qFplwetxpGLQrlU1Q9AUEIzCaM=
+github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY=
+github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
+github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
+github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mattn/go-localereader v0.0.1 h1:ygSAOl7ZXTx4RdPYinUpg6W99U8jWvWi9Ye2JC/oIi4=
+github.com/mattn/go-localereader v0.0.1/go.mod h1:8fBrzywKY7BI3czFoHkuzRoWE9C+EiG4R1k4Cjx5p88=
+github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc=
+github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
+github.com/mitchellh/hashstructure/v2 v2.0.2 h1:vGKWl0YJqUNxE8d+h8f6NJLcCJrgbhC4NcD46KavDd4=
+github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/zz4kQkprJgF2EVszyDE=
+github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 h1:ZK8zHtRHOkbHy6Mmr5D264iyp3TiX5OmNcI5cIARiQI=
+github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6/go.mod h1:CJlz5H+gyd6CUWT45Oy4q24RdLyn7Md9Vj2/ldJBSIo=
+github.com/muesli/cancelreader v0.2.2 h1:3I4Kt4BQjOR54NavqnDogx/MIoWBFa0StPA8ELUXHmA=
+github.com/muesli/cancelreader v0.2.2/go.mod h1:3XuTXfFS2VjM+HTLZY9Ak0l6eUKfijIfMUZ4EgX0QYo=
+github.com/muesli/termenv v0.16.0 h1:S5AlUN9dENB57rsbnkPyfdGuWIlkmzJjbFf0Tf5FWUc=
+github.com/muesli/termenv v0.16.0/go.mod h1:ZRfOIKPFDYQoDFF4Olj7/QJbW60Ol/kL1pU3VfY/Cnk=
+github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
+github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
+github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
+github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no=
+github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e/go.mod h1:RbqR21r5mrJuqunuUZ/Dhy/avygyECGrLceyNeo4LiM=
+golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI=
+golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo=
+golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8=
+golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
+golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.43.0 h1:Rlag2XtaFTxp19wS8MXlJwTvoh8ArU6ezoyFsMyCTNI=
+golang.org/x/sys v0.43.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
+golang.org/x/term v0.42.0 h1:UiKe+zDFmJobeJ5ggPwOshJIVt6/Ft0rcfrXZDLWAWY=
+golang.org/x/term v0.42.0/go.mod h1:Dq/D+snpsbazcBG5+F9Q1n2rXV8Ma+71xEjTRufARgY=
+golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY=
+golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=

install/input.go

@@ -1,92 +1,208 @@
 package main
 
 import (
-	"bufio"
+	"errors"
 	"fmt"
-	"strings"
-	"syscall"
+	"os"
+	"strconv"
 
+	"github.com/charmbracelet/huh"
 	"golang.org/x/term"
 )
 
-func readString(reader *bufio.Reader, prompt string, defaultValue string) string {
+// pangolinTheme is the custom theme using brand colors
+var pangolinTheme = ThemePangolin()
+
+// isAccessibleMode checks if we should use accessible mode (simple prompts)
+// This is true for: non-TTY, TERM=dumb, or ACCESSIBLE env var set
+func isAccessibleMode() bool {
+	// Check if stdin is not a terminal (piped input, CI, etc.)
+	if !term.IsTerminal(int(os.Stdin.Fd())) {
+		return true
+	}
+	// Check for dumb terminal
+	if os.Getenv("TERM") == "dumb" {
+		return true
+	}
+	// Check for explicit accessible mode request
+	if os.Getenv("ACCESSIBLE") != "" {
+		return true
+	}
+	return false
+}
+
+// handleAbort checks if the error is a user abort (Ctrl+C) and exits if so
+func handleAbort(err error) {
+	if err != nil && errors.Is(err, huh.ErrUserAborted) {
+		fmt.Println("\nInstallation cancelled.")
+		os.Exit(0)
+	}
+}
+
+// runField runs a single field with the Pangolin theme, handling accessible mode
+func runField(field huh.Field) error {
+	if isAccessibleMode() {
+		return field.RunAccessible(os.Stdout, os.Stdin)
+	}
+	form := huh.NewForm(huh.NewGroup(field)).WithTheme(pangolinTheme)
+	return form.Run()
+}
+
+func readString(prompt string, defaultValue string) string {
+	var value string
+
+	title := prompt
 	if defaultValue != "" {
-		fmt.Printf("%s (default: %s): ", prompt, defaultValue)
-	} else {
-		fmt.Print(prompt + ": ")
+		title = fmt.Sprintf("%s (default: %s)", prompt, defaultValue)
 	}
-	input, _ := reader.ReadString('\n')
-	input = strings.TrimSpace(input)
-	if input == "" {
-		return defaultValue
-	}
-	return input
-}
 
-func readStringNoDefault(reader *bufio.Reader, prompt string) string {
-	fmt.Print(prompt + ": ")
-	input, _ := reader.ReadString('\n')
-	return strings.TrimSpace(input)
-}
+	input := huh.NewInput().
+		Title(title).
+		Value(&value)
 
-func readPassword(prompt string, reader *bufio.Reader) string {
-	if term.IsTerminal(int(syscall.Stdin)) {
-		fmt.Print(prompt + ": ")
-		// Read password without echo if we're in a terminal
-		password, err := term.ReadPassword(int(syscall.Stdin))
-		fmt.Println() // Add a newline since ReadPassword doesn't add one
-		if err != nil {
-			return ""
-		}
-		input := strings.TrimSpace(string(password))
-		if input == "" {
-			return readPassword(prompt, reader)
-		}
-		return input
-	} else {
-		// Fallback to reading from stdin if not in a terminal
-		return readString(reader, prompt, "")
+	// If no default value, this field is required
+	if defaultValue == "" {
+		input = input.Validate(func(s string) error {
+			if s == "" {
+				return fmt.Errorf("this field is required")
+			}
+			return nil
+		})
 	}
-}
 
-func readBool(reader *bufio.Reader, prompt string, defaultValue bool) bool {
-	defaultStr := "no"
-	if defaultValue {
-		defaultStr = "yes"
-	}
-	for {
-		input := readString(reader, prompt+" (yes/no)", defaultStr)
-		lower := strings.ToLower(input)
-		if lower == "yes" {
-			return true
-		} else if lower == "no" {
-			return false
-		} else {
-			fmt.Println("Please enter 'yes' or 'no'.")
-		}
-	}
-}
+	err := runField(input)
+	handleAbort(err)
 
-func readBoolNoDefault(reader *bufio.Reader, prompt string) bool {
-	for {
-		input := readStringNoDefault(reader, prompt+" (yes/no)")
-		lower := strings.ToLower(input)
-		if lower == "yes" {
-			return true
-		} else if lower == "no" {
-			return false
-		} else {
-			fmt.Println("Please enter 'yes' or 'no'.")
-		}
+	if value == "" {
+		value = defaultValue
 	}
-}
 
-func readInt(reader *bufio.Reader, prompt string, defaultValue int) int {
-	input := readString(reader, prompt, fmt.Sprintf("%d", defaultValue))
-	if input == "" {
-		return defaultValue
+	// Print the answer so it remains visible in terminal history (skip in accessible mode as it already shows)
+	if !isAccessibleMode() {
+		fmt.Printf("%s: %s\n", prompt, value)
 	}
-	value := defaultValue
-	fmt.Sscanf(input, "%d", &value)
+
 	return value
 }
+
+func readPassword(prompt string) string {
+	var value string
+
+	for {
+		input := huh.NewInput().
+			Title(prompt).
+			Value(&value).
+			EchoMode(huh.EchoModePassword).
+			Validate(func(s string) error {
+				if s == "" {
+					return fmt.Errorf("password is required")
+				}
+				return nil
+			})
+
+		err := runField(input)
+		handleAbort(err)
+
+		if value != "" {
+			// Print confirmation without revealing the password
+			if !isAccessibleMode() {
+				fmt.Printf("%s: %s\n", prompt, "********")
+			}
+			return value
+		}
+	}
+}
+
+func readBool(prompt string, defaultValue bool) bool {
+	var value = defaultValue
+
+	confirm := huh.NewConfirm().
+		Title(prompt).
+		Value(&value).
+		Affirmative("Yes").
+		Negative("No")
+
+	err := runField(confirm)
+	handleAbort(err)
+
+	// Print the answer so it remains visible in terminal history
+	if !isAccessibleMode() {
+		answer := "No"
+		if value {
+			answer = "Yes"
+		}
+		fmt.Printf("%s: %s\n", prompt, answer)
+	}
+
+	return value
+}
+
+func readBoolNoDefault(prompt string) bool {
+	var value bool
+
+	confirm := huh.NewConfirm().
+		Title(prompt).
+		Value(&value).
+		Affirmative("Yes").
+		Negative("No")
+
+	err := runField(confirm)
+	handleAbort(err)
+
+	// Print the answer so it remains visible in terminal history
+	if !isAccessibleMode() {
+		answer := "No"
+		if value {
+			answer = "Yes"
+		}
+		fmt.Printf("%s: %s\n", prompt, answer)
+	}
+
+	return value
+}
+
+func readInt(prompt string, defaultValue int) int {
+	var value string
+
+	title := fmt.Sprintf("%s (default: %d)", prompt, defaultValue)
+
+	input := huh.NewInput().
+		Title(title).
+		Value(&value).
+		Validate(func(s string) error {
+			if s == "" {
+				return nil
+			}
+			_, err := strconv.Atoi(s)
+			if err != nil {
+				return fmt.Errorf("please enter a valid number")
+			}
+			return nil
+		})
+
+	err := runField(input)
+	handleAbort(err)
+
+	if value == "" {
+		// Print the answer so it remains visible in terminal history
+		if !isAccessibleMode() {
+			fmt.Printf("%s: %d\n", prompt, defaultValue)
+		}
+		return defaultValue
+	}
+
+	result, err := strconv.Atoi(value)
+	if err != nil {
+		if !isAccessibleMode() {
+			fmt.Printf("%s: %d\n", prompt, defaultValue)
+		}
+		return defaultValue
+	}
+
+	// Print the answer so it remains visible in terminal history
+	if !isAccessibleMode() {
+		fmt.Printf("%s: %d\n", prompt, result)
+	}
+
+	return result
+}

install/main.go

@@ -1,30 +1,35 @@
 package main
 
 import (
-	"bufio"
+	"crypto/rand"
 	"embed"
+	"encoding/base64"
 	"fmt"
 	"io"
 	"io/fs"
-	"crypto/rand"
-	"encoding/base64"
 	"net"
-	"net/http"
 	"net/url"
 	"os"
 	"os/exec"
 	"path/filepath"
 	"runtime"
+	"strconv"
 	"strings"
 	"text/template"
 	"time"
 )
 
-// DO NOT EDIT THIS FUNCTION; IT MATCHED BY REGEX IN CICD
+// Version variables injected at build time via -ldflags
+var (
+	pangolinVersion string
+	gerbilVersion   string
+	badgerVersion   string
+)
+
 func loadVersions(config *Config) {
-	config.PangolinVersion = "replaceme"
-	config.GerbilVersion = "replaceme"
-	config.BadgerVersion = "replaceme"
+	config.PangolinVersion = pangolinVersion
+	config.GerbilVersion = gerbilVersion
+	config.BadgerVersion = badgerVersion
 }
 
 //go:embed config/*
@@ -82,14 +87,19 @@ func main() {
 		}
 	}
 
-	reader := bufio.NewReader(os.Stdin)
-
 	var config Config
 	var alreadyInstalled = false
 
+	// Determine installation directory
+	installDir := findOrSelectInstallDirectory()
+	if err := os.Chdir(installDir); err != nil {
+		fmt.Printf("Error changing to installation directory: %v\n", err)
+		os.Exit(1)
+	}
+
 	// check if there is already a config file
 	if _, err := os.Stat("config/config.yml"); err != nil {
-		config = collectUserInput(reader)
+		config = collectUserInput()
 
 		loadVersions(&config)
 		config.DoCrowdsecInstall = false
@@ -102,7 +112,10 @@ func main() {
 			os.Exit(1)
 		}
 
-		moveFile("config/docker-compose.yml", "docker-compose.yml")
+		if err := moveFile("config/docker-compose.yml", "docker-compose.yml"); err != nil {
+			fmt.Printf("Error moving docker-compose.yml: %v\n", err)
+			os.Exit(1)
+		}
 
 		fmt.Println("\nConfiguration files created successfully!")
 
@@ -117,13 +130,17 @@ func main() {
 
 		fmt.Println("\n=== Starting installation ===")
 
-		if readBool(reader, "Would you like to install and start the containers?", true) {
+		if readBool("Would you like to install and start the containers?", true) {
 
-			config.InstallationContainerType = podmanOrDocker(reader)
+			config.InstallationContainerType = podmanOrDocker()
 
 			if !isDockerInstalled() && runtime.GOOS == "linux" && config.InstallationContainerType == Docker {
-				if readBool(reader, "Docker is not installed. Would you like to install it?", true) {
-					installDocker()
+				if readBool("Docker is not installed. Would you like to install it?", true) {
+					if err := installDocker(); err != nil {
+						fmt.Printf("Error installing Docker: %v\n", err)
+						return
+					}
+
 					// try to start docker service but ignore errors
 					if err := startDockerService(); err != nil {
 						fmt.Println("Error starting Docker service:", err)
@@ -132,7 +149,7 @@ func main() {
 					}
 					// wait 10 seconds for docker to start checking if docker is running every 2 seconds
 					fmt.Println("Waiting for Docker to start...")
-					for i := 0; i < 5; i++ {
+					for range 5 {
 						if isDockerRunning() {
 							fmt.Println("Docker is running!")
 							break
@@ -167,7 +184,7 @@ func main() {
 		fmt.Println("\n=== MaxMind Database Update ===")
 		if _, err := os.Stat("config/GeoLite2-Country.mmdb"); err == nil {
 			fmt.Println("MaxMind GeoLite2 Country database found.")
-			if readBool(reader, "Would you like to update the MaxMind database to the latest version?", false) {
+			if readBool("Would you like to update the MaxMind database to the latest version?", false) {
 				if err := downloadMaxMindDatabase(); err != nil {
 					fmt.Printf("Error updating MaxMind database: %v\n", err)
 					fmt.Println("You can try updating it manually later if needed.")
@@ -175,7 +192,7 @@ func main() {
 			}
 		} else {
 			fmt.Println("MaxMind GeoLite2 Country database not found.")
-			if readBool(reader, "Would you like to download the MaxMind GeoLite2 database for geoblocking functionality?", false) {
+			if readBool("Would you like to download the MaxMind GeoLite2 database for geoblocking functionality?", false) {
 				if err := downloadMaxMindDatabase(); err != nil {
 					fmt.Printf("Error downloading MaxMind database: %v\n", err)
 					fmt.Println("You can try downloading it manually later if needed.")
@@ -192,11 +209,11 @@ func main() {
 	if !checkIsCrowdsecInstalledInCompose() {
 		fmt.Println("\n=== CrowdSec Install ===")
 		// check if crowdsec is installed
-		if readBool(reader, "Would you like to install CrowdSec?", false) {
+		if readBool("Would you like to install CrowdSec?", false) {
 			fmt.Println("This installer constitutes a minimal viable CrowdSec deployment. CrowdSec will add extra complexity to your Pangolin installation and may not work to the best of its abilities out of the box. Users are expected to implement configuration adjustments on their own to achieve the best security posture. Consult the CrowdSec documentation for detailed configuration instructions.")
 
 			// BUG: crowdsec installation will be skipped if the user chooses to install on the first installation.
-			if readBool(reader, "Are you willing to manage CrowdSec?", false) {
+			if readBool("Are you willing to manage CrowdSec?", false) {
 				if config.DashboardDomain == "" {
 					traefikConfig, err := ReadTraefikConfig("config/traefik/traefik_config.yml")
 					if err != nil {
@@ -225,8 +242,8 @@ func main() {
 					fmt.Printf("Let's Encrypt Email: %s\n", config.LetsEncryptEmail)
 					fmt.Printf("Badger Version: %s\n", config.BadgerVersion)
 
-					if !readBool(reader, "Are these values correct?", true) {
-						config = collectUserInput(reader)
+					if !readBool("Are these values correct?", true) {
+						config = collectUserInput()
 					}
 				}
 
@@ -235,14 +252,14 @@ func main() {
 				if detectedType == Undefined {
 					// If detection fails, prompt the user
 					fmt.Println("Unable to detect container type from existing installation.")
-					config.InstallationContainerType = podmanOrDocker(reader)
+					config.InstallationContainerType = podmanOrDocker()
 				} else {
 					config.InstallationContainerType = detectedType
 					fmt.Printf("Detected container type: %s\n", config.InstallationContainerType)
 				}
 
 				config.DoCrowdsecInstall = true
-				err := installCrowdsec(config)
+				err := installCrowdsec(config, installDir)
 				if err != nil {
 					fmt.Printf("Error installing CrowdSec: %v\n", err)
 					return
@@ -277,8 +294,119 @@ func main() {
 	fmt.Printf("\nTo complete the initial setup, please visit:\nhttps://%s/auth/initial-setup\n", config.DashboardDomain)
 }
 
-func podmanOrDocker(reader *bufio.Reader) SupportedContainer {
-	inputContainer := readString(reader, "Would you like to run Pangolin as Docker or Podman containers?", "docker")
+func hasExistingInstall(dir string) bool {
+	configPath := filepath.Join(dir, "config", "config.yml")
+	_, err := os.Stat(configPath)
+	return err == nil
+}
+
+func findOrSelectInstallDirectory() string {
+	const defaultInstallDir = "/opt/pangolin"
+
+	// Get current working directory
+	cwd, err := os.Getwd()
+	if err != nil {
+		fmt.Printf("Error getting current directory: %v\n", err)
+		os.Exit(1)
+	}
+
+	// 1. Check current directory for existing install
+	if hasExistingInstall(cwd) {
+		fmt.Printf("Found existing Pangolin installation in current directory: %s\n", cwd)
+		return cwd
+	}
+
+	// 2. Check default location (/opt/pangolin) for existing install
+	if cwd != defaultInstallDir && hasExistingInstall(defaultInstallDir) {
+		fmt.Printf("\nFound existing Pangolin installation at: %s\n", defaultInstallDir)
+		if readBool(fmt.Sprintf("Would you like to use the existing installation at %s?", defaultInstallDir), true) {
+			return defaultInstallDir
+		}
+	}
+
+	// 3. No existing install found, prompt for installation directory
+	fmt.Println("\n=== Installation Directory ===")
+	fmt.Println("No existing Pangolin installation detected.")
+
+	installDir := readString("Enter the installation directory", defaultInstallDir)
+
+	// Expand ~ to home directory if present
+	if strings.HasPrefix(installDir, "~") {
+		home, err := os.UserHomeDir()
+		if err != nil {
+			fmt.Printf("Error getting home directory: %v\n", err)
+			os.Exit(1)
+		}
+		installDir = filepath.Join(home, installDir[1:])
+	}
+
+	// Convert to absolute path
+	absPath, err := filepath.Abs(installDir)
+	if err != nil {
+		fmt.Printf("Error resolving path: %v\n", err)
+		os.Exit(1)
+	}
+	installDir = absPath
+
+	// Check if directory exists
+	if _, err := os.Stat(installDir); os.IsNotExist(err) {
+		// Directory doesn't exist, create it
+		if readBool(fmt.Sprintf("Directory %s does not exist. Create it?", installDir), true) {
+			if err := os.MkdirAll(installDir, 0755); err != nil {
+				fmt.Printf("Error creating directory: %v\n", err)
+				os.Exit(1)
+			}
+			fmt.Printf("Created directory: %s\n", installDir)
+
+			// Offer to change ownership if running via sudo
+			changeDirectoryOwnership(installDir)
+		} else {
+			fmt.Println("Installation cancelled.")
+			os.Exit(0)
+		}
+	}
+
+	fmt.Printf("Installation directory: %s\n", installDir)
+	return installDir
+}
+
+func changeDirectoryOwnership(dir string) {
+	// Check if we're running via sudo by looking for SUDO_USER
+	sudoUser := os.Getenv("SUDO_USER")
+	if sudoUser == "" || os.Geteuid() != 0 {
+		return
+	}
+
+	sudoUID := os.Getenv("SUDO_UID")
+	sudoGID := os.Getenv("SUDO_GID")
+
+	if sudoUID == "" || sudoGID == "" {
+		return
+	}
+
+	fmt.Printf("\nRunning as root via sudo (original user: %s)\n", sudoUser)
+	if readBool(fmt.Sprintf("Would you like to change ownership of %s to user '%s'? This makes it easier to manage config files without sudo.", dir, sudoUser), true) {
+		uid, err := strconv.Atoi(sudoUID)
+		if err != nil {
+			fmt.Printf("Warning: Could not parse SUDO_UID: %v\n", err)
+			return
+		}
+		gid, err := strconv.Atoi(sudoGID)
+		if err != nil {
+			fmt.Printf("Warning: Could not parse SUDO_GID: %v\n", err)
+			return
+		}
+
+		if err := os.Chown(dir, uid, gid); err != nil {
+			fmt.Printf("Warning: Could not change ownership: %v\n", err)
+		} else {
+			fmt.Printf("Changed ownership of %s to %s\n", dir, sudoUser)
+		}
+	}
+}
+
+func podmanOrDocker() SupportedContainer {
+	inputContainer := readString("Would you like to run Pangolin as Docker or Podman containers?", "docker")
 
 	chosenContainer := Docker
 	if strings.EqualFold(inputContainer, "docker") {
@@ -290,7 +418,8 @@ func podmanOrDocker(reader *bufio.Reader) SupportedContainer {
 		os.Exit(1)
 	}
 
-	if chosenContainer == Podman {
+	switch chosenContainer {
+	case Podman:
 		if !isPodmanInstalled() {
 			fmt.Println("Podman or podman-compose is not installed. Please install both manually. Automated installation will be available in a later release.")
 			os.Exit(1)
@@ -299,7 +428,7 @@ func podmanOrDocker(reader *bufio.Reader) SupportedContainer {
 		if err := exec.Command("bash", "-c", "cat /etc/sysctl.d/99-podman.conf 2>/dev/null | grep 'net.ipv4.ip_unprivileged_port_start=' || cat /etc/sysctl.conf 2>/dev/null | grep 'net.ipv4.ip_unprivileged_port_start='").Run(); err != nil {
 			fmt.Println("Would you like to configure ports >= 80 as unprivileged ports? This enables podman containers to listen on low-range ports.")
 			fmt.Println("Pangolin will experience startup issues if this is not configured, because it needs to listen on port 80/443 by default.")
-			approved := readBool(reader, "The installer is about to execute \"echo 'net.ipv4.ip_unprivileged_port_start=80' > /etc/sysctl.d/99-podman.conf && sysctl --system\". Approve?", true)
+			approved := readBool("The installer is about to execute \"echo 'net.ipv4.ip_unprivileged_port_start=80' > /etc/sysctl.d/99-podman.conf && sysctl --system\". Approve?", true)
 			if approved {
 				if os.Geteuid() != 0 {
 					fmt.Println("You need to run the installer as root for such a configuration.")
@@ -311,7 +440,7 @@ func podmanOrDocker(reader *bufio.Reader) SupportedContainer {
 				// Linux only.
 
 				if err := run("bash", "-c", "echo 'net.ipv4.ip_unprivileged_port_start=80' > /etc/sysctl.d/99-podman.conf && sysctl --system"); err != nil {
-				    fmt.Printf("Error configuring unprivileged ports: %v\n", err)
+					fmt.Printf("Error configuring unprivileged ports: %v\n", err)
 					os.Exit(1)
 				}
 			} else {
@@ -321,7 +450,7 @@ func podmanOrDocker(reader *bufio.Reader) SupportedContainer {
 			fmt.Println("Unprivileged ports have been configured.")
 		}
 
-	} else if chosenContainer == Docker {
+	case Docker:
 		// check if docker is not installed and the user is root
 		if !isDockerInstalled() {
 			if os.Geteuid() != 0 {
@@ -336,7 +465,7 @@ func podmanOrDocker(reader *bufio.Reader) SupportedContainer {
 			fmt.Println("The installer will not be able to run docker commands without running it as root.")
 			os.Exit(1)
 		}
-	} else {
+	default:
 		// This shouldn't happen unless there's a third container runtime.
 		os.Exit(1)
 	}
@@ -344,35 +473,35 @@ func podmanOrDocker(reader *bufio.Reader) SupportedContainer {
 	return chosenContainer
 }
 
-func collectUserInput(reader *bufio.Reader) Config {
+func collectUserInput() Config {
 	config := Config{}
 
 	// Basic configuration
 	fmt.Println("\n=== Basic Configuration ===")
 
-	config.IsEnterprise = readBoolNoDefault(reader, "Do you want to install the Enterprise version of Pangolin? The EE is free for personal use or for businesses making less than 100k USD annually.")
+	config.IsEnterprise = readBoolNoDefault("Do you want to install the Enterprise version of Pangolin? The EE is free for personal use or for businesses making less than 100k USD annually.")
 
-	config.BaseDomain = readString(reader, "Enter your base domain (no subdomain e.g. example.com)", "")
+	config.BaseDomain = readString("Enter your base domain (no subdomain e.g. example.com)", "")
 
 	// Set default dashboard domain after base domain is collected
 	defaultDashboardDomain := ""
 	if config.BaseDomain != "" {
 		defaultDashboardDomain = "pangolin." + config.BaseDomain
 	}
-	config.DashboardDomain = readString(reader, "Enter the domain for the Pangolin dashboard", defaultDashboardDomain)
-	config.LetsEncryptEmail = readString(reader, "Enter email for Let's Encrypt certificates", "")
-	config.InstallGerbil = readBool(reader, "Do you want to use Gerbil to allow tunneled connections", true)
+	config.DashboardDomain = readString("Enter the domain for the Pangolin dashboard", defaultDashboardDomain)
+	config.LetsEncryptEmail = readString("Enter email for Let's Encrypt certificates", "")
+	config.InstallGerbil = readBool("Do you want to use Gerbil to allow tunneled connections", true)
 
 	// Email configuration
 	fmt.Println("\n=== Email Configuration ===")
-	config.EnableEmail = readBool(reader, "Enable email functionality (SMTP)", false)
+	config.EnableEmail = readBool("Enable email functionality (SMTP)", false)
 
 	if config.EnableEmail {
-		config.EmailSMTPHost = readString(reader, "Enter SMTP host", "")
-		config.EmailSMTPPort = readInt(reader, "Enter SMTP port (default 587)", 587)
-		config.EmailSMTPUser = readString(reader, "Enter SMTP username", "")
-		config.EmailSMTPPass = readString(reader, "Enter SMTP password", "") // Should this be readPassword?
-		config.EmailNoReply = readString(reader, "Enter no-reply email address (often the same as SMTP username)", "")
+		config.EmailSMTPHost = readString("Enter SMTP host", "")
+		config.EmailSMTPPort = readInt("Enter SMTP port (default 587)", 587)
+		config.EmailSMTPUser = readString("Enter SMTP username", "")
+		config.EmailSMTPPass = readPassword("Enter SMTP password")
+		config.EmailNoReply = readString("Enter no-reply email address (often the same as SMTP username)", "")
 	}
 
 	// Validate required fields
@@ -393,8 +522,8 @@ func collectUserInput(reader *bufio.Reader) Config {
 
 	fmt.Println("\n=== Advanced Configuration ===")
 
-	config.EnableIPv6 = readBool(reader, "Is your server IPv6 capable?", true)
-	config.EnableGeoblocking = readBool(reader, "Do you want to download the MaxMind GeoLite2 database for geoblocking functionality?", true)
+	config.EnableIPv6 = readBool("Is your server IPv6 capable?", true)
+	config.EnableGeoblocking = readBool("Do you want to download the MaxMind GeoLite2 database for geoblocking functionality?", true)
 
 	if config.DashboardDomain == "" {
 		fmt.Println("Error: Dashboard Domain name is required")
@@ -405,15 +534,23 @@ func collectUserInput(reader *bufio.Reader) Config {
 }
 
 func createConfigFiles(config Config) error {
-	os.MkdirAll("config", 0755)
-	os.MkdirAll("config/letsencrypt", 0755)
-	os.MkdirAll("config/db", 0755)
-	os.MkdirAll("config/logs", 0755)
+	if err := os.MkdirAll("config", 0755); err != nil {
+		return fmt.Errorf("failed to create config directory: %v", err)
+	}
+	if err := os.MkdirAll("config/letsencrypt", 0755); err != nil {
+		return fmt.Errorf("failed to create letsencrypt directory: %v", err)
+	}
+	if err := os.MkdirAll("config/db", 0755); err != nil {
+		return fmt.Errorf("failed to create db directory: %v", err)
+	}
+	if err := os.MkdirAll("config/logs", 0755); err != nil {
+		return fmt.Errorf("failed to create logs directory: %v", err)
+	}
 
 	// Walk through all embedded files
-	err := fs.WalkDir(configFiles, "config", func(path string, d fs.DirEntry, err error) error {
-		if err != nil {
-			return err
+	err := fs.WalkDir(configFiles, "config", func(path string, d fs.DirEntry, walkErr error) (err error) {
+		if walkErr != nil {
+			return walkErr
 		}
 
 		// Skip the root fs directory itself
@@ -464,7 +601,11 @@ func createConfigFiles(config Config) error {
 		if err != nil {
 			return fmt.Errorf("failed to create %s: %v", path, err)
 		}
-		defer outFile.Close()
+		defer func() {
+			if cerr := outFile.Close(); cerr != nil && err == nil {
+				err = cerr
+			}
+		}()
 
 		// Execute template
 		if err := tmpl.Execute(outFile, config); err != nil {
@@ -480,18 +621,26 @@ func createConfigFiles(config Config) error {
 	return nil
 }
 
-func copyFile(src, dst string) error {
+func copyFile(src, dst string) (err error) {
 	source, err := os.Open(src)
 	if err != nil {
 		return err
 	}
-	defer source.Close()
+	defer func() {
+		if cerr := source.Close(); cerr != nil && err == nil {
+			err = cerr
+		}
+	}()
 
 	destination, err := os.Create(dst)
 	if err != nil {
 		return err
 	}
-	defer destination.Close()
+	defer func() {
+		if cerr := destination.Close(); cerr != nil && err == nil {
+			err = cerr
+		}
+	}()
 
 	_, err = io.Copy(destination, source)
 	return err
@@ -562,22 +711,24 @@ func showSetupTokenInstructions(containerType SupportedContainer, dashboardDomai
 	fmt.Println("To get your setup token, you need to:")
 	fmt.Println("")
 	fmt.Println("1. Start the containers")
-	if containerType == Docker {
+	switch containerType {
+	case Docker:
 		fmt.Println("   docker compose up -d")
-	} else if containerType == Podman {
+	case Podman:
 		fmt.Println("   podman-compose up -d")
-	} else {
 	}
+
 	fmt.Println("")
 	fmt.Println("2. Wait for the Pangolin container to start and generate the token")
 	fmt.Println("")
 	fmt.Println("3. Check the container logs for the setup token")
-	if containerType == Docker {
+	switch containerType {
+	case Docker:
 		fmt.Println("   docker logs pangolin | grep -A 2 -B 2 'SETUP TOKEN'")
-	} else if containerType == Podman {
+	case Podman:
 		fmt.Println("   podman logs pangolin | grep -A 2 -B 2 'SETUP TOKEN'")
-	} else {
 	}
+
 	fmt.Println("")
 	fmt.Println("4. Look for output like")
 	fmt.Println("   === SETUP TOKEN GENERATED ===")
@@ -601,32 +752,6 @@ func generateRandomSecretKey() string {
 	return base64.StdEncoding.EncodeToString(secret)
 }
 
-func getPublicIP() string {
-	client := &http.Client{
-		Timeout: 10 * time.Second,
-	}
-
-	resp, err := client.Get("https://ifconfig.io/ip")
-	if err != nil {
-		return ""
-	}
-	defer resp.Body.Close()
-
-	body, err := io.ReadAll(resp.Body)
-	if err != nil {
-		return ""
-	}
-
-	ip := strings.TrimSpace(string(body))
-
-	// Validate that it's a valid IP address
-	if net.ParseIP(ip) != nil {
-		return ip
-	}
-
-	return ""
-}
-
 // Run external commands with stdio/stderr attached.
 func run(name string, args ...string) error {
 	cmd := exec.Command(name, args...)
@@ -639,10 +764,7 @@ func checkPortsAvailable(port int) error {
 	addr := fmt.Sprintf(":%d", port)
 	ln, err := net.Listen("tcp", addr)
 	if err != nil {
-		return fmt.Errorf(
-			"ERROR: port %d is occupied or cannot be bound: %w\n\n",
-			port, err,
-		)
+		return fmt.Errorf("ERROR: port %d is occupied or cannot be bound: %w", port, err)
 	}
 	if closeErr := ln.Close(); closeErr != nil {
 		fmt.Fprintf(os.Stderr,

install/theme.go

@@ -0,0 +1,51 @@
+package main
+
+import (
+	"github.com/charmbracelet/huh"
+	"github.com/charmbracelet/lipgloss"
+)
+
+// Pangolin brand colors (converted from oklch to hex)
+var (
+	// Primary orange/amber - oklch(0.6717 0.1946 41.93)
+	primaryColor = lipgloss.AdaptiveColor{Light: "#D97706", Dark: "#F59E0B"}
+	// Muted foreground
+	mutedColor = lipgloss.AdaptiveColor{Light: "#737373", Dark: "#A3A3A3"}
+	// Success green
+	successColor = lipgloss.AdaptiveColor{Light: "#16A34A", Dark: "#22C55E"}
+	// Error red - oklch(0.577 0.245 27.325)
+	errorColor = lipgloss.AdaptiveColor{Light: "#DC2626", Dark: "#EF4444"}
+	// Normal text
+	normalFg = lipgloss.AdaptiveColor{Light: "#171717", Dark: "#FAFAFA"}
+)
+
+// ThemePangolin returns a huh theme using Pangolin brand colors
+func ThemePangolin() *huh.Theme {
+	t := huh.ThemeBase()
+
+	// Focused state styles
+	t.Focused.Base = t.Focused.Base.BorderForeground(primaryColor)
+	t.Focused.Title = t.Focused.Title.Foreground(primaryColor).Bold(true)
+	t.Focused.Description = t.Focused.Description.Foreground(mutedColor)
+	t.Focused.ErrorIndicator = t.Focused.ErrorIndicator.Foreground(errorColor)
+	t.Focused.ErrorMessage = t.Focused.ErrorMessage.Foreground(errorColor)
+	t.Focused.SelectSelector = t.Focused.SelectSelector.Foreground(primaryColor)
+	t.Focused.NextIndicator = t.Focused.NextIndicator.Foreground(primaryColor)
+	t.Focused.PrevIndicator = t.Focused.PrevIndicator.Foreground(primaryColor)
+	t.Focused.Option = t.Focused.Option.Foreground(normalFg)
+	t.Focused.SelectedOption = t.Focused.SelectedOption.Foreground(primaryColor)
+	t.Focused.SelectedPrefix = lipgloss.NewStyle().Foreground(successColor).SetString("✓ ")
+	t.Focused.UnselectedPrefix = lipgloss.NewStyle().Foreground(mutedColor).SetString("  ")
+	t.Focused.FocusedButton = t.Focused.FocusedButton.Foreground(lipgloss.Color("#FFFFFF")).Background(primaryColor)
+	t.Focused.BlurredButton = t.Focused.BlurredButton.Foreground(normalFg).Background(lipgloss.AdaptiveColor{Light: "#E5E5E5", Dark: "#404040"})
+	t.Focused.TextInput.Cursor = t.Focused.TextInput.Cursor.Foreground(primaryColor)
+	t.Focused.TextInput.Prompt = t.Focused.TextInput.Prompt.Foreground(primaryColor)
+
+	// Blurred state inherits from focused but with hidden border
+	t.Blurred = t.Focused
+	t.Blurred.Base = t.Focused.Base.BorderStyle(lipgloss.HiddenBorder())
+	t.Blurred.Title = t.Blurred.Title.Foreground(mutedColor).Bold(false)
+	t.Blurred.TextInput.Prompt = t.Blurred.TextInput.Prompt.Foreground(mutedColor)
+
+	return t
+}

license_header_checker.py

@@ -0,0 +1,137 @@
+import os
+import sys
+
+# --- Configuration ---
+# The header text to be added to the files.
+HEADER_TEXT = """/*
+ * This file is part of a proprietary work.
+ *
+ * Copyright (c) 2025-2026 Fossorial, Inc.
+ * All rights reserved.
+ *
+ * This file is licensed under the Fossorial Commercial License.
+ * You may not use this file except in compliance with the License.
+ * Unauthorized use, copying, modification, or distribution is strictly prohibited.
+ *
+ * This file is not licensed under the AGPLv3.
+ */
+"""
+
+HEADER_NORMALIZED = HEADER_TEXT.strip()
+
+
+def extract_leading_block_comment(content):
+    """
+    If the file content begins with a /* ... */ block comment, return the
+    full text of that comment (including the delimiters) and the index at
+    which the rest of the file starts (after any trailing newlines).
+    Returns (None, 0) when no such comment is found.
+    """
+    stripped = content.lstrip()
+    if not stripped.startswith('/*'):
+        return None, 0
+
+    # Account for any leading whitespace before the comment
+    comment_start = content.index('/*')
+    end_marker = content.find('*/', comment_start + 2)
+    if end_marker == -1:
+        return None, 0
+
+    comment_end = end_marker + 2  # position just after '*/'
+    comment_text = content[comment_start:comment_end].strip()
+
+    # Advance past any whitespace / newlines that follow the closing */
+    rest_start = comment_end
+    while rest_start < len(content) and content[rest_start] in '\n\r':
+        rest_start += 1
+
+    return comment_text, rest_start
+
+
+def should_add_header(file_path):
+    """
+    Checks if a file should receive the commercial license header.
+    Returns True if 'server/private' is in the path.
+    """
+    if 'server/private' in file_path.lower():
+        return True
+
+    return False
+
+
+def process_directory(root_dir):
+    """
+    Recursively scans a directory and adds/replaces/removes headers in
+    qualifying .ts or .tsx files, skipping any 'node_modules' directories.
+    """
+    print(f"Scanning directory: {root_dir}")
+    files_processed = 0
+    files_modified = 0
+
+    for root, dirs, files in os.walk(root_dir):
+        # Exclude 'node_modules' directories from the scan.
+        if 'node_modules' in dirs:
+            dirs.remove('node_modules')
+
+        for file in files:
+            if not (file.endswith('.ts') or file.endswith('.tsx')):
+                continue
+
+            file_path = os.path.join(root, file)
+            files_processed += 1
+
+            try:
+                with open(file_path, 'r', encoding='utf-8') as f:
+                    original_content = f.read()
+
+                existing_comment, body_start = extract_leading_block_comment(
+                    original_content
+                )
+                has_any_header = existing_comment is not None
+                has_correct_header = existing_comment == HEADER_NORMALIZED
+
+                body = original_content[body_start:] if has_any_header else original_content
+
+                if should_add_header(file_path):
+                    if has_correct_header:
+                        print(f"Header up-to-date:  {file_path}")
+                    else:
+                        # Either no header exists or the header is outdated - write
+                        # the correct one.
+                        action = "Replaced header in" if has_any_header else "Added header to"
+                        new_content = HEADER_NORMALIZED + '\n\n' + body
+                        with open(file_path, 'w', encoding='utf-8') as f:
+                            f.write(new_content)
+                        print(f"{action}: {file_path}")
+                        files_modified += 1
+                else:
+                    if has_any_header:
+                        # Remove the header - it shouldn't be here.
+                        with open(file_path, 'w', encoding='utf-8') as f:
+                            f.write(body)
+                        print(f"Removed header from: {file_path}")
+                        files_modified += 1
+                    else:
+                        print(f"No header needed:   {file_path}")
+
+            except Exception as e:
+                print(f"Error processing file {file_path}: {e}")
+
+    print("\n--- Scan Complete ---")
+    print(f"Total .ts or .tsx files found:          {files_processed}")
+    print(f"Files modified (added/replaced/removed): {files_modified}")
+
+
+if __name__ == "__main__":
+    # Get the target directory from the command line arguments.
+    # If no directory is provided, it uses the current directory ('.').
+    if len(sys.argv) > 1:
+        target_directory = sys.argv[1]
+    else:
+        target_directory = '.'  # Default to current directory
+
+    if not os.path.isdir(target_directory):
+        print(f"Error: Directory '{target_directory}' not found.")
+        sys.exit(1)
+
+    process_directory(os.path.abspath(target_directory))

messages/es-ES.json

@@ -1,4 +1,8 @@
 {
+    "contactSalesEnable": "Contacta ventas para habilitar esta función.",
+    "contactSalesBookDemo": "Reservar una demostración",
+    "contactSalesOr": "o",
+    "contactSalesContactUs": "contáctenos",
     "setupCreate": "Crear la organización, el sitio y los recursos",
     "headerAuthCompatibilityInfo": "Habilite esto para forzar una respuesta 401 no autorizada cuando falte un token de autenticación. Esto es necesario para navegadores o bibliotecas HTTP específicas que no envían credenciales sin un desafío del servidor.",
     "headerAuthCompatibility": "Compatibilidad extendida",
@@ -19,6 +23,18 @@
     "componentsInvalidKey": "Se han detectado claves de licencia inválidas o caducadas. Siga los términos de licencia para seguir usando todas las características.",
     "dismiss": "Descartar",
     "subscriptionViolationMessage": "Estás más allá de tus límites para tu plan actual. Corrija el problema eliminando sitios, usuarios u otros recursos para permanecer dentro de tu plan.",
+    "trialBannerMessage": "Su prueba expira en {countdown}. Actualice para mantener el acceso.",
+    "trialBannerExpired": "Su prueba ha expirado. Actualice ahora para restaurar el acceso.",
+    "billingTrialBannerTitle": "Prueba gratuita activada",
+    "billingTrialBannerDescription": "Actualmente estás en una prueba gratuita en el nivel empresarial. Cuando finalice la prueba, tu cuenta volverá automáticamente a las características y límites del nivel Básico. Mejora en cualquier momento para mantener el acceso a las características de tu plan actual.",
+    "billingTrialBannerUpgrade": "Actualizar ahora",
+    "billingTrialBadge": "Prueba Gratuita",
+    "trialActive": "Prueba gratuita activa",
+    "trialExpired": "Prueba expirada",
+    "trialHasEnded": "Su prueba ha terminado.",
+    "trialDaysRemaining": "{count, plural, one {# día restante} other {# días restantes}}",
+    "trialDaysLeftShort": "Quedan {days}d en la prueba",
+    "trialGoToBilling": "Ir a la página de facturación",
     "subscriptionViolationViewBilling": "Ver facturación",
     "componentsLicenseViolation": "Violación de la Licencia: Este servidor está usando sitios {usedSites} que exceden su límite de licencias de sitios {maxSites} . Siga los términos de licencia para seguir usando todas las características.",
     "componentsSupporterMessage": "¡Gracias por apoyar a Pangolin como {tier}!",
@@ -81,6 +97,8 @@
     "siteConfirmCopy": "He copiado la configuración",
     "searchSitesProgress": "Buscar sitios...",
     "siteAdd": "Añadir sitio",
+    "sitesTableViewPublicResources": "Ver Recursos Públicos",
+    "sitesTableViewPrivateResources": "Ver Recursos Privados",
     "siteInstallNewt": "Instalar Newt",
     "siteInstallNewtDescription": "Recibe Newt corriendo en tu sistema",
     "WgConfiguration": "Configuración de Wirex Guard",
@@ -98,6 +116,21 @@
     "siteUpdatedDescription": "El sitio ha sido actualizado.",
     "siteGeneralDescription": "Configurar la configuración general de este sitio",
     "siteSettingDescription": "Configurar los ajustes en el sitio",
+    "siteResourcesTab": "Recursos",
+    "siteResourcesNoneOnSite": "Este sitio aún no tiene recursos públicos o privados.",
+    "siteResourcesSectionPublic": "Recursos Públicos",
+    "siteResourcesSectionPrivate": "Recursos Privados",
+    "siteResourcesSectionPublicDescription": "Recursos expuestos externamente a través de dominios o puertos.",
+    "siteResourcesSectionPrivateDescription": "Recursos disponibles en tu red privada a través del sitio.",
+    "siteResourcesViewAllPublic": "Ver todos los recursos",
+    "siteResourcesViewAllPrivate": "Ver todos los recursos",
+    "siteResourcesDialogDescription": "Descripción general de los recursos públicos y privados asociados con este sitio.",
+    "siteResourcesShowMore": "Mostrar más",
+    "siteResourcesPermissionDenied": "No tienes permiso para listar estos recursos.",
+    "siteResourcesEmptyPublic": "Aún no hay recursos públicos apuntando a este sitio.",
+    "siteResourcesEmptyPrivate": "Aún no hay recursos privados asociados con este sitio.",
+    "siteResourcesHowToAccess": "Cómo acceder",
+    "siteResourcesTargetsOnSite": "Objetivos en este sitio",
     "siteSetting": "Ajustes {siteName}",
     "siteNewtTunnel": "Sitio nuevo (recomendado)",
     "siteNewtTunnelDescription": "La forma más fácil de crear un punto de entrada en cualquier red. Sin configuración extra.",
@@ -148,6 +181,11 @@
     "createLink": "Crear enlace",
     "resourcesNotFound": "No se encontraron recursos",
     "resourceSearch": "Buscar recursos",
+    "machineSearch": "Buscar máquinas",
+    "machinesSearch": "Buscar clientes...",
+    "machineNotFound": "No hay máquinas",
+    "userDeviceSearch": "Buscar dispositivos de usuario",
+    "userDevicesSearch": "Buscar dispositivos de usuario...",
     "openMenu": "Abrir menú",
     "resource": "Recurso",
     "title": "Título",
@@ -175,6 +213,7 @@
     "resourceHTTPDescription": "Proxy proporciona solicitudes sobre HTTPS usando un nombre de dominio completamente calificado.",
     "resourceRaw": "Recurso TCP/UDP sin procesar",
     "resourceRawDescription": "Proxy proporciona solicitudes sobre TCP/UDP usando un número de puerto.",
+    "resourceRawDescriptionCloud": "Las peticiones de proxy sobre TCP/UDP crudas usando un número de puerto. Requiere que los sitios se conecten a un nodo remoto.",
     "resourceCreate": "Crear Recurso",
     "resourceCreateDescription": "Siga los siguientes pasos para crear un nuevo recurso",
     "resourceSeeAll": "Ver todos los recursos",
@@ -201,6 +240,7 @@
     "protocolSelect": "Seleccionar un protocolo",
     "resourcePortNumber": "Número de puerto",
     "resourcePortNumberDescription": "El número de puerto externo a las solicitudes de proxy.",
+    "back": "Atrás",
     "cancel": "Cancelar",
     "resourceConfig": "Fragmentos de configuración",
     "resourceConfigDescription": "Copia y pega estos fragmentos de configuración para configurar el recurso TCP/UDP",
@@ -246,11 +286,25 @@
     "orgErrorDeleteMessage": "Se ha producido un error al eliminar la organización.",
     "orgDeleted": "Organización eliminada",
     "orgDeletedMessage": "La organización y sus datos han sido eliminados.",
+    "deleteAccount": "Eliminar cuenta",
+    "deleteAccountDescription": "Elimina permanentemente tu cuenta, todas las organizaciones que posees y todos los datos dentro de esas organizaciones. Esto no se puede deshacer.",
+    "deleteAccountButton": "Eliminar cuenta",
+    "deleteAccountConfirmTitle": "Eliminar cuenta",
+    "deleteAccountConfirmMessage": "Esto borrará permanentemente tu cuenta, todas las organizaciones que posees y todos los datos dentro de esas organizaciones. Esto no se puede deshacer.",
+    "deleteAccountConfirmString": "eliminar cuenta",
+    "deleteAccountSuccess": "Cuenta eliminada",
+    "deleteAccountSuccessMessage": "Tu cuenta ha sido eliminada.",
+    "deleteAccountError": "Error al eliminar la cuenta",
+    "deleteAccountPreviewAccount": "Tu cuenta",
+    "deleteAccountPreviewOrgs": "Organizaciones que tienes (y todos sus datos)",
     "orgMissing": "Falta el ID de la organización",
     "orgMissingMessage": "No se puede regenerar la invitación sin el ID de la organización.",
     "accessUsersManage": "Administrar usuarios",
+    "accessUserManage": "Administrar usuario",
     "accessUsersDescription": "Invitar y administrar usuarios con acceso a esta organización",
     "accessUsersSearch": "Buscar usuarios...",
+    "accessUsersRoleFilterCount": "{count, plural, one {# rol} other {# roles}}",
+    "accessUsersRoleFilterClear": "Borrar filtros de rol",
     "accessUserCreate": "Crear usuario",
     "accessUserRemove": "Eliminar usuario",
     "username": "Usuario",
@@ -310,6 +364,54 @@
     "apiKeysDelete": "Borrar Clave API",
     "apiKeysManage": "Administrar claves API",
     "apiKeysDescription": "Las claves API se utilizan para autenticar con la API de integración",
+    "provisioningKeysTitle": "Clave de aprovisionamiento",
+    "provisioningKeysManage": "Administrar Claves de Aprovisionamiento",
+    "provisioningKeysDescription": "Las claves de aprovisionamiento se utilizan para autenticar la provisión automatizada del sitio para su organización.",
+    "provisioningManage": "Aprovisionamiento",
+    "provisioningDescription": "Administrar las claves de aprovisionamiento y revisar los sitios pendientes de aprobación.",
+    "pendingSites": "Sitios pendientes",
+    "siteApproveSuccess": "Sitio aprobado con éxito",
+    "siteApproveError": "Error al aprobar el sitio",
+    "provisioningKeys": "Claves de aprovisionamiento",
+    "searchProvisioningKeys": "Buscar claves de suministro...",
+    "provisioningKeysAdd": "Generar clave de aprovisionamiento",
+    "provisioningKeysErrorDelete": "Error al eliminar la clave de aprovisionamiento",
+    "provisioningKeysErrorDeleteMessage": "Error al eliminar la clave de aprovisionamiento",
+    "provisioningKeysQuestionRemove": "¿Está seguro que desea eliminar esta clave de aprovisionamiento de la organización?",
+    "provisioningKeysMessageRemove": "Una vez eliminada, la clave ya no se puede utilizar para la disposición del sitio.",
+    "provisioningKeysDeleteConfirm": "Confirmar Eliminar Clave de Aprovisionamiento",
+    "provisioningKeysDelete": "Eliminar clave de aprovisionamiento",
+    "provisioningKeysCreate": "Generar clave de aprovisionamiento",
+    "provisioningKeysCreateDescription": "Generar una nueva clave de aprovisionamiento para la organización",
+    "provisioningKeysSeeAll": "Ver todas las claves de aprovisionamiento",
+    "provisioningKeysSave": "Guardar la clave de aprovisionamiento",
+    "provisioningKeysSaveDescription": "Sólo podrás verlo una vez. Copítalo a un lugar seguro.",
+    "provisioningKeysErrorCreate": "Error al crear la clave de provisioning",
+    "provisioningKeysList": "Nueva clave de aprovisionamiento",
+    "provisioningKeysMaxBatchSize": "Tamaño máximo de lote",
+    "provisioningKeysUnlimitedBatchSize": "Tamaño ilimitado del lote (sin límite)",
+    "provisioningKeysMaxBatchUnlimited": "Ilimitado",
+    "provisioningKeysMaxBatchSizeInvalid": "Introduzca un tamaño máximo de lote válido (1–1,000,000).",
+    "provisioningKeysValidUntil": "Válido hasta",
+    "provisioningKeysValidUntilHint": "Dejar vacío para no expirar.",
+    "provisioningKeysValidUntilInvalid": "Introduzca una fecha y hora válidas.",
+    "provisioningKeysNumUsed": "Tiempos usados",
+    "provisioningKeysLastUsed": "Último uso",
+    "provisioningKeysNoExpiry": "No expiración",
+    "provisioningKeysNeverUsed": "Nunca",
+    "provisioningKeysEdit": "Editar clave de aprovisionamiento",
+    "provisioningKeysEditDescription": "Actualizar el tamaño máximo de lote y el tiempo de caducidad para esta clave.",
+    "provisioningKeysApproveNewSites": "Aprobar nuevos sitios",
+    "provisioningKeysApproveNewSitesDescription": "Aprobar automáticamente los sitios que se registran con esta clave.",
+    "provisioningKeysUpdateError": "Error al actualizar la clave de aprovisionamiento",
+    "provisioningKeysUpdated": "Clave de aprovisionamiento actualizada",
+    "provisioningKeysUpdatedDescription": "Sus cambios han sido guardados.",
+    "provisioningKeysBannerTitle": "Claves de aprovisionamiento del sitio",
+    "provisioningKeysBannerDescription": "Genere una clave de aprovisionamiento y utilícela con el conector Newt para crear automáticamente sitios en el primer inicio: no es necesario configurar credenciales separadas para cada sitio.",
+    "provisioningKeysBannerButtonText": "Saber más",
+    "pendingSitesBannerTitle": "Sitios pendientes",
+    "pendingSitesBannerDescription": "Los sitios que se conectan utilizando una clave de aprovisionamiento aparecerán aquí para su revisión.",
+    "pendingSitesBannerButtonText": "Saber más",
     "apiKeysSettings": "Ajustes {apiKeyName}",
     "userTitle": "Administrar todos los usuarios",
     "userDescription": "Ver y administrar todos los usuarios en el sistema",
@@ -339,6 +441,10 @@
     "licenseErrorKeyActivate": "Error al activar la clave de licencia",
     "licenseErrorKeyActivateDescription": "Se ha producido un error al activar la clave de licencia.",
     "licenseAbout": "Acerca de la licencia",
+    "licenseBannerTitle": "Habilitar su Licencia Enterprise",
+    "licenseBannerDescription": "Desbloquea funciones empresariales para tu instancia autohospedada de Pangolin. Compra una clave de licencia para activar capacidades premium, luego agréguela a continuación.",
+    "licenseBannerGetLicense": "Obtener una Licencia",
+    "licenseBannerViewDocs": "Ver Documentación",
     "communityEdition": "Edición comunitaria",
     "licenseAboutDescription": "Esto es para usuarios empresariales y empresariales que utilizan Pangolin en un entorno comercial. Si estás usando Pangolin para uso personal, puedes ignorar esta sección.",
     "licenseKeyActivated": "Clave de licencia activada",
@@ -461,6 +567,8 @@
     "filterByApprovalState": "Filtrar por estado de aprobación",
     "approvalListEmpty": "No hay aprobaciones",
     "approvalState": "Estado de aprobación",
+    "approvalLoadMore": "Cargar más",
+    "loadingApprovals": "Cargando aprobaciones",
     "approve": "Aprobar",
     "approved": "Aprobado",
     "denied": "Denegado",
@@ -494,9 +602,12 @@
     "userSaved": "Usuario guardado",
     "userSavedDescription": "El usuario ha sido actualizado.",
     "autoProvisioned": "Auto asegurado",
+    "autoProvisionSettings": "Configuración de Auto Provision",
     "autoProvisionedDescription": "Permitir a este usuario ser administrado automáticamente por el proveedor de identidad",
     "accessControlsDescription": "Administrar lo que este usuario puede acceder y hacer en la organización",
     "accessControlsSubmit": "Guardar controles de acceso",
+    "singleRolePerUserPlanNotice": "Tu plan sólo soporta un rol por usuario.",
+    "singleRolePerUserEditionNotice": "Esta edición sólo soporta un rol por usuario.",
     "roles": "Roles",
     "accessUsersRoles": "Administrar usuarios y roles",
     "accessUsersRolesDescription": "Invitar usuarios y añadirlos a roles para administrar el acceso a la organización",
@@ -553,6 +664,8 @@
     "targetErrorInvalidPortDescription": "Por favor, introduzca un número de puerto válido",
     "targetErrorNoSite": "Ningún sitio seleccionado",
     "targetErrorNoSiteDescription": "Por favor, seleccione un sitio para el objetivo",
+    "targetTargetsCleared": "Objetivos eliminados",
+    "targetTargetsClearedDescription": "Todos los objetivos han sido eliminados de este recurso",
     "targetCreated": "Objetivo creado",
     "targetCreatedDescription": "El objetivo se ha creado correctamente",
     "targetErrorCreate": "Error al crear el objetivo",
@@ -636,6 +749,7 @@
     "resourcesErrorUpdate": "Error al cambiar el recurso",
     "resourcesErrorUpdateDescription": "Se ha producido un error al actualizar el recurso",
     "access": "Acceder",
+    "accessControl": "Control de acceso",
     "shareLink": "{resource} Compartir Enlace",
     "resourceSelect": "Seleccionar recurso",
     "shareLinks": "Compartir enlaces",
@@ -653,6 +767,7 @@
     "newtEndpoint": "Endpoint",
     "newtId": "ID",
     "newtSecretKey": "Secreto",
+    "newtVersion": "Versión",
     "architecture": "Arquitectura",
     "sites": "Sitios",
     "siteWgAnyClients": "Usa cualquier cliente de Wirex para conectarte. Tendrás que dirigirte a los recursos internos usando la IP de compañeros.",
@@ -776,6 +891,7 @@
     "accessRoleRemoved": "Rol eliminado",
     "accessRoleRemovedDescription": "El rol se ha eliminado correctamente.",
     "accessRoleRequiredRemove": "Antes de eliminar este rol, seleccione un nuevo rol al que transferir miembros existentes.",
+    "network": "Red",
     "manage": "Gestionar",
     "sitesNotFound": "Sitios no encontrados.",
     "pangolinServerAdmin": "Admin Servidor - Pangolin",
@@ -819,6 +935,7 @@
     "idpDisplayName": "Un nombre mostrado para este proveedor de identidad",
     "idpAutoProvisionUsers": "Auto-Provisión de Usuarios",
     "idpAutoProvisionUsersDescription": "Cuando está habilitado, los usuarios serán creados automáticamente en el sistema al iniciar sesión con la capacidad de asignar a los usuarios a roles y organizaciones.",
+    "idpAutoProvisionConfigureAfterCreate": "Puede configurar las configuraciones de provisión automática una vez que se haya creado el proveedor de identidad.",
     "licenseBadge": "EE",
     "idpType": "Tipo de proveedor",
     "idpTypeDescription": "Seleccione el tipo de proveedor de identidad que desea configurar",
@@ -870,7 +987,7 @@
     "defaultMappingsRole": "Mapeo de Rol por defecto",
     "defaultMappingsRoleDescription": "El resultado de esta expresión debe devolver el nombre del rol tal y como se define en la organización como una cadena.",
     "defaultMappingsOrg": "Mapeo de organización por defecto",
-    "defaultMappingsOrgDescription": "Esta expresión debe devolver el ID de org o verdadero para que el usuario pueda acceder a la organización.",
+    "defaultMappingsOrgDescription": "Cuando se establece, esta expresión debe devolver el ID de la organización o verdadero para que el usuario acceda a esa organización. Cuando no se establece, definir un mapeo de roles es suficiente: se permite la entrada del usuario siempre que se pueda resolver un mapeo de roles válido para él dentro de la organización.",
     "defaultMappingsSubmit": "Guardar asignaciones por defecto",
     "orgPoliciesEdit": "Editar Política de Organización",
     "org": "Organización",
@@ -1017,12 +1134,12 @@
     "pangolinSetup": "Configuración - Pangolin",
     "orgNameRequired": "El nombre de la organización es obligatorio",
     "orgIdRequired": "El ID de la organización es obligatorio",
+    "orgIdMaxLength": "El ID de la organización debe tener como máximo 32 caracteres",
     "orgErrorCreate": "Se ha producido un error al crear el org",
     "pageNotFound": "Página no encontrada",
     "pageNotFoundDescription": "¡Vaya! La página que estás buscando no existe.",
     "overview": "Resumen",
     "home": "Inicio",
-    "accessControl": "Control de acceso",
     "settings": "Ajustes",
     "usersAll": "Todos los usuarios",
     "license": "Licencia",
@@ -1085,6 +1202,12 @@
     "actionGetUser": "Obtener usuario",
     "actionGetOrgUser": "Obtener usuario de la organización",
     "actionListOrgDomains": "Listar dominios de la organización",
+    "actionGetDomain": "Obtener dominio",
+    "actionCreateOrgDomain": "Crear dominio",
+    "actionUpdateOrgDomain": "Actualizar dominio",
+    "actionDeleteOrgDomain": "Eliminar dominio",
+    "actionGetDNSRecords": "Obtener registros DNS",
+    "actionRestartOrgDomain": "Reiniciar dominio",
     "actionCreateSite": "Crear sitio",
     "actionDeleteSite": "Eliminar sitio",
     "actionGetSite": "Obtener sitio",
@@ -1096,6 +1219,7 @@
     "setupTokenDescription": "Ingrese el token de configuración desde la consola del servidor.",
     "setupTokenRequired": "Se requiere el token de configuración",
     "actionUpdateSite": "Actualizar sitio",
+    "actionResetSiteBandwidth": "Restablecer ancho de banda de la organización",
     "actionListSiteRoles": "Lista de roles permitidos del sitio",
     "actionCreateResource": "Crear Recurso",
     "actionDeleteResource": "Eliminar Recurso",
@@ -1125,6 +1249,7 @@
     "actionRemoveUser": "Eliminar usuario",
     "actionListUsers": "Listar usuarios",
     "actionAddUserRole": "Añadir rol de usuario",
+    "actionSetUserOrgRoles": "Establecer roles de usuario",
     "actionGenerateAccessToken": "Generar token de acceso",
     "actionDeleteAccessToken": "Eliminar token de acceso",
     "actionListAccessTokens": "Lista de Tokens de Acceso",
@@ -1169,7 +1294,9 @@
     "actionViewLogs": "Ver registros",
     "noneSelected": "Ninguno seleccionado",
     "orgNotFound2": "No se encontraron organizaciones.",
-    "searchProgress": "Buscar...",
+    "search": "Buscar…",
+    "searchPlaceholder": "Buscar...",
+    "emptySearchOptions": "No se encontraron opciones",
     "create": "Crear",
     "orgs": "Organizaciones",
     "loginError": "Ocurrió un error inesperado. Por favor, inténtelo de nuevo.",
@@ -1233,12 +1360,14 @@
     "sidebarClientResources": "Privado",
     "sidebarAccessControl": "Control de acceso",
     "sidebarLogsAndAnalytics": "Registros y análisis",
+    "sidebarTeam": "Equipo",
     "sidebarUsers": "Usuarios",
     "sidebarAdmin": "Admin",
     "sidebarInvitations": "Invitaciones",
     "sidebarRoles": "Roles",
     "sidebarShareableLinks": "Enlaces",
     "sidebarApiKeys": "Claves API",
+    "sidebarProvisioning": "Aprovisionamiento",
     "sidebarSettings": "Ajustes",
     "sidebarAllUsers": "Todos los usuarios",
     "sidebarIdentityProviders": "Proveedores de identidad",
@@ -1250,8 +1379,167 @@
     "sidebarGeneral": "Gestionar",
     "sidebarLogAndAnalytics": "Registro y análisis",
     "sidebarBluePrints": "Planos",
+    "sidebarAlerting": "Alertas",
+    "sidebarHealthChecks": "Chequeos de salud",
     "sidebarOrganization": "Organización",
+    "sidebarManagement": "Gestión",
+    "sidebarBillingAndLicenses": "Facturación y licencias",
     "sidebarLogsAnalytics": "Analíticas",
+    "alertingTitle": "Alertas",
+    "alertingDescription": "Definir fuentes, disparadores y acciones para notificaciones",
+    "alertingRules": "Reglas de alerta",
+    "alertingSearchRules": "Buscar reglas…",
+    "alertingAddRule": "Crear regla",
+    "alertingColumnSource": "Fuente",
+    "alertingColumnTrigger": "Disparador",
+    "alertingColumnActions": "Acciones",
+    "alertingColumnEnabled": "Activado",
+    "alertingDeleteQuestion": "Por favor, confirme que desea eliminar esta regla de alerta.",
+    "alertingDeleteRule": "Eliminar regla de alerta",
+    "alertingRuleDeleted": "Regla de alerta eliminada",
+    "alertingRuleSaved": "Regla de alerta guardada",
+    "alertingRuleSavedCreatedDescription": "Tu nueva regla de alerta fue creada. Puedes seguir editándola en esta página.",
+    "alertingRuleSavedUpdatedDescription": "Tus cambios a esta regla de alerta fueron guardados.",
+    "alertingEditRule": "Editar regla de alerta",
+    "alertingCreateRule": "Crear regla de alerta",
+    "alertingRuleCredenzaDescription": "Elija qué observar, cuándo disparar y cómo notificar",
+    "alertingRuleNamePlaceholder": "Sitio de producción caído",
+    "alertingRuleEnabled": "Regla habilitada",
+    "alertingSectionSource": "Fuente",
+    "alertingSourceType": "Tipo de fuente",
+    "alertingSourceSite": "Sitio",
+    "alertingSourceHealthCheck": "Chequeo de salud",
+    "alertingPickSites": "Sitios",
+    "alertingPickHealthChecks": "Chequeos de salud",
+    "alertingPickResources": "Recursos",
+    "alertingAllSites": "Todos los sitios",
+    "alertingAllSitesDescription": "Las alertas se activan para cualquier sitio",
+    "alertingSpecificSites": "Sitios específicos",
+    "alertingSpecificSitesDescription": "Escoja sitios específicos para observar",
+    "alertingAllHealthChecks": "Todos los chequeos de salud",
+    "alertingAllHealthChecksDescription": "Las alertas se activan para cualquier chequeo de salud",
+    "alertingSpecificHealthChecks": "Chequeos de salud específicos",
+    "alertingSpecificHealthChecksDescription": "Elija chequeos de salud específicos para observar",
+    "alertingAllResources": "Todos los recursos",
+    "alertingAllResourcesDescription": "Las alertas se activan para cualquier recurso",
+    "alertingSpecificResources": "Recursos específicos",
+    "alertingSpecificResourcesDescription": "Elija recursos específicos para observar",
+    "alertingSelectResources": "Seleccionar recursos…",
+    "alertingResourcesSelected": "{count} recursos seleccionados",
+    "alertingResourcesEmpty": "No hay recursos con objetivos en los primeros 10 resultados.",
+    "alertingSectionTrigger": "Disparador",
+    "alertingTrigger": "Cuándo alertar",
+    "alertingTriggerSiteOnline": "Sitio en línea",
+    "alertingTriggerSiteOffline": "Sitio fuera de línea",
+    "alertingTriggerSiteToggle": "El estado del sitio cambia",
+    "alertingTriggerHcHealthy": "Chequeo de salud saludable",
+    "alertingTriggerHcUnhealthy": "Chequeo de salud no saludable",
+    "alertingTriggerHcToggle": "El estado del chequeo de salud cambia",
+    "alertingTriggerResourceHealthy": "Recurso saludable",
+    "alertingTriggerResourceUnhealthy": "Recurso no saludable",
+    "alertingTriggerResourceDegraded": "Recurso degradado",
+    "alertingSearchHealthChecks": "Buscar chequeos de salud…",
+    "alertingHealthChecksEmpty": "No hay chequeos de salud disponibles.",
+    "alertingTriggerResourceToggle": "El estado del recurso cambia",
+    "alertingSourceResource": "Recurso",
+    "alertingSectionActions": "Acciones",
+    "alertingAddAction": "Añadir acción",
+    "alertingActionNotify": "E-mail",
+    "alertingActionNotifyDescription": "Enviar notificaciones por correo electrónico a usuarios o roles",
+    "alertingActionWebhook": "Webhook",
+    "alertingActionWebhookDescription": "Enviar una solicitud HTTP a un punto final personalizado",
+    "alertingExternalIntegration": "Integración externa",
+    "alertingExternalPagerDutyDescription": "Enviar alertas a PagerDuty para gestión de incidentes",
+    "alertingExternalOpsgenieDescription": "Dirigir alertas a Opsgenie para gestión de llamadas",
+    "alertingExternalServiceNowDescription": "Crear incidentes de ServiceNow a partir de eventos de alerta",
+    "alertingExternalIncidentIoDescription": "Activar flujos de trabajo de Incident.io a partir de eventos de alerta",
+    "alertingActionType": "Tipo de acción",
+    "alertingNotifyUsers": "Usuarios",
+    "alertingNotifyRoles": "Roles",
+    "alertingNotifyEmails": "Direcciones de correo electrónico",
+    "alertingEmailPlaceholder": "Añadir email y presionar Enter",
+    "alertingWebhookMethod": "Método HTTP",
+    "alertingWebhookSecret": "Firma secreta (opcional)",
+    "alertingWebhookSecretPlaceholder": "Secreto HMAC",
+    "alertingWebhookHeaders": "Encabezados",
+    "alertingAddHeader": "Añadir encabezado",
+    "alertingSelectSites": "Seleccionar sitios…",
+    "alertingSitesSelected": "{count} sitios seleccionados",
+    "alertingSelectHealthChecks": "Seleccionar chequeos de salud…",
+    "alertingHealthChecksSelected": "{count} chequeos de salud seleccionados",
+    "alertingNoHealthChecks": "No hay objetivos con chequeos de salud habilitados",
+    "alertingHealthCheckStub": "La selección de chequeo de salud no está conectada aún - todavía puede configurar disparadores y acciones.",
+    "alertingSelectUsers": "Seleccionar usuarios…",
+    "alertingUsersSelected": "{count} usuarios seleccionados",
+    "alertingSelectRoles": "Seleccionar roles…",
+    "alertingRolesSelected": "{count} roles seleccionados",
+    "alertingSummarySites": "Sitios ({count})",
+    "alertingSummaryAllSites": "Todos los sitios",
+    "alertingSummaryHealthChecks": "Chequeos de salud ({count})",
+    "alertingSummaryAllHealthChecks": "Todos los chequeos de salud",
+    "alertingSummaryResources": "Recursos ({count})",
+    "alertingSummaryAllResources": "Todos los recursos",
+    "alertingErrorNameRequired": "Introduce un nombre",
+    "alertingErrorActionsMin": "Añada al menos una acción",
+    "alertingErrorPickSites": "Seleccione al menos un sitio",
+    "alertingErrorPickHealthChecks": "Seleccione al menos un chequeo de salud",
+    "alertingErrorPickResources": "Seleccione al menos un recurso",
+    "alertingErrorTriggerSite": "Elija un disparador de sitio",
+    "alertingErrorTriggerHealth": "Elija un disparador de chequeo de salud",
+    "alertingErrorTriggerResource": "Elija un disparador de recurso",
+    "alertingErrorNotifyRecipients": "Elija usuarios, roles o al menos un correo electrónico",
+    "alertingConfigureSource": "Configurar fuente",
+    "alertingConfigureTrigger": "Configurar disparador",
+    "alertingConfigureActions": "Configurar acciones",
+    "alertingBackToRules": "Volver a las reglas",
+    "alertingRuleCooldown": "Tiempo de espera (segundos)",
+    "alertingRuleCooldownDescription": "Tiempo mínimo entre alertas repetidas para la misma regla. Establezca en 0 para disparar cada vez.",
+    "alertingDraftBadge": "Borrador - guardarlo para almacenar esta regla",
+    "alertingSidebarHint": "Haga clic en un paso en el lienzo para editarlo aquí.",
+    "alertingGraphCanvasTitle": "Flujo de regla",
+    "alertingGraphCanvasDescription": "Visión general visual de fuente, disparador y acciones. Selecciona un nodo para editarlo en el panel.",
+    "alertingNodeNotConfigured": "Aún no configurado",
+    "alertingNodeActionsCount": "{count, plural, one {# acción} other {# acciones}}",
+    "alertingNodeRoleSource": "Fuente",
+    "alertingNodeRoleTrigger": "Disparador",
+    "alertingNodeRoleAction": "Acción",
+    "alertingTabRules": "Reglas de Alerta",
+    "alertingTabHealthChecks": "Chequeos de salud",
+    "alertingRulesBannerTitle": "Obtenga notificaciones",
+    "alertingRulesBannerDescription": "Cada regla vincula lo que se debe observar (un sitio, chequeo de salud o recurso), cuándo disparar (por ejemplo, fuera de línea o no saludable), y cómo notificar a su equipo vía email, webhooks o integraciones. Use esta lista para crear, habilitar y administrar esas reglas.",
+    "alertingHealthChecksBannerTitle": "Monitorear Salud y Recursos",
+    "alertingHealthChecksBannerDescription": "Los chequeos de salud son monitores HTTP o TCP que define una vez. Luego puede usarlos como fuentes en reglas de alerta para que se le notifique cuando un objetivo se vuelva saludable o no saludable. Los chequeos de salud en recursos también aparecen aquí.",
+    "standaloneHcTableTitle": "Chequeos de salud",
+    "standaloneHcSearchPlaceholder": "Buscar chequeos de salud…",
+    "standaloneHcAddButton": "Crear chequeo de salud",
+    "standaloneHcCreateTitle": "Crear chequeo de salud",
+    "standaloneHcEditTitle": "Editar chequeo de salud",
+    "standaloneHcDescription": "Configurar un chequeo de salud HTTP o TCP para usar en reglas de alerta.",
+    "standaloneHcNameLabel": "Nombre",
+    "standaloneHcNamePlaceholder": "Mi monitor HTTP",
+    "standaloneHcDeleteTitle": "Eliminar chequeo de salud",
+    "standaloneHcDeleteQuestion": "Por favor, confirme que desea eliminar este chequeo de salud.",
+    "standaloneHcDeleted": "Chequeo de salud eliminado",
+    "standaloneHcSaved": "Chequeo de salud guardado",
+    "standaloneHcColumnHealth": "Salud",
+    "standaloneHcColumnMode": "Modo",
+    "standaloneHcColumnTarget": "Destino",
+    "standaloneHcHealthStateHealthy": "Saludable",
+    "standaloneHcHealthStateUnhealthy": "No saludable",
+    "standaloneHcHealthStateUnknown": "Desconocido",
+    "standaloneHcFilterAnySite": "Todos los sitios",
+    "standaloneHcFilterAnyResource": "Todos los recursos",
+    "standaloneHcFilterMode": "Modo",
+    "standaloneHcFilterModeHttp": "HTTP",
+    "standaloneHcFilterModeTcp": "TCP",
+    "standaloneHcFilterModeSnmp": "SNMP",
+    "standaloneHcFilterModePing": "Ping",
+    "standaloneHcFilterHealth": "Salud",
+    "standaloneHcFilterEnabled": "Activado",
+    "standaloneHcFilterEnabledOn": "Activado",
+    "standaloneHcFilterEnabledOff": "Deshabilitado",
+    "standaloneHcFilterSiteIdFallback": "Sitio {id}",
+    "standaloneHcFilterResourceIdFallback": "Recurso {id}",
     "blueprints": "Planos",
     "blueprintsDescription": "Aplicar configuraciones declarativas y ver ejecuciones anteriores",
     "blueprintAdd": "Añadir plano",
@@ -1272,7 +1560,6 @@
     "parsedContents": "Contenido analizado (Sólo lectura)",
     "enableDockerSocket": "Habilitar Plano Docker",
     "enableDockerSocketDescription": "Activar el raspado de etiquetas de Socket Docker para etiquetas de planos. La ruta del Socket debe proporcionarse a Newt.",
-    "enableDockerSocketLink": "Saber más",
     "viewDockerContainers": "Ver contenedores Docker",
     "containersIn": "Contenedores en {siteName}",
     "selectContainerDescription": "Seleccione cualquier contenedor para usar como nombre de host para este objetivo. Haga clic en un puerto para usar un puerto.",
@@ -1314,7 +1601,8 @@
     "initialSetupDescription": "Cree la cuenta de administrador del servidor inicial. Solo puede existir un administrador del servidor. Siempre puede cambiar estas credenciales más tarde.",
     "createAdminAccount": "Crear cuenta de administrador",
     "setupErrorCreateAdmin": "Se produjo un error al crear la cuenta de administrador del servidor.",
-    "certificateStatus": "Estado del certificado",
+    "certificateStatus": "Certificado",
+    "certificateStatusAutoRefreshHint": "El estado se actualiza automáticamente.",
     "loading": "Cargando",
     "loadingAnalytics": "Cargando analíticas",
     "restart": "Reiniciar",
@@ -1383,6 +1671,7 @@
     "pangolinUpdateAvailableReleaseNotes": "Ver notas de lanzamiento",
     "newtUpdateAvailable": "Nueva actualización disponible",
     "newtUpdateAvailableInfo": "Hay una nueva versión de Newt disponible. Actualice a la última versión para la mejor experiencia.",
+    "pangolinNodeUpdateAvailableInfo": "Hay una nueva versión de Pangolin Node disponible. Actualice a la última versión para la mejor experiencia.",
     "domainPickerEnterDomain": "Dominio",
     "domainPickerPlaceholder": "miapp.ejemplo.com",
     "domainPickerDescription": "Ingresa el dominio completo del recurso para ver las opciones disponibles.",
@@ -1400,6 +1689,7 @@
     "domainPickerNamespace": "Espacio de nombres: {namespace}",
     "domainPickerShowMore": "Mostrar más",
     "regionSelectorTitle": "Seleccionar Región",
+    "domainPickerRemoteExitNodeWarning": "Los dominios suministrados no son compatibles cuando los sitios se conectan a nodos de salida remotos. Para que los recursos estén disponibles en nodos remotos, utilice un dominio personalizado en su lugar.",
     "regionSelectorInfo": "Seleccionar una región nos ayuda a brindar un mejor rendimiento para tu ubicación. No tienes que estar en la misma región que tu servidor.",
     "regionSelectorPlaceholder": "Elige una región",
     "regionSelectorComingSoon": "Próximamente",
@@ -1412,6 +1702,7 @@
     "billingSites": "Sitios",
     "billingUsers": "Usuarios",
     "billingDomains": "Dominios",
+    "billingOrganizations": "Orgánico",
     "billingRemoteExitNodes": "Nodos remotos",
     "billingNoLimitConfigured": "No se ha configurado ningún límite",
     "billingEstimatedPeriod": "Período de facturación estimado",
@@ -1454,6 +1745,7 @@
     "failed": "Fallido",
     "createNewOrgDescription": "Crear una nueva organización",
     "organization": "Organización",
+    "primary": "Principal",
     "port": "Puerto",
     "securityKeyManage": "Gestionar llaves de seguridad",
     "securityKeyDescription": "Agregar o eliminar llaves de seguridad para autenticación sin contraseña",
@@ -1551,6 +1843,16 @@
     "billingFeatureLossWarning": "Aviso de disponibilidad de funcionalidad",
     "billingFeatureLossDescription": "Al degradar, las características no disponibles en el nuevo plan se desactivarán automáticamente. Algunas configuraciones y configuraciones pueden perderse. Por favor, revise la matriz de precios para entender qué características ya no estarán disponibles.",
     "billingUsageExceedsLimit": "El uso actual ({current}) supera el límite ({limit})",
+    "billingPastDueTitle": "Pago vencido",
+    "billingPastDueDescription": "Su pago ha vencido. Por favor, actualice su método de pago para seguir utilizando las características actuales de su plan. Si no se resuelve, tu suscripción se cancelará y serás revertido al nivel gratuito.",
+    "billingUnpaidTitle": "Suscripción no pagada",
+    "billingUnpaidDescription": "Tu suscripción no está pagada y has sido revertido al nivel gratuito. Por favor, actualiza tu método de pago para restaurar tu suscripción.",
+    "billingIncompleteTitle": "Pago incompleto",
+    "billingIncompleteDescription": "Su pago está incompleto. Por favor, complete el proceso de pago para activar su suscripción.",
+    "billingIncompleteExpiredTitle": "Pago expirado",
+    "billingIncompleteExpiredDescription": "Tu pago nunca se completó y ha expirado. Has sido revertido al nivel gratuito. Suscríbete de nuevo para restaurar el acceso a las funciones de pago.",
+    "billingManageSubscription": "Administra tu suscripción",
+    "billingResolvePaymentIssue": "Por favor resuelva su problema de pago antes de actualizar o bajar de calificación",
     "signUpTerms": {
         "IAgreeToThe": "Estoy de acuerdo con los",
         "termsOfService": "términos del servicio",
@@ -1609,6 +1911,7 @@
     "configureHealthCheck": "Configurar Chequeo de Salud",
     "configureHealthCheckDescription": "Configura la monitorización de salud para {target}",
     "enableHealthChecks": "Activar Chequeos de Salud",
+    "healthCheckDisabledStateDescription": "Cuando está deshabilitado, el sitio no realizará comprobaciones de salud y el estado se considerará desconocido.",
     "enableHealthChecksDescription": "Controlar la salud de este objetivo. Puedes supervisar un punto final diferente al objetivo si es necesario.",
     "healthScheme": "Método",
     "healthSelectScheme": "Seleccionar método",
@@ -1624,6 +1927,24 @@
     "timeIsInSeconds": "El tiempo está en segundos",
     "requireDeviceApproval": "Requiere aprobaciones del dispositivo",
     "requireDeviceApprovalDescription": "Los usuarios con este rol necesitan nuevos dispositivos aprobados por un administrador antes de poder conectarse y acceder a los recursos.",
+    "sshAccess": "Acceso a SSH",
+    "roleAllowSsh": "Permitir SSH",
+    "roleAllowSshAllow": "Permitir",
+    "roleAllowSshDisallow": "Rechazar",
+    "roleAllowSshDescription": "Permitir a los usuarios con este rol conectarse a recursos a través de SSH. Cuando está desactivado, el rol no puede usar acceso SSH.",
+    "sshSudoMode": "Acceso Sudo",
+    "sshSudoModeNone": "Ninguna",
+    "sshSudoModeNoneDescription": "El usuario no puede ejecutar comandos con sudo.",
+    "sshSudoModeFull": "Sudo completo",
+    "sshSudoModeFullDescription": "El usuario puede ejecutar cualquier comando con sudo.",
+    "sshSudoModeCommands": "Comandos",
+    "sshSudoModeCommandsDescription": "El usuario sólo puede ejecutar los comandos especificados con sudo.",
+    "sshSudo": "Permitir sudo",
+    "sshSudoCommands": "Comandos Sudo",
+    "sshSudoCommandsDescription": "Lista separada por comas de comandos que el usuario puede ejecutar con sudo.",
+    "sshCreateHomeDir": "Crear directorio principal",
+    "sshUnixGroups": "Grupos Unix",
+    "sshUnixGroupsDescription": "Grupos Unix separados por comas para agregar el usuario en el host de destino.",
     "retryAttempts": "Intentos de Reintento",
     "expectedResponseCodes": "Códigos de respuesta esperados",
     "expectedResponseCodesDescription": "Código de estado HTTP que indica un estado saludable. Si se deja en blanco, se considera saludable de 200 a 300.",
@@ -1640,9 +1961,20 @@
     "healthCheckIntervalMin": "El intervalo de comprobación debe ser de al menos 5 segundos",
     "healthCheckTimeoutMin": "El tiempo de espera debe ser de al menos 1 segundo",
     "healthCheckRetryMin": "Los intentos de reintento deben ser de al menos 1",
+    "healthCheckMode": "Modo de chequeo",
+    "healthCheckStrategy": "Estrategia",
+    "healthCheckModeDescription": "El modo TCP verifica solo la conectividad. El modo HTTP valida la respuesta HTTP.",
+    "healthyThreshold": "Umbral Saludable",
+    "healthyThresholdDescription": "Éxitos consecutivos requeridos antes de marcar como saludable.",
+    "unhealthyThreshold": "Umbral No Saludable",
+    "unhealthyThresholdDescription": "Fallos consecutivos requeridos antes de marcar como no saludable.",
+    "healthCheckHealthyThresholdMin": "El umbral saludable debe ser al menos 1",
+    "healthCheckUnhealthyThresholdMin": "El umbral no saludable debe ser al menos 1",
     "httpMethod": "Método HTTP",
     "selectHttpMethod": "Seleccionar método HTTP",
     "domainPickerSubdomainLabel": "Subdominio",
+    "domainPickerWildcard": "Comodín",
+    "domainPickerWildcardPaidOnly": "Los subdominios comodín son una característica paga. Por favor, mejora tu plan para acceder a esta característica.",
     "domainPickerBaseDomainLabel": "Dominio base",
     "domainPickerSearchDomains": "Buscar dominios...",
     "domainPickerNoDomainsFound": "No se encontraron dominios",
@@ -1668,12 +2000,12 @@
     "resourcesTableAliasAddressInfo": "Esta dirección es parte de la subred de utilidad de la organización. Se utiliza para resolver registros de alias usando resolución DNS interna.",
     "resourcesTableClients": "Clientes",
     "resourcesTableAndOnlyAccessibleInternally": "y solo son accesibles internamente cuando se conectan con un cliente.",
-    "resourcesTableNoTargets": "Sin objetivos",
     "resourcesTableHealthy": "Saludable",
     "resourcesTableDegraded": "Degrado",
-    "resourcesTableOffline": "Desconectado",
+    "resourcesTableUnhealthy": "No saludable",
     "resourcesTableUnknown": "Desconocido",
     "resourcesTableNotMonitored": "No supervisado",
+    "resourcesTableNoTargets": "Sin objetivos",
     "editInternalResourceDialogEditClientResource": "Editar recurso privado",
     "editInternalResourceDialogUpdateResourceProperties": "Actualizar la configuración del recurso y los controles de acceso para {resourceName}",
     "editInternalResourceDialogResourceProperties": "Propiedades del recurso",
@@ -1699,6 +2031,11 @@
     "editInternalResourceDialogModePort": "Puerto",
     "editInternalResourceDialogModeHost": "Anfitrión",
     "editInternalResourceDialogModeCidr": "CIDR",
+    "editInternalResourceDialogModeHttp": "HTTP",
+    "editInternalResourceDialogModeHttps": "HTTPS",
+    "editInternalResourceDialogScheme": "Esquema",
+    "editInternalResourceDialogEnableSsl": "Activar SSL",
+    "editInternalResourceDialogEnableSslDescription": "Habilitar cifrado SSL/TLS para conexiones HTTPS seguras al destino.",
     "editInternalResourceDialogDestination": "Destino",
     "editInternalResourceDialogDestinationHostDescription": "La dirección IP o nombre de host del recurso en la red del sitio.",
     "editInternalResourceDialogDestinationIPDescription": "La dirección IP o nombre de host del recurso en la red del sitio.",
@@ -1714,6 +2051,7 @@
     "createInternalResourceDialogName": "Nombre",
     "createInternalResourceDialogSite": "Sitio",
     "selectSite": "Seleccionar sitio...",
+    "multiSitesSelectorSitesCount": "{count, plural, one {# sitio} other {# sitios}}",
     "noSitesFound": "Sitios no encontrados.",
     "createInternalResourceDialogProtocol": "Protocolo",
     "createInternalResourceDialogTcp": "TCP",
@@ -1742,11 +2080,19 @@
     "createInternalResourceDialogModePort": "Puerto",
     "createInternalResourceDialogModeHost": "Anfitrión",
     "createInternalResourceDialogModeCidr": "CIDR",
+    "createInternalResourceDialogModeHttp": "HTTP",
+    "createInternalResourceDialogModeHttps": "HTTPS",
+    "scheme": "Esquema",
+    "createInternalResourceDialogScheme": "Esquema",
+    "createInternalResourceDialogEnableSsl": "Activar SSL",
+    "createInternalResourceDialogEnableSslDescription": "Habilitar cifrado SSL/TLS para conexiones HTTPS seguras al destino.",
     "createInternalResourceDialogDestination": "Destino",
     "createInternalResourceDialogDestinationHostDescription": "La dirección IP o nombre de host del recurso en la red del sitio.",
     "createInternalResourceDialogDestinationCidrDescription": "El rango CIDR del recurso en la red del sitio.",
     "createInternalResourceDialogAlias": "Alias",
     "createInternalResourceDialogAliasDescription": "Un alias DNS interno opcional para este recurso.",
+    "internalResourceDownstreamSchemeRequired": "Se requiere el método para recursos HTTP",
+    "internalResourceHttpPortRequired": "Se requiere el puerto de destino para recursos HTTP",
     "siteConfiguration": "Configuración",
     "siteAcceptClientConnections": "Aceptar conexiones de clientes",
     "siteAcceptClientConnectionsDescription": "Permitir a los dispositivos de usuario y clientes acceder a los recursos de este sitio. Esto se puede cambiar más tarde.",
@@ -1832,6 +2178,40 @@
     "exitNode": "Nodo de Salida",
     "country": "País",
     "rulesMatchCountry": "Actualmente basado en IP de origen",
+    "region": "Región",
+    "selectRegion": "Seleccionar región",
+    "searchRegions": "Buscar regiones...",
+    "noRegionFound": "Región no encontrada.",
+    "rulesMatchRegion": "Seleccione una agrupación regional de países",
+    "rulesErrorInvalidRegion": "Región no válida",
+    "rulesErrorInvalidRegionDescription": "Por favor, seleccione una región válida.",
+    "regionAfrica": "Africa",
+    "regionNorthernAfrica": "África septentrional",
+    "regionEasternAfrica": "África oriental",
+    "regionMiddleAfrica": "África central",
+    "regionSouthernAfrica": "África del Sur",
+    "regionWesternAfrica": "África Occidental",
+    "regionAmericas": "Américas",
+    "regionCaribbean": "Caribe",
+    "regionCentralAmerica": "América Central",
+    "regionSouthAmerica": "América del Sur",
+    "regionNorthernAmerica": "América del Norte",
+    "regionAsia": "Asia",
+    "regionCentralAsia": "Asia Central",
+    "regionEasternAsia": "Asia oriental",
+    "regionSouthEasternAsia": "Asia sudoriental",
+    "regionSouthernAsia": "Asia meridional",
+    "regionWesternAsia": "Asia Occidental",
+    "regionEurope": "Europa",
+    "regionEasternEurope": "Europa del Este",
+    "regionNorthernEurope": "Europa septentrional",
+    "regionSouthernEurope": "Europa meridional",
+    "regionWesternEurope": "Europa Occidental",
+    "regionOceania": "Oceania",
+    "regionAustraliaAndNewZealand": "Australia y Nueva Zelanda",
+    "regionMelanesia": "Melanesia",
+    "regionMicronesia": "Micronesia",
+    "regionPolynesia": "Polynesia",
     "managedSelfHosted": {
         "title": "Autogestionado",
         "description": "Servidor Pangolin autoalojado más fiable y de bajo mantenimiento con campanas y silbidos extra",
@@ -1870,7 +2250,7 @@
     },
     "internationaldomaindetected": "Dominio Internacional detectado",
     "willbestoredas": "Se almacenará como:",
-    "roleMappingDescription": "Determinar cómo se asignan los roles a los usuarios cuando se registran cuando está habilitada la provisión automática.",
+    "roleMappingDescription": "Determine cómo se asignan los roles a los usuarios cuando inician sesión con este proveedor de identidad.",
     "selectRole": "Seleccione un rol",
     "roleMappingExpression": "Expresión",
     "selectRolePlaceholder": "Elija un rol",
@@ -1880,6 +2260,25 @@
     "invalidValue": "Valor inválido",
     "idpTypeLabel": "Tipo de proveedor de identidad",
     "roleMappingExpressionPlaceholder": "e.g., contiene(grupos, 'administrador') && 'administrador' || 'miembro'",
+    "roleMappingModeFixedRoles": "Roles fijos",
+    "roleMappingModeMappingBuilder": "Constructor de mapeo",
+    "roleMappingModeRawExpression": "Expresión sin procesar",
+    "roleMappingFixedRolesPlaceholderSelect": "Seleccione uno o más roles",
+    "roleMappingFixedRolesPlaceholderFreeform": "Nombre de rol de tipo (coincidencia exacta por organización)",
+    "roleMappingFixedRolesDescriptionSameForAll": "Asignar el mismo rol establecido a cada usuario auto-provisionado.",
+    "roleMappingFixedRolesDescriptionDefaultPolicy": "Para las políticas predeterminadas, escriba nombres de roles que existen en cada organización donde los usuarios son proporcionados. Los nombres deben coincidir exactamente.",
+    "roleMappingClaimPath": "Reclamar ruta",
+    "roleMappingClaimPathPlaceholder": "grupos",
+    "roleMappingClaimPathDescription": "Ruta en el payload del token que contiene valores de origen (por ejemplo, grupos).",
+    "roleMappingMatchValue": "Valor de partida",
+    "roleMappingAssignRoles": "Asignar roles",
+    "roleMappingAddMappingRule": "Añadir regla de mapeo",
+    "roleMappingRawExpressionResultDescription": "La expresión debe evaluar a un array de cadenas o cadenas.",
+    "roleMappingRawExpressionResultDescriptionSingleRole": "La expresión debe evaluar una cadena (un solo nombre de rol).",
+    "roleMappingMatchValuePlaceholder": "Valor coincidente (por ejemplo: admin)",
+    "roleMappingAssignRolesPlaceholderFreeform": "Escriba nombres de rol (exacto por org)",
+    "roleMappingBuilderFreeformRowHint": "Los nombres de rol deben coincidir con un rol en cada organización objetivo.",
+    "roleMappingRemoveRule": "Eliminar",
     "idpGoogleConfiguration": "Configuración de Google",
     "idpGoogleConfigurationDescription": "Configurar las credenciales de Google OAuth2",
     "idpGoogleClientIdDescription": "Google OAuth2 Client ID",
@@ -1916,6 +2315,9 @@
     "authPageBrandingQuestionRemove": "¿Está seguro de que desea eliminar la marca de las páginas de autenticación?",
     "authPageBrandingDeleteConfirm": "Confirmar eliminación de la marca",
     "brandingLogoURL": "URL del logotipo",
+    "brandingLogoURLOrPath": "URL o ruta de Logo",
+    "brandingLogoPathDescription": "Introduzca una URL o una ruta local.",
+    "brandingLogoURLDescription": "Introduzca una URL de acceso público a su imagen de logotipo.",
     "brandingPrimaryColor": "Color primario",
     "brandingLogoWidth": "Ancho (px)",
     "brandingLogoHeight": "Altura (px)",
@@ -1940,9 +2342,11 @@
     "selectDomainForOrgAuthPage": "Seleccione un dominio para la página de autenticación de la organización",
     "domainPickerProvidedDomain": "Dominio proporcionado",
     "domainPickerFreeProvidedDomain": "Dominio proporcionado gratis",
+    "domainPickerFreeDomainsPaidFeature": "Los dominios proporcionados son una función de pago. Suscríbete para obtener un dominio incluido con tu plan - no necesitas traer el tuyo propio.",
     "domainPickerVerified": "Verificado",
     "domainPickerUnverified": "Sin verificar",
-    "domainPickerInvalidSubdomainStructure": "Este subdominio contiene caracteres o estructura no válidos. Se limpiará automáticamente al guardar.",
+    "domainPickerManual": "Manual",
+    "domainPickerInvalidSubdomainStructure": "Los caracteres inválidos serán saneados al guardar.",
     "domainPickerError": "Error",
     "domainPickerErrorLoadDomains": "Error al cargar los dominios de la organización",
     "domainPickerErrorCheckAvailability": "No se pudo comprobar la disponibilidad del dominio",
@@ -1955,7 +2359,7 @@
     "orgAuthChooseIdpDescription": "Elige tu proveedor de identidad para continuar",
     "orgAuthNoIdpConfigured": "Esta organización no tiene ningún proveedor de identidad configurado. En su lugar puedes iniciar sesión con tu identidad de Pangolin.",
     "orgAuthSignInWithPangolin": "Iniciar sesión con Pangolin",
-    "orgAuthSignInToOrg": "Iniciar sesión en una organización",
+    "orgAuthSignInToOrg": "Proveedor de identidad de la organización (SSO)",
     "orgAuthSelectOrgTitle": "Inicio de sesión de organización",
     "orgAuthSelectOrgDescription": "Ingrese el ID de su organización para continuar",
     "orgAuthOrgIdPlaceholder": "tu-organización",
@@ -2116,7 +2520,7 @@
         "alerts": {
             "commercialUseDisclosure": {
                 "title": "Divulgación de uso",
-                "description": "Seleccione el nivel de licencia que refleje con precisión su uso previsto. La Licencia Personal permite el uso libre del Software para actividades comerciales individuales, no comerciales o de pequeña escala con ingresos brutos anuales inferiores a $100,000 USD. Cualquier uso más allá de estos límites — incluyendo el uso dentro de una empresa, organización, u otro entorno de generación de ingresos — requiere una Licencia Empresarial válida y el pago de la cuota de licencia aplicable. Todos los usuarios, ya sean personales o empresariales, deben cumplir con las Condiciones de Licencia Comercial Fossorial."
+                "description": "Seleccione el nivel de licencia que refleje con precisión su uso previsto. La Licencia Personal permite el uso libre del Software para actividades comerciales individuales, no comerciales o de pequeña escala con ingresos brutos anuales inferiores a $100,000 USD. Cualquier uso más allá de estos límites - incluyendo el uso dentro de una empresa, organización, u otro entorno de generación de ingresos - requiere una Licencia Empresarial válida y el pago de la cuota de licencia aplicable. Todos los usuarios, ya sean personales o empresariales, deben cumplir con las Condiciones de Licencia Comercial Fossorial."
             },
             "trialPeriodInformation": {
                 "title": "Información del período de prueba",
@@ -2171,10 +2575,10 @@
             },
             "scale": {
                 "title": "Escala",
-                "description": "Características de la empresa, 50 usuarios, 50 sitios y soporte prioritario."
+                "description": "Funcionalidades empresariales, 50 usuarios, 100 sitios y soporte prioritario."
             }
         },
-        "personalUseOnly": "Solo uso personal (licencia gratuita, sin pago)",
+        "personalUseOnly": "Solo uso personal (licencia gratuita - sin salida)",
         "buttons": {
             "continueToCheckout": "Continuar con el pago"
         },
@@ -2248,6 +2652,7 @@
     "validPassword": "Contraseña válida",
     "validEmail": "Valid email",
     "validSSO": "Valid SSO",
+    "connectedClient": "Cliente conectado",
     "resourceBlocked": "Recurso bloqueado",
     "droppedByRule": "Soltado por regla",
     "noSessions": "No hay sesiones",
@@ -2273,6 +2678,8 @@
     "logRetentionAccessDescription": "Cuánto tiempo retener los registros de acceso",
     "logRetentionActionLabel": "Retención de registro de acción",
     "logRetentionActionDescription": "Cuánto tiempo retener los registros de acción",
+    "logRetentionConnectionLabel": "Retención de Registro de Conexión",
+    "logRetentionConnectionDescription": "Cuánto tiempo conservar los registros de conexión",
     "logRetentionDisabled": "Deshabilitado",
     "logRetention3Days": "3 días",
     "logRetention7Days": "7 días",
@@ -2283,8 +2690,15 @@
     "logRetentionEndOfFollowingYear": "Fin del año siguiente",
     "actionLogsDescription": "Ver un historial de acciones realizadas en esta organización",
     "accessLogsDescription": "Ver solicitudes de acceso a los recursos de esta organización",
-    "licenseRequiredToUse": "Se requiere una licencia <enterpriseLicenseLink>Enterprise Edition</enterpriseLicenseLink> para utilizar esta función. Esta característica también está disponible en <pangolinCloudLink>Pangolin Cloud</pangolinCloudLink>.",
-    "ossEnterpriseEditionRequired": "La <enterpriseEditionLink>versión Enterprise</enterpriseEditionLink> es necesaria para utilizar esta función. Esta función también está disponible en <pangolinCloudLink>Pangolin Cloud</pangolinCloudLink>.",
+    "connectionLogs": "Registros de conexión",
+    "connectionLogsDescription": "Ver registros de conexión para túneles en esta organización",
+    "sidebarLogsConnection": "Registros de conexión",
+    "sidebarLogsStreaming": "Transmisión",
+    "sourceAddress": "Dirección de origen",
+    "destinationAddress": "Dirección de destino",
+    "duration": "Duración",
+    "licenseRequiredToUse": "Se requiere una licencia <enterpriseLicenseLink>Enterprise Edition</enterpriseLicenseLink> o <pangolinCloudLink>Pangolin Cloud</pangolinCloudLink> para usar esta función. <bookADemoLink>Reserve una demostración o prueba POC</bookADemoLink>.",
+    "ossEnterpriseEditionRequired": "La <enterpriseEditionLink>Enterprise Edition</enterpriseEditionLink> es necesaria para utilizar esta función. Esta función también está disponible en <pangolinCloudLink>Pangolin Cloud</pangolinCloudLink>. <bookADemoLink>Reserva una demostración o prueba POC</bookADemoLink>.",
     "certResolver": "Resolver certificado",
     "certResolverDescription": "Seleccione la resolución de certificados a utilizar para este recurso.",
     "selectCertResolver": "Seleccionar Resolver Certificado",
@@ -2426,6 +2840,9 @@
     "machineClients": "Clientes de la máquina",
     "install": "Instalar",
     "run": "Ejecutar",
+    "envFile": "Archivo de Entorno",
+    "serviceFile": "Archivo de Servicio",
+    "enableAndStart": "Habilitar y empezar",
     "clientNameDescription": "El nombre mostrado del cliente que se puede cambiar más adelante.",
     "clientAddress": "Dirección del cliente (Avanzado)",
     "setupFailedToFetchSubnet": "No se pudo obtener la subred por defecto",
@@ -2474,13 +2891,30 @@
     "editInternalResourceDialogAddClients": "Agregar clientes",
     "editInternalResourceDialogDestinationLabel": "Destino",
     "editInternalResourceDialogDestinationDescription": "Especifique la dirección de destino para el recurso interno. Puede ser un nombre de host, dirección IP o rango CIDR dependiendo del modo seleccionado. Opcionalmente establezca un alias DNS interno para una identificación más fácil.",
+    "internalResourceFormMultiSiteRoutingHelp": "Seleccionar múltiples sitios habilita el enrutamiento resistente y la conmutación por error para alta disponibilidad.",
+    "internalResourceFormMultiSiteRoutingHelpLearnMore": "Más información",
     "editInternalResourceDialogPortRestrictionsDescription": "Restringir el acceso a puertos TCP/UDP específicos o permitir/bloquear todos los puertos.",
+    "createInternalResourceDialogHttpConfiguration": "Configuración HTTP",
+    "createInternalResourceDialogHttpConfigurationDescription": "Elija el dominio que los clientes usarán para alcanzar este recurso a través de HTTP o HTTPS.",
+    "editInternalResourceDialogHttpConfiguration": "Configuración HTTP",
+    "editInternalResourceDialogHttpConfigurationDescription": "Elija el dominio que los clientes usarán para alcanzar este recurso a través de HTTP o HTTPS.",
     "editInternalResourceDialogTcp": "TCP",
     "editInternalResourceDialogUdp": "UDP",
     "editInternalResourceDialogIcmp": "ICMP",
     "editInternalResourceDialogAccessControl": "Control de acceso",
     "editInternalResourceDialogAccessControlDescription": "Controla qué roles, usuarios y clientes de máquinas tienen acceso a este recurso cuando están conectados. Los administradores siempre tienen acceso.",
     "editInternalResourceDialogPortRangeValidationError": "El rango de puertos debe ser \"*\" para todos los puertos, o una lista separada por comas de puertos y rangos (por ejemplo, \"80,443,8000-9000\"). Los puertos deben estar entre 1 y 65535.",
+    "internalResourceAuthDaemonStrategy": "Ubicación del demonio de autenticación SSSH",
+    "internalResourceAuthDaemonStrategyDescription": "Elija dónde se ejecuta el daemon de autenticación SSH: en el sitio (Newt) o en un host remoto.",
+    "internalResourceAuthDaemonDescription": "El daemon de autenticación SSSH maneja la firma de claves SSH y autenticación PAM para este recurso. Elija si se ejecuta en el sitio (Newt) o en un host remoto separado. Vea <docsLink>la documentación</docsLink> para más.",
+    "internalResourceAuthDaemonDocsUrl": "https://docs.pangolin.net",
+    "internalResourceAuthDaemonStrategyPlaceholder": "Seleccionar estrategia",
+    "internalResourceAuthDaemonStrategyLabel": "Ubicación",
+    "internalResourceAuthDaemonSite": "En el sitio",
+    "internalResourceAuthDaemonSiteDescription": "Auth daemon corre en el sitio (Newt).",
+    "internalResourceAuthDaemonRemote": "Host remoto",
+    "internalResourceAuthDaemonRemoteDescription": "El daemon Auth corre en un host que no es el sitio.",
+    "internalResourceAuthDaemonPort": "Puerto de demonio (opcional)",
     "orgAuthWhatsThis": "¿Dónde puedo encontrar el ID de mi organización?",
     "learnMore": "Más información",
     "backToHome": "Volver a inicio",
@@ -2502,6 +2936,9 @@
     "maintenancePageMessagePlaceholder": "¡Volveremos pronto! Nuestro sitio está actualmente en mantenimiento programado.",
     "maintenancePageMessageDescription": "Mensaje detallado explicando el mantenimiento",
     "maintenancePageTimeTitle": "Tiempo estimado de finalización (Opcional)",
+    "privateMaintenanceScreenTitle": "Pantalla de marcador de posición privada",
+    "privateMaintenanceScreenMessage": "Este dominio se está utilizando en un recurso privado. Conéctese usando el cliente Pangolin para acceder a este recurso.",
+    "privateMaintenanceScreenSteps": "Una vez conectado, si sigues viendo este mensaje, la caché de DNS de tu navegador puede seguir apuntando a la dirección antigua. Para solucionarlo: cierra por completo y vuelve a abrir esta pestaña o tu navegador, luego regresa a esta página.",
     "maintenanceTime": "Ej., 2 horas, 1 de noviembre a las 5:00 PM",
     "maintenanceEstimatedTimeDescription": "Cuando espera que el mantenimiento esté terminado",
     "editDomain": "Editar dominio",
@@ -2610,5 +3047,166 @@
     "approvalsEmptyStateStep2Title": "Habilitar aprobaciones de dispositivo",
     "approvalsEmptyStateStep2Description": "Editar un rol y habilitar la opción 'Requerir aprobaciones de dispositivos'. Los usuarios con este rol necesitarán la aprobación del administrador para nuevos dispositivos.",
     "approvalsEmptyStatePreviewDescription": "Vista previa: Cuando está habilitado, las solicitudes de dispositivo pendientes aparecerán aquí para su revisión",
-    "approvalsEmptyStateButtonText": "Administrar roles"
+    "approvalsEmptyStateButtonText": "Administrar roles",
+    "domainErrorTitle": "Estamos teniendo problemas para verificar su dominio",
+    "idpAdminAutoProvisionPoliciesTabHint": "Configure el mapeo de roles y las políticas de organización en la pestaña <policiesTabLink>Configuración de provisión automática</policiesTabLink>.",
+    "streamingTitle": "Transmisión de Eventos",
+    "streamingDescription": "Transmita eventos desde su organización a destinos externos en tiempo real.",
+    "streamingUnnamedDestination": "Destino sin nombre",
+    "streamingNoUrlConfigured": "No hay URL configurada",
+    "streamingAddDestination": "Añadir destino",
+    "streamingHttpWebhookTitle": "Webhook HTTP",
+    "streamingHttpWebhookDescription": "Enviar eventos a cualquier extremo HTTP con autenticación flexible y plantilla.",
+    "streamingS3Title": "Amazon S3",
+    "streamingS3Description": "Transmite eventos a un bucket de almacenamiento de objetos compatible con S3. Próximamente.",
+    "streamingDatadogTitle": "Datadog",
+    "streamingDatadogDescription": "Reenviar eventos directamente a tu cuenta de Datadog. Próximamente.",
+    "streamingTypePickerDescription": "Elija un tipo de destino para empezar.",
+    "streamingFailedToLoad": "Error al cargar destinos",
+    "streamingUnexpectedError": "Se ha producido un error inesperado.",
+    "streamingFailedToUpdate": "Error al actualizar destino",
+    "streamingDeletedSuccess": "Destino eliminado correctamente",
+    "streamingFailedToDelete": "Error al eliminar destino",
+    "streamingDeleteTitle": "Eliminar destino",
+    "streamingDeleteButtonText": "Eliminar destino",
+    "streamingDeleteDialogAreYouSure": "¿Está seguro que desea eliminar",
+    "streamingDeleteDialogThisDestination": "este destino",
+    "streamingDeleteDialogPermanentlyRemoved": "? Toda la configuración se eliminará permanentemente.",
+    "httpDestEditTitle": "Editar destino",
+    "httpDestAddTitle": "Añadir destino HTTP",
+    "httpDestEditDescription": "Actualizar la configuración para este destino de transmisión de eventos HTTP.",
+    "httpDestAddDescription": "Configure un nuevo extremo HTTP para recibir los eventos de su organización.",
+    "S3DestEditTitle": "Editar destino",
+    "S3DestAddTitle": "Añadir destino S3",
+    "S3DestEditDescription": "Actualice la configuración para este destino de transmisión de eventos S3.",
+    "S3DestAddDescription": "Configure un nuevo punto final S3 para recibir los eventos de su organización.",
+    "datadogDestEditTitle": "Editar destino",
+    "datadogDestAddTitle": "Añadir destino Datadog",
+    "datadogDestEditDescription": "Actualice la configuración para este destino de transmisión de eventos Datadog.",
+    "datadogDestAddDescription": "Configure un nuevo punto final de Datadog para recibir los eventos de su organización.",
+    "httpDestTabSettings": "Ajustes",
+    "httpDestTabHeaders": "Encabezados",
+    "httpDestTabBody": "Cuerpo",
+    "httpDestTabLogs": "Registros",
+    "httpDestNamePlaceholder": "Mi destino HTTP",
+    "httpDestUrlLabel": "URL de destino",
+    "httpDestUrlErrorHttpRequired": "URL debe usar http o https",
+    "httpDestUrlErrorHttpsRequired": "HTTPS es necesario en implementaciones en la nube",
+    "httpDestUrlErrorInvalid": "Introduzca una URL válida (ej. https://example.com/webhook)",
+    "httpDestAuthTitle": "Autenticación",
+    "httpDestAuthDescription": "Elija cómo están autenticadas las solicitudes en su punto final.",
+    "httpDestAuthNoneTitle": "Sin autenticación",
+    "httpDestAuthNoneDescription": "Envía solicitudes sin un encabezado de autorización.",
+    "httpDestAuthBearerTitle": "Tóken de portador",
+    "httpDestAuthBearerDescription": "Añade un encabezado Authorization: Bearer '<token>' a cada solicitud.",
+    "httpDestAuthBearerPlaceholder": "Tu clave o token API",
+    "httpDestAuthBasicTitle": "Auth Básica",
+    "httpDestAuthBasicDescription": "Añade un encabezado Authorization: Basic '<credenciales>'. Proporcione las credenciales como nombredeusuario:contraseña.",
+    "httpDestAuthBasicPlaceholder": "usuario:contraseña",
+    "httpDestAuthCustomTitle": "Cabecera personalizada",
+    "httpDestAuthCustomDescription": "Especifique un nombre de cabecera HTTP personalizado y un valor para la autenticación (por ejemplo, X-API-Key).",
+    "httpDestAuthCustomHeaderNamePlaceholder": "Nombre de cabecera (ej. X-API-Key)",
+    "httpDestAuthCustomHeaderValuePlaceholder": "Valor de cabecera",
+    "httpDestCustomHeadersTitle": "Cabeceras HTTP personalizadas",
+    "httpDestCustomHeadersDescription": "Añadir cabeceras personalizadas a cada petición saliente. Útil para tokens estáticos o un tipo de contenido personalizado. De forma predeterminada, Content Type: application/json es enviado.",
+    "httpDestNoHeadersConfigured": "No hay cabeceras personalizadas. Haga clic en \"Añadir cabecera\" para añadir una.",
+    "httpDestHeaderNamePlaceholder": "Nombre de cabecera",
+    "httpDestHeaderValuePlaceholder": "Valor",
+    "httpDestAddHeader": "Añadir cabecera",
+    "httpDestBodyTemplateTitle": "Plantilla de cuerpo personalizada",
+    "httpDestBodyTemplateDescription": "Controla la estructura de carga de JSON enviada a tu punto final. Si está desactivado, se envía un objeto JSON por defecto para cada evento.",
+    "httpDestEnableBodyTemplate": "Activar plantilla de cuerpo personalizado",
+    "httpDestBodyTemplateLabel": "Plantilla de cuerpo (JSON)",
+    "httpDestBodyTemplateHint": "Utilice variables de plantilla para referenciar los campos del evento en su carga útil.",
+    "httpDestPayloadFormatTitle": "Formato de carga",
+    "httpDestPayloadFormatDescription": "Cómo se serializan los eventos en cada cuerpo de solicitud.",
+    "httpDestFormatJsonArrayTitle": "Matriz JSON",
+    "httpDestFormatJsonArrayDescription": "Una petición por lote, cuerpo es una matriz JSON. Compatible con la mayoría de los webhooks y Datadog.",
+    "httpDestFormatNdjsonTitle": "NDJSON",
+    "httpDestFormatNdjsonDescription": "Una petición por lote, el cuerpo es JSON delimitado por línea - un objeto por línea, sin arrays externos. Requerido por Splunk HEC, Elastic / OpenSearch, y Grafana Loki.",
+    "httpDestFormatSingleTitle": "Un evento por solicitud",
+    "httpDestFormatSingleDescription": "Envía un HTTP POST separado para cada evento individual. Úsalo sólo para los extremos que no pueden manejar lotes.",
+    "httpDestLogTypesTitle": "Tipos de Log",
+    "httpDestLogTypesDescription": "Elija qué tipos de registro son reenviados a este destino. Sólo los tipos de registro habilitados serán transmitidos.",
+    "httpDestAccessLogsTitle": "Registros de acceso",
+    "httpDestAccessLogsDescription": "Intentos de acceso a recursos, incluyendo solicitudes autenticadas y denegadas.",
+    "httpDestActionLogsTitle": "Registros de acción",
+    "httpDestActionLogsDescription": "Acciones administrativas realizadas por los usuarios dentro de la organización.",
+    "httpDestConnectionLogsTitle": "Registros de conexión",
+    "httpDestConnectionLogsDescription": "Eventos de conexión de sitios y túneles, incluyendo conexiones y desconexiones.",
+    "httpDestRequestLogsTitle": "Registros de Solicitud",
+    "httpDestRequestLogsDescription": "Registros de peticiones HTTP para recursos proxyficados, incluyendo método, ruta y código de respuesta.",
+    "httpDestSaveChanges": "Guardar Cambios",
+    "httpDestCreateDestination": "Crear destino",
+    "httpDestUpdatedSuccess": "Destino actualizado correctamente",
+    "httpDestCreatedSuccess": "Destino creado correctamente",
+    "httpDestUpdateFailed": "Error al actualizar destino",
+    "httpDestCreateFailed": "Error al crear el destino",
+    "followRedirects": "Seguir redirecciones",
+    "followRedirectsDescription": "Seguir automáticamente las redirecciones HTTP para solicitudes.",
+    "alertingErrorWebhookUrl": "Por favor, introduzca una URL válida para el webhook.",
+    "healthCheckStrategyHttp": "Valida la conectividad y verifica el estado de respuesta HTTP.",
+    "healthCheckStrategyTcp": "Verifica la conectividad TCP solamente, sin inspeccionar la respuesta.",
+    "healthCheckStrategySnmp": "Realiza una solicitud SNMP get para verificar la salud de dispositivos y la infraestructura de red.",
+    "healthCheckStrategyIcmp": "Usa solicitudes de eco ICMP (pings) para verificar si un recurso es alcanzable y receptivo.",
+    "healthCheckTabStrategy": "Estrategia",
+    "healthCheckTabConnection": "Conexión",
+    "healthCheckTabAdvanced": "Avanzado",
+    "healthCheckStrategyNotAvailable": "Esta estrategia no está disponible. Contacte ventas para habilitar esta funcionalidad.",
+    "uptime30d": "Tiempo de actividad (30d)",
+    "idpAddActionCreateNew": "Crear nuevo proveedor de identidad",
+    "idpAddActionImportFromOrg": "Importar de otra organización",
+    "idpImportDialogTitle": "Importar Proveedor de Identidad",
+    "idpImportDialogDescription": "Elija un proveedor de identidad de una organización donde usted sea administrador. Se vinculará a esta organización.",
+    "idpImportSearchPlaceholder": "Buscar por nombre de organización o proveedor...",
+    "idpImportEmpty": "No se encontraron proveedores de identidad.",
+    "idpImportedDescription": "Proveedor de identidad importado con éxito.",
+    "idpDeleteGlobalQuestion": "¿Está seguro de que desea eliminar permanentemente este proveedor de identidad?",
+    "idpDeleteGlobalDescription": "Esto eliminará permanentemente el proveedor de identidad de todas las organizaciones con las que está asociado.",
+    "idpUnassociateTitle": "Desasociar Proveedor de Identidad",
+    "idpUnassociateQuestion": "¿Está seguro de que desea desasociar este proveedor de identidad de esta organización?",
+    "idpUnassociateDescription": "Todos los usuarios asociados con este proveedor de identidad serán eliminados de esta organización, pero el proveedor de identidad continuará existiendo para otras organizaciones asociadas.",
+    "idpUnassociateConfirm": "Confirme Desasociar Proveedor de Identidad",
+    "idpUnassociateWarning": "Esto no se puede deshacer para esta organización.",
+    "idpUnassociatedDescription": "Proveedor de identidad desasociado de esta organización con éxito",
+    "idpUnassociateMenu": "Desasociar",
+    "idpDeleteAllOrgsMenu": "Eliminar",
+    "publicIpEndpoint": "Punto final",
+    "lastTriggeredAt": "Último disparo",
+    "reject": "Rechazar",
+    "uptimeDaysAgo": "Hace {count} días",
+    "uptimeToday": "Hoy",
+    "uptimeNoDataAvailable": "No hay datos disponibles",
+    "uptimeSuffix": "disponibilidad",
+    "uptimeDowntimeSuffix": "tiempo de inactividad",
+    "uptimeTooltipUptimeLabel": "Disponibilidad",
+    "uptimeTooltipDowntimeLabel": "Tiempo de inactividad",
+    "uptimeOngoing": "en curso",
+    "uptimeNoMonitoringData": "No hay datos de monitoreo",
+    "uptimeNoData": "Sin datos",
+    "uptimeMiniBarDown": "Caído",
+    "uptimeSectionTitle": "Disponibilidad",
+    "uptimeSectionDescription": "Disponibilidad durante los últimos {days} días",
+    "uptimeAddAlert": "Agregar alerta",
+    "uptimeViewAlerts": "Ver alertas",
+    "uptimeCreateEmailAlert": "Crear alerta de correo electrónico",
+    "uptimeAlertDescriptionSite": "Recibe notificaciones por correo electrónico cuando este sitio esté fuera de línea o vuelva en línea.",
+    "uptimeAlertDescriptionResource": "Recibe notificaciones por correo electrónico cuando este recurso esté fuera de línea o vuelva en línea.",
+    "uptimeAlertNamePlaceholder": "Nombre de la alerta",
+    "uptimeAdditionalEmails": "Emails adicionales",
+    "uptimeCreateAlert": "Crear alerta",
+    "uptimeAlertNoRecipients": "Sin destinatarios",
+    "uptimeAlertNoRecipientsDescription": "Por favor, agrega al menos un usuario, rol o correo electrónico para notificación.",
+    "uptimeAlertCreated": "Alerta creada",
+    "uptimeAlertCreatedDescription": "Serás notificado cuando cambie de estado.",
+    "uptimeAlertCreateFailed": "Error al crear la alerta",
+    "webhookUrlLabel": "URL",
+    "webhookHeaderKeyPlaceholder": "Clave",
+    "webhookHeaderValuePlaceholder": "Valor",
+    "alertLabel": "Alerta",
+    "domainPickerWildcardSubdomainNotAllowed": "No se permiten subdominios comodín.",
+    "domainPickerWildcardCertWarning": "Los recursos comodín pueden requerir configuración adicional para funcionar correctamente.",
+    "domainPickerWildcardCertWarningLink": "Más información",
+    "health": "Salud",
+    "domainPendingErrorTitle": "Problema de verificación"
 }

messages/ko-KR.json

@@ -1,4 +1,8 @@
 {
+    "contactSalesEnable": "이 기능을 활성화하려면 영업팀에 연락하세요.",
+    "contactSalesBookDemo": "데모 예약하기",
+    "contactSalesOr": "또는",
+    "contactSalesContactUs": "문의하기",
     "setupCreate": "조직, 사이트 및 리소스를 생성합니다.",
     "headerAuthCompatibilityInfo": "인증 토큰이 없을 때 401 Unauthorized 응답을 강제하도록 설정합니다. 서버 챌린지 없이 자격 증명을 제공하지 않는 브라우저나 특정 HTTP 라이브러리에 필요합니다.",
     "headerAuthCompatibility": "확장된 호환성",
@@ -19,6 +23,18 @@
     "componentsInvalidKey": "유효하지 않거나 만료된 라이센스 키가 감지되었습니다. 모든 기능을 계속 사용하려면 라이센스 조건을 따르십시오.",
     "dismiss": "해제",
     "subscriptionViolationMessage": "현재 계획의 한계를 초과했습니다. 사이트, 사용자 또는 기타 리소스를 제거하여 계획 내에 머물도록 해결하세요.",
+    "trialBannerMessage": "시험 사용 기간이 {countdown} 안에 만료됩니다. 업그레이드하여 액세스를 유지하세요.",
+    "trialBannerExpired": "시험 사용 기간이 만료되었습니다. 지금 업그레이드하여 액세스를 복구하세요.",
+    "billingTrialBannerTitle": "무료 평가판 활성화",
+    "billingTrialBannerDescription": "현재 비즈니스 티어의 무료 평가판을 사용 중입니다. 평가판이 종료되면 계정은 자동으로 기본 티어 기능 및 제한으로 돌아갑니다. 현재 계획의 기능을 유지하려면 언제든지 업그레이드 하세요.",
+    "billingTrialBannerUpgrade": "지금 업그레이드",
+    "billingTrialBadge": "무료 평가판",
+    "trialActive": "무료 체험 활성화됨",
+    "trialExpired": "체험 만료됨",
+    "trialHasEnded": "시험 사용 기간이 종료되었습니다.",
+    "trialDaysRemaining": "{count, plural, other {#일 남음}}",
+    "trialDaysLeftShort": "시험 사용 기간 종료까지 {days}일 남음",
+    "trialGoToBilling": "청구 페이지로 이동",
     "subscriptionViolationViewBilling": "청구 보기",
     "componentsLicenseViolation": "라이센스 위반: 이 서버는 {usedSites} 사이트를 사용하고 있으며, 이는 {maxSites} 사이트의 라이센스 한도를 초과합니다. 모든 기능을 계속 사용하려면 라이센스 조건을 따르십시오.",
     "componentsSupporterMessage": "{tier}로 판골린을 지원해 주셔서 감사합니다!",
@@ -81,6 +97,8 @@
     "siteConfirmCopy": "구성을 복사했습니다.",
     "searchSitesProgress": "사이트 검색...",
     "siteAdd": "사이트 추가",
+    "sitesTableViewPublicResources": "공용 리소스 보기",
+    "sitesTableViewPrivateResources": "개인 리소스 보기",
     "siteInstallNewt": "Newt 설치",
     "siteInstallNewtDescription": "시스템에서 Newt 실행하기",
     "WgConfiguration": "WireGuard 구성",
@@ -98,6 +116,21 @@
     "siteUpdatedDescription": "사이트가 업데이트되었습니다.",
     "siteGeneralDescription": "이 사이트에 대한 일반 설정을 구성하세요.",
     "siteSettingDescription": "사이트에서 설정을 구성하세요.",
+    "siteResourcesTab": "리소스",
+    "siteResourcesNoneOnSite": "이 사이트에는 아직 공용 또는 개인 리소스가 없습니다.",
+    "siteResourcesSectionPublic": "공용 리소스",
+    "siteResourcesSectionPrivate": "개인 리소스",
+    "siteResourcesSectionPublicDescription": "도메인이나 포트를 통해 외부에 노출되는 리소스.",
+    "siteResourcesSectionPrivateDescription": "사이트를 통해 개인 네트워크에서 사용할 수 있는 리소스.",
+    "siteResourcesViewAllPublic": "모든 리소스 보기",
+    "siteResourcesViewAllPrivate": "모든 리소스 보기",
+    "siteResourcesDialogDescription": "이 사이트와 연관된 공용 및 개인 리소스의 개요.",
+    "siteResourcesShowMore": "더 보기",
+    "siteResourcesPermissionDenied": "이 리소스를 나열할 권한이 없습니다.",
+    "siteResourcesEmptyPublic": "이 사이트에는 아직 대상 공용 리소스가 없습니다.",
+    "siteResourcesEmptyPrivate": "이 사이트와 연결된 개인 리소스가 아직 없습니다.",
+    "siteResourcesHowToAccess": "액세스 방법",
+    "siteResourcesTargetsOnSite": "이 사이트의 대상",
     "siteSetting": "{siteName} 설정",
     "siteNewtTunnel": "뉴트 사이트 (추천)",
     "siteNewtTunnelDescription": "네트워크의 진입점을 생성하는 가장 쉬운 방법입니다. 추가 설정이 필요 없습니다.",
@@ -148,6 +181,11 @@
     "createLink": "링크 생성",
     "resourcesNotFound": "리소스가 발견되지 않았습니다.",
     "resourceSearch": "리소스 검색",
+    "machineSearch": "기계 검색",
+    "machinesSearch": "기계 클라이언트 검색...",
+    "machineNotFound": "기계를 찾을 수 없습니다",
+    "userDeviceSearch": "사용자 장치 검색",
+    "userDevicesSearch": "사용자 장치 검색...",
     "openMenu": "메뉴 열기",
     "resource": "리소스",
     "title": "제목",
@@ -175,6 +213,7 @@
     "resourceHTTPDescription": "완전한 도메인 이름을 사용해 RAW 또는 HTTPS로 프록시 요청을 수행합니다.",
     "resourceRaw": "원시 TCP/UDP 리소스",
     "resourceRawDescription": "포트 번호를 사용하여 RAW TCP/UDP로 요청을 프록시합니다.",
+    "resourceRawDescriptionCloud": "포트 번호를 사용하여 원격 노드에 연결해야 합니다. 원격 노드에서 리소스를 사용하려면 사용자 지정 도메인을 사용하십시오.",
     "resourceCreate": "리소스 생성",
     "resourceCreateDescription": "아래 단계를 따라 새 리소스를 생성하세요.",
     "resourceSeeAll": "모든 리소스 보기",
@@ -201,6 +240,7 @@
     "protocolSelect": "프로토콜 선택",
     "resourcePortNumber": "포트 번호",
     "resourcePortNumberDescription": "요청을 프록시하기 위한 외부 포트 번호입니다.",
+    "back": "뒤로",
     "cancel": "취소",
     "resourceConfig": "구성 스니펫",
     "resourceConfigDescription": "TCP/UDP 리소스를 설정하기 위해 이 구성 스니펫을 복사하여 붙여넣습니다.",
@@ -246,11 +286,25 @@
     "orgErrorDeleteMessage": "조직을 삭제하는 중 오류가 발생했습니다.",
     "orgDeleted": "조직이 삭제되었습니다.",
     "orgDeletedMessage": "조직과 그 데이터가 삭제되었습니다.",
+    "deleteAccount": "계정 삭제",
+    "deleteAccountDescription": "계정, 소유한 모든 조직 및 조직 내의 모든 데이터를 영구적으로 삭제합니다. 이 작업은 되돌릴 수 없습니다.",
+    "deleteAccountButton": "계정 삭제",
+    "deleteAccountConfirmTitle": "계정 삭제",
+    "deleteAccountConfirmMessage": "이 작업은 귀하의 계정, 소유한 모든 조직 및 조직 내 모든 데이터를 영구적으로 삭제합니다. 이 작업은 되돌릴 수 없습니다.",
+    "deleteAccountConfirmString": "계정 삭제",
+    "deleteAccountSuccess": "계정 삭제됨",
+    "deleteAccountSuccessMessage": "계정이 삭제되었습니다.",
+    "deleteAccountError": "계정 삭제 실패",
+    "deleteAccountPreviewAccount": "귀하의 계정",
+    "deleteAccountPreviewOrgs": "귀하가 소유한 조직(포함된 모든 데이터)",
     "orgMissing": "조직 ID가 누락되었습니다",
     "orgMissingMessage": "조직 ID 없이 초대장을 재생성할 수 없습니다.",
     "accessUsersManage": "사용자 관리",
+    "accessUserManage": "사용자 관리",
     "accessUsersDescription": "이 조직에 액세스할 사용자 초대 및 관리",
     "accessUsersSearch": "사용자 검색...",
+    "accessUsersRoleFilterCount": "{count, plural, other {# 역할}}",
+    "accessUsersRoleFilterClear": "역할 필터 지우기",
     "accessUserCreate": "사용자 생성",
     "accessUserRemove": "사용자 제거",
     "username": "사용자 이름",
@@ -310,6 +364,54 @@
     "apiKeysDelete": "API 키 삭제",
     "apiKeysManage": "API 키 관리",
     "apiKeysDescription": "API 키는 통합 API와 인증하는 데 사용됩니다.",
+    "provisioningKeysTitle": "프로비저닝 키",
+    "provisioningKeysManage": "프로비저닝 키 관리",
+    "provisioningKeysDescription": "프로비저닝 키는 조직의 자동 사이트 프로비저닝 인증에 사용됩니다.",
+    "provisioningManage": "프로비저닝",
+    "provisioningDescription": "프로비저닝 키를 관리하고 승인을 기다리는 사이트를 검토합니다.",
+    "pendingSites": "대기중인 사이트",
+    "siteApproveSuccess": "사이트가 성공적으로 승인되었습니다",
+    "siteApproveError": "사이트 승인 오류",
+    "provisioningKeys": "프로비저닝 키",
+    "searchProvisioningKeys": "프로비저닝 키 검색...",
+    "provisioningKeysAdd": "프로비저닝 키 생성",
+    "provisioningKeysErrorDelete": "프로비저닝 키 삭제 오류",
+    "provisioningKeysErrorDeleteMessage": "프로비저닝 키 삭제 오류",
+    "provisioningKeysQuestionRemove": "이 프로비저닝 키를 조직에서 제거하시겠습니까?",
+    "provisioningKeysMessageRemove": "제거 후에는 이 키를 사이트 프로비저닝에 사용할 수 없습니다.",
+    "provisioningKeysDeleteConfirm": "프로비저닝 키 삭제 확인",
+    "provisioningKeysDelete": "프로비저닝 키 삭제",
+    "provisioningKeysCreate": "프로비저닝 키 생성",
+    "provisioningKeysCreateDescription": "조직을 위한 새로운 프로비저닝 키 생성",
+    "provisioningKeysSeeAll": "모든 프로비저닝 키 보기",
+    "provisioningKeysSave": "프로비저닝 키 저장",
+    "provisioningKeysSaveDescription": "이것은 한 번만 볼 수 있습니다. 안전한 장소에 복사해 두세요.",
+    "provisioningKeysErrorCreate": "프로비저닝 키 생성 오류",
+    "provisioningKeysList": "새 프로비저닝 키",
+    "provisioningKeysMaxBatchSize": "최대 배치 크기",
+    "provisioningKeysUnlimitedBatchSize": "무제한 배치 크기 (제한 없음)",
+    "provisioningKeysMaxBatchUnlimited": "무제한",
+    "provisioningKeysMaxBatchSizeInvalid": "유효한 최대 배치 크기를 입력하세요 (1–1,000,000).",
+    "provisioningKeysValidUntil": "유효 기간",
+    "provisioningKeysValidUntilHint": "만료 날짜를 설정하지 않을 경우 빈칸으로 남겨 두세요.",
+    "provisioningKeysValidUntilInvalid": "유효한 날짜와 시간을 입력하세요.",
+    "provisioningKeysNumUsed": "사용 횟수",
+    "provisioningKeysLastUsed": "마지막 사용",
+    "provisioningKeysNoExpiry": "만료 없음",
+    "provisioningKeysNeverUsed": "절대",
+    "provisioningKeysEdit": "프로비저닝 키 수정",
+    "provisioningKeysEditDescription": "이 키의 최대 배치 크기 및 만료 시간을 업데이트하세요.",
+    "provisioningKeysApproveNewSites": "새로운 사이트 승인",
+    "provisioningKeysApproveNewSitesDescription": "이 키를 등록하는 사이트를 자동으로 승인합니다.",
+    "provisioningKeysUpdateError": "프로비저닝 키 업데이트 오류",
+    "provisioningKeysUpdated": "프로비저닝 키가 업데이트되었습니다",
+    "provisioningKeysUpdatedDescription": "변경 사항이 저장되었습니다.",
+    "provisioningKeysBannerTitle": "사이트 프로비저닝 키",
+    "provisioningKeysBannerDescription": "프로비저닝 키를 생성하고 Newt 커넥터와 함께 사용하여 첫 시작 시 사이트를 자동 생성 - 각 사이트에 대한 별도 자격 증명이 필요 없습니다.",
+    "provisioningKeysBannerButtonText": "자세히 알아보기",
+    "pendingSitesBannerTitle": "대기중인 사이트",
+    "pendingSitesBannerDescription": "프로비저닝 키를 사용하여 연결된 사이트가 검토를 위해 여기에 표시됩니다.",
+    "pendingSitesBannerButtonText": "자세히 알아보기",
     "apiKeysSettings": "{apiKeyName} 설정",
     "userTitle": "모든 사용자 관리",
     "userDescription": "시스템의 모든 사용자를 보고 관리합니다",
@@ -339,6 +441,10 @@
     "licenseErrorKeyActivate": "라이센스 키 활성화에 실패했습니다.",
     "licenseErrorKeyActivateDescription": "라이센스 키를 활성화하는 동안 오류가 발생했습니다",
     "licenseAbout": "라이센스에 대한 정보",
+    "licenseBannerTitle": "기업 라이선스 활성화",
+    "licenseBannerDescription": "자체 호스팅된 Pangolin 인스턴스에서 기업 기능을 잠금 해제하십시오. 라이선스 키를 구입하여 프리미엄 기능을 활성화하고 아래에 추가하십시오.",
+    "licenseBannerGetLicense": "라이선스 획득",
+    "licenseBannerViewDocs": "문서 보기",
     "communityEdition": "커뮤니티 에디션",
     "licenseAboutDescription": "이것은 상업적 환경에서 Pangolin을 사용하는 비즈니스 및 기업 사용자용입니다. 개인 용도로 Pangolin을 사용하는 경우 이 섹션을 무시할 수 있습니다.",
     "licenseKeyActivated": "라이센스 키가 활성화되었습니다",
@@ -461,6 +567,8 @@
     "filterByApprovalState": "승인 상태로 필터링",
     "approvalListEmpty": "승인이 없습니다.",
     "approvalState": "승인 상태",
+    "approvalLoadMore": "더 불러오기",
+    "loadingApprovals": "승인 불러오는 중",
     "approve": "승인",
     "approved": "승인됨",
     "denied": "거부됨",
@@ -494,9 +602,12 @@
     "userSaved": "사용자 저장됨",
     "userSavedDescription": "사용자가 업데이트되었습니다.",
     "autoProvisioned": "자동 프로비저닝됨",
+    "autoProvisionSettings": "자동 프로비저닝 설정",
     "autoProvisionedDescription": "이 사용자가 ID 공급자에 의해 자동으로 관리될 수 있도록 허용합니다",
     "accessControlsDescription": "이 사용자가 조직에서 접근하고 수행할 수 있는 작업을 관리하세요",
     "accessControlsSubmit": "접근 제어 저장",
+    "singleRolePerUserPlanNotice": "계획에는 사용자당 한 가지 역할만 지원됩니다.",
+    "singleRolePerUserEditionNotice": "이 판에는 사용자당 한 가지 역할만 지원됩니다.",
     "roles": "역할",
     "accessUsersRoles": "사용자 및 역할 관리",
     "accessUsersRolesDescription": "사용자를 초대하고 역할에 추가하여 조직에 대한 접근을 관리하세요",
@@ -553,6 +664,8 @@
     "targetErrorInvalidPortDescription": "유효한 포트 번호를 입력하세요.",
     "targetErrorNoSite": "선택된 사이트 없음",
     "targetErrorNoSiteDescription": "대상을 위해 사이트를 선택하세요.",
+    "targetTargetsCleared": "대상이 제거됨",
+    "targetTargetsClearedDescription": "이 리소스에서 모든 대상이 제거되었습니다",
     "targetCreated": "대상 생성",
     "targetCreatedDescription": "대상이 성공적으로 생성되었습니다.",
     "targetErrorCreate": "대상 생성 실패",
@@ -636,6 +749,7 @@
     "resourcesErrorUpdate": "리소스를 전환하는 데 실패했습니다.",
     "resourcesErrorUpdateDescription": "리소스를 업데이트하는 동안 오류가 발생했습니다.",
     "access": "접속",
+    "accessControl": "액세스 제어",
     "shareLink": "{resource} 공유 링크",
     "resourceSelect": "리소스 선택",
     "shareLinks": "공유 링크",
@@ -653,6 +767,7 @@
     "newtEndpoint": "엔드포인트",
     "newtId": "ID",
     "newtSecretKey": "비밀",
+    "newtVersion": "버전",
     "architecture": "아키텍처",
     "sites": "사이트",
     "siteWgAnyClients": "WireGuard 클라이언트를 사용하여 연결하십시오. 피어 IP를 사용하여 내부 리소스에 접근해야 합니다.",
@@ -776,6 +891,7 @@
     "accessRoleRemoved": "역할이 제거되었습니다",
     "accessRoleRemovedDescription": "역할이 성공적으로 제거되었습니다.",
     "accessRoleRequiredRemove": "이 역할을 삭제하기 전에 기존 구성원을 전송할 새 역할을 선택하세요.",
+    "network": "네트워크",
     "manage": "관리",
     "sitesNotFound": "사이트를 찾을 수 없습니다.",
     "pangolinServerAdmin": "서버 관리자 - 판골린",
@@ -819,6 +935,7 @@
     "idpDisplayName": "이 신원 공급자를 위한 표시 이름",
     "idpAutoProvisionUsers": "사용자 자동 프로비저닝",
     "idpAutoProvisionUsersDescription": "활성화되면 사용자가 첫 로그인 시 시스템에 자동으로 생성되며, 사용자와 역할 및 조직을 매핑할 수 있습니다.",
+    "idpAutoProvisionConfigureAfterCreate": "아이덴티티 공급자가 생성되면 자동 프로비저닝 설정을 구성할 수 있습니다.",
     "licenseBadge": "EE",
     "idpType": "제공자 유형",
     "idpTypeDescription": "구성할 ID 공급자의 유형을 선택하십시오.",
@@ -870,7 +987,7 @@
     "defaultMappingsRole": "기본 역할 매핑",
     "defaultMappingsRoleDescription": "이 표현식의 결과는 조직에서 정의된 역할 이름을 문자열로 반환해야 합니다.",
     "defaultMappingsOrg": "기본 조직 매핑",
-    "defaultMappingsOrgDescription": "이 표현식은 사용자가 조직에 접근할 수 있도록 조직 ID 또는 true를 반환해야 합니다.",
+    "defaultMappingsOrgDescription": "이 표현식은 사용자가 조직에 접근할 수 있도록 조직 ID 또는 true를 반환해야 합니다. 설정되지 않으면, 역할 매핑 정의가 충분합니다: 사용자는 유효한 역할 매핑이 해석되는 한 조직에 허용됩니다.",
     "defaultMappingsSubmit": "기본 매핑 저장",
     "orgPoliciesEdit": "조직 정책 편집",
     "org": "조직",
@@ -1017,12 +1134,12 @@
     "pangolinSetup": "설정 - 판골린",
     "orgNameRequired": "조직 이름은 필수입니다.",
     "orgIdRequired": "조직 ID가 필요합니다",
+    "orgIdMaxLength": "조직 ID는 최대 32자 이내여야 합니다",
     "orgErrorCreate": "조직 생성 중 오류가 발생했습니다.",
     "pageNotFound": "페이지를 찾을 수 없습니다",
     "pageNotFoundDescription": "앗! 찾고 있는 페이지가 존재하지 않습니다.",
     "overview": "개요",
     "home": "홈",
-    "accessControl": "액세스 제어",
     "settings": "설정",
     "usersAll": "모든 사용자",
     "license": "라이선스",
@@ -1085,6 +1202,12 @@
     "actionGetUser": "사용자 조회",
     "actionGetOrgUser": "조직 사용자 가져오기",
     "actionListOrgDomains": "조직 도메인 목록",
+    "actionGetDomain": "도메인 가져오기",
+    "actionCreateOrgDomain": "도메인 생성",
+    "actionUpdateOrgDomain": "도메인 업데이트",
+    "actionDeleteOrgDomain": "도메인 삭제",
+    "actionGetDNSRecords": "DNS 레코드 가져오기",
+    "actionRestartOrgDomain": "도메인 재시작",
     "actionCreateSite": "사이트 생성",
     "actionDeleteSite": "사이트 삭제",
     "actionGetSite": "사이트 가져오기",
@@ -1096,6 +1219,7 @@
     "setupTokenDescription": "서버 콘솔에서 설정 토큰 입력.",
     "setupTokenRequired": "설정 토큰이 필요합니다",
     "actionUpdateSite": "사이트 업데이트",
+    "actionResetSiteBandwidth": "조직 대역폭 재설정",
     "actionListSiteRoles": "허용된 사이트 역할 목록",
     "actionCreateResource": "리소스 생성",
     "actionDeleteResource": "리소스 삭제",
@@ -1125,6 +1249,7 @@
     "actionRemoveUser": "사용자 제거",
     "actionListUsers": "사용자 목록",
     "actionAddUserRole": "사용자 역할 추가",
+    "actionSetUserOrgRoles": "사용자 역할 설정",
     "actionGenerateAccessToken": "액세스 토큰 생성",
     "actionDeleteAccessToken": "액세스 토큰 삭제",
     "actionListAccessTokens": "액세스 토큰 목록",
@@ -1169,7 +1294,9 @@
     "actionViewLogs": "로그 보기",
     "noneSelected": "선택된 항목 없음",
     "orgNotFound2": "조직이 없습니다.",
-    "searchProgress": "검색...",
+    "search": "검색…",
+    "searchPlaceholder": "검색...",
+    "emptySearchOptions": "옵션이 없습니다",
     "create": "생성",
     "orgs": "조직",
     "loginError": "예기치 않은 오류가 발생했습니다. 다시 시도해주세요.",
@@ -1233,12 +1360,14 @@
     "sidebarClientResources": "비공개",
     "sidebarAccessControl": "액세스 제어",
     "sidebarLogsAndAnalytics": "로그 및 분석",
+    "sidebarTeam": "팀",
     "sidebarUsers": "사용자",
     "sidebarAdmin": "관리자",
     "sidebarInvitations": "초대",
     "sidebarRoles": "역할",
     "sidebarShareableLinks": "링크",
     "sidebarApiKeys": "API 키",
+    "sidebarProvisioning": "프로비저닝",
     "sidebarSettings": "설정",
     "sidebarAllUsers": "모든 사용자",
     "sidebarIdentityProviders": "신원 공급자",
@@ -1250,8 +1379,167 @@
     "sidebarGeneral": "관리",
     "sidebarLogAndAnalytics": "로그 & 통계",
     "sidebarBluePrints": "청사진",
+    "sidebarAlerting": "알림",
+    "sidebarHealthChecks": "상태 확인",
     "sidebarOrganization": "조직",
+    "sidebarManagement": "관리",
+    "sidebarBillingAndLicenses": "결제 및 라이선스",
     "sidebarLogsAnalytics": "분석",
+    "alertingTitle": "알림",
+    "alertingDescription": "알림에 대한 소스, 트리거 및 작업 정의",
+    "alertingRules": "알림 규칙",
+    "alertingSearchRules": "규칙 검색…",
+    "alertingAddRule": "규칙 생성",
+    "alertingColumnSource": "소스",
+    "alertingColumnTrigger": "트리거",
+    "alertingColumnActions": "작업",
+    "alertingColumnEnabled": "활성화됨",
+    "alertingDeleteQuestion": "이 알림 규칙을 삭제하겠습니까.",
+    "alertingDeleteRule": "알림 규칙 삭제",
+    "alertingRuleDeleted": "알림 규칙 삭제됨",
+    "alertingRuleSaved": "알림 규칙 저장됨",
+    "alertingRuleSavedCreatedDescription": "새 알림 규칙이 생성되었습니다. 이 페이지에서 계속 편집할 수 있습니다.",
+    "alertingRuleSavedUpdatedDescription": "이 알림 규칙에 대한 변경 사항이 저장되었습니다.",
+    "alertingEditRule": "알림 규칙 편집",
+    "alertingCreateRule": "알림 규칙 생성",
+    "alertingRuleCredenzaDescription": "무엇을 감시할지, 언제 알릴지, 어떻게 알릴지를 선택하세요.",
+    "alertingRuleNamePlaceholder": "프로덕션 사이트 중단",
+    "alertingRuleEnabled": "규칙 활성화됨",
+    "alertingSectionSource": "소스",
+    "alertingSourceType": "소스 유형",
+    "alertingSourceSite": "사이트",
+    "alertingSourceHealthCheck": "상태 확인",
+    "alertingPickSites": "사이트들",
+    "alertingPickHealthChecks": "상태 확인들",
+    "alertingPickResources": "리소스들",
+    "alertingAllSites": "모든 사이트",
+    "alertingAllSitesDescription": "모든 사이트에서 알림 발동",
+    "alertingSpecificSites": "특정 사이트",
+    "alertingSpecificSitesDescription": "감시할 특정 사이트를 선택하세요",
+    "alertingAllHealthChecks": "모든 상태 확인",
+    "alertingAllHealthChecksDescription": "모든 상태 확인에 대한 알림 발동",
+    "alertingSpecificHealthChecks": "특정 상태 확인",
+    "alertingSpecificHealthChecksDescription": "감시할 특정 상태 확인을 선택하세요",
+    "alertingAllResources": "모든 리소스",
+    "alertingAllResourcesDescription": "모든 리소스에 대한 알림 발동",
+    "alertingSpecificResources": "특정 리소스",
+    "alertingSpecificResourcesDescription": "감시할 특정 리소스를 선택하세요",
+    "alertingSelectResources": "리소스 선택…",
+    "alertingResourcesSelected": "{count}개의 리소스 선택됨",
+    "alertingResourcesEmpty": "앞 10개의 결과에서 타겟이 있는 리소스 없음.",
+    "alertingSectionTrigger": "트리거",
+    "alertingTrigger": "언제 알림을 받을지",
+    "alertingTriggerSiteOnline": "사이트 온라인",
+    "alertingTriggerSiteOffline": "사이트 오프라인",
+    "alertingTriggerSiteToggle": "사이트 상태 변경",
+    "alertingTriggerHcHealthy": "상태 확인 정상",
+    "alertingTriggerHcUnhealthy": "상태 확인 비정상",
+    "alertingTriggerHcToggle": "상태 확인 상태 변경",
+    "alertingTriggerResourceHealthy": "리소스 정상",
+    "alertingTriggerResourceUnhealthy": "리소스 비정상",
+    "alertingTriggerResourceDegraded": "리소스 열화",
+    "alertingSearchHealthChecks": "상태 확인 검색…",
+    "alertingHealthChecksEmpty": "사용 가능한 상태 확인이 없습니다.",
+    "alertingTriggerResourceToggle": "리소스 상태 변경",
+    "alertingSourceResource": "리소스",
+    "alertingSectionActions": "작업",
+    "alertingAddAction": "작업 추가",
+    "alertingActionNotify": "이메일",
+    "alertingActionNotifyDescription": "사용자 또는 역할에게 이메일 알림 전송",
+    "alertingActionWebhook": "웹훅",
+    "alertingActionWebhookDescription": "사용자 정의 엔드포인트로 HTTP 요청 보내기",
+    "alertingExternalIntegration": "외부 통합",
+    "alertingExternalPagerDutyDescription": "사고 관리를 위해 PagerDuty에 알림 보내기",
+    "alertingExternalOpsgenieDescription": "대기 중인 관리자로 Opsgenie에 알림 보내기",
+    "alertingExternalServiceNowDescription": "알림 이벤트로 ServiceNow 사고 생성",
+    "alertingExternalIncidentIoDescription": "알림 이벤트로 Incident.io 워크플로우 트리거",
+    "alertingActionType": "작업 유형",
+    "alertingNotifyUsers": "사용자들",
+    "alertingNotifyRoles": "역할들",
+    "alertingNotifyEmails": "이메일 주소들",
+    "alertingEmailPlaceholder": "이메일 추가 후 Enter 키를 누르세요",
+    "alertingWebhookMethod": "HTTP 메소드",
+    "alertingWebhookSecret": "서명 비밀 (선택 사항)",
+    "alertingWebhookSecretPlaceholder": "HMAC 비밀",
+    "alertingWebhookHeaders": "헤더들",
+    "alertingAddHeader": "헤더 추가",
+    "alertingSelectSites": "사이트 선택…",
+    "alertingSitesSelected": "{count}개의 사이트 선택됨",
+    "alertingSelectHealthChecks": "상태 확인 선택…",
+    "alertingHealthChecksSelected": "{count}개의 상태 확인 선택됨",
+    "alertingNoHealthChecks": "활성화된 상태 확인이 있는 타겟 없음",
+    "alertingHealthCheckStub": "상태 확인 소스 선택은 아직 연결되지 않았습니다 - 트리거 및 작업을 계속 구성할 수 있습니다.",
+    "alertingSelectUsers": "사용자 선택…",
+    "alertingUsersSelected": "{count}명의 사용자 선택됨",
+    "alertingSelectRoles": "역할 선택…",
+    "alertingRolesSelected": "{count}개의 역할 선택됨",
+    "alertingSummarySites": "사이트 ({count})",
+    "alertingSummaryAllSites": "모든 사이트",
+    "alertingSummaryHealthChecks": "상태 확인 ({count})",
+    "alertingSummaryAllHealthChecks": "모든 상태 확인",
+    "alertingSummaryResources": "리소스 ({count})",
+    "alertingSummaryAllResources": "모든 리소스",
+    "alertingErrorNameRequired": "이름을 입력하세요",
+    "alertingErrorActionsMin": "최소한 하나의 작업 추가",
+    "alertingErrorPickSites": "최소한 하나의 사이트 선택",
+    "alertingErrorPickHealthChecks": "최소한 하나의 상태 확인 선택",
+    "alertingErrorPickResources": "최소한 하나의 리소스 선택",
+    "alertingErrorTriggerSite": "사이트 트리거 선택",
+    "alertingErrorTriggerHealth": "상태 확인 트리거 선택",
+    "alertingErrorTriggerResource": "리소스 트리거 선택",
+    "alertingErrorNotifyRecipients": "사용자, 역할 또는 최소 하나의 이메일 선택",
+    "alertingConfigureSource": "소스 구성",
+    "alertingConfigureTrigger": "트리거 구성",
+    "alertingConfigureActions": "작업 구성",
+    "alertingBackToRules": "규칙으로 돌아가기",
+    "alertingRuleCooldown": "냉각 시간 (초)",
+    "alertingRuleCooldownDescription": "같은 규칙에 대해 반복된 알림 사이의 최소 시간. 매번 발생하려면 0으로 설정하세요.",
+    "alertingDraftBadge": "초안 - 이 규칙을 저장하려면 저장",
+    "alertingSidebarHint": "여기에서 편집하려면 캔버스의 단계를 클릭하세요.",
+    "alertingGraphCanvasTitle": "규칙 흐름",
+    "alertingGraphCanvasDescription": "소스, 트리거 및 작업의 시각적 개요입니다. 노드를 선택하여 패널에서 수정할 수 있습니다.",
+    "alertingNodeNotConfigured": "아직 구성되지 않음",
+    "alertingNodeActionsCount": "{count, plural, other {# 작업}}",
+    "alertingNodeRoleSource": "소스",
+    "alertingNodeRoleTrigger": "트리거",
+    "alertingNodeRoleAction": "작업",
+    "alertingTabRules": "알림 규칙",
+    "alertingTabHealthChecks": "상태 확인",
+    "alertingRulesBannerTitle": "알림 받기",
+    "alertingRulesBannerDescription": "각 규칙은 무엇을 감시할지(사이트, 상태 확인, 리소스), 언제 발동할지(예: 오프라인 또는 비정상), 이메일, 웹훅 또는 통합을 통해 팀에 어떻게 알릴지를 연결합니다. 이 목록을 사용하여 규칙을 생성, 활성화 및 관리하세요.",
+    "alertingHealthChecksBannerTitle": "건강 및 리소스 모니터링",
+    "alertingHealthChecksBannerDescription": "상태 확인은 한 번 정의한 HTTP 또는 TCP 모니터링입니다. 그런 다음 이를 알림 규칙의 소스로 사용하여 타겟이 정상 또는 비정상이 되었을 때 알림을 받을 수 있습니다. 리소스의 상태 확인도 여기에 나타납니다.",
+    "standaloneHcTableTitle": "상태 확인",
+    "standaloneHcSearchPlaceholder": "상태 확인 검색…",
+    "standaloneHcAddButton": "상태 확인 생성",
+    "standaloneHcCreateTitle": "상태 확인 생성",
+    "standaloneHcEditTitle": "상태 확인 편집",
+    "standaloneHcDescription": "알림 규칙에 사용할 HTTP 또는 TCP 상태 확인을 구성하세요.",
+    "standaloneHcNameLabel": "이름",
+    "standaloneHcNamePlaceholder": "나의 HTTP 모니터",
+    "standaloneHcDeleteTitle": "상태 확인 삭제",
+    "standaloneHcDeleteQuestion": "이 상태 확인을 삭제하겠습니까.",
+    "standaloneHcDeleted": "상태 확인 삭제됨",
+    "standaloneHcSaved": "상태 확인 저장됨",
+    "standaloneHcColumnHealth": "건강",
+    "standaloneHcColumnMode": "모드",
+    "standaloneHcColumnTarget": "타겟",
+    "standaloneHcHealthStateHealthy": "정상",
+    "standaloneHcHealthStateUnhealthy": "비정상",
+    "standaloneHcHealthStateUnknown": "알 수 없음",
+    "standaloneHcFilterAnySite": "모든 사이트",
+    "standaloneHcFilterAnyResource": "모든 리소스",
+    "standaloneHcFilterMode": "모드",
+    "standaloneHcFilterModeHttp": "HTTP",
+    "standaloneHcFilterModeTcp": "TCP",
+    "standaloneHcFilterModeSnmp": "SNMP",
+    "standaloneHcFilterModePing": "핑",
+    "standaloneHcFilterHealth": "건강",
+    "standaloneHcFilterEnabled": "활성화됨",
+    "standaloneHcFilterEnabledOn": "활성화됨",
+    "standaloneHcFilterEnabledOff": "비활성화됨",
+    "standaloneHcFilterSiteIdFallback": "사이트 {id}",
+    "standaloneHcFilterResourceIdFallback": "리소스 {id}",
     "blueprints": "청사진",
     "blueprintsDescription": "선언적 구성을 적용하고 이전 실행을 봅니다",
     "blueprintAdd": "청사진 추가",
@@ -1272,7 +1560,6 @@
     "parsedContents": "구문 분석된 콘텐츠 (읽기 전용)",
     "enableDockerSocket": "Docker 청사진 활성화",
     "enableDockerSocketDescription": "블루프린트 레이블을 위한 Docker 소켓 레이블 수집을 활성화합니다. 소켓 경로는 Newt에 제공되어야 합니다.",
-    "enableDockerSocketLink": "자세히 알아보기",
     "viewDockerContainers": "도커 컨테이너 보기",
     "containersIn": "{siteName}의 컨테이너",
     "selectContainerDescription": "이 대상을 위한 호스트 이름으로 사용할 컨테이너를 선택하세요. 포트를 사용하려면 포트를 클릭하세요.",
@@ -1314,7 +1601,8 @@
     "initialSetupDescription": "초기 서버 관리자 계정을 생성하세요. 서버 관리자 계정은 하나만 존재할 수 있습니다. 이러한 자격 증명은 나중에 언제든지 변경할 수 있습니다.",
     "createAdminAccount": "관리자 계정 생성",
     "setupErrorCreateAdmin": "서버 관리자 계정을 생성하는 동안 오류가 발생했습니다.",
-    "certificateStatus": "인증서 상태",
+    "certificateStatus": "인증서",
+    "certificateStatusAutoRefreshHint": "상태가 자동으로 새로 고쳐집니다.",
     "loading": "로딩 중",
     "loadingAnalytics": "분석 로딩 중",
     "restart": "재시작",
@@ -1383,6 +1671,7 @@
     "pangolinUpdateAvailableReleaseNotes": "릴리스 노트 보기",
     "newtUpdateAvailable": "업데이트 가능",
     "newtUpdateAvailableInfo": "뉴트의 새 버전이 출시되었습니다. 최상의 경험을 위해 최신 버전으로 업데이트하세요.",
+    "pangolinNodeUpdateAvailableInfo": "Pangolin Node의 새 버전이 출시되었습니다. 최상의 경험을 위해 최신 버전으로 업데이트하세요.",
     "domainPickerEnterDomain": "도메인",
     "domainPickerPlaceholder": "myapp.example.com",
     "domainPickerDescription": "리소스의 전체 도메인을 입력하여 사용 가능한 옵션을 확인하십시오.",
@@ -1400,6 +1689,7 @@
     "domainPickerNamespace": "이름 공간: {namespace}",
     "domainPickerShowMore": "더보기",
     "regionSelectorTitle": "지역 선택",
+    "domainPickerRemoteExitNodeWarning": "제공된 도메인은 원격 종료 노드에 연결된 사이트에서 지원되지 않습니다. 원격 노드에서 리소스를 사용하려면 사용자 지정 도메인을 사용하십시오.",
     "regionSelectorInfo": "지역을 선택하면 위치에 따라 더 나은 성능이 제공됩니다. 서버와 같은 지역에 있을 필요는 없습니다.",
     "regionSelectorPlaceholder": "지역 선택",
     "regionSelectorComingSoon": "곧 출시 예정",
@@ -1412,6 +1702,7 @@
     "billingSites": "사이트",
     "billingUsers": "사용자",
     "billingDomains": "도메인",
+    "billingOrganizations": "조직",
     "billingRemoteExitNodes": "원격 노드",
     "billingNoLimitConfigured": "구성된 한도가 없습니다.",
     "billingEstimatedPeriod": "예상 청구 기간",
@@ -1454,6 +1745,7 @@
     "failed": "실패",
     "createNewOrgDescription": "새 조직 생성",
     "organization": "조직",
+    "primary": "기본",
     "port": "포트",
     "securityKeyManage": "보안 키 관리",
     "securityKeyDescription": "비밀번호 없는 인증을 위해 보안 키를 추가하거나 제거합니다.",
@@ -1551,6 +1843,16 @@
     "billingFeatureLossWarning": "기능 가용성 알림",
     "billingFeatureLossDescription": "다운그레이드함으로써 새 계획에서 사용할 수 없는 기능은 자동으로 비활성화됩니다. 일부 설정 및 구성은 손실될 수 있습니다. 어떤 기능들이 더 이상 사용 불가능한지 이해하기 위해 가격표를 검토하세요.",
     "billingUsageExceedsLimit": "현재 사용량 ({current})이 제한 ({limit})을 초과합니다",
+    "billingPastDueTitle": "연체된 결제",
+    "billingPastDueDescription": "결제가 연체되었습니다. 현재 이용 중인 플랜 기능을 계속 사용하기 위해 결제 수단을 업데이트해 주세요. 해결되지 않으면 구독이 취소되고 무료 요금제로 전환됩니다.",
+    "billingUnpaidTitle": "결제되지 않은 구독",
+    "billingUnpaidDescription": "구독 결제가 완료되지 않아 무료 요금제로 전환되었습니다. 구독을 복원하려면 결제 수단을 업데이트해 주세요.",
+    "billingIncompleteTitle": "불완전한 결제",
+    "billingIncompleteDescription": "결제가 불완전합니다. 구독을 활성화하기 위해 결제 과정을 완료해 주세요.",
+    "billingIncompleteExpiredTitle": "만료된 결제",
+    "billingIncompleteExpiredDescription": "결제가 완료되지 않아 만료되었습니다. 무료 요금제로 전환되었습니다. 유료 기능에 대한 액세스를 복원하려면 다시 구독해 주세요.",
+    "billingManageSubscription": "구독을 관리하십시오",
+    "billingResolvePaymentIssue": "업그레이드 또는 다운그레이드하기 전에 결제 문제를 해결해 주세요.",
     "signUpTerms": {
         "IAgreeToThe": "동의합니다",
         "termsOfService": "서비스 약관",
@@ -1609,6 +1911,7 @@
     "configureHealthCheck": "상태 확인 설정",
     "configureHealthCheckDescription": "{target}에 대한 상태 모니터링 설정",
     "enableHealthChecks": "상태 확인 활성화",
+    "healthCheckDisabledStateDescription": "비활성화되면 이 사이트가 상태 확인을 수행하지 않으며 상태가 알 수 없는 것으로 간주됩니다.",
     "enableHealthChecksDescription": "이 대상을 모니터링하여 건강 상태를 확인하세요. 필요에 따라 대상과 다른 엔드포인트를 모니터링할 수 있습니다.",
     "healthScheme": "방법",
     "healthSelectScheme": "방법 선택",
@@ -1624,6 +1927,24 @@
     "timeIsInSeconds": "시간은 초 단위입니다",
     "requireDeviceApproval": "장치 승인 요구",
     "requireDeviceApprovalDescription": "이 역할을 가진 사용자는 장치가 연결되기 전에 관리자의 승인이 필요합니다.",
+    "sshAccess": "SSH 접속",
+    "roleAllowSsh": "SSH 허용",
+    "roleAllowSshAllow": "허용",
+    "roleAllowSshDisallow": "허용 안 함",
+    "roleAllowSshDescription": "이 역할을 가진 사용자가 SSH를 통해 리소스에 연결할 수 있도록 허용합니다. 비활성화되면 역할은 SSH 접속을 사용할 수 없습니다.",
+    "sshSudoMode": "Sudo 접속",
+    "sshSudoModeNone": "없음",
+    "sshSudoModeNoneDescription": "사용자는 sudo로 명령을 실행할 수 없습니다.",
+    "sshSudoModeFull": "전체 Sudo",
+    "sshSudoModeFullDescription": "사용자는 모든 명령을 sudo로 실행할 수 있습니다.",
+    "sshSudoModeCommands": "명령",
+    "sshSudoModeCommandsDescription": "사용자는 sudo로 지정된 명령만 실행할 수 있습니다.",
+    "sshSudo": "Sudo 허용",
+    "sshSudoCommands": "Sudo 명령",
+    "sshSudoCommandsDescription": "사용자가 sudo로 실행할 수 있는 명령어의 쉼표로 구분된 목록입니다.",
+    "sshCreateHomeDir": "홈 디렉터리 생성",
+    "sshUnixGroups": "유닉스 그룹",
+    "sshUnixGroupsDescription": "대상 호스트에서 사용자에게 추가할 유닉스 그룹의 쉼표로 구분된 목록입니다.",
     "retryAttempts": "재시도 횟수",
     "expectedResponseCodes": "예상 응답 코드",
     "expectedResponseCodesDescription": "정상 상태를 나타내는 HTTP 상태 코드입니다. 비워 두면 200-300이 정상으로 간주됩니다.",
@@ -1640,9 +1961,20 @@
     "healthCheckIntervalMin": "확인 간격은 최소 5초여야 합니다.",
     "healthCheckTimeoutMin": "시간 초과는 최소 1초여야 합니다.",
     "healthCheckRetryMin": "재시도 횟수는 최소 1회여야 합니다.",
+    "healthCheckMode": "확인 모드",
+    "healthCheckStrategy": "전략",
+    "healthCheckModeDescription": "TCP 모드는 연결성만 확인합니다. HTTP 모드는 HTTP 응답을 확인합니다.",
+    "healthyThreshold": "건강 임계값",
+    "healthyThresholdDescription": "정상으로 표시되기 전에 연속 성공이 필요합니다.",
+    "unhealthyThreshold": "비정상 임계값",
+    "unhealthyThresholdDescription": "비정상으로 표시되기 전에 연속 실패가 필요합니다.",
+    "healthCheckHealthyThresholdMin": "정상 임계값은 최소 1 이상이어야 합니다",
+    "healthCheckUnhealthyThresholdMin": "비정상 임계값은 최소 1 이상이어야 합니다",
     "httpMethod": "HTTP 메소드",
     "selectHttpMethod": "HTTP 메소드 선택",
     "domainPickerSubdomainLabel": "서브도메인",
+    "domainPickerWildcard": "와일드카드",
+    "domainPickerWildcardPaidOnly": "와일드카드 서브도메인은 유료 기능입니다. 이 기능에 액세스하려면 업그레이드하세요.",
     "domainPickerBaseDomainLabel": "기본 도메인",
     "domainPickerSearchDomains": "도메인 검색...",
     "domainPickerNoDomainsFound": "찾을 수 없는 도메인이 없습니다",
@@ -1668,12 +2000,12 @@
     "resourcesTableAliasAddressInfo": "이 주소는 조직의 유틸리티 서브넷의 일부로, 내부 DNS 해석을 사용하여 별칭 레코드를 해석하는 데 사용됩니다.",
     "resourcesTableClients": "클라이언트",
     "resourcesTableAndOnlyAccessibleInternally": "클라이언트와 연결되었을 때만 내부적으로 접근 가능합니다.",
-    "resourcesTableNoTargets": "대상 없음",
     "resourcesTableHealthy": "정상",
     "resourcesTableDegraded": "저하됨",
-    "resourcesTableOffline": "오프라인",
+    "resourcesTableUnhealthy": "비정상",
     "resourcesTableUnknown": "알 수 없음",
     "resourcesTableNotMonitored": "모니터링되지 않음",
+    "resourcesTableNoTargets": "대상 없음",
     "editInternalResourceDialogEditClientResource": "비공개 리소스 수정",
     "editInternalResourceDialogUpdateResourceProperties": "{resourceName}의 리소스 속성과 대상 구성을 업데이트하세요",
     "editInternalResourceDialogResourceProperties": "리소스 속성",
@@ -1699,6 +2031,11 @@
     "editInternalResourceDialogModePort": "포트",
     "editInternalResourceDialogModeHost": "호스트",
     "editInternalResourceDialogModeCidr": "CIDR",
+    "editInternalResourceDialogModeHttp": "HTTP",
+    "editInternalResourceDialogModeHttps": "HTTPS",
+    "editInternalResourceDialogScheme": "스킴",
+    "editInternalResourceDialogEnableSsl": "SSL 활성화",
+    "editInternalResourceDialogEnableSslDescription": "목적지로의 안전한 HTTPS 연결을 위한 SSL/TLS 암호화 활성화.",
     "editInternalResourceDialogDestination": "대상지",
     "editInternalResourceDialogDestinationHostDescription": "사이트 네트워크의 자원 IP 주소입니다.",
     "editInternalResourceDialogDestinationIPDescription": "사이트 네트워크의 자원 IP 또는 호스트 네임 주소입니다.",
@@ -1714,6 +2051,7 @@
     "createInternalResourceDialogName": "이름",
     "createInternalResourceDialogSite": "사이트",
     "selectSite": "사이트 선택...",
+    "multiSitesSelectorSitesCount": "{count, plural, other {# 사이트}}",
     "noSitesFound": "사이트를 찾을 수 없습니다.",
     "createInternalResourceDialogProtocol": "프로토콜",
     "createInternalResourceDialogTcp": "TCP",
@@ -1742,11 +2080,19 @@
     "createInternalResourceDialogModePort": "포트",
     "createInternalResourceDialogModeHost": "호스트",
     "createInternalResourceDialogModeCidr": "CIDR",
+    "createInternalResourceDialogModeHttp": "HTTP",
+    "createInternalResourceDialogModeHttps": "HTTPS",
+    "scheme": "스킴",
+    "createInternalResourceDialogScheme": "스킴",
+    "createInternalResourceDialogEnableSsl": "SSL 활성화",
+    "createInternalResourceDialogEnableSslDescription": "목적지로의 안전한 HTTPS 연결을 위한 SSL/TLS 암호화 활성화.",
     "createInternalResourceDialogDestination": "대상지",
     "createInternalResourceDialogDestinationHostDescription": "사이트 네트워크의 자원 IP 주소입니다.",
     "createInternalResourceDialogDestinationCidrDescription": "사이트 네트워크의 자원 IP 주소입니다.",
     "createInternalResourceDialogAlias": "별칭",
     "createInternalResourceDialogAliasDescription": "이 리소스에 대한 선택적 내부 DNS 별칭입니다.",
+    "internalResourceDownstreamSchemeRequired": "HTTP 리소스에 스킴이 필요합니다",
+    "internalResourceHttpPortRequired": "HTTP 리소스에 목적지 포트가 필요합니다",
     "siteConfiguration": "설정",
     "siteAcceptClientConnections": "클라이언트 연결 허용",
     "siteAcceptClientConnectionsDescription": "사용자 장치와 클라이언트가 이 사이트의 리소스에 접근할 수 있도록 허용하세요. 나중에 변경할 수 있습니다.",
@@ -1832,6 +2178,40 @@
     "exitNode": "종단 노드",
     "country": "국가",
     "rulesMatchCountry": "현재 소스 IP를 기반으로 합니다",
+    "region": "지역",
+    "selectRegion": "지역 선택",
+    "searchRegions": "지역 검색...",
+    "noRegionFound": "지역을 찾을 수 없습니다.",
+    "rulesMatchRegion": "국가의 지역 구성을 선택합니다",
+    "rulesErrorInvalidRegion": "잘못된 지역",
+    "rulesErrorInvalidRegionDescription": "유효한 지역을 선택하세요.",
+    "regionAfrica": "아프리카",
+    "regionNorthernAfrica": "북부 아프리카",
+    "regionEasternAfrica": "동부 아프리카",
+    "regionMiddleAfrica": "중부 아프리카",
+    "regionSouthernAfrica": "남부 아프리카",
+    "regionWesternAfrica": "서부 아프리카",
+    "regionAmericas": "아메리카",
+    "regionCaribbean": "카리브",
+    "regionCentralAmerica": "중앙 아메리카",
+    "regionSouthAmerica": "남아메리카",
+    "regionNorthernAmerica": "북미",
+    "regionAsia": "아시아",
+    "regionCentralAsia": "중앙 아시아",
+    "regionEasternAsia": "동아시아",
+    "regionSouthEasternAsia": "동남아시아",
+    "regionSouthernAsia": "남아시아",
+    "regionWesternAsia": "서아시아",
+    "regionEurope": "유럽",
+    "regionEasternEurope": "동부 유럽",
+    "regionNorthernEurope": "북부 유럽",
+    "regionSouthernEurope": "남부 유럽",
+    "regionWesternEurope": "서부 유럽",
+    "regionOceania": "오세아니아",
+    "regionAustraliaAndNewZealand": "호주와 뉴질랜드",
+    "regionMelanesia": "멜라네시아",
+    "regionMicronesia": "미크로네시아",
+    "regionPolynesia": "폴리네시아",
     "managedSelfHosted": {
         "title": "관리 자체 호스팅",
         "description": "더 신뢰할 수 있고 낮은 유지보수의 자체 호스팅 팡골린 서버, 추가 기능 포함",
@@ -1870,7 +2250,7 @@
     },
     "internationaldomaindetected": "국제 도메인 감지됨",
     "willbestoredas": "다음으로 저장됩니다:",
-    "roleMappingDescription": "자동 프로비저닝이 활성화되면 사용자가 로그인할 때 역할이 할당되는 방법을 결정합니다.",
+    "roleMappingDescription": "사용자가 이 아이덴티티 공급자로 로그인할 때 역할이 할당되는 방법을 결정합니다.",
     "selectRole": "역할 선택",
     "roleMappingExpression": "표현식",
     "selectRolePlaceholder": "역할 선택",
@@ -1880,6 +2260,25 @@
     "invalidValue": "잘못된 값",
     "idpTypeLabel": "신원 공급자 유형",
     "roleMappingExpressionPlaceholder": "예: contains(groups, 'admin') && 'Admin' || 'Member'",
+    "roleMappingModeFixedRoles": "고정 역할",
+    "roleMappingModeMappingBuilder": "매핑 빌더",
+    "roleMappingModeRawExpression": "원시 표현식",
+    "roleMappingFixedRolesPlaceholderSelect": "하나 이상의 역할을 선택하세요",
+    "roleMappingFixedRolesPlaceholderFreeform": "역할 이름 입력 (조직마다 정확히 일치)",
+    "roleMappingFixedRolesDescriptionSameForAll": "모든 자동 프로비전 사용자에게 동일한 역할 세트를 할당합니다.",
+    "roleMappingFixedRolesDescriptionDefaultPolicy": "기본 정책의 경우 사용자가 프로비저닝된 조직의 역할 이름을 입력하세요. 이름은 정확히 일치해야 합니다.",
+    "roleMappingClaimPath": "클레임 경로",
+    "roleMappingClaimPathPlaceholder": "그룹",
+    "roleMappingClaimPathDescription": "토큰 페이로드에서 소스 값을 포함하는 경로 (예: 그룹).",
+    "roleMappingMatchValue": "매치 값",
+    "roleMappingAssignRoles": "역할 할당",
+    "roleMappingAddMappingRule": "매핑 규칙 추가",
+    "roleMappingRawExpressionResultDescription": "표현식은 문자열 또는 문자열 배열로 평가되어야 합니다.",
+    "roleMappingRawExpressionResultDescriptionSingleRole": "표현식은 문자열 (단일 역할 이름)로 평가되어야 합니다.",
+    "roleMappingMatchValuePlaceholder": "매치 값 (예: 관리자)",
+    "roleMappingAssignRolesPlaceholderFreeform": "역할 이름 입력 (조직마다 정확히)",
+    "roleMappingBuilderFreeformRowHint": "역할 이름은 각 대상 조직의 역할과 일치해야 합니다.",
+    "roleMappingRemoveRule": "제거",
     "idpGoogleConfiguration": "Google 구성",
     "idpGoogleConfigurationDescription": "Google OAuth2 자격 증명을 구성합니다.",
     "idpGoogleClientIdDescription": "Google OAuth2 클라이언트 ID",
@@ -1916,6 +2315,9 @@
     "authPageBrandingQuestionRemove": "인증 페이지의 브랜딩을 제거하시겠습니까?",
     "authPageBrandingDeleteConfirm": "브랜딩 삭제 확인",
     "brandingLogoURL": "로고 URL",
+    "brandingLogoURLOrPath": "로고 URL 또는 경로",
+    "brandingLogoPathDescription": "URL 또는 로컬 경로를 입력하세요.",
+    "brandingLogoURLDescription": "로고 이미지에 대한 공용 URL을 입력하십시오.",
     "brandingPrimaryColor": "기본 색상",
     "brandingLogoWidth": "너비(px)",
     "brandingLogoHeight": "높이(px)",
@@ -1940,9 +2342,11 @@
     "selectDomainForOrgAuthPage": "조직 인증 페이지에 대한 도메인을 선택하세요.",
     "domainPickerProvidedDomain": "제공된 도메인",
     "domainPickerFreeProvidedDomain": "무료 제공된 도메인",
+    "domainPickerFreeDomainsPaidFeature": "제공된 도메인은 유료 기능입니다. 요금제에 도메인이 포함되도록 구독하세요. - 별도로 도메인을 준비할 필요 없습니다.",
     "domainPickerVerified": "검증됨",
     "domainPickerUnverified": "검증되지 않음",
-    "domainPickerInvalidSubdomainStructure": "이 하위 도메인은 잘못된 문자 또는 구조를 포함하고 있습니다. 저장 시 자동으로 정리됩니다.",
+    "domainPickerManual": "수동",
+    "domainPickerInvalidSubdomainStructure": "잘못된 문자는 저장 시 새니타이즈됩니다.",
     "domainPickerError": "오류",
     "domainPickerErrorLoadDomains": "조직 도메인 로드 실패",
     "domainPickerErrorCheckAvailability": "도메인 가용성 확인 실패",
@@ -1955,7 +2359,7 @@
     "orgAuthChooseIdpDescription": "계속하려면 신원 공급자를 선택하세요.",
     "orgAuthNoIdpConfigured": "이 조직은 구성된 신원 공급자가 없습니다. 대신 Pangolin 아이덴티티로 로그인할 수 있습니다.",
     "orgAuthSignInWithPangolin": "Pangolin으로 로그인",
-    "orgAuthSignInToOrg": "조직에 로그인",
+    "orgAuthSignInToOrg": "조직 아이덴티티 제공자 (SSO)",
     "orgAuthSelectOrgTitle": "조직 로그인",
     "orgAuthSelectOrgDescription": "계속하려면 조직 ID를 입력하십시오.",
     "orgAuthOrgIdPlaceholder": "your-organization",
@@ -2116,7 +2520,7 @@
         "alerts": {
             "commercialUseDisclosure": {
                 "title": "사용 공개",
-                "description": "당신의 의도된 사용에 정확히 맞는 라이선스 등급을 선택하세요. 개인 라이선스는 연간 총 수익 100,000 USD 이하의 개인, 비상업적 또는 소규모 상업 활동을 위한 소프트웨어의 무료 사용을 허용합니다. 이러한 제한을 넘는 모든 사용 — 비즈니스, 조직 또는 기타 수익 창출 환경 내에서의 사용 — 은 유효한 엔터프라이즈 라이선스 및 해당 라이선스 수수료의 지불이 필요합니다. 개인 또는 기업 사용자는 모두 Fossorial 상용 라이선스 조건을 준수해야 합니다."
+                "description": "당신의 의도된 사용에 정확히 맞는 라이선스 등급을 선택하세요. 개인 라이선스는 연간 총 수익 100,000 USD 이하의 개인, 비상업적 또는 소규모 상업 활동을 위한 소프트웨어의 무료 사용을 허용합니다. 이러한 제한을 넘는 모든 사용 - 비즈니스, 조직 또는 기타 수익 창출 환경 내에서의 사용 - 은 유효한 엔터프라이즈 라이선스 및 해당 라이선스 수수료의 지불이 필요합니다. 개인 또는 기업 사용자는 모두 Fossorial 상용 라이선스 조건을 준수해야 합니다."
             },
             "trialPeriodInformation": {
                 "title": "시험 기간 정보",
@@ -2171,10 +2575,10 @@
             },
             "scale": {
                 "title": "스케일",
-                "description": "기업 기능, 50명의 사용자, 50개의 사이트, 우선 지원."
+                "description": "기업 기능, 50명의 사용자, 100개의 사이트, 그리고 우선 지원."
             }
         },
-        "personalUseOnly": "개인 사용 전용 (무료 라이센스 — 체크아웃 없음)",
+        "personalUseOnly": "개인용으로만 사용 (무료 라이선스 - 결제 없음)",
         "buttons": {
             "continueToCheckout": "결제로 진행"
         },
@@ -2248,6 +2652,7 @@
     "validPassword": "유효한 비밀번호",
     "validEmail": "유효한 이메일",
     "validSSO": "유효한 SSO",
+    "connectedClient": "연결된 클라이언트",
     "resourceBlocked": "리소스 차단됨",
     "droppedByRule": "룰에 의해 드롭됨",
     "noSessions": "세션 없음",
@@ -2273,6 +2678,8 @@
     "logRetentionAccessDescription": "접근 로그를 얼마나 오래 보관할지",
     "logRetentionActionLabel": "작업 로그 보관",
     "logRetentionActionDescription": "작업 로그를 얼마나 오래 보관할지",
+    "logRetentionConnectionLabel": "연결 로그 보유 기간",
+    "logRetentionConnectionDescription": "연결 로그를 얼마나 오래 보유할지",
     "logRetentionDisabled": "비활성화됨",
     "logRetention3Days": "3 일",
     "logRetention7Days": "7 일",
@@ -2283,8 +2690,15 @@
     "logRetentionEndOfFollowingYear": "다음 연도 말",
     "actionLogsDescription": "이 조직에서 수행된 작업의 기록을 봅니다",
     "accessLogsDescription": "이 조직의 자원에 대한 접근 인증 요청을 확인합니다",
-    "licenseRequiredToUse": "이 기능을 사용하려면 <enterpriseLicenseLink>엔터프라이즈 에디션</enterpriseLicenseLink> 라이선스가 필요합니다. 이 기능은 <pangolinCloudLink>판골린 클라우드</pangolinCloudLink>에서도 사용할 수 있습니다.",
-    "ossEnterpriseEditionRequired": "이 기능을 사용하려면 <enterpriseEditionLink>엔터프라이즈 에디션</enterpriseEditionLink>이 필요합니다. 이 기능은 <pangolinCloudLink>판골린 클라우드</pangolinCloudLink>에서도 사용할 수 있습니다.",
+    "connectionLogs": "연결 로그",
+    "connectionLogsDescription": "이 조직의 터널 연결 로그 보기",
+    "sidebarLogsConnection": "연결 로그",
+    "sidebarLogsStreaming": "스트리밍",
+    "sourceAddress": "소스 주소",
+    "destinationAddress": "대상 주소",
+    "duration": "지속 시간",
+    "licenseRequiredToUse": "이 기능을 사용하려면 <enterpriseLicenseLink>엔터프라이즈 에디션</enterpriseLicenseLink> 라이선스가 필요합니다. 이 기능은 <pangolinCloudLink>판골린 클라우드</pangolinCloudLink>에서도 사용할 수 있습니다. <bookADemoLink>데모 또는 POC 체험을 예약하세요</bookADemoLink>.",
+    "ossEnterpriseEditionRequired": "이 기능을 사용하려면 <enterpriseEditionLink>엔터프라이즈 에디션</enterpriseEditionLink>이(가) 필요합니다. 이 기능은 <pangolinCloudLink>판골린 클라우드</pangolinCloudLink>에서도 사용할 수 있습니다. <bookADemoLink>데모 또는 POC 체험을 예약하세요</bookADemoLink>.",
     "certResolver": "인증서 해결사",
     "certResolverDescription": "이 리소스에 사용할 인증서 해결사를 선택하세요.",
     "selectCertResolver": "인증서 해결사 선택",
@@ -2426,6 +2840,9 @@
     "machineClients": "기계 클라이언트",
     "install": "설치",
     "run": "실행",
+    "envFile": "환경 파일",
+    "serviceFile": "서비스 파일",
+    "enableAndStart": "활성화 및 시작",
     "clientNameDescription": "나중에 변경할 수 있는 클라이언트의 표시 이름입니다.",
     "clientAddress": "클라이언트 주소(고급)",
     "setupFailedToFetchSubnet": "기본값 로드 실패",
@@ -2474,13 +2891,30 @@
     "editInternalResourceDialogAddClients": "클라이언트 추가",
     "editInternalResourceDialogDestinationLabel": "대상지",
     "editInternalResourceDialogDestinationDescription": "내부 리소스의 목적지 주소를 지정하세요. 선택한 모드에 따라 이 주소는 호스트명, IP 주소, 또는 CIDR 범위가 될 수 있습니다. 더욱 쉽게 식별할 수 있도록 내부 DNS 별칭을 설정할 수 있습니다.",
+    "internalResourceFormMultiSiteRoutingHelp": "다중 사이트를 선택하면 높은 가용성을 위해 회복력 있는 라우팅 및 페일오버가 가능해집니다.",
+    "internalResourceFormMultiSiteRoutingHelpLearnMore": "자세히 알아보기",
     "editInternalResourceDialogPortRestrictionsDescription": "특정 TCP/UDP 포트에 대한 접근을 제한하거나 모든 포트를 허용/차단하십시오.",
+    "createInternalResourceDialogHttpConfiguration": "HTTP 구성",
+    "createInternalResourceDialogHttpConfigurationDescription": "이 리소스에 HTTP 또는 HTTPS로 도달하기 위한 도메인을 선택하세요.",
+    "editInternalResourceDialogHttpConfiguration": "HTTP 구성",
+    "editInternalResourceDialogHttpConfigurationDescription": "이 리소스에 HTTP 또는 HTTPS로 도달하기 위한 도메인을 선택하세요.",
     "editInternalResourceDialogTcp": "TCP",
     "editInternalResourceDialogUdp": "UDP",
     "editInternalResourceDialogIcmp": "ICMP",
     "editInternalResourceDialogAccessControl": "액세스 제어",
     "editInternalResourceDialogAccessControlDescription": "연결 시 이 리소스에 대한 액세스 권한을 가지는 역할, 사용자, 그리고 머신 클라이언트를 제어합니다. 관리자는 항상 접근할 수 있습니다.",
     "editInternalResourceDialogPortRangeValidationError": "모든 포트에 대해서는 \"*\"로, 아니면 쉼표로 구분된 포트 및 범위 목록(예: \"80,443,8000-9000\")을 설정해야 합니다. 포트는 1에서 65535 사이여야 합니다.",
+    "internalResourceAuthDaemonStrategy": "SSH 인증 데몬 위치",
+    "internalResourceAuthDaemonStrategyDescription": "SSH 인증 데몬이 작동하는 위치를 선택하세요: 사이트(Newt)에서 또는 원격 호스트에서.",
+    "internalResourceAuthDaemonDescription": "SSH 인증 데몬은 이 리소스를 위한 SSH 키 서명과 PAM 인증을 처리합니다. 사이트(Newt)에서 나 별도의 원격 호스트에서 실행할 것인지를 선택하세요. 자세한 내용은 <docsLink>문서</docsLink>를 참조하세요.",
+    "internalResourceAuthDaemonDocsUrl": "https://docs.pangolin.net",
+    "internalResourceAuthDaemonStrategyPlaceholder": "전략 선택",
+    "internalResourceAuthDaemonStrategyLabel": "위치",
+    "internalResourceAuthDaemonSite": "사이트에서 인증 데몬이 실행됩니다(Newt).",
+    "internalResourceAuthDaemonSiteDescription": "인증 데몬이 사이트(Newt)에서 실행됩니다.",
+    "internalResourceAuthDaemonRemote": "원격 호스트",
+    "internalResourceAuthDaemonRemoteDescription": "인증 데몬이 사이트가 아닌 다른 호스트에서 실행됩니다.",
+    "internalResourceAuthDaemonPort": "데몬 포트 (선택 사항)",
     "orgAuthWhatsThis": "조직 ID를 어디에서 찾을 수 있습니까?",
     "learnMore": "자세히 알아보기",
     "backToHome": "홈으로 돌아가기",
@@ -2502,6 +2936,9 @@
     "maintenancePageMessagePlaceholder": "곧 돌아오겠습니다! 사이트는 현재 예정된 유지보수를 진행 중입니다.",
     "maintenancePageMessageDescription": "유지보수를 설명하는 상세 메시지",
     "maintenancePageTimeTitle": "예상 완료 시간(선택 사항)",
+    "privateMaintenanceScreenTitle": "프라이빗 플레이스홀더 화면",
+    "privateMaintenanceScreenMessage": "이 도메인은 개인 리소스에서 사용 중입니다. Pangolin 클라이언트를 사용하여 이 리소스에 액세스하세요.",
+    "privateMaintenanceScreenSteps": "연결된 후에도 이 메시지가 보이면 브라우저의 DNS 캐시가 여전히 이전 주소를 가리킬 수 있습니다. 이를 해결하려면 이 탭이나 브라우저를 완전히 닫고 다시 열고 이 페이지로 돌아가세요.",
     "maintenanceTime": "예: 2시간, 11월 1일 오후 5시",
     "maintenanceEstimatedTimeDescription": "유지보수가 완료될 것으로 예상되는 시간",
     "editDomain": "도메인 수정",
@@ -2610,5 +3047,166 @@
     "approvalsEmptyStateStep2Title": "장치 승인 활성화",
     "approvalsEmptyStateStep2Description": "역할을 편집하고 '장치 승인 요구' 옵션을 활성화하세요. 이 역할을 가진 사용자는 새 장치에 대해 관리자의 승인이 필요합니다.",
     "approvalsEmptyStatePreviewDescription": "미리 보기: 활성화된 경우, 승인 대기 중인 장치 요청이 검토용으로 여기에 표시됩니다.",
-    "approvalsEmptyStateButtonText": "역할 관리"
+    "approvalsEmptyStateButtonText": "역할 관리",
+    "domainErrorTitle": "도메인 확인에 문제가 발생했습니다.",
+    "idpAdminAutoProvisionPoliciesTabHint": "<policiesTabLink>자동 프로비저닝 설정</policiesTabLink> 탭에서 역할 매핑 및 조직 정책을 구성합니다.",
+    "streamingTitle": "이벤트 스트리밍",
+    "streamingDescription": "조직의 이벤트를 외부 목적지로 실시간 전송합니다.",
+    "streamingUnnamedDestination": "이름이 없는 대상지",
+    "streamingNoUrlConfigured": "설정된 URL이 없습니다",
+    "streamingAddDestination": "대상지 추가",
+    "streamingHttpWebhookTitle": "HTTP 웹훅",
+    "streamingHttpWebhookDescription": "유연한 인증 및 템플릿 작성 기능을 갖춘 HTTP 엔드포인트에 이벤트를 전송합니다.",
+    "streamingS3Title": "아마존 S3",
+    "streamingS3Description": "S3 호환 객체 스토리지 버킷에 이벤트를 스트리밍합니다. 곧 제공됩니다.",
+    "streamingDatadogTitle": "데이터독",
+    "streamingDatadogDescription": "이벤트를 직접 Datadog 계정으로 전달합니다. 곧 제공됩니다.",
+    "streamingTypePickerDescription": "목표 유형을 선택하여 시작합니다.",
+    "streamingFailedToLoad": "대상 로드에 실패했습니다",
+    "streamingUnexpectedError": "예기치 않은 오류가 발생했습니다.",
+    "streamingFailedToUpdate": "대상지를 업데이트하는 데 실패했습니다",
+    "streamingDeletedSuccess": "대상지가 성공적으로 삭제되었습니다",
+    "streamingFailedToDelete": "대상지 삭제 실패",
+    "streamingDeleteTitle": "대상지 삭제",
+    "streamingDeleteButtonText": "대상지 삭제",
+    "streamingDeleteDialogAreYouSure": "삭제하시겠습니까",
+    "streamingDeleteDialogThisDestination": "이 대상지",
+    "streamingDeleteDialogPermanentlyRemoved": "? 모든 구성은 영구적으로 제거됩니다.",
+    "httpDestEditTitle": "대상지 수정",
+    "httpDestAddTitle": "HTTP 대상지 추가",
+    "httpDestEditDescription": "이 HTTP 이벤트 스트리밍 대상지의 구성을 업데이트하세요.",
+    "httpDestAddDescription": "조직의 이벤트 수신을 위한 새로운 HTTP 엔드포인트를 구성하세요.",
+    "S3DestEditTitle": "대상지 수정",
+    "S3DestAddTitle": "S3 대상지 추가",
+    "S3DestEditDescription": "이 S3 이벤트 스트리밍 대상지의 구성을 업데이트하세요.",
+    "S3DestAddDescription": "조직의 이벤트를 받기 위한 새로운 S3 엔드포인트를 구성하세요.",
+    "datadogDestEditTitle": "대상지 수정",
+    "datadogDestAddTitle": "Datadog 대상지 추가",
+    "datadogDestEditDescription": "이 Datadog 이벤트 스트리밍 대상지의 구성을 업데이트하세요.",
+    "datadogDestAddDescription": "조직의 이벤트를 받기 위한 새로운 Datadog 엔드포인트를 구성하세요.",
+    "httpDestTabSettings": "설정",
+    "httpDestTabHeaders": "헤더",
+    "httpDestTabBody": "본문",
+    "httpDestTabLogs": "로그",
+    "httpDestNamePlaceholder": "내 HTTP 대상",
+    "httpDestUrlLabel": "대상 URL",
+    "httpDestUrlErrorHttpRequired": "URL은 http 또는 https를 사용해야 합니다",
+    "httpDestUrlErrorHttpsRequired": "클라우드 배포에는 HTTPS가 필요합니다",
+    "httpDestUrlErrorInvalid": "유효한 URL을 입력하세요 (예: https://example.com/webhook)",
+    "httpDestAuthTitle": "인증",
+    "httpDestAuthDescription": "엔드포인트에 대한 요청 인증 방법을 선택하세요.",
+    "httpDestAuthNoneTitle": "인증 없음",
+    "httpDestAuthNoneDescription": "Authorization 헤더 없이 요청을 보냅니다.",
+    "httpDestAuthBearerTitle": "Bearer 토큰",
+    "httpDestAuthBearerDescription": "각 요청에 Authorization: Bearer '<token>' 헤더를 추가합니다.",
+    "httpDestAuthBearerPlaceholder": "API 키 또는 토큰",
+    "httpDestAuthBasicTitle": "기본 인증",
+    "httpDestAuthBasicDescription": "Authorization: Basic '<credentials>' 헤더를 추가합니다. 자격 증명은 사용자 이름:비밀번호로 제공합니다.",
+    "httpDestAuthBasicPlaceholder": "사용자 이름:비밀번호",
+    "httpDestAuthCustomTitle": "사용자 정의 헤더",
+    "httpDestAuthCustomDescription": "인증을 위한 사용자 정의 HTTP 헤더 이름 및 값을 지정하세요 (예: X-API-Key).",
+    "httpDestAuthCustomHeaderNamePlaceholder": "헤더 이름 (예: X-API-Key)",
+    "httpDestAuthCustomHeaderValuePlaceholder": "헤더 값",
+    "httpDestCustomHeadersTitle": "사용자 정의 HTTP 헤더",
+    "httpDestCustomHeadersDescription": "모든 발신 요청에 사용자 정의 헤더를 추가합니다. 정적 토큰 또는 사용자 정의 Content-Type에 유용합니다. 기본적으로 Content-Type: application/json이 전송됩니다.",
+    "httpDestNoHeadersConfigured": "구성된 사용자 정의 헤더가 없습니다. \"헤더 추가\"를 클릭하여 추가하세요.",
+    "httpDestHeaderNamePlaceholder": "헤더 이름",
+    "httpDestHeaderValuePlaceholder": "값",
+    "httpDestAddHeader": "헤더 추가",
+    "httpDestBodyTemplateTitle": "사용자 정의 본문 템플릿",
+    "httpDestBodyTemplateDescription": "엔드포인트에 전송되는 JSON 페이로드 구조를 제어합니다. 비활성화된 경우 각 이벤트에 대해 기본 JSON 객체가 전송됩니다.",
+    "httpDestEnableBodyTemplate": "사용자 정의 본문 템플릿 활성화",
+    "httpDestBodyTemplateLabel": "본문 템플릿 (JSON)",
+    "httpDestBodyTemplateHint": "템플릿 변수를 사용하여 페이로드에서 이벤트 필드를 참조하세요.",
+    "httpDestPayloadFormatTitle": "페이로드 형식",
+    "httpDestPayloadFormatDescription": "각 요청 본문에 이벤트가 시리얼라이즈되는 방식입니다.",
+    "httpDestFormatJsonArrayTitle": "JSON 배열",
+    "httpDestFormatJsonArrayDescription": "각 배치마다 요청 하나씩, 본문은 JSON 배열입니다. 대부분의 일반 웹훅 및 Datadog과 호환됩니다.",
+    "httpDestFormatNdjsonTitle": "NDJSON",
+    "httpDestFormatNdjsonDescription": "각 배치마다 요청 하나씩, 본문은 줄 구분 JSON - 한 라인에 하나의 객체가 있으며 외부 배열이 없습니다. Splunk HEC, Elastic / OpenSearch, Grafana Loki에 필요합니다.",
+    "httpDestFormatSingleTitle": "각 요청 당 하나의 이벤트",
+    "httpDestFormatSingleDescription": "각 개별 이벤트에 대해 별도의 HTTP POST를 전송합니다. 배치를 처리할 수 없는 엔드포인트에만 사용하세요.",
+    "httpDestLogTypesTitle": "로그 유형",
+    "httpDestLogTypesDescription": "이 대상지에 전달될 로그 유형을 선택하세요. 활성화된 로그 유형만 스트리밍 됩니다.",
+    "httpDestAccessLogsTitle": "접근 로그",
+    "httpDestAccessLogsDescription": "인증 및 거부된 요청을 포함한 리소스 접근 시도.",
+    "httpDestActionLogsTitle": "작업 로그",
+    "httpDestActionLogsDescription": "조직 내에서 사용자가 수행한 관리 작업.",
+    "httpDestConnectionLogsTitle": "연결 로그",
+    "httpDestConnectionLogsDescription": "사이트 및 터널 연결 이벤트, 연결 및 연결 끊기를 포함합니다.",
+    "httpDestRequestLogsTitle": "요청 로그",
+    "httpDestRequestLogsDescription": "프록시된 리소스에 대한 HTTP 요청 로그, 메서드, 경로 및 응답 코드를 포함합니다.",
+    "httpDestSaveChanges": "변경 사항 저장",
+    "httpDestCreateDestination": "대상지 생성",
+    "httpDestUpdatedSuccess": "대상지가 성공적으로 업데이트되었습니다",
+    "httpDestCreatedSuccess": "대상지가 성공적으로 생성되었습니다",
+    "httpDestUpdateFailed": "대상지를 업데이트하는 데 실패했습니다",
+    "httpDestCreateFailed": "대상지를 생성하는 데 실패했습니다",
+    "followRedirects": "리디렉션 따라가기",
+    "followRedirectsDescription": "요청에 대해 HTTP 리디렉션을 자동으로 따라갑니다.",
+    "alertingErrorWebhookUrl": "웹훅의 유효한 URL을 입력하세요.",
+    "healthCheckStrategyHttp": "연결성을 확인하고 HTTP 응답 상태를 확인합니다.",
+    "healthCheckStrategyTcp": "응답을 검사하지 않고 TCP 연결성만 확인합니다.",
+    "healthCheckStrategySnmp": "네트워크 장비 및 인프라의 상태를 확인하기 위해 SNMP get 요청을 보냅니다.",
+    "healthCheckStrategyIcmp": "ICMP 에코 요청(핑)을 사용하여 리소스에 대한 접근 가능성을 확인합니다.",
+    "healthCheckTabStrategy": "전략",
+    "healthCheckTabConnection": "연결",
+    "healthCheckTabAdvanced": "고급",
+    "healthCheckStrategyNotAvailable": "이 전략은 사용할 수 없습니다. 기능을 활성화하려면 영업팀에 문의하세요.",
+    "uptime30d": "업타임 (30일)",
+    "idpAddActionCreateNew": "새로운 아이덴티티 공급자 생성",
+    "idpAddActionImportFromOrg": "다른 조직에서 가져오기",
+    "idpImportDialogTitle": "아이덴티티 공급자 가져오기",
+    "idpImportDialogDescription": "관리자인 조직에서 아이덴티티 공급자를 선택하십시오. 이는 이 조직에 연결됩니다.",
+    "idpImportSearchPlaceholder": "조직 또는 공급자 이름으로 검색...",
+    "idpImportEmpty": "아이덴티티 공급자를 찾을 수 없습니다.",
+    "idpImportedDescription": "아이덴티티 공급자가 성공적으로 가져왔습니다.",
+    "idpDeleteGlobalQuestion": "정말로 이 아이덴티티 공급자를 영구적으로 삭제하시겠습니까?",
+    "idpDeleteGlobalDescription": "이것은 연관된 모든 조직에서 아이덴티티 공급자를 영구적으로 삭제합니다.",
+    "idpUnassociateTitle": "아이덴티티 공급자의 연관 해제",
+    "idpUnassociateQuestion": "정말로 이 조직에서 이 아이덴티티 공급자의 연관을 해제하시겠습니까?",
+    "idpUnassociateDescription": "이 아이덴티티 공급자와 연관된 모든 사용자는 이 조직에서 제거될 것이지만, 아이덴티티 공급자는 다른 연관된 조직에 계속해서 존재할 것입니다.",
+    "idpUnassociateConfirm": "아이덴티티 공급자 연관 해제 확인",
+    "idpUnassociateWarning": "이 조직에서 이것은 되돌릴 수 없습니다.",
+    "idpUnassociatedDescription": "아이덴티티 공급자가 이 조직에서 성공적으로 연관 해제되었습니다",
+    "idpUnassociateMenu": "연관 해제",
+    "idpDeleteAllOrgsMenu": "삭제",
+    "publicIpEndpoint": "엔드포인트",
+    "lastTriggeredAt": "마지막 트리거",
+    "reject": "거부",
+    "uptimeDaysAgo": "{count}일 전",
+    "uptimeToday": "오늘",
+    "uptimeNoDataAvailable": "데이터가 없습니다",
+    "uptimeSuffix": "가동 시간",
+    "uptimeDowntimeSuffix": "다운타임",
+    "uptimeTooltipUptimeLabel": "가동 시간",
+    "uptimeTooltipDowntimeLabel": "다운타임",
+    "uptimeOngoing": "진행 중",
+    "uptimeNoMonitoringData": "모니터링 데이터 없음",
+    "uptimeNoData": "데이터 없음",
+    "uptimeMiniBarDown": "중단됨",
+    "uptimeSectionTitle": "가동 시간",
+    "uptimeSectionDescription": "지난 {days}일 동안의 가용성",
+    "uptimeAddAlert": "알림 추가",
+    "uptimeViewAlerts": "알림 보기",
+    "uptimeCreateEmailAlert": "이메일 알림 생성",
+    "uptimeAlertDescriptionSite": "이 사이트가 오프라인 되거나 다시 온라인 될 때 이메일로 알림을 받습니다.",
+    "uptimeAlertDescriptionResource": "이 리소스가 오프라인 되거나 다시 온라인 될 때 이메일로 알림을 받습니다.",
+    "uptimeAlertNamePlaceholder": "알림 이름",
+    "uptimeAdditionalEmails": "추가 이메일",
+    "uptimeCreateAlert": "알림 생성",
+    "uptimeAlertNoRecipients": "수신자 없음",
+    "uptimeAlertNoRecipientsDescription": "통지를 받을 사용자, 역할 또는 이메일을 최소 한 개 추가하세요.",
+    "uptimeAlertCreated": "알림 생성됨",
+    "uptimeAlertCreatedDescription": "상태가 변경되면 통지를 받습니다.",
+    "uptimeAlertCreateFailed": "알림 생성 실패",
+    "webhookUrlLabel": "URL",
+    "webhookHeaderKeyPlaceholder": "키",
+    "webhookHeaderValuePlaceholder": "값",
+    "alertLabel": "알림",
+    "domainPickerWildcardSubdomainNotAllowed": "와일드카드 서브도메인은 허용되지 않습니다.",
+    "domainPickerWildcardCertWarning": "와일드카드 리소스는 올바르게 작동하려면 추가 구성이 필요할 수 있습니다.",
+    "domainPickerWildcardCertWarningLink": "자세히 알아보기",
+    "health": "건강",
+    "domainPendingErrorTitle": "확인 문제"
 }

messages/nb-NO.json

@@ -1,4 +1,8 @@
 {
+    "contactSalesEnable": "Kontakt salgsavdelingen for å aktivere denne funksjonen.",
+    "contactSalesBookDemo": "Bestill en demo",
+    "contactSalesOr": "eller",
+    "contactSalesContactUs": "kontakt oss",
     "setupCreate": "Opprett organisasjonen, nettstedet og ressursene",
     "headerAuthCompatibilityInfo": "Aktiver dette for å tvinge frem en 401 Uautorisert-respons når en autentiseringstoken mangler. Dette kreves for nettlesere eller spesifikke HTTP-biblioteker som ikke sender legitimasjon uten en serverutfordring.",
     "headerAuthCompatibility": "Utvidet kompatibilitet",
@@ -19,6 +23,18 @@
     "componentsInvalidKey": "Ugyldig eller utgått lisensnøkkel oppdaget. Følg lisensvilkårene for å fortsette å kunne bruke alle funksjonene.",
     "dismiss": "Avvis",
     "subscriptionViolationMessage": "Du er utenfor grensen for gjeldende plan. Rett problemet ved å fjerne nettsteder, brukere eller andre ressurser for å bli innenfor planen din.",
+    "trialBannerMessage": "Din prøveperiode utløper om {countdown}. Oppgrader for å beholde tilgangen.",
+    "trialBannerExpired": "Prøveperioden din har utløpt. Oppgrader nå for å gjenopprette tilgangen.",
+    "billingTrialBannerTitle": "Prøveversjon Aktiv",
+    "billingTrialBannerDescription": "Du har for øyeblikket en gratis prøveversjon på forretningsnivået. Når prøven avsluttes, vil kontoen din automatisk gå tilbake til funksjoner og begrensninger på Basis-nivået. Oppgrader når som helst for å beholde tilgang til de nåværende planens funksjoner.",
+    "billingTrialBannerUpgrade": "Oppgrader nå",
+    "billingTrialBadge": "Prøveversjon",
+    "trialActive": "Gratis prøveversjon aktiv",
+    "trialExpired": "Prøveperioden er utløpt",
+    "trialHasEnded": "Din prøveperiode har avsluttet.",
+    "trialDaysRemaining": "{count, plural, one {# dag igjen} other {# dager igjen}}",
+    "trialDaysLeftShort": "{days}d igjen av prøveperioden",
+    "trialGoToBilling": "Gå til faktureringssiden",
     "subscriptionViolationViewBilling": "Vis fakturering",
     "componentsLicenseViolation": "Lisens Brudd: Denne serveren bruker {usedSites} områder som overskrider den lisensierte grenser av {maxSites} områder. Følg lisensvilkårene for å fortsette å kunne bruke alle funksjonene.",
     "componentsSupporterMessage": "Takk for at du støtter Pangolin som en {tier}!",
@@ -81,6 +97,8 @@
     "siteConfirmCopy": "Jeg har kopiert konfigurasjonen",
     "searchSitesProgress": "Søker i områder...",
     "siteAdd": "Legg til område",
+    "sitesTableViewPublicResources": "Vis offentlige ressurser",
+    "sitesTableViewPrivateResources": "Vis private ressurser",
     "siteInstallNewt": "Installer Newt",
     "siteInstallNewtDescription": "Få Newt til å kjøre på systemet ditt",
     "WgConfiguration": "WireGuard Konfigurasjon",
@@ -98,6 +116,21 @@
     "siteUpdatedDescription": "Området har blitt oppdatert.",
     "siteGeneralDescription": "Konfigurer de generelle innstillingene for dette området",
     "siteSettingDescription": "Konfigurere innstillingene på nettstedet",
+    "siteResourcesTab": "Ressurser",
+    "siteResourcesNoneOnSite": "Dette nettstedet har ingen offentlige eller private ressurser enda.",
+    "siteResourcesSectionPublic": "Offentlige ressurser",
+    "siteResourcesSectionPrivate": "Private ressurser",
+    "siteResourcesSectionPublicDescription": "Ressurser eksponert eksternt gjennom domener eller porter.",
+    "siteResourcesSectionPrivateDescription": "Ressurser tilgjengelig på ditt private nettverk gjennom nettstedet.",
+    "siteResourcesViewAllPublic": "Vis alle ressurser",
+    "siteResourcesViewAllPrivate": "Vis alle ressurser",
+    "siteResourcesDialogDescription": "Oversikt over offentlige og private ressurser assosiert med dette nettstedet.",
+    "siteResourcesShowMore": "Vis mer",
+    "siteResourcesPermissionDenied": "Du har ikke tillatelse til å liste opp disse ressursene.",
+    "siteResourcesEmptyPublic": "Ingen offentlige ressurser retter seg mot dette nettstedet enda.",
+    "siteResourcesEmptyPrivate": "Ingen private ressurser er assosiert med dette nettstedet enda.",
+    "siteResourcesHowToAccess": "Hvordan få tilgang",
+    "siteResourcesTargetsOnSite": "Mål på dette nettstedet",
     "siteSetting": "{siteName} Innstillinger",
     "siteNewtTunnel": "Nyhetsnettsted (anbefalt)",
     "siteNewtTunnelDescription": "Lekkeste måte å lage et inngangspunkt til ethvert nettverk. Ingen ekstra oppsett på.",
@@ -148,6 +181,11 @@
     "createLink": "Opprett lenke",
     "resourcesNotFound": "Ingen ressurser funnet",
     "resourceSearch": "Søk i ressurser",
+    "machineSearch": "Søk etter maskiner",
+    "machinesSearch": "Søk etter maskinklienter...",
+    "machineNotFound": "Ingen maskiner funnet",
+    "userDeviceSearch": "Søk etter brukerenheter",
+    "userDevicesSearch": "Søk etter brukerenheter...",
     "openMenu": "Åpne meny",
     "resource": "Ressurs",
     "title": "Tittel",
@@ -175,6 +213,7 @@
     "resourceHTTPDescription": "Proxy forespørsler over HTTPS ved å bruke et fullstendig kvalifisert domenenavn.",
     "resourceRaw": "Rå TCP/UDP-ressurs",
     "resourceRawDescription": "Proxy forespørsler over rå TCP/UDP ved å bruke et portnummer.",
+    "resourceRawDescriptionCloud": "Proxy forespørsler om rå TCP/UDP ved hjelp av et portnummer. Krever sider for å koble til en ekstern node.",
     "resourceCreate": "Opprett ressurs",
     "resourceCreateDescription": "Følg trinnene nedenfor for å opprette en ny ressurs",
     "resourceSeeAll": "Se alle ressurser",
@@ -201,6 +240,7 @@
     "protocolSelect": "Velg en protokoll",
     "resourcePortNumber": "Portnummer",
     "resourcePortNumberDescription": "Det eksterne portnummeret for proxy forespørsler.",
+    "back": "Tilbake",
     "cancel": "Avbryt",
     "resourceConfig": "Konfigurasjonsutdrag",
     "resourceConfigDescription": "Kopier og lim inn disse konfigurasjons-øyeblikkene for å sette opp TCP/UDP ressursen",
@@ -246,11 +286,25 @@
     "orgErrorDeleteMessage": "Det oppsto en feil under sletting av organisasjonen.",
     "orgDeleted": "Organisasjon slettet",
     "orgDeletedMessage": "Organisasjonen og tilhørende data er slettet.",
+    "deleteAccount": "Slett konto",
+    "deleteAccountDescription": "Slett kontoen din permanent, alle organisasjoner du eier, og alle data i disse organisasjonene. Dette kan ikke angres.",
+    "deleteAccountButton": "Slett konto",
+    "deleteAccountConfirmTitle": "Slett konto",
+    "deleteAccountConfirmMessage": "Dette vil slette kontoen din, alle organisasjoner du eier og alle data i disse organisasjonene. Dette kan ikke gjøres om.",
+    "deleteAccountConfirmString": "Slett konto",
+    "deleteAccountSuccess": "Kontoen er slettet",
+    "deleteAccountSuccessMessage": "Kontoen din er slettet.",
+    "deleteAccountError": "Kunne ikke slette konto",
+    "deleteAccountPreviewAccount": "Din konto",
+    "deleteAccountPreviewOrgs": "Organisasjoner du eier (og alle deres data)",
     "orgMissing": "Organisasjons-ID Mangler",
     "orgMissingMessage": "Kan ikke regenerere invitasjon uten en organisasjons-ID.",
     "accessUsersManage": "Administrer brukere",
+    "accessUserManage": "Administrer brukere",
     "accessUsersDescription": "Inviter og behandle brukere med tilgang til denne organisasjonen",
     "accessUsersSearch": "Søk etter brukere...",
+    "accessUsersRoleFilterCount": "{count, plural, one {# rolle} other {# roller}}",
+    "accessUsersRoleFilterClear": "Fjern rollesøkefiltre",
     "accessUserCreate": "Opprett bruker",
     "accessUserRemove": "Fjern bruker",
     "username": "Brukernavn",
@@ -310,6 +364,54 @@
     "apiKeysDelete": "Slett API-nøkkel",
     "apiKeysManage": "Administrer API-nøkler",
     "apiKeysDescription": "API-nøkler brukes for å autentisere med integrasjons-API",
+    "provisioningKeysTitle": "Foreløpig nøkkel",
+    "provisioningKeysManage": "Behandle bestemmende nøkler",
+    "provisioningKeysDescription": "Bestemmelsesnøkler brukes til å godkjenne automatisert nettstedsløsning for din organisasjon.",
+    "provisioningManage": "Levering",
+    "provisioningDescription": "Administrer foreløpig nøkler og gjennomgå ventende nettsteder som venter på godkjenning.",
+    "pendingSites": "Ventende nettsteder",
+    "siteApproveSuccess": "Vellykket godkjenning av nettsted",
+    "siteApproveError": "Feil ved godkjenning av side",
+    "provisioningKeys": "Foreløpig nøkler",
+    "searchProvisioningKeys": "Søk varer i lagrings nøkler...",
+    "provisioningKeysAdd": "Generer fremvisende nøkkel",
+    "provisioningKeysErrorDelete": "Feil under sletting av foreløpig nøkkel",
+    "provisioningKeysErrorDeleteMessage": "Feil under sletting av foreløpig nøkkel",
+    "provisioningKeysQuestionRemove": "Er du sikker på at du vil fjerne denne midlertidig nøkkelen fra organisasjonen?",
+    "provisioningKeysMessageRemove": "Når nøkkelen er fjernet, kan den ikke lenger brukes til anleggsavsetning.",
+    "provisioningKeysDeleteConfirm": "Bekreft sletting av bestemmelsesnøkkel",
+    "provisioningKeysDelete": "Slett bestemmelsesnøkkel",
+    "provisioningKeysCreate": "Generer fremvisende nøkkel",
+    "provisioningKeysCreateDescription": "Generer en ny foreløpig nøkkel til organisasjonen",
+    "provisioningKeysSeeAll": "Se alle foreløpig nøkler",
+    "provisioningKeysSave": "Lagre den midlertidig nøkkelen",
+    "provisioningKeysSaveDescription": "Du kan bare se denne én gang. Kopier det til et sikkert sted.",
+    "provisioningKeysErrorCreate": "Feil under oppretting av foreløpig nøkkel",
+    "provisioningKeysList": "Ny provisorisk nøkkel",
+    "provisioningKeysMaxBatchSize": "Maks størrelse på bunt",
+    "provisioningKeysUnlimitedBatchSize": "Ubegrenset mengde bunt (ingen begrensning)",
+    "provisioningKeysMaxBatchUnlimited": "Ubegrenset",
+    "provisioningKeysMaxBatchSizeInvalid": "Angi en gyldig sjakkstørrelse (1–1 000.000).",
+    "provisioningKeysValidUntil": "Gyldig til",
+    "provisioningKeysValidUntilHint": "La stå tomt for ingen utløp.",
+    "provisioningKeysValidUntilInvalid": "Angi en gyldig dato og klokkeslett.",
+    "provisioningKeysNumUsed": "Antall ganger brukt",
+    "provisioningKeysLastUsed": "Sist brukt",
+    "provisioningKeysNoExpiry": "Ingen utløpsdato",
+    "provisioningKeysNeverUsed": "Aldri",
+    "provisioningKeysEdit": "Rediger bestemmelsesnøkkel",
+    "provisioningKeysEditDescription": "Oppdater maksimal størrelse for bunt og utløpstid for denne nøkkelen.",
+    "provisioningKeysApproveNewSites": "Godkjenn nye nettsteder",
+    "provisioningKeysApproveNewSitesDescription": "Godkjenn automatisk nettsteder som registrerer deg med denne nøkkelen.",
+    "provisioningKeysUpdateError": "Feil under oppdatering av foreløpig nøkkel",
+    "provisioningKeysUpdated": "Foreslå nøkkel oppdatert",
+    "provisioningKeysUpdatedDescription": "Dine endringer er lagret.",
+    "provisioningKeysBannerTitle": "Sidens bestemmende nøkler",
+    "provisioningKeysBannerDescription": "Generer en provisjonsnøkkel og bruk den med Newt-kontakten for automatisk opprettelse av nettsteder ved første oppstart - ingen behov for å sette opp separate legitimasjoner for hvert nettsted.",
+    "provisioningKeysBannerButtonText": "Lær mer",
+    "pendingSitesBannerTitle": "Ventende nettsteder",
+    "pendingSitesBannerDescription": "Nettsteder som kobler seg til ved bruk av en provisjonsnøkkel vises her for vurdering.",
+    "pendingSitesBannerButtonText": "Lær mer",
     "apiKeysSettings": "{apiKeyName} Innstillinger",
     "userTitle": "Administrer alle brukere",
     "userDescription": "Vis og administrer alle brukere i systemet",
@@ -339,6 +441,10 @@
     "licenseErrorKeyActivate": "Aktivering av lisensnøkkel feilet",
     "licenseErrorKeyActivateDescription": "Det oppstod en feil under aktivering av lisensnøkkelen.",
     "licenseAbout": "Om Lisensiering",
+    "licenseBannerTitle": "Aktiver din bedriftslisens",
+    "licenseBannerDescription": "Lås opp bedriftsfunksjoner for din egenvertede Pangolin-instans. Kjøp en lisensnøkkel for å aktivere premium-funksjoner og legg den inn nedenfor.",
+    "licenseBannerGetLicense": "Få en lisens",
+    "licenseBannerViewDocs": "Vis dokumentasjon",
     "communityEdition": "Fellesskapsutgave",
     "licenseAboutDescription": "Dette er for bedrifts- og foretaksbrukere som bruker Pangolin i et kommersielt miljø. Hvis du bruker Pangolin til personlig bruk, kan du ignorere denne seksjonen.",
     "licenseKeyActivated": "Lisensnøkkel aktivert",
@@ -461,6 +567,8 @@
     "filterByApprovalState": "Filtrer etter godkjenningsstatus",
     "approvalListEmpty": "Ingen godkjenninger",
     "approvalState": "Godkjennings tilstand",
+    "approvalLoadMore": "Last mer",
+    "loadingApprovals": "Laster inn godkjenninger",
     "approve": "Godkjenn",
     "approved": "Godkjent",
     "denied": "Avvist",
@@ -494,9 +602,12 @@
     "userSaved": "Bruker lagret",
     "userSavedDescription": "Brukeren har blitt oppdatert.",
     "autoProvisioned": "Auto avlyst",
+    "autoProvisionSettings": "Auto leveringsinnstillinger",
     "autoProvisionedDescription": "Tillat denne brukeren å bli automatisk administrert av en identitetsleverandør",
     "accessControlsDescription": "Administrer hva denne brukeren kan få tilgang til og gjøre i organisasjonen",
     "accessControlsSubmit": "Lagre tilgangskontroller",
+    "singleRolePerUserPlanNotice": "Din plan støtter bare én rolle per bruker.",
+    "singleRolePerUserEditionNotice": "Denne utgaven støtter bare én rolle per bruker.",
     "roles": "Roller",
     "accessUsersRoles": "Administrer brukere og roller",
     "accessUsersRolesDescription": "Inviter brukere og legg dem til roller for å administrere tilgang til organisasjonen",
@@ -553,6 +664,8 @@
     "targetErrorInvalidPortDescription": "Vennligst skriv inn et gyldig portnummer",
     "targetErrorNoSite": "Ingen nettsted valgt",
     "targetErrorNoSiteDescription": "Velg et nettsted for målet",
+    "targetTargetsCleared": "Mål ryddet",
+    "targetTargetsClearedDescription": "Alle mål har blitt fjernet fra denne ressursen",
     "targetCreated": "Mål opprettet",
     "targetCreatedDescription": "Målet har blitt opprettet",
     "targetErrorCreate": "Kunne ikke opprette målet",
@@ -636,6 +749,7 @@
     "resourcesErrorUpdate": "Feilet å slå av/på ressurs",
     "resourcesErrorUpdateDescription": "En feil oppstod under oppdatering av ressursen",
     "access": "Tilgang",
+    "accessControl": "Tilgangskontroll",
     "shareLink": "{resource} Del Lenke",
     "resourceSelect": "Velg ressurs",
     "shareLinks": "Del lenker",
@@ -653,6 +767,7 @@
     "newtEndpoint": "Endpoint",
     "newtId": "ID",
     "newtSecretKey": "Sikkerhetsnøkkel",
+    "newtVersion": "Versjon",
     "architecture": "Arkitektur",
     "sites": "Områder",
     "siteWgAnyClients": "Bruk hvilken som helst WireGuard klient til å koble til. Du må adressere interne ressurser ved hjelp av peer IP.",
@@ -776,6 +891,7 @@
     "accessRoleRemoved": "Rolle fjernet",
     "accessRoleRemovedDescription": "Rollen er vellykket fjernet.",
     "accessRoleRequiredRemove": "Før du sletter denne rollen, vennligst velg en ny rolle å overføre eksisterende medlemmer til.",
+    "network": "Nettverk",
     "manage": "Administrer",
     "sitesNotFound": "Ingen områder funnet.",
     "pangolinServerAdmin": "Server Admin - Pangolin",
@@ -819,6 +935,7 @@
     "idpDisplayName": "Et visningsnavn for denne identitetsleverandøren",
     "idpAutoProvisionUsers": "Automatisk brukerklargjøring",
     "idpAutoProvisionUsersDescription": "Når aktivert, opprettes brukere automatisk i systemet ved første innlogging, med mulighet til å tilordne brukere til roller og organisasjoner.",
+    "idpAutoProvisionConfigureAfterCreate": "Du kan konfigurere autoprovisjonsinnstillingene når identitetsleverandøren er opprettet.",
     "licenseBadge": "EE",
     "idpType": "Leverandørtype",
     "idpTypeDescription": "Velg typen identitetsleverandør du ønsker å konfigurere",
@@ -870,7 +987,7 @@
     "defaultMappingsRole": "Standard rolletilordning",
     "defaultMappingsRoleDescription": "Resultatet av dette uttrykket må returnere rollenavnet slik det er definert i organisasjonen som en streng.",
     "defaultMappingsOrg": "Standard organisasjonstilordning",
-    "defaultMappingsOrgDescription": "Dette uttrykket må returnere organisasjons-ID-en eller «true» for å gi brukeren tilgang til organisasjonen.",
+    "defaultMappingsOrgDescription": "Når denne er satt, må uttrykket returnere organisasjons-IDen eller «true» for at brukeren skal få tilgang til den organisasjonen. Når den ikke er satt, er det nok å definere en rolletilordning: brukeren gis tilgang så lenge en gyldig rolletilknytting kan løses for dem i organisasjonen.",
     "defaultMappingsSubmit": "Lagre standard tilordninger",
     "orgPoliciesEdit": "Rediger Organisasjonspolicy",
     "org": "Organisasjon",
@@ -1017,12 +1134,12 @@
     "pangolinSetup": "Oppsett - Pangolin",
     "orgNameRequired": "Organisasjonsnavn er påkrevd",
     "orgIdRequired": "Organisasjons-ID er påkrevd",
+    "orgIdMaxLength": "Organisasjons-ID må maksimalt være 32 tegn",
     "orgErrorCreate": "En feil oppstod under oppretting av organisasjon",
     "pageNotFound": "Siden ble ikke funnet",
     "pageNotFoundDescription": "Oops! Siden du leter etter finnes ikke.",
     "overview": "Oversikt",
     "home": "Hjem",
-    "accessControl": "Tilgangskontroll",
     "settings": "Innstillinger",
     "usersAll": "Alle brukere",
     "license": "Lisens",
@@ -1085,6 +1202,12 @@
     "actionGetUser": "Hent bruker",
     "actionGetOrgUser": "Hent organisasjonsbruker",
     "actionListOrgDomains": "List opp organisasjonsdomener",
+    "actionGetDomain": "Få Domene",
+    "actionCreateOrgDomain": "Opprett domene",
+    "actionUpdateOrgDomain": "Oppdater domene",
+    "actionDeleteOrgDomain": "Slett domene",
+    "actionGetDNSRecords": "Hent DNS-oppføringer",
+    "actionRestartOrgDomain": "Omstart Domene",
     "actionCreateSite": "Opprett område",
     "actionDeleteSite": "Slett område",
     "actionGetSite": "Hent område",
@@ -1096,6 +1219,7 @@
     "setupTokenDescription": "Skriv inn oppsetttoken fra serverkonsollen.",
     "setupTokenRequired": "Oppsetttoken er nødvendig",
     "actionUpdateSite": "Oppdater område",
+    "actionResetSiteBandwidth": "Tilbakestill organisasjons-båndbredde",
     "actionListSiteRoles": "List opp tillatte områderoller",
     "actionCreateResource": "Opprett ressurs",
     "actionDeleteResource": "Slett ressurs",
@@ -1125,6 +1249,7 @@
     "actionRemoveUser": "Fjern bruker",
     "actionListUsers": "List opp brukere",
     "actionAddUserRole": "Legg til brukerrolle",
+    "actionSetUserOrgRoles": "Angi brukerroller",
     "actionGenerateAccessToken": "Generer tilgangstoken",
     "actionDeleteAccessToken": "Slett tilgangstoken",
     "actionListAccessTokens": "List opp tilgangstokener",
@@ -1169,7 +1294,9 @@
     "actionViewLogs": "Vis logger",
     "noneSelected": "Ingen valgt",
     "orgNotFound2": "Ingen organisasjoner funnet.",
-    "searchProgress": "Søker...",
+    "search": "Søk…",
+    "searchPlaceholder": "Søk...",
+    "emptySearchOptions": "Ingen valg funnet",
     "create": "Opprett",
     "orgs": "Organisasjoner",
     "loginError": "En uventet feil oppstod. Vennligst prøv igjen.",
@@ -1233,12 +1360,14 @@
     "sidebarClientResources": "Privat",
     "sidebarAccessControl": "Tilgangskontroll",
     "sidebarLogsAndAnalytics": "Logger og analyser",
+    "sidebarTeam": "Lag",
     "sidebarUsers": "Brukere",
     "sidebarAdmin": "Administrator",
     "sidebarInvitations": "Invitasjoner",
     "sidebarRoles": "Roller",
     "sidebarShareableLinks": "Lenker",
     "sidebarApiKeys": "API-nøkler",
+    "sidebarProvisioning": "Levering",
     "sidebarSettings": "Innstillinger",
     "sidebarAllUsers": "Alle brukere",
     "sidebarIdentityProviders": "Identitetsleverandører",
@@ -1250,8 +1379,167 @@
     "sidebarGeneral": "Administrer",
     "sidebarLogAndAnalytics": "Logg og analyser",
     "sidebarBluePrints": "Tegninger",
+    "sidebarAlerting": "Varsling",
+    "sidebarHealthChecks": "Helsekontroller",
     "sidebarOrganization": "Organisasjon",
+    "sidebarManagement": "Administrasjon",
+    "sidebarBillingAndLicenses": "Fakturering & lisenser",
     "sidebarLogsAnalytics": "Analyser",
+    "alertingTitle": "Varsling",
+    "alertingDescription": "Definer kilder, triggere og handlinger for varsler",
+    "alertingRules": "Varslingsregler",
+    "alertingSearchRules": "Søk i regler…",
+    "alertingAddRule": "Opprett regel",
+    "alertingColumnSource": "Kilde",
+    "alertingColumnTrigger": "Utløser",
+    "alertingColumnActions": "Handlinger",
+    "alertingColumnEnabled": "Aktivert",
+    "alertingDeleteQuestion": "Vennligst bekreft at du vil slette denne varslingsregelen.",
+    "alertingDeleteRule": "Slett varslingsregel",
+    "alertingRuleDeleted": "Varslingsregel slettet",
+    "alertingRuleSaved": "Varslingsregel lagret",
+    "alertingRuleSavedCreatedDescription": "Din nye varslingsregel ble opprettet. Du kan fortsette å redigere den på denne siden.",
+    "alertingRuleSavedUpdatedDescription": "Endringene dine i denne varslingsregelen ble lagret.",
+    "alertingEditRule": "Rediger varslingsregel",
+    "alertingCreateRule": "Opprett varslingsregel",
+    "alertingRuleCredenzaDescription": "Velg hva som skal overvåkes, når det skal varsles, og hvordan du vil bli informert",
+    "alertingRuleNamePlaceholder": "Produksjonsside nede",
+    "alertingRuleEnabled": "Regel aktivert",
+    "alertingSectionSource": "Kilde",
+    "alertingSourceType": "Kildetype",
+    "alertingSourceSite": "Område",
+    "alertingSourceHealthCheck": "Helsekontroll",
+    "alertingPickSites": "Områder",
+    "alertingPickHealthChecks": "Helsekontroller",
+    "alertingPickResources": "Ressurser",
+    "alertingAllSites": "Alle områder",
+    "alertingAllSitesDescription": "Varsler for alle områder",
+    "alertingSpecificSites": "Spesifikke områder",
+    "alertingSpecificSitesDescription": "Velg spesifikke områder for overvåking",
+    "alertingAllHealthChecks": "Alle helsekontroller",
+    "alertingAllHealthChecksDescription": "Varsler for alle helsekontroller",
+    "alertingSpecificHealthChecks": "Spesifikke helsekontroller",
+    "alertingSpecificHealthChecksDescription": "Velg spesifikke helsekontroller for overvåking",
+    "alertingAllResources": "Alle ressurser",
+    "alertingAllResourcesDescription": "Varsler for alle ressurser",
+    "alertingSpecificResources": "Spesifikke ressurser",
+    "alertingSpecificResourcesDescription": "Velg spesifikke ressurser for overvåking",
+    "alertingSelectResources": "Velg ressurser…",
+    "alertingResourcesSelected": "{count} ressurser valgt",
+    "alertingResourcesEmpty": "Ingen ressurser med mål i de første 10 resultatene.",
+    "alertingSectionTrigger": "Utløser",
+    "alertingTrigger": "Når skal det varsles",
+    "alertingTriggerSiteOnline": "Nettsted er online",
+    "alertingTriggerSiteOffline": "Nettsted er offline",
+    "alertingTriggerSiteToggle": "Endringer i nettstedstatus",
+    "alertingTriggerHcHealthy": "Helsekontroll sunn",
+    "alertingTriggerHcUnhealthy": "Helsekontroll usunn",
+    "alertingTriggerHcToggle": "Endringer i helsekontrollstatus",
+    "alertingTriggerResourceHealthy": "Ressurs sunn",
+    "alertingTriggerResourceUnhealthy": "Ressurs usunn",
+    "alertingTriggerResourceDegraded": "Ressurs forringet",
+    "alertingSearchHealthChecks": "Søk i helsekontroller…",
+    "alertingHealthChecksEmpty": "Ingen tilgjengelige helsekontroller.",
+    "alertingTriggerResourceToggle": "Endringer i ressursstatus",
+    "alertingSourceResource": "Ressurs",
+    "alertingSectionActions": "Handlinger",
+    "alertingAddAction": "Legg til handling",
+    "alertingActionNotify": "E-post",
+    "alertingActionNotifyDescription": "Send e-postvarsler til brukere eller roller",
+    "alertingActionWebhook": "Webhook",
+    "alertingActionWebhookDescription": "Send en HTTP-forespørsel til et tilpasset endepunkt",
+    "alertingExternalIntegration": "Ekstern integrasjon",
+    "alertingExternalPagerDutyDescription": "Send varsler til PagerDuty for hendelseshåndtering",
+    "alertingExternalOpsgenieDescription": "Rute varsler til Opsgenie for vakt håndtering",
+    "alertingExternalServiceNowDescription": "Opprett ServiceNow hendelser fra varslingseventer",
+    "alertingExternalIncidentIoDescription": "Utløs Incident.io arbeidsflyter fra varsels begivenheter",
+    "alertingActionType": "Handlings type",
+    "alertingNotifyUsers": "Brukere",
+    "alertingNotifyRoles": "Roller",
+    "alertingNotifyEmails": "E-postadresser",
+    "alertingEmailPlaceholder": "Legg til e-post og trykk Enter",
+    "alertingWebhookMethod": "HTTP-metode",
+    "alertingWebhookSecret": "Signeringshemmelig (valgfritt)",
+    "alertingWebhookSecretPlaceholder": "HMAC-hemmelig",
+    "alertingWebhookHeaders": "Overskrifter",
+    "alertingAddHeader": "Legg til header",
+    "alertingSelectSites": "Velg områder…",
+    "alertingSitesSelected": "{count} områder valgt",
+    "alertingSelectHealthChecks": "Velg helsekontroller…",
+    "alertingHealthChecksSelected": "{count} helsekontroller valgt",
+    "alertingNoHealthChecks": "Ingen mål med helsekontroller aktivert",
+    "alertingHealthCheckStub": "Valg av helsekontrollkilde er ikke sluttført ennå - du kan fortsatt konfigurere triggere og handlinger.",
+    "alertingSelectUsers": "Velg brukere…",
+    "alertingUsersSelected": "{count} brukere valgt",
+    "alertingSelectRoles": "Velg roller…",
+    "alertingRolesSelected": "{count} roller valgt",
+    "alertingSummarySites": "Områder ({count})",
+    "alertingSummaryAllSites": "Alle områder",
+    "alertingSummaryHealthChecks": "Helsekontroller ({count})",
+    "alertingSummaryAllHealthChecks": "Alle helsekoner",
+    "alertingSummaryResources": "Ressurser ({count})",
+    "alertingSummaryAllResources": "Alle ressurser",
+    "alertingErrorNameRequired": "Skriv inn et navn",
+    "alertingErrorActionsMin": "Legg til minst én handling",
+    "alertingErrorPickSites": "Velg minst ett område",
+    "alertingErrorPickHealthChecks": "Velg minst én helsekontroll",
+    "alertingErrorPickResources": "Velg minst én ressurs",
+    "alertingErrorTriggerSite": "Velg en triggetjeneste for nettsted",
+    "alertingErrorTriggerHealth": "Velg en triggetjeneste for helsekontroll",
+    "alertingErrorTriggerResource": "Velg en triggetjeneste for ressurs",
+    "alertingErrorNotifyRecipients": "Velg brukere, roller, eller minst én e-post",
+    "alertingConfigureSource": "Konfigurer kilde",
+    "alertingConfigureTrigger": "Konfigurer trigger",
+    "alertingConfigureActions": "Konfigurer handlinger",
+    "alertingBackToRules": "Tilbake til regler",
+    "alertingRuleCooldown": "Nedkjøling (sekunder)",
+    "alertingRuleCooldownDescription": "Minimum tid mellom gjentatte varsler for samme regel. Sett til 0 for å skyte hver gang.",
+    "alertingDraftBadge": "Utkast - lagre for å lagre denne regelen",
+    "alertingSidebarHint": "Klikk på et steg på lerretet for å redigere det her.",
+    "alertingGraphCanvasTitle": "Regel Flyt",
+    "alertingGraphCanvasDescription": "Visuell oversikt over kilde, trigger og handlinger. Velg en node for å redigere den i panelet.",
+    "alertingNodeNotConfigured": "Ikke konfigurert ennå",
+    "alertingNodeActionsCount": "{count, plural, one {# handling} other {# handlinger}}",
+    "alertingNodeRoleSource": "Kilde",
+    "alertingNodeRoleTrigger": "Utløser",
+    "alertingNodeRoleAction": "Handling",
+    "alertingTabRules": "Varslingsregler",
+    "alertingTabHealthChecks": "Helsekontroller",
+    "alertingRulesBannerTitle": "Bli varslet",
+    "alertingRulesBannerDescription": "Hver regel binder sammen hva som skal overvåkes (et område, helsekontroll eller ressurs), når det skal varsles (for eksempel offline eller usunn), og hvordan varsle teamet ditt via e-post, webhooks eller integrasjoner. Bruk denne listen for å opprette, aktivere og administrere disse reglene.",
+    "alertingHealthChecksBannerTitle": "Overvåk helse & ressurser",
+    "alertingHealthChecksBannerDescription": "Helsekontroller er HTTP- eller TCP-monitorer du definerer én gang. Du kan deretter bruke dem som kilder i varslingsregler slik at du blir varslet når et mål blir sunt eller usunt. Helsekontroller på ressurser vises også her.",
+    "standaloneHcTableTitle": "Helsekontroller",
+    "standaloneHcSearchPlaceholder": "Søk i helsekontroller…",
+    "standaloneHcAddButton": "Opprett helsekontroll",
+    "standaloneHcCreateTitle": "Opprett helsekontroll",
+    "standaloneHcEditTitle": "Rediger helsekontroll",
+    "standaloneHcDescription": "Konfigurer en HTTP- eller TCP-helsekontroll for bruk i varslingsregler.",
+    "standaloneHcNameLabel": "Navn",
+    "standaloneHcNamePlaceholder": "Min HTTP-monitor",
+    "standaloneHcDeleteTitle": "Slett helsekontroll",
+    "standaloneHcDeleteQuestion": "Vennligst bekreft at du vil slette denne helsekontrollen.",
+    "standaloneHcDeleted": "Helsekontroll slettet",
+    "standaloneHcSaved": "Helsekontroll lagret",
+    "standaloneHcColumnHealth": "Helse",
+    "standaloneHcColumnMode": "Modus",
+    "standaloneHcColumnTarget": "Mål",
+    "standaloneHcHealthStateHealthy": "Sunn",
+    "standaloneHcHealthStateUnhealthy": "Usunn",
+    "standaloneHcHealthStateUnknown": "Ukjent",
+    "standaloneHcFilterAnySite": "Alle områder",
+    "standaloneHcFilterAnyResource": "Alle ressurser",
+    "standaloneHcFilterMode": "Modus",
+    "standaloneHcFilterModeHttp": "HTTP",
+    "standaloneHcFilterModeTcp": "TCP",
+    "standaloneHcFilterModeSnmp": "SNMP",
+    "standaloneHcFilterModePing": "Ping",
+    "standaloneHcFilterHealth": "Helse",
+    "standaloneHcFilterEnabled": "Aktivert",
+    "standaloneHcFilterEnabledOn": "Aktivert",
+    "standaloneHcFilterEnabledOff": "Deaktivert",
+    "standaloneHcFilterSiteIdFallback": "Område {id}",
+    "standaloneHcFilterResourceIdFallback": "Ressurs {id}",
     "blueprints": "Tegninger",
     "blueprintsDescription": "Bruk deklarative konfigurasjoner og vis tidligere kjøringer",
     "blueprintAdd": "Legg til blåkopi",
@@ -1272,7 +1560,6 @@
     "parsedContents": "Parastinnhold (kun lese)",
     "enableDockerSocket": "Aktiver Docker blåkopi",
     "enableDockerSocketDescription": "Aktiver skraping av Docker Socket for blueprint Etiketter. Socket bane må brukes for nye.",
-    "enableDockerSocketLink": "Lær mer",
     "viewDockerContainers": "Vis Docker-containere",
     "containersIn": "Containere i {siteName}",
     "selectContainerDescription": "Velg en hvilken som helst container for å bruke som vertsnavn for dette målet. Klikk på en port for å bruke en port.",
@@ -1314,7 +1601,8 @@
     "initialSetupDescription": "Opprett den første serveradministratorkontoen. Det kan bare finnes én serveradministrator. Du kan alltid endre denne påloggingsinformasjonen senere.",
     "createAdminAccount": "Opprett administratorkonto",
     "setupErrorCreateAdmin": "En feil oppstod under opprettelsen av serveradministratorkontoen.",
-    "certificateStatus": "Sertifikatstatus",
+    "certificateStatus": "Sertifikat",
+    "certificateStatusAutoRefreshHint": "Status oppdateres automatisk.",
     "loading": "Laster inn",
     "loadingAnalytics": "Laster inn analyser",
     "restart": "Start på nytt",
@@ -1383,6 +1671,7 @@
     "pangolinUpdateAvailableReleaseNotes": "Se utgivelsesnotater",
     "newtUpdateAvailable": "Oppdatering tilgjengelig",
     "newtUpdateAvailableInfo": "En ny versjon av Newt er tilgjengelig. Vennligst oppdater til den nyeste versjonen for den beste opplevelsen.",
+    "pangolinNodeUpdateAvailableInfo": "En ny versjon av Pangolin Node er tilgjengelig. Vennligst oppdater til den nyeste versjonen for den beste opplevelsen.",
     "domainPickerEnterDomain": "Domene",
     "domainPickerPlaceholder": "minapp.eksempel.no",
     "domainPickerDescription": "Skriv inn hele domenet til ressursen for å se tilgjengelige alternativer.",
@@ -1400,6 +1689,7 @@
     "domainPickerNamespace": "Navnerom: {namespace}",
     "domainPickerShowMore": "Vis mer",
     "regionSelectorTitle": "Velg Region",
+    "domainPickerRemoteExitNodeWarning": "Tilbudte domener støttes ikke når sider kobles til eksterne avkjøringsnoder. For ressurser som skal være tilgjengelige på eksterne noder, brukes et egendefinert domene i stedet.",
     "regionSelectorInfo": "Å velge en region hjelper oss med å gi bedre ytelse for din lokasjon. Du trenger ikke være i samme region som serveren.",
     "regionSelectorPlaceholder": "Velg en region",
     "regionSelectorComingSoon": "Kommer snart",
@@ -1412,6 +1702,7 @@
     "billingSites": "Områder",
     "billingUsers": "Brukere",
     "billingDomains": "Domener",
+    "billingOrganizations": "Orger",
     "billingRemoteExitNodes": "Eksterne Noder",
     "billingNoLimitConfigured": "Ingen grense konfigurert",
     "billingEstimatedPeriod": "Estimert faktureringsperiode",
@@ -1454,6 +1745,7 @@
     "failed": "Mislyktes",
     "createNewOrgDescription": "Opprett en ny organisasjon",
     "organization": "Organisasjon",
+    "primary": "Primær",
     "port": "Port",
     "securityKeyManage": "Administrer sikkerhetsnøkler",
     "securityKeyDescription": "Legg til eller fjern sikkerhetsnøkler for passordløs autentisering",
@@ -1551,6 +1843,16 @@
     "billingFeatureLossWarning": "Fremhev tilgjengelig varsel",
     "billingFeatureLossDescription": "Ved å nedgradere vil funksjoner som ikke er tilgjengelige i den nye planen automatisk bli deaktivert. Noen innstillinger og konfigurasjoner kan gå tapt. Vennligst gjennomgå prismatrisen for å forstå hvilke funksjoner som ikke lenger vil være tilgjengelige.",
     "billingUsageExceedsLimit": "Gjeldende bruk ({current}) overskrider grensen ({limit})",
+    "billingPastDueTitle": "Betalingen har forfalt",
+    "billingPastDueDescription": "Betalingen er forfalt. Vennligst oppdater betalingsmetoden din for å fortsette å bruke den gjeldende funksjonsplanen din. Hvis du ikke har løst deg, vil abonnementet ditt avbrytes, og du vil bli tilbakestilt til gratistiden.",
+    "billingUnpaidTitle": "Abonnement ubetalt",
+    "billingUnpaidDescription": "Ditt abonnement er ubetalt og du har blitt tilbakestilt til gratis kasse. Vennligst oppdater din betalingsmetode for å gjenopprette abonnementet.",
+    "billingIncompleteTitle": "Betaling ufullstendig",
+    "billingIncompleteDescription": "Betalingen er ufullstendig. Vennligst fullfør betalingsprosessen for å aktivere abonnementet.",
+    "billingIncompleteExpiredTitle": "Betaling utløpt",
+    "billingIncompleteExpiredDescription": "Din betaling ble aldri fullført, og har utløpt. Du har blitt tilbakestilt til gratis dekk. Vennligst abonner på nytt for å gjenopprette tilgangen til betalte funksjoner.",
+    "billingManageSubscription": "Administrere ditt abonnement",
+    "billingResolvePaymentIssue": "Vennligst løs ditt betalingsproblem før du oppgraderer eller nedgraderer betalingen",
     "signUpTerms": {
         "IAgreeToThe": "Jeg godtar",
         "termsOfService": "brukervilkårene",
@@ -1609,6 +1911,7 @@
     "configureHealthCheck": "Konfigurer Helsekontroll",
     "configureHealthCheckDescription": "Sett opp helsekontroll for {target}",
     "enableHealthChecks": "Aktiver Helsekontroller",
+    "healthCheckDisabledStateDescription": "Når deaktivert, vil ikke nettstedet utføre helsekontroller, og tilstanden vil anses som ukjent.",
     "enableHealthChecksDescription": "Overvåk helsen til dette målet. Du kan overvåke et annet endepunkt enn målet hvis nødvendig.",
     "healthScheme": "Metode",
     "healthSelectScheme": "Velg metode",
@@ -1624,6 +1927,24 @@
     "timeIsInSeconds": "Tid er i sekunder",
     "requireDeviceApproval": "Krev enhetsgodkjenning",
     "requireDeviceApprovalDescription": "Brukere med denne rollen trenger nye enheter godkjent av en admin før de kan koble seg og få tilgang til ressurser.",
+    "sshAccess": "SSH tilgang",
+    "roleAllowSsh": "Tillat SSH",
+    "roleAllowSshAllow": "Tillat",
+    "roleAllowSshDisallow": "Forby",
+    "roleAllowSshDescription": "Tillat brukere med denne rollen å koble til ressurser via SSH. Når deaktivert får rollen ikke tilgang til SSH.",
+    "sshSudoMode": "Sudo tilgang",
+    "sshSudoModeNone": "Ingen",
+    "sshSudoModeNoneDescription": "Brukeren kan ikke kjøre kommandoer med sudo.",
+    "sshSudoModeFull": "Full Sudo",
+    "sshSudoModeFullDescription": "Brukeren kan kjøre hvilken som helst kommando med sudo.",
+    "sshSudoModeCommands": "Kommandoer",
+    "sshSudoModeCommandsDescription": "Brukeren kan bare kjøre de angitte kommandoene med sudo.",
+    "sshSudo": "Tillat sudo",
+    "sshSudoCommands": "Sudo kommandoer",
+    "sshSudoCommandsDescription": "Kommaseparert liste med kommandoer brukeren kan kjøre med sudo.",
+    "sshCreateHomeDir": "Opprett hjemmappe",
+    "sshUnixGroups": "Unix grupper",
+    "sshUnixGroupsDescription": "Kommaseparerte Unix grupper for å legge brukeren til på mål-verten.",
     "retryAttempts": "Forsøk på nytt",
     "expectedResponseCodes": "Forventede svarkoder",
     "expectedResponseCodesDescription": "HTTP-statuskode som indikerer sunn status. Hvis den blir stående tom, regnes 200-300 som sunn.",
@@ -1640,9 +1961,20 @@
     "healthCheckIntervalMin": "Sjekkeintervallet må være minst 5 sekunder",
     "healthCheckTimeoutMin": "Timeout må være minst 1 sekund",
     "healthCheckRetryMin": "Forsøk på nytt må være minst 1",
+    "healthCheckMode": "Sjekk modus",
+    "healthCheckStrategy": "Strategi",
+    "healthCheckModeDescription": "TCP-modus verifiserer kun tilkobling. HTTP-modus validerer HTTP-responsen.",
+    "healthyThreshold": "Sunnhets terskel",
+    "healthyThresholdDescription": "Suksesser på rad som kreves før man markerer som sunn.",
+    "unhealthyThreshold": "Usunn terskel",
+    "unhealthyThresholdDescription": "Feil på rad som kreves før man markerer som usunn.",
+    "healthCheckHealthyThresholdMin": "Sunnhet terskel må være minst 1",
+    "healthCheckUnhealthyThresholdMin": "Usunn terskel må være minst 1",
     "httpMethod": "HTTP-metode",
     "selectHttpMethod": "Velg HTTP-metode",
     "domainPickerSubdomainLabel": "Underdomene",
+    "domainPickerWildcard": "Jokertegn",
+    "domainPickerWildcardPaidOnly": "Jokertegnsubdomener er en betalt funksjon. Vennligst oppgrader for å få tilgang til denne funksjonen.",
     "domainPickerBaseDomainLabel": "Grunndomene",
     "domainPickerSearchDomains": "Søk i domener...",
     "domainPickerNoDomainsFound": "Ingen domener funnet",
@@ -1668,12 +2000,12 @@
     "resourcesTableAliasAddressInfo": "Denne adressen er en del av organisasjonens undernettverk. Den brukes til å løse aliasposter ved hjelp av intern DNS-oppløsning.",
     "resourcesTableClients": "Klienter",
     "resourcesTableAndOnlyAccessibleInternally": "og er kun tilgjengelig internt når de er koblet til med en klient.",
-    "resourcesTableNoTargets": "Ingen mål",
     "resourcesTableHealthy": "Frisk",
     "resourcesTableDegraded": "Nedgradert",
-    "resourcesTableOffline": "Frakoblet",
+    "resourcesTableUnhealthy": "Usunn",
     "resourcesTableUnknown": "Ukjent",
     "resourcesTableNotMonitored": "Ikke overvåket",
+    "resourcesTableNoTargets": "Ingen mål",
     "editInternalResourceDialogEditClientResource": "Rediger Private Ressurser",
     "editInternalResourceDialogUpdateResourceProperties": "Oppdater ressurskonfigurasjonen og få tilgangskontroller for {resourceName}",
     "editInternalResourceDialogResourceProperties": "Ressursegenskaper",
@@ -1699,6 +2031,11 @@
     "editInternalResourceDialogModePort": "Port",
     "editInternalResourceDialogModeHost": "Vert",
     "editInternalResourceDialogModeCidr": "CIDR",
+    "editInternalResourceDialogModeHttp": "HTTP",
+    "editInternalResourceDialogModeHttps": "HTTPS",
+    "editInternalResourceDialogScheme": "Skjema",
+    "editInternalResourceDialogEnableSsl": "Aktiver SSL",
+    "editInternalResourceDialogEnableSslDescription": "Aktiver SSL/TLS-kryptering for sikre HTTPS-tilkoblinger til destinasjonen.",
     "editInternalResourceDialogDestination": "Destinasjon",
     "editInternalResourceDialogDestinationHostDescription": "IP-adressen eller vertsnavnet til ressursen på nettstedets nettverk.",
     "editInternalResourceDialogDestinationIPDescription": "IP eller vertsnavn til ressursen på nettstedets nettverk.",
@@ -1714,6 +2051,7 @@
     "createInternalResourceDialogName": "Navn",
     "createInternalResourceDialogSite": "Område",
     "selectSite": "Velg område...",
+    "multiSitesSelectorSitesCount": "{count, plural, one {# sted} other {# steder}}",
     "noSitesFound": "Ingen områder funnet.",
     "createInternalResourceDialogProtocol": "Protokoll",
     "createInternalResourceDialogTcp": "TCP",
@@ -1742,11 +2080,19 @@
     "createInternalResourceDialogModePort": "Port",
     "createInternalResourceDialogModeHost": "Vert",
     "createInternalResourceDialogModeCidr": "CIDR",
+    "createInternalResourceDialogModeHttp": "HTTP",
+    "createInternalResourceDialogModeHttps": "HTTPS",
+    "scheme": "Skjema",
+    "createInternalResourceDialogScheme": "Skjema",
+    "createInternalResourceDialogEnableSsl": "Aktiver SSL",
+    "createInternalResourceDialogEnableSslDescription": "Aktiver SSL/TLS-kryptering for sikre HTTPS-tilkoblinger til destinasjonen.",
     "createInternalResourceDialogDestination": "Destinasjon",
     "createInternalResourceDialogDestinationHostDescription": "IP-adressen eller vertsnavnet til ressursen på nettstedets nettverk.",
     "createInternalResourceDialogDestinationCidrDescription": "CIDR-rekkevidden til ressursen på nettstedets nettverk.",
     "createInternalResourceDialogAlias": "Alias",
     "createInternalResourceDialogAliasDescription": "Et valgfritt internt DNS-alias for denne ressursen.",
+    "internalResourceDownstreamSchemeRequired": "Skjema er påkrevd for HTTP-ressurser",
+    "internalResourceHttpPortRequired": "Destinasjonsport er nødvendig for HTTP-ressurser",
     "siteConfiguration": "Konfigurasjon",
     "siteAcceptClientConnections": "Godta klientforbindelser",
     "siteAcceptClientConnectionsDescription": "Tillat brukere og klienter å få tilgang til ressurser på denne siden. Dette kan endres senere.",
@@ -1832,6 +2178,40 @@
     "exitNode": "Utgangsnode",
     "country": "Land",
     "rulesMatchCountry": "For tiden basert på kilde IP",
+    "region": "Fylke",
+    "selectRegion": "Velg region",
+    "searchRegions": "Søk etter områder...",
+    "noRegionFound": "Ingen region funnet.",
+    "rulesMatchRegion": "Velg en regional gruppering av land",
+    "rulesErrorInvalidRegion": "Ugyldig område",
+    "rulesErrorInvalidRegionDescription": "Vennligst velg et gyldig område.",
+    "regionAfrica": "Afrika",
+    "regionNorthernAfrica": "[country name] Nord-Afrika",
+    "regionEasternAfrica": "Øst-Afrika",
+    "regionMiddleAfrica": "Middle Africa",
+    "regionSouthernAfrica": "Sør-Afrika",
+    "regionWesternAfrica": "[country name] Vest-Afrika",
+    "regionAmericas": "Amerika",
+    "regionCaribbean": "Karibia",
+    "regionCentralAmerica": "Sentral-Amerika",
+    "regionSouthAmerica": "Sør-Amerika",
+    "regionNorthernAmerica": "Nord-Amerika",
+    "regionAsia": "Asia",
+    "regionCentralAsia": "Sentral-Asia",
+    "regionEasternAsia": "Øst-Asia",
+    "regionSouthEasternAsia": "Sørøst-Asia",
+    "regionSouthernAsia": "Sørlige Asia",
+    "regionWesternAsia": "Vest-Asia",
+    "regionEurope": "Europa",
+    "regionEasternEurope": "Øst-Europa",
+    "regionNorthernEurope": "Nord-Europa",
+    "regionSouthernEurope": "Sørlige Europa",
+    "regionWesternEurope": "Vest-Europa",
+    "regionOceania": "Oceania",
+    "regionAustraliaAndNewZealand": "Australia og New Zealand",
+    "regionMelanesia": "Melanesia",
+    "regionMicronesia": "Micronesia",
+    "regionPolynesia": "Polynesia",
     "managedSelfHosted": {
         "title": "Administrert selv-hostet",
         "description": "Sikre og lavvedlikeholdsservere, selvbetjente Pangolin med ekstra klokker, og understell",
@@ -1870,7 +2250,7 @@
     },
     "internationaldomaindetected": "Internasjonalt domene oppdaget",
     "willbestoredas": "Vil bli lagret som:",
-    "roleMappingDescription": "Bestem hvordan roller tilordnes brukere når innloggingen er aktivert når autog-rapportering er aktivert.",
+    "roleMappingDescription": "Bestem hvordan roller tildeles brukere når de logger inn med denne identitetsleverandøren.",
     "selectRole": "Velg en rolle",
     "roleMappingExpression": "Uttrykk",
     "selectRolePlaceholder": "Velg en rolle",
@@ -1880,6 +2260,25 @@
     "invalidValue": "Ugyldig verdi",
     "idpTypeLabel": "Identitet leverandør type",
     "roleMappingExpressionPlaceholder": "F.eks. inneholder(grupper, 'admin') && 'Admin' ⋅'Medlem'",
+    "roleMappingModeFixedRoles": "Fast roller",
+    "roleMappingModeMappingBuilder": "Kartlegger bygger",
+    "roleMappingModeRawExpression": "Rå uttrykk",
+    "roleMappingFixedRolesPlaceholderSelect": "Velg en eller flere roller",
+    "roleMappingFixedRolesPlaceholderFreeform": "Skriv inn rollenavn (eksakt treff per organisasjon)",
+    "roleMappingFixedRolesDescriptionSameForAll": "Tilordne den samme rollen som er satt til hver automatisk midlertidig bruker.",
+    "roleMappingFixedRolesDescriptionDefaultPolicy": "For standard policyer, type rollenavn som eksisterer i hver organisasjon der brukerne tilbys. Navn må stemmer nøyaktig.",
+    "roleMappingClaimPath": "Krev sti",
+    "roleMappingClaimPathPlaceholder": "grupper",
+    "roleMappingClaimPathDescription": "Sti i i token nyttelast som inneholder kildeverdier (for eksempel grupper).",
+    "roleMappingMatchValue": "Treff verdi",
+    "roleMappingAssignRoles": "Tilordne roller",
+    "roleMappingAddMappingRule": "Legg til tilordningsregel",
+    "roleMappingRawExpressionResultDescription": "Uttrykk skal vurderes til en streng eller en tekststreng.",
+    "roleMappingRawExpressionResultDescriptionSingleRole": "Uttrykk må evaluere til en streng (en rollenavn).",
+    "roleMappingMatchValuePlaceholder": "Match verdi (for eksempel: admin)",
+    "roleMappingAssignRolesPlaceholderFreeform": "Angi rollenavn (eksakt per org)",
+    "roleMappingBuilderFreeformRowHint": "Rollenavn må samsvare med en rolle i hver målorganisasjon.",
+    "roleMappingRemoveRule": "Fjern",
     "idpGoogleConfiguration": "Google Konfigurasjon",
     "idpGoogleConfigurationDescription": "Konfigurer Google OAuth2 legitimasjonen",
     "idpGoogleClientIdDescription": "Google OAuth2 Client ID",
@@ -1916,6 +2315,9 @@
     "authPageBrandingQuestionRemove": "Er du sikker på at du vil fjerne merkevarebyggingen for autentiseringssider?",
     "authPageBrandingDeleteConfirm": "Bekreft sletting av merkevarebygging",
     "brandingLogoURL": "Logo URL",
+    "brandingLogoURLOrPath": "Logoen URL eller sti",
+    "brandingLogoPathDescription": "Skriv inn en URL eller en lokal bane.",
+    "brandingLogoURLDescription": "Skriv inn en offentlig tilgjengelig nettadresse til din logobilde.",
     "brandingPrimaryColor": "Primærfarge",
     "brandingLogoWidth": "Bredde (px)",
     "brandingLogoHeight": "Høyde (px)",
@@ -1940,9 +2342,11 @@
     "selectDomainForOrgAuthPage": "Velg et domene for organisasjonens autentiseringsside",
     "domainPickerProvidedDomain": "Gitt domene",
     "domainPickerFreeProvidedDomain": "Gratis oppgitt domene",
+    "domainPickerFreeDomainsPaidFeature": "Angitte domener er en betalingsfunksjon. Abonner for å få et domene inkludert i din plan – ingen behov for å ta med ditt eget.",
     "domainPickerVerified": "Bekreftet",
     "domainPickerUnverified": "Uverifisert",
-    "domainPickerInvalidSubdomainStructure": "Dette underdomenet inneholder ugyldige tegn eller struktur. Det vil automatisk bli utsatt når du lagrer.",
+    "domainPickerManual": "Manuell",
+    "domainPickerInvalidSubdomainStructure": "Ugyldige tegn vil bli sanitert når de er lagret.",
     "domainPickerError": "Feil",
     "domainPickerErrorLoadDomains": "Kan ikke laste organisasjonens domener",
     "domainPickerErrorCheckAvailability": "Kunne ikke kontrollere domenetilgjengelighet",
@@ -1955,7 +2359,7 @@
     "orgAuthChooseIdpDescription": "Velg din identitet leverandør for å fortsette",
     "orgAuthNoIdpConfigured": "Denne organisasjonen har ikke noen identitetstjeneste konfigurert. Du kan i stedet logge inn med Pangolin identiteten din.",
     "orgAuthSignInWithPangolin": "Logg inn med Pangolin",
-    "orgAuthSignInToOrg": "Logg inn på en organisasjon",
+    "orgAuthSignInToOrg": "Organisasjonens identitetsleverandør (SSO)",
     "orgAuthSelectOrgTitle": "Organisasjonsinnlogging",
     "orgAuthSelectOrgDescription": "Skriv inn organisasjons-ID-en din for å fortsette",
     "orgAuthOrgIdPlaceholder": "din-organisasjon",
@@ -2171,10 +2575,10 @@
             },
             "scale": {
                 "title": "Skala",
-                "description": "Enterprise features, 50 brukere, 50 nettsteder og prioritetsstøtte."
+                "description": "Funksjoner for bedrifter, 50 brukere, 100 nettsteder og prioritert support."
             }
         },
-        "personalUseOnly": "Kun personlig bruk (gratis lisens - ingen utsjekking)",
+        "personalUseOnly": "Kun personlig bruk (gratis lisens - ingen kasse)",
         "buttons": {
             "continueToCheckout": "Fortsett til kassen"
         },
@@ -2248,6 +2652,7 @@
     "validPassword": "Gyldig passord",
     "validEmail": "Valid email",
     "validSSO": "Valid SSO",
+    "connectedClient": "Tilkoblet klient",
     "resourceBlocked": "Ressurs blokkert",
     "droppedByRule": "Legg i regelen",
     "noSessions": "Ingen økter",
@@ -2273,6 +2678,8 @@
     "logRetentionAccessDescription": "Hvor lenge du vil beholde adgangslogger",
     "logRetentionActionLabel": "Handlings logg nytt",
     "logRetentionActionDescription": "Hvor lenge handlingen skal lagres",
+    "logRetentionConnectionLabel": "Logg nyhet",
+    "logRetentionConnectionDescription": "Hvor lenge du vil beholde tilkoblingslogger",
     "logRetentionDisabled": "Deaktivert",
     "logRetention3Days": "3 dager",
     "logRetention7Days": "7 dager",
@@ -2283,8 +2690,15 @@
     "logRetentionEndOfFollowingYear": "Slutt på neste år",
     "actionLogsDescription": "Vis historikk for handlinger som er utført i denne organisasjonen",
     "accessLogsDescription": "Vis autoriseringsforespørsler for ressurser i denne organisasjonen",
-    "licenseRequiredToUse": "En <enterpriseLicenseLink>Enterprise Edition</enterpriseLicenseLink> lisens er påkrevd for å bruke denne funksjonen. Denne funksjonen er også tilgjengelig i <pangolinCloudLink>Pangolin Cloud</pangolinCloudLink>.",
-    "ossEnterpriseEditionRequired": "<enterpriseEditionLink>Enterprise Edition</enterpriseEditionLink> er nødvendig for å bruke denne funksjonen. Denne funksjonen er også tilgjengelig i <pangolinCloudLink>Pangolin Cloud</pangolinCloudLink>.",
+    "connectionLogs": "Loggfiler for tilkobling",
+    "connectionLogsDescription": "Vis tilkoblingslogger for tunneler i denne organisasjonen",
+    "sidebarLogsConnection": "Loggfiler for tilkobling",
+    "sidebarLogsStreaming": "Strømming",
+    "sourceAddress": "Kilde adresse",
+    "destinationAddress": "Måladresse (Automatic Translation)",
+    "duration": "Varighet",
+    "licenseRequiredToUse": "En <enterpriseLicenseLink>Enterprise Edition</enterpriseLicenseLink> lisens eller <pangolinCloudLink>Pangolin Cloud</pangolinCloudLink> er påkrevd for å bruke denne funksjonen. <bookADemoLink>Bestill en demo eller POC prøveversjon</bookADemoLink>.",
+    "ossEnterpriseEditionRequired": "<enterpriseEditionLink>Enterprise Edition</enterpriseEditionLink> er nødvendig for å bruke denne funksjonen. Denne funksjonen er også tilgjengelig i <pangolinCloudLink>Pangolin Cloud</pangolinCloudLink>. <bookADemoLink>Bestill en demo eller POC studie</bookADemoLink>.",
     "certResolver": "Sertifikat løser",
     "certResolverDescription": "Velg sertifikatløser som skal brukes for denne ressursen.",
     "selectCertResolver": "Velg sertifikatløser",
@@ -2426,6 +2840,9 @@
     "machineClients": "Maskinklienter",
     "install": "Installer",
     "run": "Kjør",
+    "envFile": "Miljøfil",
+    "serviceFile": "Tjenestefil",
+    "enableAndStart": "Aktiver og start",
     "clientNameDescription": "Visningsnavnet til klienten som kan endres senere.",
     "clientAddress": "Klientadresse (avansert)",
     "setupFailedToFetchSubnet": "Kunne ikke hente standard undernett",
@@ -2474,13 +2891,30 @@
     "editInternalResourceDialogAddClients": "Legg til klienter",
     "editInternalResourceDialogDestinationLabel": "Destinasjon",
     "editInternalResourceDialogDestinationDescription": "Spesifiser destinasjonsadressen for den interne ressursen. Dette kan være et vertsnavn, IP-adresse eller CIDR-sjikt avhengig av valgt modus. Valgfrie oppsett av intern DNS-alias for enklere identifikasjon.",
+    "internalResourceFormMultiSiteRoutingHelp": "Valg av flere nettsteder muliggjør motstandskraftig ruting og failover for høy tilgjengelighet.",
+    "internalResourceFormMultiSiteRoutingHelpLearnMore": "Lær mer",
     "editInternalResourceDialogPortRestrictionsDescription": "Begrens tilgang til spesifikke TCP/UDP-porter eller tillate/blokkere alle porter.",
+    "createInternalResourceDialogHttpConfiguration": "HTTP-konfigurasjon",
+    "createInternalResourceDialogHttpConfigurationDescription": "Velg domenet klienter vil bruke for å nå denne ressursen via HTTP eller HTTPS.",
+    "editInternalResourceDialogHttpConfiguration": "HTTP-konfigurasjon",
+    "editInternalResourceDialogHttpConfigurationDescription": "Velg domenet klienter vil bruke for å nå denne ressursen via HTTP eller HTTPS.",
     "editInternalResourceDialogTcp": "TCP",
     "editInternalResourceDialogUdp": "UDP",
     "editInternalResourceDialogIcmp": "ICMP",
     "editInternalResourceDialogAccessControl": "Tilgangskontroll",
     "editInternalResourceDialogAccessControlDescription": "Kontroller hvilke roller, brukere og maskinklienter som har tilgang til denne ressursen når den er koblet til. Administratorer har alltid tilgang.",
     "editInternalResourceDialogPortRangeValidationError": "Portsjiktet må være \"*\" for alle porter, eller en kommaseparert liste med porter og sjikt (f.eks. \"80,443,8000-9000\"). Porter må være mellom 1 og 65535.",
+    "internalResourceAuthDaemonStrategy": "SSH Auth Daemon Sted",
+    "internalResourceAuthDaemonStrategyDescription": "Velg hvor SSH-autentisering daemon kjører: på nettstedet (Newt) eller på en ekstern vert.",
+    "internalResourceAuthDaemonDescription": "SSH-godkjenning daemon håndterer SSH-nøkkel signering og PAM autentisering for denne ressursen. Velg om den kjører på nettstedet (Newt) eller på en separat ekstern vert. Se <docsLink>dokumentasjonen</docsLink> for mer.",
+    "internalResourceAuthDaemonDocsUrl": "https://docs.pangolin.net",
+    "internalResourceAuthDaemonStrategyPlaceholder": "Velg strategi",
+    "internalResourceAuthDaemonStrategyLabel": "Sted",
+    "internalResourceAuthDaemonSite": "På nettsted",
+    "internalResourceAuthDaemonSiteDescription": "Autentiser daemon kjører på nettstedet (Newt).",
+    "internalResourceAuthDaemonRemote": "Ekstern vert",
+    "internalResourceAuthDaemonRemoteDescription": "Autentiser daemon kjører på en vert som ikke er nettstedet.",
+    "internalResourceAuthDaemonPort": "Daemon Port (valgfritt)",
     "orgAuthWhatsThis": "Hvor kan jeg finne min organisasjons-ID?",
     "learnMore": "Lær mer",
     "backToHome": "Gå tilbake til start",
@@ -2502,6 +2936,9 @@
     "maintenancePageMessagePlaceholder": "Vi kommer snart tilbake! Vårt nettsted gjennomgår for øyeblikket planlagt vedlikehold.",
     "maintenancePageMessageDescription": "Detaljert beskjed som forklarer vedlikeholdet",
     "maintenancePageTimeTitle": "Estimert ferdigstillelsestid (Valgfritt)",
+    "privateMaintenanceScreenTitle": "Privat plassholder skjerm",
+    "privateMaintenanceScreenMessage": "Dette domenet brukes på en privatressurs. Koble til ved å bruke Pangolin-klienten for å få tilgang til denne ressursen.",
+    "privateMaintenanceScreenSteps": "Når du er koblet til, hvis du fortsatt ser denne meldingen, peker kanskje DNS-cachen til nettleseren din fortsatt til den gamle adressen. For å rette på dette: lukk og åpne denne fanen eller nettleseren på nytt, og naviger deretter tilbake til denne siden.",
     "maintenanceTime": "f.eks. 2 timer, 1. november kl. 17:00",
     "maintenanceEstimatedTimeDescription": "Når du forventer at vedlikeholdet er ferdigstilt",
     "editDomain": "Rediger domene",
@@ -2610,5 +3047,166 @@
     "approvalsEmptyStateStep2Title": "Aktiver enhetsgodkjenninger",
     "approvalsEmptyStateStep2Description": "Rediger en rolle og aktiver alternativet 'Kreve enhetsgodkjenninger'. Brukere med denne rollen vil trenge administratorgodkjenning for nye enheter.",
     "approvalsEmptyStatePreviewDescription": "Forhåndsvisning: Når aktivert, ventende enhets forespørsler vil vises her for vurdering",
-    "approvalsEmptyStateButtonText": "Administrer Roller"
+    "approvalsEmptyStateButtonText": "Administrer Roller",
+    "domainErrorTitle": "Vi har problemer med å verifisere domenet ditt",
+    "idpAdminAutoProvisionPoliciesTabHint": "Konfigurer rollegartlegging og organisasjonspolicyer på <policiesTabLink>Auto leveringsinnstillinger</policiesTabLink> fanen.",
+    "streamingTitle": "Hendelse Strømming",
+    "streamingDescription": "Stream hendelser fra din organisasjon til eksterne destinasjoner i sanntid.",
+    "streamingUnnamedDestination": "Plassering uten navn",
+    "streamingNoUrlConfigured": "Ingen URL konfigurert",
+    "streamingAddDestination": "Legg til mål",
+    "streamingHttpWebhookTitle": "HTTP Webhook",
+    "streamingHttpWebhookDescription": "Send hendelser til alle HTTP-endepunkter med fleksibel autentisering og maling.",
+    "streamingS3Title": "Amazon S3",
+    "streamingS3Description": "Strøm hendelser til en S3-kompatibel objektlagringskjøt. Kommer snart.",
+    "streamingDatadogTitle": "Datadog",
+    "streamingDatadogDescription": "Videresend arrangementer direkte til din Datadog-konto. Kommer snart.",
+    "streamingTypePickerDescription": "Velg en måltype for å komme i gang.",
+    "streamingFailedToLoad": "Kan ikke laste inn destinasjoner",
+    "streamingUnexpectedError": "En uventet feil oppstod.",
+    "streamingFailedToUpdate": "Kunne ikke oppdatere destinasjon",
+    "streamingDeletedSuccess": "Målet ble slettet",
+    "streamingFailedToDelete": "Kunne ikke slette destinasjon",
+    "streamingDeleteTitle": "Slett mål",
+    "streamingDeleteButtonText": "Slett mål",
+    "streamingDeleteDialogAreYouSure": "Er du sikker på at du vil slette",
+    "streamingDeleteDialogThisDestination": "denne destinasjonen",
+    "streamingDeleteDialogPermanentlyRemoved": "? Alle konfigurasjoner vil bli slettet permanent.",
+    "httpDestEditTitle": "Rediger mål",
+    "httpDestAddTitle": "Legg til HTTP-destinasjon",
+    "httpDestEditDescription": "Oppdater konfigurasjonen for denne HTTP-hendelsesstrømmedestinasjonen.",
+    "httpDestAddDescription": "Konfigurer et nytt HTTP endepunkt for å motta organisasjonens hendelser.",
+    "S3DestEditTitle": "Rediger destinasjon",
+    "S3DestAddTitle": "Legg til S3 destinasjon",
+    "S3DestEditDescription": "Oppdatere konfigurasjonen for denne S3-hendelsesstrømmingsdestinasjonen.",
+    "S3DestAddDescription": "Konfigurer et nytt S3-endepunkt for å motta organisasjonens hendelser.",
+    "datadogDestEditTitle": "Rediger destinasjon",
+    "datadogDestAddTitle": "Legg til Datadog destinasjon",
+    "datadogDestEditDescription": "Oppdatere konfigurasjonen for denne Datadog-hendelsesstrømmingsdestinasjonen.",
+    "datadogDestAddDescription": "Konfigurer et nytt Datadog-endepunkt for å motta organisasjonens hendelser.",
+    "httpDestTabSettings": "Innstillinger",
+    "httpDestTabHeaders": "Overskrifter",
+    "httpDestTabBody": "Innhold",
+    "httpDestTabLogs": "Logger",
+    "httpDestNamePlaceholder": "Min HTTP destinasjon",
+    "httpDestUrlLabel": "Destinasjons URL",
+    "httpDestUrlErrorHttpRequired": "URL-adressen må bruke httpp eller https",
+    "httpDestUrlErrorHttpsRequired": "HTTPS er nødvendig for distribusjon av sky",
+    "httpDestUrlErrorInvalid": "Skriv inn en gyldig nettadresse (f.eks. https://eksempel.com/webhook)",
+    "httpDestAuthTitle": "Autentisering",
+    "httpDestAuthDescription": "Velg hvordan ønsker til sluttpunktet ditt er autentisert.",
+    "httpDestAuthNoneTitle": "Ingen godkjenning",
+    "httpDestAuthNoneDescription": "Sender forespørsler uten autorisasjonsoverskrift.",
+    "httpDestAuthBearerTitle": "Bærer Symbol",
+    "httpDestAuthBearerDescription": "Legger til en Autorisasjon: Bearer '<token>' header til hver forespørsel.",
+    "httpDestAuthBearerPlaceholder": "Din API-nøkkel eller token",
+    "httpDestAuthBasicTitle": "Standard Auth",
+    "httpDestAuthBasicDescription": "Legger til en Autorisasjon: Basic '<credentials>' header. Gi legitimasjon som brukernavn:passord.",
+    "httpDestAuthBasicPlaceholder": "brukernavn:passord",
+    "httpDestAuthCustomTitle": "Egendefinert topptekst",
+    "httpDestAuthCustomDescription": "Angi et egendefinert HTTP headers navn og verdi for autentisering (f.eks X-API-Key).",
+    "httpDestAuthCustomHeaderNamePlaceholder": "Topptekst navn (f.eks X-API-Key)",
+    "httpDestAuthCustomHeaderValuePlaceholder": "Header verdi",
+    "httpDestCustomHeadersTitle": "Egendefinerte HTTP-overskrifter",
+    "httpDestCustomHeadersDescription": "Legg til egendefinerte overskrifter til hver utgående forespørsel. Nyttig for statisk tokens eller en egendefinert innholdstype. Som standard blir innholdstype: applikasjon/json sendt.",
+    "httpDestNoHeadersConfigured": "Ingen egendefinerte overskrifter konfigurert. Klikk \"Legg til topptekst\" for å legge til en.",
+    "httpDestHeaderNamePlaceholder": "Navn på topptekst",
+    "httpDestHeaderValuePlaceholder": "Verdi",
+    "httpDestAddHeader": "Legg til topptekst",
+    "httpDestBodyTemplateTitle": "Egendefinert hovedmal",
+    "httpDestBodyTemplateDescription": "Kontroller JSON nyttelaststrukturen sendt til ditt endepunkt. Hvis deaktivert, sendes et standard JSON-objekt for hver hendelse.",
+    "httpDestEnableBodyTemplate": "Aktiver egendefinert meldingsmal",
+    "httpDestBodyTemplateLabel": "Kroppsmal (JSON)",
+    "httpDestBodyTemplateHint": "Bruk designmal variabler for å referere til eventfelt i din betaling.",
+    "httpDestPayloadFormatTitle": "Mål format",
+    "httpDestPayloadFormatDescription": "Hvordan blir hendelser serialisert inn i hver forespørselsorgan.",
+    "httpDestFormatJsonArrayTitle": "JSON liste",
+    "httpDestFormatJsonArrayDescription": "Én forespørsel per batch, innholdet er en JSON-liste. Kompatibel med de mest generiske webhooks og Datadog.",
+    "httpDestFormatNdjsonTitle": "NDJSON",
+    "httpDestFormatNdjsonDescription": "Én forespørsel per sats, innholdet er nytt avgrenset JSON - et objekt per linje, ingen ytterarray. Kreves av Splunk HEC, Elastisk/OpenSearch, og Grafana Loki.",
+    "httpDestFormatSingleTitle": "En hendelse per forespørsel",
+    "httpDestFormatSingleDescription": "Sender en separat HTTP POST for hver enkelt hendelse. Bruk bare for endepunkter som ikke kan håndtere batcher.",
+    "httpDestLogTypesTitle": "Logg typer",
+    "httpDestLogTypesDescription": "Velg hvilke loggtyper som blir videresendt til dette målet. Bare aktiverte loggtyper vil bli strømmet.",
+    "httpDestAccessLogsTitle": "Tilgangslogger (Automatic Translation)",
+    "httpDestAccessLogsDescription": "Adgangsforsøk for ressurser, inkludert godkjente og nektet forespørsler.",
+    "httpDestActionLogsTitle": "Handlingslogger",
+    "httpDestActionLogsDescription": "Administrative tiltak som utføres av brukere innenfor organisasjonen.",
+    "httpDestConnectionLogsTitle": "Loggfiler for tilkobling",
+    "httpDestConnectionLogsDescription": "Utstyrs- og tunneltilkoblingshendelser, inkludert forbindelser og frakobling.",
+    "httpDestRequestLogsTitle": "Forespørselslogger (Automatic Translation)",
+    "httpDestRequestLogsDescription": "HTTP-forespørsel logger for bekreftede ressurser, inkludert metode, bane og responskode.",
+    "httpDestSaveChanges": "Lagre endringer",
+    "httpDestCreateDestination": "Opprett mål",
+    "httpDestUpdatedSuccess": "Målet er oppdatert",
+    "httpDestCreatedSuccess": "Målet er opprettet",
+    "httpDestUpdateFailed": "Kunne ikke oppdatere destinasjon",
+    "httpDestCreateFailed": "Kan ikke opprette mål",
+    "followRedirects": "Følg videresendinger",
+    "followRedirectsDescription": "Følg automatisk HTTP-videresendinger for forespørsler.",
+    "alertingErrorWebhookUrl": "Vennligst skriv inn en gyldig URL for webhooken.",
+    "healthCheckStrategyHttp": "Validerer tilkobling og sjekker HTTP-responsstatus.",
+    "healthCheckStrategyTcp": "Bekrefter kun TCP-tilkobling, uten å inspisere responsen.",
+    "healthCheckStrategySnmp": "Utfører en SNMP get-forespørsel for å sjekke helsen til nettverksenheter og infrastruktur.",
+    "healthCheckStrategyIcmp": "Bruker ICMP ekko forespørsler (ping) for å sjekke om en ressurs er tilgjengelig og responsiv.",
+    "healthCheckTabStrategy": "Strategi",
+    "healthCheckTabConnection": "Tilkobling",
+    "healthCheckTabAdvanced": "Avansert",
+    "healthCheckStrategyNotAvailable": "Denne strategien er ikke tilgjengelig. Vennligst kontakt salgsavdelingen for å aktivere denne funksjonen.",
+    "uptime30d": "Oppetid (30d)",
+    "idpAddActionCreateNew": "Opprett ny identitetsleverandør",
+    "idpAddActionImportFromOrg": "Importer fra en annen organisasjon",
+    "idpImportDialogTitle": "Importer identitetsleverandør",
+    "idpImportDialogDescription": "Velg en identitetsleverandør fra en organisasjon der du er admin. Den vil bli knyttet til denne organisasjonen.",
+    "idpImportSearchPlaceholder": "Søk etter organisasjons- eller leverandørnavn...",
+    "idpImportEmpty": "Ingen identitetsleverandører funnet.",
+    "idpImportedDescription": "Identitetsleverandøren ble importert vellykket.",
+    "idpDeleteGlobalQuestion": "Er du sikker på at du vil slette denne identitetsleverandøren permanent?",
+    "idpDeleteGlobalDescription": "Dette vil slette identitetsleverandøren permanent fra alle organisasjoner den er tilknyttet.",
+    "idpUnassociateTitle": "Frakoble identitetsleverandør",
+    "idpUnassociateQuestion": "Er du sikker på at du vil frakoble denne identitetsleverandøren fra denne organisasjonen?",
+    "idpUnassociateDescription": "Alle brukere knyttet til denne identitetsleverandøren vil bli fjernet fra denne organisasjonen, men identitetsleverandøren vil fortsatt eksistere for andre tilknyttede organisasjoner.",
+    "idpUnassociateConfirm": "Bekreft frakobling av identitetsleverandør",
+    "idpUnassociateWarning": "Dette kan ikke angres for denne organisasjonen.",
+    "idpUnassociatedDescription": "Identitetsleverandør er vellykket frakoblet fra denne organisasjonen",
+    "idpUnassociateMenu": "Frakoble",
+    "idpDeleteAllOrgsMenu": "Slett",
+    "publicIpEndpoint": "Endepunkt",
+    "lastTriggeredAt": "Siste utløste",
+    "reject": "Avvis",
+    "uptimeDaysAgo": "{count} days ago",
+    "uptimeToday": "I dag",
+    "uptimeNoDataAvailable": "Ingen data tilgjengelig",
+    "uptimeSuffix": "oppetid",
+    "uptimeDowntimeSuffix": "nedetid",
+    "uptimeTooltipUptimeLabel": "Oppetid",
+    "uptimeTooltipDowntimeLabel": "Nedetid",
+    "uptimeOngoing": "pågående",
+    "uptimeNoMonitoringData": "Ingen overvåkingsdata",
+    "uptimeNoData": "Ingen data",
+    "uptimeMiniBarDown": "Nede",
+    "uptimeSectionTitle": "Oppetid",
+    "uptimeSectionDescription": "Tilgjengelighet de siste {days} dagene",
+    "uptimeAddAlert": "Legg til varsling",
+    "uptimeViewAlerts": "Vis varsler",
+    "uptimeCreateEmailAlert": "Opprett e-postvarsel",
+    "uptimeAlertDescriptionSite": "Få beskjed på e-post når dette nettstedet går offline eller kommer tilbake online.",
+    "uptimeAlertDescriptionResource": "Få beskjed på e-post når denne ressursen går offline eller kommer tilbake online.",
+    "uptimeAlertNamePlaceholder": "Varslingsnavn",
+    "uptimeAdditionalEmails": "Flere e-poster",
+    "uptimeCreateAlert": "Opprett varsling",
+    "uptimeAlertNoRecipients": "Ingen mottakere",
+    "uptimeAlertNoRecipientsDescription": "Vennligst legg til minst én bruker, rolle, eller e-post for å varsle.",
+    "uptimeAlertCreated": "Varsel opprettet",
+    "uptimeAlertCreatedDescription": "Du vil bli varslet når dette endrer status.",
+    "uptimeAlertCreateFailed": "Kunne ikke opprette varsel",
+    "webhookUrlLabel": "URL",
+    "webhookHeaderKeyPlaceholder": "Nøkkel",
+    "webhookHeaderValuePlaceholder": "Verdi",
+    "alertLabel": "Varsel",
+    "domainPickerWildcardSubdomainNotAllowed": "Jokertegnsubdomener er ikke tillatt.",
+    "domainPickerWildcardCertWarning": "Jokertegnressurser kan kreve ekstra konfigurasjon for å fungere skikkelig.",
+    "domainPickerWildcardCertWarningLink": "Lær mer",
+    "health": "Helse",
+    "domainPendingErrorTitle": "Verifiseringsproblem"
 }

messages/nl-NL.json

@@ -1,4 +1,8 @@
 {
+    "contactSalesEnable": "Neem contact op met de verkoopafdeling om deze functie in te schakelen.",
+    "contactSalesBookDemo": "Boek een demo",
+    "contactSalesOr": "of",
+    "contactSalesContactUs": "neem contact met ons op",
     "setupCreate": "Maak de organisatie, site en bronnen aan",
     "headerAuthCompatibilityInfo": "Schakel dit in om een 401 Niet Geautoriseerd antwoord af te dwingen wanneer een authenticatietoken ontbreekt. Dit is vereist voor browsers of specifieke HTTP-bibliotheken die geen referenties verzenden zonder een serveruitdaging.",
     "headerAuthCompatibility": "Uitgebreide compatibiliteit",
@@ -19,6 +23,18 @@
     "componentsInvalidKey": "Ongeldige of verlopen licentiesleutels gedetecteerd. Volg de licentievoorwaarden om alle functies te blijven gebruiken.",
     "dismiss": "Uitschakelen",
     "subscriptionViolationMessage": "U overschrijdt uw huidige abonnement. Corrigeer het probleem door sites, gebruikers of andere bronnen te verwijderen om binnen uw plan te blijven.",
+    "trialBannerMessage": "Uw proefversie verloopt over {countdown}. Upgrade om toegang te behouden.",
+    "trialBannerExpired": "Uw proefperiode is verlopen. Upgrade nu om toegang te herstellen.",
+    "billingTrialBannerTitle": "Proefperiode Actief",
+    "billingTrialBannerDescription": "Je bent momenteel bezig met een gratis proefperiode op het zakelijke niveau. Wanneer de proefperiode eindigt, wordt je account automatisch teruggezet naar de functies en limieten van het Basic-niveau. Upgrade op elk moment om toegang te houden tot de functies van je huidige plan.",
+    "billingTrialBannerUpgrade": "Nu Upgraden",
+    "billingTrialBadge": "Gratis Proefversie",
+    "trialActive": "Gratis proefversie actief",
+    "trialExpired": "Proefversie verlopen",
+    "trialHasEnded": "Uw proefperiode is geëindigd.",
+    "trialDaysRemaining": "{count, plural, one {# dag resterend} other {# dagen resterend}}",
+    "trialDaysLeftShort": "{days}d over in proefversie",
+    "trialGoToBilling": "Ga naar factureringspagina",
     "subscriptionViolationViewBilling": "Facturering bekijken",
     "componentsLicenseViolation": "Licentie overtreding: Deze server gebruikt {usedSites} sites die de gelicentieerde limiet van {maxSites} sites overschrijden. Volg de licentievoorwaarden om door te gaan met het gebruik van alle functies.",
     "componentsSupporterMessage": "Bedankt voor het ondersteunen van Pangolin als {tier}!",
@@ -81,6 +97,8 @@
     "siteConfirmCopy": "Ik heb de configuratie gekopieerd",
     "searchSitesProgress": "Sites zoeken...",
     "siteAdd": "Site toevoegen",
+    "sitesTableViewPublicResources": "Openbare bronnen bekijken",
+    "sitesTableViewPrivateResources": "Privébronnen bekijken",
     "siteInstallNewt": "Installeer Newt",
     "siteInstallNewtDescription": "Laat Newt draaien op uw systeem",
     "WgConfiguration": "WireGuard Configuratie",
@@ -98,6 +116,21 @@
     "siteUpdatedDescription": "De site is bijgewerkt.",
     "siteGeneralDescription": "Algemene instellingen voor deze site configureren",
     "siteSettingDescription": "Configureer de instellingen van de site",
+    "siteResourcesTab": "Bronnen",
+    "siteResourcesNoneOnSite": "Deze site heeft nog geen openbare of privébronnen.",
+    "siteResourcesSectionPublic": "Openbare bronnen",
+    "siteResourcesSectionPrivate": "Privébronnen",
+    "siteResourcesSectionPublicDescription": "Bronnen extern blootgesteld via domeinen of poorten.",
+    "siteResourcesSectionPrivateDescription": "Bronnen beschikbaar op uw privénetwerk via de site.",
+    "siteResourcesViewAllPublic": "Bekijk alle bronnen",
+    "siteResourcesViewAllPrivate": "Bekijk alle bronnen",
+    "siteResourcesDialogDescription": "Overzicht van openbare en privébronnen die geassocieerd zijn met deze site.",
+    "siteResourcesShowMore": "Meer weergeven",
+    "siteResourcesPermissionDenied": "U heeft geen toestemming om deze bronnen te vermelden.",
+    "siteResourcesEmptyPublic": "Geen openbare bronnen richten zich nog op deze site.",
+    "siteResourcesEmptyPrivate": "Er zijn nog geen privébronnen gekoppeld aan deze site.",
+    "siteResourcesHowToAccess": "Hoe te openen",
+    "siteResourcesTargetsOnSite": "Doelen op deze site",
     "siteSetting": "{siteName} instellingen",
     "siteNewtTunnel": "Nieuwste site (Aanbevolen)",
     "siteNewtTunnelDescription": "Makkelijkste manier om een ingangspunt in een netwerk te maken. Geen extra opzet.",
@@ -148,6 +181,11 @@
     "createLink": "Koppeling aanmaken",
     "resourcesNotFound": "Geen bronnen gevonden",
     "resourceSearch": "Zoek bronnen",
+    "machineSearch": "Zoek machines",
+    "machinesSearch": "Zoek machine-clients...",
+    "machineNotFound": "Geen machines gevonden",
+    "userDeviceSearch": "Gebruikersapparaten zoeken",
+    "userDevicesSearch": "Gebruikersapparaten zoeken...",
     "openMenu": "Menu openen",
     "resource": "Bron",
     "title": "Aanspreektitel",
@@ -175,6 +213,7 @@
     "resourceHTTPDescription": "Proxyverzoeken via HTTPS met een volledig gekwalificeerde domeinnaam.",
     "resourceRaw": "TCP/UDP bron",
     "resourceRawDescription": "Proxyverzoeken via ruwe TCP/UDP met een poortnummer.",
+    "resourceRawDescriptionCloud": "Proxy verzoeken over rauwe TCP/UDP met behulp van een poortnummer. Vereist sites om verbinding te maken met een remote node.",
     "resourceCreate": "Bron maken",
     "resourceCreateDescription": "Volg de onderstaande stappen om een nieuwe bron te maken",
     "resourceSeeAll": "Alle bronnen bekijken",
@@ -201,6 +240,7 @@
     "protocolSelect": "Selecteer een protocol",
     "resourcePortNumber": "Nummer van poort",
     "resourcePortNumberDescription": "Het externe poortnummer naar proxyverzoeken.",
+    "back": "Achterzijde",
     "cancel": "Annuleren",
     "resourceConfig": "Configuratie tekstbouwstenen",
     "resourceConfigDescription": "Kopieer en plak deze configuratie-snippets om de TCP/UDP-bron in te stellen",
@@ -246,11 +286,25 @@
     "orgErrorDeleteMessage": "Er is een fout opgetreden tijdens het verwijderen van de organisatie.",
     "orgDeleted": "Organisatie verwijderd",
     "orgDeletedMessage": "De organisatie en haar gegevens zijn verwijderd.",
+    "deleteAccount": "Verwijder account",
+    "deleteAccountDescription": "Verwijdert permanent uw account, alle organisaties die u bezit, en alle gegevens binnen deze organisaties. Dit kan niet ongedaan worden gemaakt.",
+    "deleteAccountButton": "Verwijder account",
+    "deleteAccountConfirmTitle": "Verwijder account",
+    "deleteAccountConfirmMessage": "Dit zal uw account permanent wissen, alle organisaties die u bezit, en alle gegevens binnen deze organisaties. Dit kan niet ongedaan worden gemaakt.",
+    "deleteAccountConfirmString": "verwijder account",
+    "deleteAccountSuccess": "Account verwijderd",
+    "deleteAccountSuccessMessage": "Uw account is verwijderd.",
+    "deleteAccountError": "Kan account niet verwijderen",
+    "deleteAccountPreviewAccount": "Uw account",
+    "deleteAccountPreviewOrgs": "Organisaties die je bezit (en al hun gegevens)",
     "orgMissing": "Organisatie-ID ontbreekt",
     "orgMissingMessage": "Niet in staat om de uitnodiging te regenereren zonder organisatie-ID.",
     "accessUsersManage": "Gebruikers beheren",
+    "accessUserManage": "Beheer gebruiker",
     "accessUsersDescription": "Nodig uit en beheer gebruikers met toegang tot deze organisatie",
     "accessUsersSearch": "Gebruikers zoeken...",
+    "accessUsersRoleFilterCount": "{count, plural, one {# rol} other {# rollen}}",
+    "accessUsersRoleFilterClear": "Rolfilters wissen",
     "accessUserCreate": "Gebruiker aanmaken",
     "accessUserRemove": "Gebruiker verwijderen",
     "username": "Gebruikersnaam",
@@ -310,6 +364,54 @@
     "apiKeysDelete": "API-sleutel verwijderen",
     "apiKeysManage": "API-sleutels beheren",
     "apiKeysDescription": "API-sleutels worden gebruikt om te verifiëren met de integratie-API",
+    "provisioningKeysTitle": "Vertrekkende sleutel",
+    "provisioningKeysManage": "Beheren van Provisioning Sleutels",
+    "provisioningKeysDescription": "Provisionerende sleutels worden gebruikt om geautomatiseerde sitebepaling voor uw organisatie te verifiëren.",
+    "provisioningManage": "Provisie",
+    "provisioningDescription": "Voorzieningssleutels beheren en sites beoordelen in afwachting van goedkeuring.",
+    "pendingSites": "Openstaande sites",
+    "siteApproveSuccess": "Site succesvol goedgekeurd",
+    "siteApproveError": "Fout bij goedkeuren website",
+    "provisioningKeys": "Verhelderende sleutels",
+    "searchProvisioningKeys": "Zoek provisioningsleutels ...",
+    "provisioningKeysAdd": "Genereer Provisioning Sleutel",
+    "provisioningKeysErrorDelete": "Fout bij verwijderen provisioning sleutel",
+    "provisioningKeysErrorDeleteMessage": "Fout bij verwijderen provisioning sleutel",
+    "provisioningKeysQuestionRemove": "Weet u zeker dat u deze proefsleutel van de organisatie wilt verwijderen?",
+    "provisioningKeysMessageRemove": "Eenmaal verwijderd, kan de sleutel niet meer worden gebruikt voor site-instructie.",
+    "provisioningKeysDeleteConfirm": "Bevestig Verwijderen Provisione-sleutel",
+    "provisioningKeysDelete": "Provisione-sleutel verwijderen",
+    "provisioningKeysCreate": "Genereer Provisioning Sleutel",
+    "provisioningKeysCreateDescription": "Een nieuwe provisioningsleutel voor de organisatie genereren",
+    "provisioningKeysSeeAll": "Bekijk alle provisioning sleutels",
+    "provisioningKeysSave": "Sla de provisioning sleutel op",
+    "provisioningKeysSaveDescription": "Je kunt dit slechts één keer zien. Kopieer het naar een veilige plaats.",
+    "provisioningKeysErrorCreate": "Fout bij aanmaken provisioning sleutel",
+    "provisioningKeysList": "Nieuwe provisioning sleutel",
+    "provisioningKeysMaxBatchSize": "Maximale batchgrootte",
+    "provisioningKeysUnlimitedBatchSize": "Onbeperkte batchgrootte (geen limiet)",
+    "provisioningKeysMaxBatchUnlimited": "Onbeperkt",
+    "provisioningKeysMaxBatchSizeInvalid": "Voer een geldige maximale batchgrootte in (1–1.000,000).",
+    "provisioningKeysValidUntil": "Geldig tot",
+    "provisioningKeysValidUntilHint": "Laat leeg voor geen vervaldatum.",
+    "provisioningKeysValidUntilInvalid": "Voer een geldige datum en tijd in.",
+    "provisioningKeysNumUsed": "Aantal keer gebruikt",
+    "provisioningKeysLastUsed": "Laatst gebruikt",
+    "provisioningKeysNoExpiry": "Geen vervaldatum",
+    "provisioningKeysNeverUsed": "Nooit",
+    "provisioningKeysEdit": "Wijzig Provisioning Sleutel",
+    "provisioningKeysEditDescription": "Werk de maximale batchgrootte en verlooptijd voor deze sleutel bij.",
+    "provisioningKeysApproveNewSites": "Goedkeuren van nieuwe sites",
+    "provisioningKeysApproveNewSitesDescription": "Automatisch sites goedkeuren die zich registreren met deze sleutel.",
+    "provisioningKeysUpdateError": "Fout tijdens bijwerken provisioning sleutel",
+    "provisioningKeysUpdated": "Provisie sleutel bijgewerkt",
+    "provisioningKeysUpdatedDescription": "Uw wijzigingen zijn opgeslagen.",
+    "provisioningKeysBannerTitle": "Bewerkingssleutels voor websites",
+    "provisioningKeysBannerDescription": "Genereer een inrichtingssleutel en gebruik deze met de Newt-connector om automatisch sites te maken bij de eerste opstart - er is geen behoefte om aparte inloggegevens voor elke site in te stellen.",
+    "provisioningKeysBannerButtonText": "Meer informatie",
+    "pendingSitesBannerTitle": "Openstaande sites",
+    "pendingSitesBannerDescription": "Sites die verbinding maken met een inrichtingssleutel verschijnen hier voor beoordeling.",
+    "pendingSitesBannerButtonText": "Meer informatie",
     "apiKeysSettings": "{apiKeyName} instellingen",
     "userTitle": "Alle gebruikers beheren",
     "userDescription": "Bekijk en beheer alle gebruikers in het systeem",
@@ -339,6 +441,10 @@
     "licenseErrorKeyActivate": "Licentiesleutel activeren mislukt",
     "licenseErrorKeyActivateDescription": "Er is een fout opgetreden tijdens het activeren van de licentiesleutel.",
     "licenseAbout": "Over licenties",
+    "licenseBannerTitle": "Activeer Uw Enterprise Licentie",
+    "licenseBannerDescription": "Ontgrendel enterprise-functies voor uw zelf-gehoste Pangolin-instantie. Koop een licentiesleutel om premium mogelijkheden te activeren, voeg deze vervolgens hieronder toe.",
+    "licenseBannerGetLicense": "Koop een Licentie",
+    "licenseBannerViewDocs": "Bekijk Documentatie",
     "communityEdition": "Community editie",
     "licenseAboutDescription": "Dit geldt voor gebruikers van bedrijven en ondernemingen die Pangolin in gebruiken in een commerciële omgeving. Als u Pangolin gebruikt voor persoonlijk gebruik, kunt u dit gedeelte negeren.",
     "licenseKeyActivated": "Licentiesleutel geactiveerd",
@@ -461,6 +567,8 @@
     "filterByApprovalState": "Filter op goedkeuringsstatus",
     "approvalListEmpty": "Geen goedkeuringen",
     "approvalState": "Goedkeuring status",
+    "approvalLoadMore": "Meer laden",
+    "loadingApprovals": "Goedkeuringen laden",
     "approve": "Goedkeuren",
     "approved": "Goedgekeurd",
     "denied": "Geweigerd",
@@ -494,9 +602,12 @@
     "userSaved": "Gebruiker opgeslagen",
     "userSavedDescription": "De gebruiker is bijgewerkt.",
     "autoProvisioned": "Automatisch bevestigen",
+    "autoProvisionSettings": "Auto Provisie Instellingen",
     "autoProvisionedDescription": "Toestaan dat deze gebruiker automatisch wordt beheerd door een identiteitsprovider",
     "accessControlsDescription": "Beheer wat deze gebruiker toegang heeft tot en doet in de organisatie",
     "accessControlsSubmit": "Bewaar Toegangsbesturing",
+    "singleRolePerUserPlanNotice": "Uw plan ondersteunt slechts één rol per gebruiker.",
+    "singleRolePerUserEditionNotice": "Deze editie ondersteunt slechts één rol per gebruiker.",
     "roles": "Rollen",
     "accessUsersRoles": "Beheer Gebruikers & Rollen",
     "accessUsersRolesDescription": "Nodig gebruikers uit en voeg ze toe aan de rollen om toegang tot de organisatie te beheren",
@@ -553,6 +664,8 @@
     "targetErrorInvalidPortDescription": "Voer een geldig poortnummer in",
     "targetErrorNoSite": "Geen site geselecteerd",
     "targetErrorNoSiteDescription": "Selecteer een site voor het doel",
+    "targetTargetsCleared": "Doelen gewist",
+    "targetTargetsClearedDescription": "Alle doelen zijn verwijderd van deze bron",
     "targetCreated": "Doel aangemaakt",
     "targetCreatedDescription": "Doel is succesvol aangemaakt",
     "targetErrorCreate": "Kan doel niet aanmaken",
@@ -636,6 +749,7 @@
     "resourcesErrorUpdate": "Bron wisselen mislukt",
     "resourcesErrorUpdateDescription": "Er is een fout opgetreden tijdens het bijwerken van het document",
     "access": "Toegangsrechten",
+    "accessControl": "Toegangs controle",
     "shareLink": "{resource} Share link",
     "resourceSelect": "Selecteer resource",
     "shareLinks": "Links delen",
@@ -653,6 +767,7 @@
     "newtEndpoint": "Endpoint",
     "newtId": "ID",
     "newtSecretKey": "Geheim",
+    "newtVersion": "Versie",
     "architecture": "Architectuur",
     "sites": "Sites",
     "siteWgAnyClients": "Gebruik een willekeurige WireGuard client om verbinding te maken. Je zult interne bronnen moeten aanspreken met behulp van de peer IP.",
@@ -776,6 +891,7 @@
     "accessRoleRemoved": "Rol verwijderd",
     "accessRoleRemovedDescription": "De rol is succesvol verwijderd.",
     "accessRoleRequiredRemove": "Voordat u deze rol verwijdert, selecteer een nieuwe rol om bestaande leden aan te dragen.",
+    "network": "Netwerk",
     "manage": "Beheren",
     "sitesNotFound": "Geen sites gevonden.",
     "pangolinServerAdmin": "Serverbeheer - Pangolin",
@@ -819,6 +935,7 @@
     "idpDisplayName": "Een weergavenaam voor deze identiteitsprovider",
     "idpAutoProvisionUsers": "Auto Provisie Gebruikers",
     "idpAutoProvisionUsersDescription": "Wanneer ingeschakeld, worden gebruikers automatisch in het systeem aangemaakt wanneer ze de eerste keer inloggen met de mogelijkheid om gebruikers toe te wijzen aan rollen en organisaties.",
+    "idpAutoProvisionConfigureAfterCreate": "U kunt automatische voorzieningsinstellingen configureren zodra de identiteitsprovider is aangemaakt.",
     "licenseBadge": "EE",
     "idpType": "Type provider",
     "idpTypeDescription": "Selecteer het type identiteitsprovider dat u wilt configureren",
@@ -870,7 +987,7 @@
     "defaultMappingsRole": "Standaard Rol Toewijzing",
     "defaultMappingsRoleDescription": "Het resultaat van deze uitdrukking moet de rolnaam zoals gedefinieerd in de organisatie als tekenreeks teruggeven.",
     "defaultMappingsOrg": "Standaard organisatie mapping",
-    "defaultMappingsOrgDescription": "Deze expressie moet de org-ID teruggeven of waar om de gebruiker toegang te geven tot de organisatie.",
+    "defaultMappingsOrgDescription": "Wanneer ingesteld, moet deze expressie de organisatie-ID of waar retourneren voor de gebruiker om toegang te krijgen tot die organisatie. Als het niet is ingesteld, is het definiëren van een roltoewijzing voldoende: de gebruiker is toegestaan zolang een geldige roltoewijzing voor hen binnen de organisatie kan worden opgelost.",
     "defaultMappingsSubmit": "Standaard toewijzingen opslaan",
     "orgPoliciesEdit": "Organisatie beleid bewerken",
     "org": "Organisatie",
@@ -1017,12 +1134,12 @@
     "pangolinSetup": "Instellen - Pangolin",
     "orgNameRequired": "Organisatienaam is vereist",
     "orgIdRequired": "Organisatie-ID is vereist",
+    "orgIdMaxLength": "Organisatie-ID mag maximaal 32 tekens lang zijn",
     "orgErrorCreate": "Fout opgetreden tijdens het aanmaken org",
     "pageNotFound": "Pagina niet gevonden",
     "pageNotFoundDescription": "Oeps! De pagina die je zoekt bestaat niet.",
     "overview": "Overzicht.",
     "home": "Startpagina",
-    "accessControl": "Toegangs controle",
     "settings": "Instellingen",
     "usersAll": "Alle gebruikers",
     "license": "Licentie",
@@ -1085,6 +1202,12 @@
     "actionGetUser": "Gebruiker ophalen",
     "actionGetOrgUser": "Krijg organisatie-gebruiker",
     "actionListOrgDomains": "Lijst organisatie domeinen",
+    "actionGetDomain": "Domein verkrijgen",
+    "actionCreateOrgDomain": "Domein aanmaken",
+    "actionUpdateOrgDomain": "Domein bijwerken",
+    "actionDeleteOrgDomain": "Domein verwijderen",
+    "actionGetDNSRecords": "Krijg DNS Records",
+    "actionRestartOrgDomain": "Domein opnieuw starten",
     "actionCreateSite": "Site aanmaken",
     "actionDeleteSite": "Site verwijderen",
     "actionGetSite": "Site ophalen",
@@ -1096,6 +1219,7 @@
     "setupTokenDescription": "Voer het setup-token in vanaf de serverconsole.",
     "setupTokenRequired": "Setup-token is vereist",
     "actionUpdateSite": "Site bijwerken",
+    "actionResetSiteBandwidth": "Reset organisatieschandbreedte",
     "actionListSiteRoles": "Toon toegestane sitenollen",
     "actionCreateResource": "Bron maken",
     "actionDeleteResource": "Document verwijderen",
@@ -1125,6 +1249,7 @@
     "actionRemoveUser": "Gebruiker verwijderen",
     "actionListUsers": "Gebruikers weergeven",
     "actionAddUserRole": "Gebruikersrol toevoegen",
+    "actionSetUserOrgRoles": "Stel gebruikersrollen in",
     "actionGenerateAccessToken": "Genereer Toegangstoken",
     "actionDeleteAccessToken": "Verwijder toegangstoken",
     "actionListAccessTokens": "Lijst toegangstokens",
@@ -1169,7 +1294,9 @@
     "actionViewLogs": "Logboeken bekijken",
     "noneSelected": "Niet geselecteerd",
     "orgNotFound2": "Geen organisaties gevonden.",
-    "searchProgress": "Zoeken...",
+    "search": "Zoeken…",
+    "searchPlaceholder": "Zoeken...",
+    "emptySearchOptions": "Geen opties gevonden",
     "create": "Aanmaken",
     "orgs": "Organisaties",
     "loginError": "Er is een onverwachte fout opgetreden. Probeer het opnieuw.",
@@ -1233,12 +1360,14 @@
     "sidebarClientResources": "Privé",
     "sidebarAccessControl": "Toegangs controle",
     "sidebarLogsAndAnalytics": "Logs & Analytics",
+    "sidebarTeam": "Team",
     "sidebarUsers": "Gebruikers",
     "sidebarAdmin": "Beheerder",
     "sidebarInvitations": "Uitnodigingen",
     "sidebarRoles": "Rollen",
     "sidebarShareableLinks": "Koppelingen",
     "sidebarApiKeys": "API sleutels",
+    "sidebarProvisioning": "Provisie",
     "sidebarSettings": "Instellingen",
     "sidebarAllUsers": "Alle gebruikers",
     "sidebarIdentityProviders": "Identiteit aanbieders",
@@ -1250,8 +1379,167 @@
     "sidebarGeneral": "Beheren",
     "sidebarLogAndAnalytics": "Log & Analytics",
     "sidebarBluePrints": "Blauwdrukken",
+    "sidebarAlerting": "Waarschuwingen",
+    "sidebarHealthChecks": "Gezondheidscontroles",
     "sidebarOrganization": "Organisatie",
+    "sidebarManagement": "Beheer",
+    "sidebarBillingAndLicenses": "Facturatie & Licenties",
     "sidebarLogsAnalytics": "Analyses",
+    "alertingTitle": "Waarschuwingen",
+    "alertingDescription": "Definieer bronnen, triggers en acties voor meldingen",
+    "alertingRules": "Waarschuwingsregels",
+    "alertingSearchRules": "Zoek regels…",
+    "alertingAddRule": "Regel aanmaken",
+    "alertingColumnSource": "Bron",
+    "alertingColumnTrigger": "Trigger",
+    "alertingColumnActions": "Acties",
+    "alertingColumnEnabled": "Ingeschakeld",
+    "alertingDeleteQuestion": "Bevestig alstublieft dat u deze waarschuwingsregel wilt verwijderen.",
+    "alertingDeleteRule": "Verwijder waarschuwingsregel",
+    "alertingRuleDeleted": "Waarschuwingsregel verwijderd",
+    "alertingRuleSaved": "Waarschuwingsregel opgeslagen",
+    "alertingRuleSavedCreatedDescription": "Uw nieuwe waarschuwingsregel is aangemaakt. U kunt deze op deze pagina blijven bewerken.",
+    "alertingRuleSavedUpdatedDescription": "Uw wijzigingen in deze waarschuwingsregel zijn opgeslagen.",
+    "alertingEditRule": "Bewerk waarschuwingsregel",
+    "alertingCreateRule": "Waarschuwingsregel aanmaken",
+    "alertingRuleCredenzaDescription": "Kies wat te bekijken, wanneer het moet gebeuren en hoe te waarschuwen",
+    "alertingRuleNamePlaceholder": "Productiesite offline",
+    "alertingRuleEnabled": "Regel ingeschakeld",
+    "alertingSectionSource": "Bron",
+    "alertingSourceType": "Brontype",
+    "alertingSourceSite": "Site",
+    "alertingSourceHealthCheck": "Gezondheidscontrole",
+    "alertingPickSites": "Sites",
+    "alertingPickHealthChecks": "Gezondheidscontroles",
+    "alertingPickResources": "Bronnen",
+    "alertingAllSites": "Alle sites",
+    "alertingAllSitesDescription": "Waarschuwing voor elke site",
+    "alertingSpecificSites": "Specifieke sites",
+    "alertingSpecificSitesDescription": "Kies specifieke sites om in de gaten te houden",
+    "alertingAllHealthChecks": "Alle Gezondheidscontroles",
+    "alertingAllHealthChecksDescription": "Waarschuwing voor elke gezondheidscontrole",
+    "alertingSpecificHealthChecks": "Specifieke Gezondheidscontroles",
+    "alertingSpecificHealthChecksDescription": "Kies specifieke gezondheidscontroles om in de gaten te houden",
+    "alertingAllResources": "Alle bronnen",
+    "alertingAllResourcesDescription": "Waarschuwing voor elke bron",
+    "alertingSpecificResources": "Specifieke bronnen",
+    "alertingSpecificResourcesDescription": "Kies specifieke bronnen om in de gaten te houden",
+    "alertingSelectResources": "Selecteer bronnen…",
+    "alertingResourcesSelected": "{count} bronnen geselecteerd",
+    "alertingResourcesEmpty": "Geen bronnen met doelen in de eerste 10 resultaten.",
+    "alertingSectionTrigger": "Trigger",
+    "alertingTrigger": "Wanneer te waarschuwen",
+    "alertingTriggerSiteOnline": "Site online",
+    "alertingTriggerSiteOffline": "Site offline",
+    "alertingTriggerSiteToggle": "Site status wijzigt",
+    "alertingTriggerHcHealthy": "Gezondheidscontrole gezond",
+    "alertingTriggerHcUnhealthy": "Gezondheidscontrole ongezond",
+    "alertingTriggerHcToggle": "Gezondheidscontrole status verandert",
+    "alertingTriggerResourceHealthy": "Bron gezond",
+    "alertingTriggerResourceUnhealthy": "Bron ongezond",
+    "alertingTriggerResourceDegraded": "Bron gedegradeerd",
+    "alertingSearchHealthChecks": "Zoek gezondheidscontroles…",
+    "alertingHealthChecksEmpty": "Geen gezondheidscontroles beschikbaar.",
+    "alertingTriggerResourceToggle": "Bronstatus wijzigt",
+    "alertingSourceResource": "Bron",
+    "alertingSectionActions": "Acties",
+    "alertingAddAction": "Actie toevoegen",
+    "alertingActionNotify": "E-mail",
+    "alertingActionNotifyDescription": "Stuur e-mailmeldingen naar gebruikers of rollen",
+    "alertingActionWebhook": "Webhook",
+    "alertingActionWebhookDescription": "Stuur een HTTP-verzoek naar een aangepast eindpunt",
+    "alertingExternalIntegration": "Externe integratie",
+    "alertingExternalPagerDutyDescription": "Stuur waarschuwingen naar PagerDuty voor incidentbeheer",
+    "alertingExternalOpsgenieDescription": "Routeer waarschuwingen naar Opsgenie voor wachtdienstbeheer",
+    "alertingExternalServiceNowDescription": "Maak ServiceNow-incidenten aan vanuit waarschuwingsgebeurtenissen",
+    "alertingExternalIncidentIoDescription": "Trigger Incident.io workflows van waarschuwingsgebeurtenissen",
+    "alertingActionType": "Actietype",
+    "alertingNotifyUsers": "Gebruikers",
+    "alertingNotifyRoles": "Rollen",
+    "alertingNotifyEmails": "E-mailadressen",
+    "alertingEmailPlaceholder": "Voeg e-mail toe en druk op Enter",
+    "alertingWebhookMethod": "HTTP-methode",
+    "alertingWebhookSecret": "Ondertekengeheim (optioneel)",
+    "alertingWebhookSecretPlaceholder": "HMAC-geheim",
+    "alertingWebhookHeaders": "Headers",
+    "alertingAddHeader": "Header toevoegen",
+    "alertingSelectSites": "Selecteer sites…",
+    "alertingSitesSelected": "{count} sites geselecteerd",
+    "alertingSelectHealthChecks": "Selecteer gezondheidscontroles…",
+    "alertingHealthChecksSelected": "{count} gezondheidscontroles geselecteerd",
+    "alertingNoHealthChecks": "Geen doelen met ingeschakelde gezondheidscontroles",
+    "alertingHealthCheckStub": "Gezondheidscontrole brondeselectie is nog niet gekoppeld - u kunt nog steeds triggers en acties configureren.",
+    "alertingSelectUsers": "Selecteer gebruikers…",
+    "alertingUsersSelected": "{count} gebruikers geselecteerd",
+    "alertingSelectRoles": "Selecteer rollen…",
+    "alertingRolesSelected": "{count} rollen geselecteerd",
+    "alertingSummarySites": "Sites ({count})",
+    "alertingSummaryAllSites": "Alle sites",
+    "alertingSummaryHealthChecks": "Gezondheidscontroles ({count})",
+    "alertingSummaryAllHealthChecks": "Alle gezondheidscontroles",
+    "alertingSummaryResources": "Bronnen ({count})",
+    "alertingSummaryAllResources": "Alle bronnen",
+    "alertingErrorNameRequired": "Voer een naam in",
+    "alertingErrorActionsMin": "Voeg minimaal één actie toe",
+    "alertingErrorPickSites": "Selecteer minimaal één site",
+    "alertingErrorPickHealthChecks": "Selecteer minimaal één gezondheidscontrole",
+    "alertingErrorPickResources": "Selecteer minimaal één bron",
+    "alertingErrorTriggerSite": "Kies een site-trigger",
+    "alertingErrorTriggerHealth": "Kies een gezondheidscontrole-trigger",
+    "alertingErrorTriggerResource": "Kies een bron-trigger",
+    "alertingErrorNotifyRecipients": "Kies gebruikers, rollen of ten minste één e-mail",
+    "alertingConfigureSource": "Bron configureren",
+    "alertingConfigureTrigger": "Trigger configureren",
+    "alertingConfigureActions": "Acties configureren",
+    "alertingBackToRules": "Terug naar regels",
+    "alertingRuleCooldown": "Aflkoelperiode (seconden)",
+    "alertingRuleCooldownDescription": "Minimale tijd tussen herhaalwaarschuwingen voor dezelfde regel. Zet op 0 om elke keer te laten vuren.",
+    "alertingDraftBadge": "Concept - opslaan om deze regel op te slaan",
+    "alertingSidebarHint": "Klik op een stap in het canvas om deze hier te bewerken.",
+    "alertingGraphCanvasTitle": "Regelstroom",
+    "alertingGraphCanvasDescription": "Visueel overzicht van bron, trigger en acties. Selecteer een node om deze in het paneel te bewerken.",
+    "alertingNodeNotConfigured": "Nog niet geconfigureerd",
+    "alertingNodeActionsCount": "{count, plural, one {# actie} other {# acties}}",
+    "alertingNodeRoleSource": "Bron",
+    "alertingNodeRoleTrigger": "Trigger",
+    "alertingNodeRoleAction": "Actie",
+    "alertingTabRules": "Waarschuwingsregels",
+    "alertingTabHealthChecks": "Gezondheidscontroles",
+    "alertingRulesBannerTitle": "Meldingen ontvangen",
+    "alertingRulesBannerDescription": "Elke regel koppelt wat te bekijken (een site, gezondheidscontrole of bron), wanneer te vuren (bijvoorbeeld offline of ongezond), en hoe uw team te waarschuwen via e-mail, webhooks of integraties. Gebruik deze lijst om die regels te maken, in te schakelen en te beheren.",
+    "alertingHealthChecksBannerTitle": "Gezondheid & bronnen bewaken",
+    "alertingHealthChecksBannerDescription": "Gezondheidscontroles zijn HTTP- of TCP-monitoren die u één keer definieert. U kunt ze vervolgens als bronnen in waarschuwingsregels gebruiken, zodat u meldingen krijgt wanneer een doelwit gezond of ongezond wordt. Gezondheidscontroles van bronnen verschijnen ook hier.",
+    "standaloneHcTableTitle": "Gezondheidscontroles",
+    "standaloneHcSearchPlaceholder": "Zoek gezondheidscontroles…",
+    "standaloneHcAddButton": "Gezondheidscontrole aanmaken",
+    "standaloneHcCreateTitle": "Gezondheidscontrole aanmaken",
+    "standaloneHcEditTitle": "Gezondheidscontrole bewerken",
+    "standaloneHcDescription": "Configureer een HTTP- of TCP-gezondheidscontrole voor gebruik in waarschuwingsregels.",
+    "standaloneHcNameLabel": "Naam",
+    "standaloneHcNamePlaceholder": "Mijn HTTP-monitor",
+    "standaloneHcDeleteTitle": "Gezondheidscontrole verwijderen",
+    "standaloneHcDeleteQuestion": "Bevestig alstublieft dat u deze gezondheidscontrole wilt verwijderen.",
+    "standaloneHcDeleted": "Gezondheidscontrole verwijderd",
+    "standaloneHcSaved": "Gezondheidscontrole opgeslagen",
+    "standaloneHcColumnHealth": "Gezondheid",
+    "standaloneHcColumnMode": "Modus",
+    "standaloneHcColumnTarget": "Doelwit",
+    "standaloneHcHealthStateHealthy": "Gezond",
+    "standaloneHcHealthStateUnhealthy": "Ongezond",
+    "standaloneHcHealthStateUnknown": "Onbekend",
+    "standaloneHcFilterAnySite": "Alle sites",
+    "standaloneHcFilterAnyResource": "Alle bronnen",
+    "standaloneHcFilterMode": "Modus",
+    "standaloneHcFilterModeHttp": "HTTP",
+    "standaloneHcFilterModeTcp": "TCP",
+    "standaloneHcFilterModeSnmp": "SNMP",
+    "standaloneHcFilterModePing": "Ping",
+    "standaloneHcFilterHealth": "Gezondheid",
+    "standaloneHcFilterEnabled": "Ingeschakeld",
+    "standaloneHcFilterEnabledOn": "Ingeschakeld",
+    "standaloneHcFilterEnabledOff": "Uitgeschakeld",
+    "standaloneHcFilterSiteIdFallback": "Site {id}",
+    "standaloneHcFilterResourceIdFallback": "Bron {id}",
     "blueprints": "Blauwdrukken",
     "blueprintsDescription": "Gebruik declaratieve configuraties en bekijk vorige uitvoeringen.",
     "blueprintAdd": "Blauwdruk toevoegen",
@@ -1272,7 +1560,6 @@
     "parsedContents": "Geparseerde inhoud (alleen lezen)",
     "enableDockerSocket": "Schakel Docker Blauwdruk in",
     "enableDockerSocketDescription": "Schakel Docker Socket label in voor blauwdruk labels. Pad naar Nieuw.",
-    "enableDockerSocketLink": "Meer informatie",
     "viewDockerContainers": "Bekijk Docker containers",
     "containersIn": "Containers in {siteName}",
     "selectContainerDescription": "Selecteer een container om als hostnaam voor dit doel te gebruiken. Klik op een poort om een poort te gebruiken.",
@@ -1314,7 +1601,8 @@
     "initialSetupDescription": "Maak het eerste serverbeheeraccount aan. Er kan slechts één serverbeheerder bestaan. U kunt deze inloggegevens later altijd wijzigen.",
     "createAdminAccount": "Maak een beheeraccount aan",
     "setupErrorCreateAdmin": "Er is een fout opgetreden bij het maken van het serverbeheerdersaccount.",
-    "certificateStatus": "Certificaatstatus",
+    "certificateStatus": "Certificaat",
+    "certificateStatusAutoRefreshHint": "Status ververst automatisch.",
     "loading": "Bezig met laden",
     "loadingAnalytics": "Laden van Analytics",
     "restart": "Herstarten",
@@ -1383,6 +1671,7 @@
     "pangolinUpdateAvailableReleaseNotes": "Uitgaveopmerkingen bekijken",
     "newtUpdateAvailable": "Update beschikbaar",
     "newtUpdateAvailableInfo": "Er is een nieuwe versie van Newt beschikbaar. Update naar de nieuwste versie voor de beste ervaring.",
+    "pangolinNodeUpdateAvailableInfo": "Er is een nieuwe versie van Pangolin Node beschikbaar. Update naar de nieuwste versie voor de beste ervaring.",
     "domainPickerEnterDomain": "Domein",
     "domainPickerPlaceholder": "mijnapp.voorbeeld.nl",
     "domainPickerDescription": "Voer de volledige domein van de bron in om beschikbare opties te zien.",
@@ -1400,6 +1689,7 @@
     "domainPickerNamespace": "Naamruimte: {namespace}",
     "domainPickerShowMore": "Meer weergeven",
     "regionSelectorTitle": "Selecteer Regio",
+    "domainPickerRemoteExitNodeWarning": "Opgegeven domeinen worden niet ondersteund wanneer websites verbinding maken met externe sluitnodes. Gebruik in plaats daarvan een aangepast domein. Om bronnen beschikbaar te maken op externe nodes.",
     "regionSelectorInfo": "Het selecteren van een regio helpt ons om betere prestaties te leveren voor uw locatie. U hoeft niet in dezelfde regio als uw server te zijn.",
     "regionSelectorPlaceholder": "Kies een regio",
     "regionSelectorComingSoon": "Komt binnenkort",
@@ -1412,6 +1702,7 @@
     "billingSites": "Sites",
     "billingUsers": "Gebruikers",
     "billingDomains": "Domeinen",
+    "billingOrganizations": "Ordenen",
     "billingRemoteExitNodes": "Externe knooppunten",
     "billingNoLimitConfigured": "Geen limiet ingesteld",
     "billingEstimatedPeriod": "Geschatte Facturatie Periode",
@@ -1454,6 +1745,7 @@
     "failed": "Mislukt",
     "createNewOrgDescription": "Maak een nieuwe organisatie",
     "organization": "Organisatie",
+    "primary": "Primair",
     "port": "Poort",
     "securityKeyManage": "Beveiligingssleutels beheren",
     "securityKeyDescription": "Voeg beveiligingssleutels toe of verwijder ze voor wachtwoordloze authenticatie",
@@ -1551,6 +1843,16 @@
     "billingFeatureLossWarning": "Kennisgeving beschikbaarheid",
     "billingFeatureLossDescription": "Door downgraden worden functies die niet beschikbaar zijn in het nieuwe abonnement automatisch uitgeschakeld. Sommige instellingen en configuraties kunnen verloren gaan. Raadpleeg de prijsmatrix om te begrijpen welke functies niet langer beschikbaar zijn.",
     "billingUsageExceedsLimit": "Huidig gebruik ({current}) overschrijdt limiet ({limit})",
+    "billingPastDueTitle": "Vervaldatum betaling",
+    "billingPastDueDescription": "Uw betaling is verlopen. Werk uw betaalmethode bij om uw huidige abonnementsfuncties te blijven gebruiken. Als dit niet is opgelost, zal je abonnement worden geannuleerd en zal je worden teruggezet naar de vrije rang.",
+    "billingUnpaidTitle": "Abonnement Onbetaald",
+    "billingUnpaidDescription": "Uw abonnement is niet betaald en u bent teruggekeerd naar het gratis niveau. Update uw betalingsmethode om uw abonnement te herstellen.",
+    "billingIncompleteTitle": "Betaling onvolledig",
+    "billingIncompleteDescription": "Uw betaling is onvolledig. Voltooi alstublieft het betalingsproces om uw abonnement te activeren.",
+    "billingIncompleteExpiredTitle": "Betaling verlopen",
+    "billingIncompleteExpiredDescription": "Uw betaling is nooit voltooid en verlopen. U bent teruggekeerd naar de gratis niveaus. Abonneer u opnieuw om de toegang tot betaalde functies te herstellen.",
+    "billingManageSubscription": "Beheer uw abonnement",
+    "billingResolvePaymentIssue": "Gelieve uw betalingsprobleem op te lossen voor het upgraden of downgraden",
     "signUpTerms": {
         "IAgreeToThe": "Ik ga akkoord met de",
         "termsOfService": "servicevoorwaarden",
@@ -1609,6 +1911,7 @@
     "configureHealthCheck": "Configureer Gezondheidscontrole",
     "configureHealthCheckDescription": "Stel gezondheid monitor voor {target} in",
     "enableHealthChecks": "Inschakelen Gezondheidscontroles",
+    "healthCheckDisabledStateDescription": "Wanneer uitgeschakeld, zal de site geen gezondheidscontroles uitvoeren en wordt de staat als onbekend beschouwd.",
     "enableHealthChecksDescription": "Controleer de gezondheid van dit doel. U kunt een ander eindpunt monitoren dan het doel indien vereist.",
     "healthScheme": "Methode",
     "healthSelectScheme": "Selecteer methode",
@@ -1624,6 +1927,24 @@
     "timeIsInSeconds": "Tijd is in seconden",
     "requireDeviceApproval": "Vereist goedkeuring van apparaat",
     "requireDeviceApprovalDescription": "Gebruikers met deze rol hebben nieuwe apparaten nodig die door een beheerder zijn goedgekeurd voordat ze verbinding kunnen maken met bronnen en deze kunnen gebruiken.",
+    "sshAccess": "SSH toegang",
+    "roleAllowSsh": "SSH toestaan",
+    "roleAllowSshAllow": "Toestaan",
+    "roleAllowSshDisallow": "Weigeren",
+    "roleAllowSshDescription": "Sta gebruikers met deze rol toe om verbinding te maken met bronnen via SSH. Indien uitgeschakeld kan de rol geen gebruik maken van SSH toegang.",
+    "sshSudoMode": "Sudo toegang",
+    "sshSudoModeNone": "geen",
+    "sshSudoModeNoneDescription": "Gebruiker kan geen commando's uitvoeren met sudo.",
+    "sshSudoModeFull": "Volledige Sudo",
+    "sshSudoModeFullDescription": "Gebruiker kan elk commando uitvoeren met een sudo.",
+    "sshSudoModeCommands": "Opdrachten",
+    "sshSudoModeCommandsDescription": "Gebruiker kan alleen de opgegeven commando's uitvoeren met de sudo.",
+    "sshSudo": "sudo toestaan",
+    "sshSudoCommands": "Sudo Commando's",
+    "sshSudoCommandsDescription": "Komma's gescheiden lijst van commando's waar de gebruiker een sudo mee mag uitvoeren.",
+    "sshCreateHomeDir": "Maak Home Directory",
+    "sshUnixGroups": "Unix groepen",
+    "sshUnixGroupsDescription": "Door komma's gescheiden Unix-groepen om de gebruiker toe te voegen aan de doelhost.",
     "retryAttempts": "Herhaal Pogingen",
     "expectedResponseCodes": "Verwachte Reactiecodes",
     "expectedResponseCodesDescription": "HTTP-statuscode die gezonde status aangeeft. Indien leeg wordt 200-300 als gezond beschouwd.",
@@ -1640,9 +1961,20 @@
     "healthCheckIntervalMin": "Controle interval moet minimaal 5 seconden zijn",
     "healthCheckTimeoutMin": "Timeout moet minimaal 1 seconde zijn",
     "healthCheckRetryMin": "Herhaal pogingen moet minimaal 1 zijn",
+    "healthCheckMode": "Controlemodus",
+    "healthCheckStrategy": "Strategie",
+    "healthCheckModeDescription": "TCP-modus verifieert alleen connectiviteit. HTTP-modus valideert de HTTP-respons.",
+    "healthyThreshold": "Gezonde drempel",
+    "healthyThresholdDescription": "Opeenvolgende successen vereist voordat gemarkeerd wordt als gezond.",
+    "unhealthyThreshold": "Ongezonde drempel",
+    "unhealthyThresholdDescription": "Opeenvolgende fouten vereist voordat gemarkeerd wordt als ongezond.",
+    "healthCheckHealthyThresholdMin": "Gezonde drempel moet minimaal 1 zijn",
+    "healthCheckUnhealthyThresholdMin": "Ongezonde drempel moet minimaal 1 zijn",
     "httpMethod": "HTTP-methode",
     "selectHttpMethod": "Selecteer HTTP-methode",
     "domainPickerSubdomainLabel": "Subdomein",
+    "domainPickerWildcard": "Wildcard",
+    "domainPickerWildcardPaidOnly": "Wildcard-subdomeinen zijn een betaalde functie. Upgrade om deze functie te gebruiken.",
     "domainPickerBaseDomainLabel": "Basisdomein",
     "domainPickerSearchDomains": "Zoek domeinen...",
     "domainPickerNoDomainsFound": "Geen domeinen gevonden",
@@ -1668,12 +2000,12 @@
     "resourcesTableAliasAddressInfo": "Dit adres is onderdeel van het hulpprogramma subnet van de organisatie. Het wordt gebruikt om aliasrecords op te lossen met behulp van interne DNS-resolutie.",
     "resourcesTableClients": "Clienten",
     "resourcesTableAndOnlyAccessibleInternally": "en zijn alleen intern toegankelijk wanneer verbonden met een client.",
-    "resourcesTableNoTargets": "Geen doelen",
     "resourcesTableHealthy": "Gezond",
     "resourcesTableDegraded": "Verminderde",
-    "resourcesTableOffline": "Offline",
+    "resourcesTableUnhealthy": "Ongezond",
     "resourcesTableUnknown": "onbekend",
     "resourcesTableNotMonitored": "Niet gecontroleerd",
+    "resourcesTableNoTargets": "Geen doelen",
     "editInternalResourceDialogEditClientResource": "Privépagina bewerken",
     "editInternalResourceDialogUpdateResourceProperties": "Update de resource configuratie en access control voor {resourceName}",
     "editInternalResourceDialogResourceProperties": "Bron eigenschappen",
@@ -1699,6 +2031,11 @@
     "editInternalResourceDialogModePort": "Poort",
     "editInternalResourceDialogModeHost": "Hostnaam",
     "editInternalResourceDialogModeCidr": "CIDR",
+    "editInternalResourceDialogModeHttp": "HTTP",
+    "editInternalResourceDialogModeHttps": "HTTPS",
+    "editInternalResourceDialogScheme": "Schema",
+    "editInternalResourceDialogEnableSsl": "SSL inschakelen",
+    "editInternalResourceDialogEnableSslDescription": "Schakel SSL/TLS-encryptie in voor beveiligde HTTPS-verbindingen met de bestemming.",
     "editInternalResourceDialogDestination": "Bestemming",
     "editInternalResourceDialogDestinationHostDescription": "Het IP-adres of de hostnaam van de bron op het netwerk van de site.",
     "editInternalResourceDialogDestinationIPDescription": "Het IP of hostnaam adres van de bron op het netwerk van de site.",
@@ -1714,6 +2051,7 @@
     "createInternalResourceDialogName": "Naam",
     "createInternalResourceDialogSite": "Site",
     "selectSite": "Selecteer site...",
+    "multiSitesSelectorSitesCount": "{count, plural, one {# site} other {# sites}}",
     "noSitesFound": "Geen sites gevonden.",
     "createInternalResourceDialogProtocol": "Protocol",
     "createInternalResourceDialogTcp": "TCP",
@@ -1742,11 +2080,19 @@
     "createInternalResourceDialogModePort": "Poort",
     "createInternalResourceDialogModeHost": "Hostnaam",
     "createInternalResourceDialogModeCidr": "CIDR",
+    "createInternalResourceDialogModeHttp": "HTTP",
+    "createInternalResourceDialogModeHttps": "HTTPS",
+    "scheme": "Schema",
+    "createInternalResourceDialogScheme": "Schema",
+    "createInternalResourceDialogEnableSsl": "SSL inschakelen",
+    "createInternalResourceDialogEnableSslDescription": "Schakel SSL/TLS-encryptie in voor beveiligde HTTPS-verbindingen met de bestemming.",
     "createInternalResourceDialogDestination": "Bestemming",
     "createInternalResourceDialogDestinationHostDescription": "Het IP-adres of de hostnaam van de bron op het netwerk van de site.",
     "createInternalResourceDialogDestinationCidrDescription": "Het CIDR-bereik van het document op het netwerk van de site.",
     "createInternalResourceDialogAlias": "Alias",
     "createInternalResourceDialogAliasDescription": "Een optionele interne DNS-alias voor dit document.",
+    "internalResourceDownstreamSchemeRequired": "Schema is vereist voor HTTP-bronnen",
+    "internalResourceHttpPortRequired": "Bestemmingspoort is vereist voor HTTP-bronnen",
     "siteConfiguration": "Configuratie",
     "siteAcceptClientConnections": "Accepteer clientverbindingen",
     "siteAcceptClientConnectionsDescription": "Sta gebruikersapparaten en clients toegang toe tot bronnen op deze site. Dit kan later worden gewijzigd.",
@@ -1832,6 +2178,40 @@
     "exitNode": "Exit Node",
     "country": "Land",
     "rulesMatchCountry": "Momenteel gebaseerd op bron IP",
+    "region": "Regio",
+    "selectRegion": "Selecteer regio",
+    "searchRegions": "Zoek regio's...",
+    "noRegionFound": "Geen regio gevonden.",
+    "rulesMatchRegion": "Selecteer een regionale groepering van landen",
+    "rulesErrorInvalidRegion": "Ongeldige regio",
+    "rulesErrorInvalidRegionDescription": "Selecteer een geldige regio.",
+    "regionAfrica": "Afrika",
+    "regionNorthernAfrica": "Noord-Afrika",
+    "regionEasternAfrica": "Oost Afrika",
+    "regionMiddleAfrica": "Midden Afrika",
+    "regionSouthernAfrica": "Zuidelijk Afrika",
+    "regionWesternAfrica": "Westelijk Afrika",
+    "regionAmericas": "Amerika's",
+    "regionCaribbean": "Caraïben",
+    "regionCentralAmerica": "Midden-Amerika",
+    "regionSouthAmerica": "Zuid Amerika",
+    "regionNorthernAmerica": "Noord-Amerika",
+    "regionAsia": "Azië",
+    "regionCentralAsia": "Centraal-Azië",
+    "regionEasternAsia": "Oost-Azië",
+    "regionSouthEasternAsia": "Zuid-Oost-Azië",
+    "regionSouthernAsia": "Zuid-Azië",
+    "regionWesternAsia": "Westelijk Azië",
+    "regionEurope": "Europa",
+    "regionEasternEurope": "Oost-Europa",
+    "regionNorthernEurope": "Noord-Europa",
+    "regionSouthernEurope": "Zuid-Europa",
+    "regionWesternEurope": "West-Europa",
+    "regionOceania": "Oceania",
+    "regionAustraliaAndNewZealand": "Australië en Nieuw-Zeeland",
+    "regionMelanesia": "Melanesia",
+    "regionMicronesia": "Micronesia",
+    "regionPolynesia": "Polynesia",
     "managedSelfHosted": {
         "title": "Beheerde Self-Hosted",
         "description": "betrouwbaardere en slecht onderhouden Pangolin server met extra klokken en klokkenluiders",
@@ -1870,7 +2250,7 @@
     },
     "internationaldomaindetected": "Internationaal Domein Gedetecteerd",
     "willbestoredas": "Zal worden opgeslagen als:",
-    "roleMappingDescription": "Bepaal hoe rollen worden toegewezen aan gebruikers wanneer ze inloggen wanneer Auto Provision is ingeschakeld.",
+    "roleMappingDescription": "Bepaal hoe rollen aan gebruikers worden toegewezen wanneer ze zich aanmelden met deze identiteitsprovider.",
     "selectRole": "Selecteer een rol",
     "roleMappingExpression": "Expressie",
     "selectRolePlaceholder": "Kies een rol",
@@ -1880,6 +2260,25 @@
     "invalidValue": "Ongeldige waarde",
     "idpTypeLabel": "Identiteit provider type",
     "roleMappingExpressionPlaceholder": "bijvoorbeeld bevat (groepen, 'admin') && 'Admin' ½ 'Member'",
+    "roleMappingModeFixedRoles": "Vaste rollen",
+    "roleMappingModeMappingBuilder": "Toewijzing Bouwer",
+    "roleMappingModeRawExpression": "Ruwe expressie",
+    "roleMappingFixedRolesPlaceholderSelect": "Selecteer één of meer rollen",
+    "roleMappingFixedRolesPlaceholderFreeform": "Typ rolnamen (exacte overeenkomst per organisatie)",
+    "roleMappingFixedRolesDescriptionSameForAll": "Wijs dezelfde rolset toe aan elke auto-provisioned gebruiker.",
+    "roleMappingFixedRolesDescriptionDefaultPolicy": "Voor standaardbeleid, typ rolnamen die bestaan in elke organisatie waar gebruikers worden opgegeven. Namen moeten exact overeenkomen.",
+    "roleMappingClaimPath": "Claim pad",
+    "roleMappingClaimPathPlaceholder": "Groepen",
+    "roleMappingClaimPathDescription": "Pad in de token payload die bronwaarden bevat (bijvoorbeeld groepen).",
+    "roleMappingMatchValue": "Kies een waarde",
+    "roleMappingAssignRoles": "Rollen toewijzen",
+    "roleMappingAddMappingRule": "Toewijzingsregel toevoegen",
+    "roleMappingRawExpressionResultDescription": "Expressie moet een tekenreeks of tekenreeks evalueren.",
+    "roleMappingRawExpressionResultDescriptionSingleRole": "Expressie moet evalueren naar een tekenreeks (een naam met één rol).",
+    "roleMappingMatchValuePlaceholder": "Overeenkomende waarde (bijvoorbeeld: admin)",
+    "roleMappingAssignRolesPlaceholderFreeform": "Typ rolnamen (exact per org)",
+    "roleMappingBuilderFreeformRowHint": "Rol namen moeten overeenkomen met een rol in elke doelorganisatie.",
+    "roleMappingRemoveRule": "Verwijderen",
     "idpGoogleConfiguration": "Google Configuratie",
     "idpGoogleConfigurationDescription": "Configureer de Google OAuth2-referenties",
     "idpGoogleClientIdDescription": "Google OAuth2 Client ID",
@@ -1916,6 +2315,9 @@
     "authPageBrandingQuestionRemove": "Weet u zeker dat u de branding voor Auth-pagina's wilt verwijderen?",
     "authPageBrandingDeleteConfirm": "Bevestig verwijder Branding",
     "brandingLogoURL": "Het logo-URL",
+    "brandingLogoURLOrPath": "Logo URL of pad",
+    "brandingLogoPathDescription": "Voer een URL of een lokaal pad in.",
+    "brandingLogoURLDescription": "Voer een openbaar toegankelijke URL in voor uw logo afbeelding.",
     "brandingPrimaryColor": "Primaire kleur",
     "brandingLogoWidth": "Breedte (px)",
     "brandingLogoHeight": "Hoogte (px)",
@@ -1940,9 +2342,11 @@
     "selectDomainForOrgAuthPage": "Selecteer een domein voor de authenticatiepagina van de organisatie",
     "domainPickerProvidedDomain": "Opgegeven domein",
     "domainPickerFreeProvidedDomain": "Gratis verstrekt domein",
+    "domainPickerFreeDomainsPaidFeature": "Geleverde domeinen zijn een betaalde functie. Abonneer je om een domein bij je plan te krijgen - je hoeft er zelf geen mee te brengen.",
     "domainPickerVerified": "Geverifieerd",
     "domainPickerUnverified": "Ongeverifieerd",
-    "domainPickerInvalidSubdomainStructure": "Dit subdomein bevat ongeldige tekens of structuur. Het zal automatisch worden gesaneerd wanneer u opslaat.",
+    "domainPickerManual": "Handleiding",
+    "domainPickerInvalidSubdomainStructure": "Ongeldige tekens worden gesaneerd bij het opslaan.",
     "domainPickerError": "Foutmelding",
     "domainPickerErrorLoadDomains": "Fout bij het laden van organisatiedomeinen",
     "domainPickerErrorCheckAvailability": "Kan domein beschikbaarheid niet controleren",
@@ -1955,7 +2359,7 @@
     "orgAuthChooseIdpDescription": "Kies uw identiteitsprovider om door te gaan",
     "orgAuthNoIdpConfigured": "Deze organisatie heeft geen identiteitsproviders geconfigureerd. Je kunt in plaats daarvan inloggen met je Pangolin-identiteit.",
     "orgAuthSignInWithPangolin": "Log in met Pangolin",
-    "orgAuthSignInToOrg": "Log in bij een organisatie",
+    "orgAuthSignInToOrg": "Organisatie Identiteitsprovider (SSO)",
     "orgAuthSelectOrgTitle": "Organisatie Inloggen",
     "orgAuthSelectOrgDescription": "Voer je organisatie-ID in om verder te gaan",
     "orgAuthOrgIdPlaceholder": "jouw-organisatie",
@@ -2171,10 +2575,10 @@
             },
             "scale": {
                 "title": "Schaal",
-                "description": "Enterprise functies, 50 gebruikers, 50 sites en prioriteit ondersteuning."
+                "description": "Enterprise-functies, 50 gebruikers, 100 sites en prioritaire ondersteuning."
             }
         },
-        "personalUseOnly": "Alleen persoonlijk gebruik (gratis licentie - geen afrekenen)",
+        "personalUseOnly": "Alleen voor persoonlijk gebruik (gratis licentie - geen afrekening)",
         "buttons": {
             "continueToCheckout": "Doorgaan naar afrekenen"
         },
@@ -2248,6 +2652,7 @@
     "validPassword": "Geldig wachtwoord",
     "validEmail": "Valid email",
     "validSSO": "Valid SSO",
+    "connectedClient": "Verbonden Client",
     "resourceBlocked": "Bron geblokkeerd",
     "droppedByRule": "Achtergelaten door regel",
     "noSessions": "Geen sessies",
@@ -2273,6 +2678,8 @@
     "logRetentionAccessDescription": "Hoe lang de toegangslogboeken behouden blijven",
     "logRetentionActionLabel": "Actie log bewaring",
     "logRetentionActionDescription": "Hoe lang de action logs behouden moeten blijven",
+    "logRetentionConnectionLabel": "Connectie log bewaring",
+    "logRetentionConnectionDescription": "Hoe lang de verbindingslogs onderhouden",
     "logRetentionDisabled": "Uitgeschakeld",
     "logRetention3Days": "3 dagen",
     "logRetention7Days": "7 dagen",
@@ -2283,8 +2690,15 @@
     "logRetentionEndOfFollowingYear": "Einde van volgend jaar",
     "actionLogsDescription": "Bekijk een geschiedenis van acties die worden uitgevoerd in deze organisatie",
     "accessLogsDescription": "Toegangsverificatieverzoeken voor resources in deze organisatie bekijken",
-    "licenseRequiredToUse": "Een <enterpriseLicenseLink>Enterprise Edition</enterpriseLicenseLink> licentie is vereist om deze functie te gebruiken. Deze functie is ook beschikbaar in <pangolinCloudLink>Pangolin Cloud</pangolinCloudLink>.",
-    "ossEnterpriseEditionRequired": "De <enterpriseEditionLink>Enterprise Edition</enterpriseEditionLink> is vereist om deze functie te gebruiken. Deze functie is ook beschikbaar in <pangolinCloudLink>Pangolin Cloud</pangolinCloudLink>.",
+    "connectionLogs": "Connectie Logs",
+    "connectionLogsDescription": "Toon verbindingslogs voor tunnels in deze organisatie",
+    "sidebarLogsConnection": "Connectie Logs",
+    "sidebarLogsStreaming": "Streamen",
+    "sourceAddress": "Bron adres",
+    "destinationAddress": "Adres bestemming",
+    "duration": "Duur",
+    "licenseRequiredToUse": "Een <enterpriseLicenseLink>Enterprise Edition</enterpriseLicenseLink> licentie of <pangolinCloudLink>Pangolin Cloud</pangolinCloudLink> is vereist om deze functie te gebruiken. <bookADemoLink>Boek een demo of POC trial</bookADemoLink>.",
+    "ossEnterpriseEditionRequired": "De <enterpriseEditionLink>Enterprise Edition</enterpriseEditionLink> is vereist om deze functie te gebruiken. Deze functie is ook beschikbaar in <pangolinCloudLink>Pangolin Cloud</pangolinCloudLink>. <bookADemoLink>Boek een demo of POC trial</bookADemoLink>.",
     "certResolver": "Certificaat Resolver",
     "certResolverDescription": "Selecteer de certificaat resolver die moet worden gebruikt voor deze resource.",
     "selectCertResolver": "Certificaat Resolver selecteren",
@@ -2426,6 +2840,9 @@
     "machineClients": "Machine Clienten",
     "install": "Installeren",
     "run": "Uitvoeren",
+    "envFile": "Omgevingsbestand",
+    "serviceFile": "Servicebestand",
+    "enableAndStart": "Inschakelen en Starten",
     "clientNameDescription": "De weergavenaam van de client die later gewijzigd kan worden.",
     "clientAddress": "Klant adres (Geavanceerd)",
     "setupFailedToFetchSubnet": "Kan standaard subnet niet ophalen",
@@ -2474,13 +2891,30 @@
     "editInternalResourceDialogAddClients": "Clienten toevoegen",
     "editInternalResourceDialogDestinationLabel": "Bestemming",
     "editInternalResourceDialogDestinationDescription": "Specificeer het bestemmingsadres voor de interne bron. Dit kan een hostnaam, IP-adres of CIDR-bereik zijn, afhankelijk van de geselecteerde modus. Stel optioneel een interne DNS-alias in voor eenvoudigere identificatie.",
+    "internalResourceFormMultiSiteRoutingHelp": "Selecteren van meerdere sites maakt veerkrachtige routing en failover mogelijk voor hoge beschikbaarheid.",
+    "internalResourceFormMultiSiteRoutingHelpLearnMore": "Meer informatie",
     "editInternalResourceDialogPortRestrictionsDescription": "Beperk toegang tot specifieke TCP/UDP-poorten of sta alle poorten toe/blokkeer.",
+    "createInternalResourceDialogHttpConfiguration": "HTTP-configuratie",
+    "createInternalResourceDialogHttpConfigurationDescription": "Kies het domein dat cliënten zullen gebruiken om deze bron via HTTP of HTTPS te bereiken.",
+    "editInternalResourceDialogHttpConfiguration": "HTTP-configuratie",
+    "editInternalResourceDialogHttpConfigurationDescription": "Kies het domein dat cliënten zullen gebruiken om deze bron via HTTP of HTTPS te bereiken.",
     "editInternalResourceDialogTcp": "TCP",
     "editInternalResourceDialogUdp": "UDP",
     "editInternalResourceDialogIcmp": "ICMP",
     "editInternalResourceDialogAccessControl": "Toegangs controle",
     "editInternalResourceDialogAccessControlDescription": "Beheer welke rollen, gebruikers en machineclients toegang hebben tot deze bron wanneer ze zijn verbonden. Beheerders hebben altijd toegang.",
     "editInternalResourceDialogPortRangeValidationError": "Poortbereik moet \"*\" zijn voor alle poorten, of een komma-gescheiden lijst van poorten en bereiken (bijv. \"80,443,8000-9000\"). Poorten moeten tussen 1 en 65535 zijn.",
+    "internalResourceAuthDaemonStrategy": "SSH Auth Daemon locatie",
+    "internalResourceAuthDaemonStrategyDescription": "Kies waar de SSH authenticatie daemon wordt uitgevoerd: op de website (Newt) of op een externe host.",
+    "internalResourceAuthDaemonDescription": "De SSH authenticatie daemon zorgt voor SSH sleutelondertekening en PAM authenticatie voor deze resource. Kies of het wordt uitgevoerd op de website (Nieuw) of op een afzonderlijke externe host. Zie <docsLink>de documentatie</docsLink> voor meer.",
+    "internalResourceAuthDaemonDocsUrl": "https://docs.pangolin.net",
+    "internalResourceAuthDaemonStrategyPlaceholder": "Selecteer strategie",
+    "internalResourceAuthDaemonStrategyLabel": "Locatie",
+    "internalResourceAuthDaemonSite": "In de site",
+    "internalResourceAuthDaemonSiteDescription": "Auth daemon draait op de site (Newt).",
+    "internalResourceAuthDaemonRemote": "Externe host",
+    "internalResourceAuthDaemonRemoteDescription": "Authenticatiedaemon draait op een host die niet de site is.",
+    "internalResourceAuthDaemonPort": "Daemon poort (optioneel)",
     "orgAuthWhatsThis": "Waar kan ik mijn organisatie-ID vinden?",
     "learnMore": "Meer informatie",
     "backToHome": "Ga terug naar startpagina",
@@ -2502,6 +2936,9 @@
     "maintenancePageMessagePlaceholder": "We keren snel terug! Onze site ondergaat momenteel gepland onderhoud.",
     "maintenancePageMessageDescription": "Gedetailleerd bericht dat het onderhoud uitlegt",
     "maintenancePageTimeTitle": "Geschatte voltooiingstijd (optioneel)",
+    "privateMaintenanceScreenTitle": "Privéscherm maintenance screen",
+    "privateMaintenanceScreenMessage": "Dit domein wordt gebruikt op een privébron. Verbind met de Pangolin client om toegang te krijgen tot deze bron.",
+    "privateMaintenanceScreenSteps": "Eenmaal verbonden, als u dit bericht nog steeds ziet, kan het DNS-cache van uw browser nog steeds naar het oude adres wijzen. Om dit te corrigeren: sluit en heropen dit tabblad, of uw browser, dan navigeer weer naar deze pagina.",
     "maintenanceTime": "bijv. 2 uur, 1 nov om 17:00",
     "maintenanceEstimatedTimeDescription": "Wanneer u verwacht dat het onderhoud voltooid is",
     "editDomain": "Domein bewerken",
@@ -2610,5 +3047,166 @@
     "approvalsEmptyStateStep2Title": "Toestel goedkeuringen inschakelen",
     "approvalsEmptyStateStep2Description": "Bewerk een rol en schakel de optie 'Vereist Apparaat Goedkeuringen' in. Gebruikers met deze rol hebben admin goedkeuring nodig voor nieuwe apparaten.",
     "approvalsEmptyStatePreviewDescription": "Voorbeeld: Indien ingeschakeld, zullen in afwachting van apparaatverzoeken hier verschijnen om te beoordelen",
-    "approvalsEmptyStateButtonText": "Rollen beheren"
+    "approvalsEmptyStateButtonText": "Rollen beheren",
+    "domainErrorTitle": "We ondervinden problemen bij het controleren van uw domein",
+    "idpAdminAutoProvisionPoliciesTabHint": "Configureer rolverrekening en organisatie beleid in het <policiesTabLink>Auto Provision Settings</policiesTabLink> tab.",
+    "streamingTitle": "Event streaming",
+    "streamingDescription": "Stream events van uw organisatie naar externe bestemmingen in realtime.",
+    "streamingUnnamedDestination": "Naamloze bestemming",
+    "streamingNoUrlConfigured": "Geen URL ingesteld",
+    "streamingAddDestination": "Bestemming toevoegen",
+    "streamingHttpWebhookTitle": "HTTP Webhook",
+    "streamingHttpWebhookDescription": "Stuur gebeurtenissen naar elk HTTP eindpunt met flexibele authenticatie en template.",
+    "streamingS3Title": "Amazon S3",
+    "streamingS3Description": "Stream events naar een S3-compatibele object-opslagemmer. Binnenkort beschikbaar.",
+    "streamingDatadogTitle": "Datadog",
+    "streamingDatadogDescription": "Stuur gebeurtenissen rechtstreeks door naar je Datadog account. Binnenkort beschikbaar.",
+    "streamingTypePickerDescription": "Kies een bestemmingstype om te beginnen.",
+    "streamingFailedToLoad": "Laden van bestemmingen mislukt",
+    "streamingUnexpectedError": "Er is een onverwachte fout opgetreden.",
+    "streamingFailedToUpdate": "Bijwerken bestemming mislukt",
+    "streamingDeletedSuccess": "Bestemming succesvol verwijderd",
+    "streamingFailedToDelete": "Verwijderen van bestemming mislukt",
+    "streamingDeleteTitle": "Verwijder bestemming",
+    "streamingDeleteButtonText": "Verwijder bestemming",
+    "streamingDeleteDialogAreYouSure": "Weet u zeker dat u wilt verwijderen",
+    "streamingDeleteDialogThisDestination": "deze bestemming",
+    "streamingDeleteDialogPermanentlyRemoved": "? Alle configuratie zal permanent worden verwijderd.",
+    "httpDestEditTitle": "Bewerk bestemming",
+    "httpDestAddTitle": "Voeg HTTP bestemming toe",
+    "httpDestEditDescription": "Werk de configuratie voor deze HTTP-event streaming bestemming bij.",
+    "httpDestAddDescription": "Configureer een nieuw HTTP-eindpunt om de gebeurtenissen van uw organisatie te ontvangen.",
+    "S3DestEditTitle": "Bestemming bewerken",
+    "S3DestAddTitle": "S3-bestemming toevoegen",
+    "S3DestEditDescription": "Werk de configuratie bij voor deze S3-gebeurtenisstreamingbestemming.",
+    "S3DestAddDescription": "Configureer een nieuw S3-eindpunt om de gebeurtenissen van uw organisatie te ontvangen.",
+    "datadogDestEditTitle": "Bestemming bewerken",
+    "datadogDestAddTitle": "Datadog-bestemming toevoegen",
+    "datadogDestEditDescription": "Werk de configuratie bij voor deze Datadog-gebeurtenisstreamingbestemming.",
+    "datadogDestAddDescription": "Configureer een nieuw Datadog-eindpunt om de gebeurtenissen van uw organisatie te ontvangen.",
+    "httpDestTabSettings": "Instellingen",
+    "httpDestTabHeaders": "Kopteksten",
+    "httpDestTabBody": "Lichaam",
+    "httpDestTabLogs": "Logboeken",
+    "httpDestNamePlaceholder": "Mijn HTTP-bestemming",
+    "httpDestUrlLabel": "Bestemming URL",
+    "httpDestUrlErrorHttpRequired": "URL moet http of https gebruiken",
+    "httpDestUrlErrorHttpsRequired": "HTTPS is vereist op cloud implementaties",
+    "httpDestUrlErrorInvalid": "Voer een geldige URL in (bijv. https://example.com/webhook)",
+    "httpDestAuthTitle": "Authenticatie",
+    "httpDestAuthDescription": "Kies hoe verzoeken voor uw eindpunt zijn geverifieerd.",
+    "httpDestAuthNoneTitle": "Geen authenticatie",
+    "httpDestAuthNoneDescription": "Stuurt verzoeken zonder toestemmingskop.",
+    "httpDestAuthBearerTitle": "Betere Token",
+    "httpDestAuthBearerDescription": "Voegt een Authorization: Bearer '<token>' header toe aan elk verzoek.",
+    "httpDestAuthBearerPlaceholder": "Uw API-sleutel of -token",
+    "httpDestAuthBasicTitle": "Basis authenticatie",
+    "httpDestAuthBasicDescription": "Voegt een Authorization: Basic '<credentials>' header toe. Verstrek inloggegevens als gebruikersnaam:wachtwoord.",
+    "httpDestAuthBasicPlaceholder": "Gebruikersnaam:wachtwoord",
+    "httpDestAuthCustomTitle": "Aangepaste koptekst",
+    "httpDestAuthCustomDescription": "Specificeer een aangepaste HTTP header naam en waarde voor authenticatie (bijv. X-API-Key).",
+    "httpDestAuthCustomHeaderNamePlaceholder": "Header naam (bijv. X-API-Key)",
+    "httpDestAuthCustomHeaderValuePlaceholder": "Header waarde",
+    "httpDestCustomHeadersTitle": "Aangepaste HTTP Headers",
+    "httpDestCustomHeadersDescription": "Voeg aangepaste headers toe aan elk uitgaande verzoek. Handig voor statische tokens of een aangepast Content-Type. Standaard Content-Type: application/json wordt verzonden.",
+    "httpDestNoHeadersConfigured": "Geen aangepaste headers geconfigureerd. Klik op \"Header\" om er een toe te voegen.",
+    "httpDestHeaderNamePlaceholder": "Naam koptekst",
+    "httpDestHeaderValuePlaceholder": "Waarde",
+    "httpDestAddHeader": "Koptekst toevoegen",
+    "httpDestBodyTemplateTitle": "Aangepaste Body Sjabloon",
+    "httpDestBodyTemplateDescription": "Bestuur de JSON payload structuur verzonden naar uw eindpunt. Indien uitgeschakeld, wordt een standaard JSON object verzonden voor elke event.",
+    "httpDestEnableBodyTemplate": "Aangepaste lichaam sjabloon inschakelen",
+    "httpDestBodyTemplateLabel": "Body sjabloon (JSON)",
+    "httpDestBodyTemplateHint": "Gebruik sjabloonvariabelen om te verwijzen naar gebeurtenisvelden in uw payload.",
+    "httpDestPayloadFormatTitle": "Payload formaat",
+    "httpDestPayloadFormatDescription": "Hoe evenementen worden geserialiseerd in elk verzoeklichaam.",
+    "httpDestFormatJsonArrayTitle": "JSON matrix",
+    "httpDestFormatJsonArrayDescription": "Eén verzoek per batch, lichaam is een JSON-array. Compatibel met de meeste algemene webhooks en Datadog.",
+    "httpDestFormatNdjsonTitle": "NDJSON",
+    "httpDestFormatNdjsonDescription": "Eén aanvraag per batch, lichaam is nieuwe JSON gescheiden - één object per regel, geen buitenste array. Vereist door Splunk HEC, Elastic / OpenSearch, en Grafana Loki.",
+    "httpDestFormatSingleTitle": "Eén afspraak per verzoek",
+    "httpDestFormatSingleDescription": "Stuurt een aparte HTTP POST voor elk individueel event. Gebruik alleen voor eindpunten die geen batches kunnen verwerken.",
+    "httpDestLogTypesTitle": "Log soorten",
+    "httpDestLogTypesDescription": "Kies welke log types doorgestuurd worden naar deze bestemming. Alleen ingeschakelde log types worden gestreden.",
+    "httpDestAccessLogsTitle": "Toegang tot logboek",
+    "httpDestAccessLogsDescription": "Hulpbrontoegangspogingen, inclusief geauthenticeerde en weigerde aanvragen.",
+    "httpDestActionLogsTitle": "Actie logs",
+    "httpDestActionLogsDescription": "Administratieve acties uitgevoerd door gebruikers binnen de organisatie.",
+    "httpDestConnectionLogsTitle": "Connectie Logs",
+    "httpDestConnectionLogsDescription": "Verbinding met de Site en tunnel maken verbroken, inclusief verbindingen en verbindingen.",
+    "httpDestRequestLogsTitle": "Logboeken aanvragen",
+    "httpDestRequestLogsDescription": "HTTP request logs voor proxied hulpmiddelen, waaronder methode, pad en response code.",
+    "httpDestSaveChanges": "Wijzigingen opslaan",
+    "httpDestCreateDestination": "Maak bestemming aan",
+    "httpDestUpdatedSuccess": "Bestemming succesvol bijgewerkt",
+    "httpDestCreatedSuccess": "Bestemming succesvol aangemaakt",
+    "httpDestUpdateFailed": "Bijwerken bestemming mislukt",
+    "httpDestCreateFailed": "Aanmaken bestemming mislukt",
+    "followRedirects": "Volg omleidingen",
+    "followRedirectsDescription": "Volg automatisch HTTP-omleidingen voor verzoeken.",
+    "alertingErrorWebhookUrl": "Voer een geldige URL voor de webhook in.",
+    "healthCheckStrategyHttp": "Valideert connectiviteit en controleert de HTTP-responsstatus.",
+    "healthCheckStrategyTcp": "Verifieert alleen TCP-connectiviteit zonder de respons te inspecteren.",
+    "healthCheckStrategySnmp": "Maakt een SNMP-verzoek om de gezondheid van netwerkapparaten en infrastructuur te controleren.",
+    "healthCheckStrategyIcmp": "Gebruikt ICMP-verzoeken (pings) om te controleren of een bron bereikbaar en responsief is.",
+    "healthCheckTabStrategy": "Strategie",
+    "healthCheckTabConnection": "Verbinding",
+    "healthCheckTabAdvanced": "Geavanceerd",
+    "healthCheckStrategyNotAvailable": "Deze strategie is niet beschikbaar. Neem contact op met sales om deze functie in te schakelen.",
+    "uptime30d": "Beschikbaarheid (30d)",
+    "idpAddActionCreateNew": "Nieuwe identiteitsprovider aanmaken",
+    "idpAddActionImportFromOrg": "Importeer vanuit een andere organisatie",
+    "idpImportDialogTitle": "Importeer Identiteitsprovider",
+    "idpImportDialogDescription": "Kies een identiteitsprovider van een organisatie waar u beheerder bent. Het wordt gekoppeld aan deze organisatie.",
+    "idpImportSearchPlaceholder": "Zoek op organisatie- of providernamen...",
+    "idpImportEmpty": "Geen identiteitsproviders gevonden.",
+    "idpImportedDescription": "Identiteitsprovider succesvol geïmporteerd.",
+    "idpDeleteGlobalQuestion": "Weet u zeker dat u deze identiteitsprovider permanent wilt verwijderen?",
+    "idpDeleteGlobalDescription": "Hiermee wordt de identiteitsprovider permanent verwijderd uit alle organisaties waarmee het is geassocieerd.",
+    "idpUnassociateTitle": "Koppel Identiteitsprovider los",
+    "idpUnassociateQuestion": "Weet u zeker dat u deze identiteitsprovider van deze organisatie wilt loskoppelen?",
+    "idpUnassociateDescription": "Alle gebruikers die aan deze identiteitsprovider zijn gekoppeld, worden uit deze organisatie verwijderd, maar de identiteitsprovider blijft bestaan voor andere gerelateerde organisaties.",
+    "idpUnassociateConfirm": "Bevestig ontkoppelen identiteitsprovider",
+    "idpUnassociateWarning": "Dit kan niet ongedaan worden gemaakt voor deze organisatie.",
+    "idpUnassociatedDescription": "Identiteitsprovider succesvol losgekoppeld van deze organisatie",
+    "idpUnassociateMenu": "Ontkoppelen",
+    "idpDeleteAllOrgsMenu": "Verwijderen",
+    "publicIpEndpoint": "Eindpunt",
+    "lastTriggeredAt": "Laatste Trigger",
+    "reject": "Afwijzen",
+    "uptimeDaysAgo": "{count} dagen geleden",
+    "uptimeToday": "Vandaag",
+    "uptimeNoDataAvailable": "Geen gegevens beschikbaar",
+    "uptimeSuffix": "werktijd",
+    "uptimeDowntimeSuffix": "uitvaltijd",
+    "uptimeTooltipUptimeLabel": "Werktijd",
+    "uptimeTooltipDowntimeLabel": "Uitvaltijd",
+    "uptimeOngoing": "lopend",
+    "uptimeNoMonitoringData": "Geen monitoringgegevens",
+    "uptimeNoData": "Geen gegevens",
+    "uptimeMiniBarDown": "Onder",
+    "uptimeSectionTitle": "Werktijd",
+    "uptimeSectionDescription": "Beschikbaarheid over de laatste {days} dagen",
+    "uptimeAddAlert": "Alarm toevoegen",
+    "uptimeViewAlerts": "Meldingen bekijken",
+    "uptimeCreateEmailAlert": "E-mailalert aanmaken",
+    "uptimeAlertDescriptionSite": "Ontvang een e-mailbericht wanneer deze site offline gaat of weer online komt.",
+    "uptimeAlertDescriptionResource": "Ontvang een e-mailbericht wanneer deze bron offline gaat of weer online komt.",
+    "uptimeAlertNamePlaceholder": "Waarschuwingsnaam",
+    "uptimeAdditionalEmails": "Extra e-mails",
+    "uptimeCreateAlert": "Alarm aanmaken",
+    "uptimeAlertNoRecipients": "Geen ontvangers",
+    "uptimeAlertNoRecipientsDescription": "Voeg ten minste één gebruiker, rol of e-mail toe om te melden.",
+    "uptimeAlertCreated": "Alarm aangemaakt",
+    "uptimeAlertCreatedDescription": "U wordt op de hoogte gebracht wanneer dit van status verandert.",
+    "uptimeAlertCreateFailed": "Kon alarm niet aanmaken",
+    "webhookUrlLabel": "URL",
+    "webhookHeaderKeyPlaceholder": "Sleutel",
+    "webhookHeaderValuePlaceholder": "Waarde",
+    "alertLabel": "Waarschuwing",
+    "domainPickerWildcardSubdomainNotAllowed": "Wildcard-subdomeinen zijn niet toegestaan.",
+    "domainPickerWildcardCertWarning": "Wildcard-bronnen hebben mogelijk extra configuratie nodig om correct te werken.",
+    "domainPickerWildcardCertWarningLink": "Meer informatie",
+    "health": "Gezondheid",
+    "domainPendingErrorTitle": "Verificatieprobleem"
 }

messages/pl-PL.json

@@ -1,4 +1,8 @@
 {
+    "contactSalesEnable": "Skontaktuj się z działem sprzedaży, aby włączyć tę funkcję.",
+    "contactSalesBookDemo": "Umów się na demo",
+    "contactSalesOr": "lub",
+    "contactSalesContactUs": "skontaktuj się z nami",
     "setupCreate": "Utwórz organizację, witrynę i zasoby",
     "headerAuthCompatibilityInfo": "Włącz to, aby wymusić odpowiedź Unauthorized 401, gdy brakuje tokena uwierzytelniania. Jest to wymagane dla przeglądarek lub określonych bibliotek HTTP, które nie wysyłają poświadczeń bez wyzwania serwera.",
     "headerAuthCompatibility": "Rozszerzona kompatybilność",
@@ -19,6 +23,18 @@
     "componentsInvalidKey": "Wykryto nieprawidłowe lub wygasłe klucze licencyjne. Postępuj zgodnie z warunkami licencji, aby kontynuować korzystanie ze wszystkich funkcji.",
     "dismiss": "Odrzuć",
     "subscriptionViolationMessage": "Nie masz ograniczeń dla aktualnego planu. Popraw problem poprzez usunięcie stron, użytkowników lub innych zasobów, aby pozostać w swoim planie.",
+    "trialBannerMessage": "Twój okres próbny wygasa za {countdown}. Uaktualnij, aby zachować dostęp.",
+    "trialBannerExpired": "Twój okres próbny wygasł. Uaktualnij teraz, aby przywrócić dostęp.",
+    "billingTrialBannerTitle": "Bezpłatna wersja próbna aktywna",
+    "billingTrialBannerDescription": "Obecnie korzystasz z bezpłatnej wersji próbnej na poziomie biznesowym. Po zakończeniu wersji próbnej, Twoje konto automatycznie powróci do funkcji i limitów poziomu Podstawowego. Możesz dokonać uaktualnienia w każdej chwili, aby zachować dostęp do funkcji obecnego planu.",
+    "billingTrialBannerUpgrade": "Uaktualnij teraz",
+    "billingTrialBadge": "Bezpłatna wersja próbna",
+    "trialActive": "Okres próbny aktywny",
+    "trialExpired": "Okres próbny wygasł",
+    "trialHasEnded": "Twój okres próbny dobiegł końca.",
+    "trialDaysRemaining": "{count, plural, one {# dzień pozostaje} few {# dni pozostają} many {# dni pozostaje} other {# dni pozostają}}",
+    "trialDaysLeftShort": "Pozostało {days}d próbny",
+    "trialGoToBilling": "Przejdź do strony rozliczeń",
     "subscriptionViolationViewBilling": "Zobacz rozliczenie",
     "componentsLicenseViolation": "Naruszenie licencji: Ten serwer używa stron {usedSites} , które przekraczają limit licencyjny stron {maxSites} . Postępuj zgodnie z warunkami licencji, aby kontynuować korzystanie ze wszystkich funkcji.",
     "componentsSupporterMessage": "Dziękujemy za wsparcie Pangolina jako {tier}!",
@@ -81,6 +97,8 @@
     "siteConfirmCopy": "Skopiowałem konfigurację",
     "searchSitesProgress": "Szukaj witryn...",
     "siteAdd": "Dodaj witrynę",
+    "sitesTableViewPublicResources": "Zobacz zasoby publiczne",
+    "sitesTableViewPrivateResources": "Zobacz zasoby prywatne",
     "siteInstallNewt": "Zainstaluj Newt",
     "siteInstallNewtDescription": "Uruchom Newt w swoim systemie",
     "WgConfiguration": "Konfiguracja WireGuard",
@@ -98,6 +116,21 @@
     "siteUpdatedDescription": "Strona została zaktualizowana.",
     "siteGeneralDescription": "Skonfiguruj ustawienia ogólne dla tej witryny",
     "siteSettingDescription": "Skonfiguruj ustawienia na stronie",
+    "siteResourcesTab": "Zasoby",
+    "siteResourcesNoneOnSite": "Ta strona nie ma jeszcze żadnych zasobów publicznych ani prywatnych.",
+    "siteResourcesSectionPublic": "Zasoby publiczne",
+    "siteResourcesSectionPrivate": "Zasoby prywatne",
+    "siteResourcesSectionPublicDescription": "Zasoby eksponowane zewnętrznie przez domeny lub porty.",
+    "siteResourcesSectionPrivateDescription": "Zasoby dostępne w twojej prywatnej sieci przez stronę.",
+    "siteResourcesViewAllPublic": "Zobacz wszystkie zasoby",
+    "siteResourcesViewAllPrivate": "Zobacz wszystkie zasoby",
+    "siteResourcesDialogDescription": "Przegląd zasobów publicznych i prywatnych związanych z tą stroną.",
+    "siteResourcesShowMore": "Pokaż więcej",
+    "siteResourcesPermissionDenied": "Nie masz uprawnień do wyświetlania tych zasobów.",
+    "siteResourcesEmptyPublic": "Brak publicznych zasobów powiązanych z tą stroną.",
+    "siteResourcesEmptyPrivate": "Brak prywatnych zasobów powiązanych z tą stroną.",
+    "siteResourcesHowToAccess": "Jak uzyskać dostęp",
+    "siteResourcesTargetsOnSite": "Cele na tej stronie",
     "siteSetting": "Ustawienia {siteName}",
     "siteNewtTunnel": "Newt Site (Rekomendowane)",
     "siteNewtTunnelDescription": "Najprostszy sposób na stworzenie punktu wejścia w sieci. Nie ma dodatkowej konfiguracji.",
@@ -148,6 +181,11 @@
     "createLink": "Utwórz link",
     "resourcesNotFound": "Nie znaleziono zasobów",
     "resourceSearch": "Szukaj zasobów",
+    "machineSearch": "Wyszukiwarki",
+    "machinesSearch": "Szukaj klientów maszyn...",
+    "machineNotFound": "Nie znaleziono maszyn",
+    "userDeviceSearch": "Szukaj urządzeń użytkownika",
+    "userDevicesSearch": "Szukaj urządzeń użytkownika...",
     "openMenu": "Otwórz menu",
     "resource": "Zasoby",
     "title": "Tytuł",
@@ -175,6 +213,7 @@
     "resourceHTTPDescription": "Proxy zapytań przez HTTPS przy użyciu w pełni kwalifikowanej nazwy domeny.",
     "resourceRaw": "Surowy zasób TCP/UDP",
     "resourceRawDescription": "Proxy zapytań przez surowe TCP/UDP przy użyciu numeru portu.",
+    "resourceRawDescriptionCloud": "Żądania proxy nad surowym TCP/UDP przy użyciu numeru portu. Wymaga stron aby połączyć się ze zdalnym węzłem.",
     "resourceCreate": "Utwórz zasób",
     "resourceCreateDescription": "Wykonaj poniższe kroki, aby utworzyć nowy zasób",
     "resourceSeeAll": "Zobacz wszystkie zasoby",
@@ -201,6 +240,7 @@
     "protocolSelect": "Wybierz protokół",
     "resourcePortNumber": "Numer portu",
     "resourcePortNumberDescription": "Numer portu zewnętrznego do żądań proxy.",
+    "back": "Powrót",
     "cancel": "Anuluj",
     "resourceConfig": "Snippety konfiguracji",
     "resourceConfigDescription": "Skopiuj i wklej te fragmenty konfiguracji, aby skonfigurować zasób TCP/UDP",
@@ -246,11 +286,25 @@
     "orgErrorDeleteMessage": "Wystąpił błąd podczas usuwania organizacji.",
     "orgDeleted": "Organizacja usunięta",
     "orgDeletedMessage": "Organizacja i jej dane zostały usunięte.",
+    "deleteAccount": "Usuń konto",
+    "deleteAccountDescription": "Trwale usuń swoje konto, wszystkie organizacje, które posiadasz, oraz wszystkie dane w ramach tych organizacji. Tej operacji nie można cofnąć.",
+    "deleteAccountButton": "Usuń konto",
+    "deleteAccountConfirmTitle": "Usuń konto",
+    "deleteAccountConfirmMessage": "Spowoduje to trwałe usunięcie konta, wszystkich organizacji, które posiadasz, oraz wszystkich danych w tych organizacjach. Tej operacji nie można cofnąć.",
+    "deleteAccountConfirmString": "usuń konto",
+    "deleteAccountSuccess": "Konto usunięte",
+    "deleteAccountSuccessMessage": "Twoje konto zostało usunięte.",
+    "deleteAccountError": "Nie udało się usunąć konta",
+    "deleteAccountPreviewAccount": "Twoje konto",
+    "deleteAccountPreviewOrgs": "Organizacje, które jesteś właścicielem (i wszystkie ich dane)",
     "orgMissing": "Brak ID organizacji",
     "orgMissingMessage": "Nie można ponownie wygenerować zaproszenia bez ID organizacji.",
     "accessUsersManage": "Zarządzaj użytkownikami",
+    "accessUserManage": "Zarządzaj użytkownikiem",
     "accessUsersDescription": "Zaproś użytkowników z dostępem do tej organizacji i zarządzaj nimi",
     "accessUsersSearch": "Szukaj użytkowników...",
+    "accessUsersRoleFilterCount": "{count, plural, one {# rola} few {# role} many {# ról} other {# ról}}",
+    "accessUsersRoleFilterClear": "Wyczyść filtry ról",
     "accessUserCreate": "Utwórz użytkownika",
     "accessUserRemove": "Usuń użytkownika",
     "username": "Nazwa użytkownika",
@@ -310,6 +364,54 @@
     "apiKeysDelete": "Usuń klucz API",
     "apiKeysManage": "Zarządzaj kluczami API",
     "apiKeysDescription": "Klucze API służą do uwierzytelniania z API integracji",
+    "provisioningKeysTitle": "Klucz Zaopatrzenia",
+    "provisioningKeysManage": "Zarządzaj kluczami zaopatrzenia",
+    "provisioningKeysDescription": "Klucze zaopatrzenia są używane do uwierzytelniania zautomatyzowanego zaopatrzenia twojej organizacji.",
+    "provisioningManage": "Dostarczanie",
+    "provisioningDescription": "Zarządzaj kluczami rezerwacji i sprawdzaj oczekujące strony oczekujące na zatwierdzenie.",
+    "pendingSites": "Witryny oczekujące",
+    "siteApproveSuccess": "Witryna została pomyślnie zatwierdzona",
+    "siteApproveError": "Błąd zatwierdzania witryny",
+    "provisioningKeys": "Klucze Zaopatrzenia",
+    "searchProvisioningKeys": "Szukaj kluczy zaopatrzenia...",
+    "provisioningKeysAdd": "Wygeneruj klucz zaopatrzenia",
+    "provisioningKeysErrorDelete": "Błąd podczas usuwania klucza zaopatrzenia",
+    "provisioningKeysErrorDeleteMessage": "Błąd podczas usuwania klucza zaopatrzenia",
+    "provisioningKeysQuestionRemove": "Czy na pewno chcesz usunąć ten klucz rezerwacji z organizacji?",
+    "provisioningKeysMessageRemove": "Po usunięciu, klucz nie może być już używany do tworzenia witryny.",
+    "provisioningKeysDeleteConfirm": "Potwierdź usunięcie klucza zaopatrzenia",
+    "provisioningKeysDelete": "Usuń klucz zaopatrzenia",
+    "provisioningKeysCreate": "Wygeneruj klucz zaopatrzenia",
+    "provisioningKeysCreateDescription": "Wygeneruj nowy klucz tworzenia rezerw dla organizacji",
+    "provisioningKeysSeeAll": "Zobacz wszystkie klucze rezerwacji",
+    "provisioningKeysSave": "Zapisz klucz zaopatrzenia",
+    "provisioningKeysSaveDescription": "Możesz to zobaczyć tylko raz. Skopiuj je do bezpiecznego miejsca.",
+    "provisioningKeysErrorCreate": "Błąd podczas tworzenia klucza zaopatrzenia",
+    "provisioningKeysList": "Nowy klucz rezerwacji",
+    "provisioningKeysMaxBatchSize": "Maksymalny rozmiar partii",
+    "provisioningKeysUnlimitedBatchSize": "Nieograniczony rozmiar partii (bez limitu)",
+    "provisioningKeysMaxBatchUnlimited": "Nieograniczona",
+    "provisioningKeysMaxBatchSizeInvalid": "Wprowadź poprawny maksymalny rozmiar partii (1–1 000,000).",
+    "provisioningKeysValidUntil": "Ważny do",
+    "provisioningKeysValidUntilHint": "Pozostaw puste, aby nie wygasnąć.",
+    "provisioningKeysValidUntilInvalid": "Wprowadź prawidłową datę i godzinę.",
+    "provisioningKeysNumUsed": "Używane czasy",
+    "provisioningKeysLastUsed": "Ostatnio używane",
+    "provisioningKeysNoExpiry": "Brak wygaśnięcia",
+    "provisioningKeysNeverUsed": "Nigdy",
+    "provisioningKeysEdit": "Edytuj klucz zaopatrzenia",
+    "provisioningKeysEditDescription": "Zaktualizuj maksymalny rozmiar partii i czas wygaśnięcia dla tego klucza.",
+    "provisioningKeysApproveNewSites": "Zatwierdź nowe witryny",
+    "provisioningKeysApproveNewSitesDescription": "Automatycznie zatwierdzaj witryny, które rejestrują się za pomocą tego klucza.",
+    "provisioningKeysUpdateError": "Błąd podczas aktualizacji klucza zaopatrzenia",
+    "provisioningKeysUpdated": "Klucz zaopatrzenia zaktualizowany",
+    "provisioningKeysUpdatedDescription": "Twoje zmiany zostały zapisane.",
+    "provisioningKeysBannerTitle": "Klucze Zaopatrzenia witryny",
+    "provisioningKeysBannerDescription": "Wygeneruj klucz provisioning i użyj go z konektorem Newt do automatycznego tworzenia witryn przy pierwszym uruchomieniu - nie ma potrzeby konfigurowania oddzielnych poświadczeń dla każdej witryny.",
+    "provisioningKeysBannerButtonText": "Dowiedz się więcej",
+    "pendingSitesBannerTitle": "Witryny oczekujące",
+    "pendingSitesBannerDescription": "Witryny, które łączą się za pomocą klucza provisioning, pojawią się tutaj do przeglądu.",
+    "pendingSitesBannerButtonText": "Dowiedz się więcej",
     "apiKeysSettings": "Ustawienia {apiKeyName}",
     "userTitle": "Zarządzaj wszystkimi użytkownikami",
     "userDescription": "Zobacz i zarządzaj wszystkimi użytkownikami w systemie",
@@ -339,6 +441,10 @@
     "licenseErrorKeyActivate": "Nie udało się aktywować klucza licencji",
     "licenseErrorKeyActivateDescription": "Wystąpił błąd podczas aktywacji klucza licencyjnego.",
     "licenseAbout": "O licencjonowaniu",
+    "licenseBannerTitle": "Aktywuj swoją licencję Enterprise",
+    "licenseBannerDescription": "Odblokuj funkcje korporacyjne dla swojego autonomicznego wdrożenia Pangolin. Kup klucz licencyjny, aby aktywować możliwości premium, a następnie wprowadź go poniżej.",
+    "licenseBannerGetLicense": "Uzyskaj licencję",
+    "licenseBannerViewDocs": "Zobacz dokumentację",
     "communityEdition": "Edycja Społecznościowa",
     "licenseAboutDescription": "Dotyczy to przedsiębiorstw i przedsiębiorstw, którzy stosują Pangolin w środowisku handlowym. Jeśli używasz Pangolin do użytku osobistego, możesz zignorować tę sekcję.",
     "licenseKeyActivated": "Klucz licencyjny aktywowany",
@@ -461,6 +567,8 @@
     "filterByApprovalState": "Filtruj według państwa zatwierdzenia",
     "approvalListEmpty": "Brak zatwierdzeń",
     "approvalState": "Państwo zatwierdzające",
+    "approvalLoadMore": "Załaduj więcej",
+    "loadingApprovals": "Wczytywanie zatwierdzeń",
     "approve": "Zatwierdź",
     "approved": "Zatwierdzone",
     "denied": "Odmowa",
@@ -494,9 +602,12 @@
     "userSaved": "Użytkownik zapisany",
     "userSavedDescription": "Użytkownik został zaktualizowany.",
     "autoProvisioned": "Przesłane automatycznie",
+    "autoProvisionSettings": "Ustawienia automatycznego dostarczania",
     "autoProvisionedDescription": "Pozwól temu użytkownikowi na automatyczne zarządzanie przez dostawcę tożsamości",
     "accessControlsDescription": "Zarządzaj tym, do czego użytkownik ma dostęp i co może robić w organizacji",
     "accessControlsSubmit": "Zapisz kontrole dostępu",
+    "singleRolePerUserPlanNotice": "Twój plan obsługuje tylko jedną rolę na użytkownika.",
+    "singleRolePerUserEditionNotice": "Ta edycja obsługuje tylko jedną rolę na użytkownika.",
     "roles": "Role",
     "accessUsersRoles": "Zarządzaj użytkownikami i rolami",
     "accessUsersRolesDescription": "Zaproś użytkowników i dodaj je do ról do zarządzania dostępem do organizacji",
@@ -553,6 +664,8 @@
     "targetErrorInvalidPortDescription": "Wprowadź prawidłowy numer portu",
     "targetErrorNoSite": "Nie wybrano witryny",
     "targetErrorNoSiteDescription": "Wybierz witrynę docelową",
+    "targetTargetsCleared": "Cele wyczyszczone",
+    "targetTargetsClearedDescription": "Wszystkie cele zostały usunięte z tego zasobu",
     "targetCreated": "Cel utworzony",
     "targetCreatedDescription": "Cel został utworzony pomyślnie",
     "targetErrorCreate": "Nie udało się utworzyć celu",
@@ -636,6 +749,7 @@
     "resourcesErrorUpdate": "Nie udało się przełączyć zasobu",
     "resourcesErrorUpdateDescription": "Wystąpił błąd podczas aktualizacji zasobu",
     "access": "Dostęp",
+    "accessControl": "Kontrola dostępu",
     "shareLink": "Link udostępniania {resource}",
     "resourceSelect": "Wybierz zasób",
     "shareLinks": "Linki udostępniania",
@@ -653,6 +767,7 @@
     "newtEndpoint": "Endpoint",
     "newtId": "ID",
     "newtSecretKey": "Sekret",
+    "newtVersion": "Wersja",
     "architecture": "Architektura",
     "sites": "Witryny",
     "siteWgAnyClients": "Użyj dowolnego klienta WireGuard, aby się połączyć. Będziesz musiał przekierować wewnętrzne zasoby za pomocą adresu IP.",
@@ -776,6 +891,7 @@
     "accessRoleRemoved": "Rola usunięta",
     "accessRoleRemovedDescription": "Rola została pomyślnie usunięta.",
     "accessRoleRequiredRemove": "Przed usunięciem tej roli, wybierz nową rolę do której zostaną przeniesieni obecni członkowie.",
+    "network": "Sieć",
     "manage": "Zarządzaj",
     "sitesNotFound": "Nie znaleziono witryn.",
     "pangolinServerAdmin": "Administrator serwera - Pangolin",
@@ -819,6 +935,7 @@
     "idpDisplayName": "Nazwa wyświetlana dla tego dostawcy tożsamości",
     "idpAutoProvisionUsers": "Automatyczne tworzenie użytkowników",
     "idpAutoProvisionUsersDescription": "Gdy włączone, użytkownicy będą automatycznie tworzeni w systemie przy pierwszym logowaniu z możliwością mapowania użytkowników do ról i organizacji.",
+    "idpAutoProvisionConfigureAfterCreate": "Możesz skonfigurować automatyczne ustawienia provision, gdy dostawca tożsamości zostanie utworzony.",
     "licenseBadge": "EE",
     "idpType": "Typ dostawcy",
     "idpTypeDescription": "Wybierz typ dostawcy tożsamości, który chcesz skonfigurować",
@@ -870,7 +987,7 @@
     "defaultMappingsRole": "Domyślne mapowanie roli",
     "defaultMappingsRoleDescription": "JMESPath do wydobycia informacji o roli z tokena ID. Wynik tego wyrażenia musi zwrócić nazwę roli zdefiniowaną w organizacji jako ciąg znaków.",
     "defaultMappingsOrg": "Domyślne mapowanie organizacji",
-    "defaultMappingsOrgDescription": "JMESPath do wydobycia informacji o organizacji z tokena ID. To wyrażenie musi zwrócić ID organizacji lub true, aby użytkownik mógł uzyskać dostęp do organizacji.",
+    "defaultMappingsOrgDescription": "Gdy jest ustawiona, ta wyrażenie musi zwrócić identyfikator organizacji lub true, aby użytkownik mógł uzyskać dostęp do tej organizacji. Gdy nie jest ustawiona, wystarczające jest zdefiniowanie mapowania ról: użytkownik jest dopuszczony, o ile można rozwiązać dla niego ważne mapowanie ról w organizacji.",
     "defaultMappingsSubmit": "Zapisz domyślne mapowania",
     "orgPoliciesEdit": "Edytuj politykę organizacji",
     "org": "Organizacja",
@@ -1017,12 +1134,12 @@
     "pangolinSetup": "Konfiguracja - Pangolin",
     "orgNameRequired": "Nazwa organizacji jest wymagana",
     "orgIdRequired": "ID organizacji jest wymagane",
+    "orgIdMaxLength": "Identyfikator organizacji musi mieć co najwyżej 32 znaki",
     "orgErrorCreate": "Wystąpił błąd podczas tworzenia organizacji",
     "pageNotFound": "Nie znaleziono strony",
     "pageNotFoundDescription": "Ups! Strona, której szukasz, nie istnieje.",
     "overview": "Przegląd",
     "home": "Strona główna",
-    "accessControl": "Kontrola dostępu",
     "settings": "Ustawienia",
     "usersAll": "Wszyscy użytkownicy",
     "license": "Licencja",
@@ -1085,6 +1202,12 @@
     "actionGetUser": "Pobierz użytkownika",
     "actionGetOrgUser": "Pobierz użytkownika organizacji",
     "actionListOrgDomains": "Lista domen organizacji",
+    "actionGetDomain": "Pobierz domenę",
+    "actionCreateOrgDomain": "Utwórz domenę",
+    "actionUpdateOrgDomain": "Aktualizuj domenę",
+    "actionDeleteOrgDomain": "Usuń domenę",
+    "actionGetDNSRecords": "Pobierz rekordy DNS",
+    "actionRestartOrgDomain": "Zrestartuj domenę",
     "actionCreateSite": "Utwórz witrynę",
     "actionDeleteSite": "Usuń witrynę",
     "actionGetSite": "Pobierz witrynę",
@@ -1096,6 +1219,7 @@
     "setupTokenDescription": "Wprowadź token konfiguracji z konsoli serwera.",
     "setupTokenRequired": "Wymagany jest token konfiguracji",
     "actionUpdateSite": "Aktualizuj witrynę",
+    "actionResetSiteBandwidth": "Zresetuj przepustowość organizacji",
     "actionListSiteRoles": "Lista dozwolonych ról witryny",
     "actionCreateResource": "Utwórz zasób",
     "actionDeleteResource": "Usuń zasób",
@@ -1125,6 +1249,7 @@
     "actionRemoveUser": "Usuń użytkownika",
     "actionListUsers": "Lista użytkowników",
     "actionAddUserRole": "Dodaj rolę użytkownika",
+    "actionSetUserOrgRoles": "Ustaw role użytkownika",
     "actionGenerateAccessToken": "Wygeneruj token dostępu",
     "actionDeleteAccessToken": "Usuń token dostępu",
     "actionListAccessTokens": "Lista tokenów dostępu",
@@ -1169,7 +1294,9 @@
     "actionViewLogs": "Zobacz dzienniki",
     "noneSelected": "Nie wybrano",
     "orgNotFound2": "Nie znaleziono organizacji.",
-    "searchProgress": "Szukaj...",
+    "search": "Szukaj…",
+    "searchPlaceholder": "Szukaj...",
+    "emptySearchOptions": "Nie znaleziono opcji",
     "create": "Utwórz",
     "orgs": "Organizacje",
     "loginError": "Wystąpił nieoczekiwany błąd. Spróbuj ponownie.",
@@ -1233,12 +1360,14 @@
     "sidebarClientResources": "Prywatny",
     "sidebarAccessControl": "Kontrola dostępu",
     "sidebarLogsAndAnalytics": "Logi i Analityki",
+    "sidebarTeam": "Drużyna",
     "sidebarUsers": "Użytkownicy",
     "sidebarAdmin": "Administrator",
     "sidebarInvitations": "Zaproszenia",
     "sidebarRoles": "Role",
     "sidebarShareableLinks": "Linki",
     "sidebarApiKeys": "Klucze API",
+    "sidebarProvisioning": "Dostarczanie",
     "sidebarSettings": "Ustawienia",
     "sidebarAllUsers": "Wszyscy użytkownicy",
     "sidebarIdentityProviders": "Dostawcy tożsamości",
@@ -1250,8 +1379,167 @@
     "sidebarGeneral": "Zarządzaj",
     "sidebarLogAndAnalytics": "Dziennik & Analityka",
     "sidebarBluePrints": "Schematy",
+    "sidebarAlerting": "Alarmowanie",
+    "sidebarHealthChecks": "Kontrole zdrowia",
     "sidebarOrganization": "Organizacja",
+    "sidebarManagement": "Zarządzanie",
+    "sidebarBillingAndLicenses": "Płatność i licencje",
     "sidebarLogsAnalytics": "Analityka",
+    "alertingTitle": "Alarmowanie",
+    "alertingDescription": "Zdefiniuj źródła, ustawienia, i działania dla powiadomień",
+    "alertingRules": "Reguły alarmowe",
+    "alertingSearchRules": "Szukaj reguł…",
+    "alertingAddRule": "Utwórz Regułę",
+    "alertingColumnSource": "Źródło",
+    "alertingColumnTrigger": "Ustawienie",
+    "alertingColumnActions": "Akcje",
+    "alertingColumnEnabled": "Włączone",
+    "alertingDeleteQuestion": "Potwierdź, że chcesz usunąć tę regułę alarmową.",
+    "alertingDeleteRule": "Usuń regułę alarmową",
+    "alertingRuleDeleted": "Reguła alarmowa usunięta",
+    "alertingRuleSaved": "Reguła alarmowa zapisana",
+    "alertingRuleSavedCreatedDescription": "Nowa reguła alarmowa została utworzona. Możesz ją kontynuować edytować na tej stronie.",
+    "alertingRuleSavedUpdatedDescription": "Twoje zmiany w tej regule alarmowej zostały zapisane.",
+    "alertingEditRule": "Edytuj regułę alarmową",
+    "alertingCreateRule": "Utwórz regułę alarmową",
+    "alertingRuleCredenzaDescription": "Wybierz, co obserwować, kiedy uruchamiać i jak powiadamiać.",
+    "alertingRuleNamePlaceholder": "Strona produkcyjna w dół",
+    "alertingRuleEnabled": "Reguła włączona",
+    "alertingSectionSource": "Źródło",
+    "alertingSourceType": "Typ źródła",
+    "alertingSourceSite": "Witryna",
+    "alertingSourceHealthCheck": "Kontrola zdrowia",
+    "alertingPickSites": "Witryny",
+    "alertingPickHealthChecks": "Kontrole zdrowia",
+    "alertingPickResources": "Zasoby",
+    "alertingAllSites": "Wszystkie witryny",
+    "alertingAllSitesDescription": "Alarm uruchomiony dla dowolnej witryny",
+    "alertingSpecificSites": "Określone witryny",
+    "alertingSpecificSitesDescription": "Wybierz określone witryny do obserwacji",
+    "alertingAllHealthChecks": "Wszystkie Kontrole Zdrowia",
+    "alertingAllHealthChecksDescription": "Alarm uruchomiony dla dowolnej kontroli zdrowia",
+    "alertingSpecificHealthChecks": "Określone Kontrole Zdrowia",
+    "alertingSpecificHealthChecksDescription": "Wybierz określone kontrole zdrowia do obserwacji",
+    "alertingAllResources": "Wszystkie zasoby",
+    "alertingAllResourcesDescription": "Alarm uruchomiony dla dowolnego zasobu",
+    "alertingSpecificResources": "Określone Zasoby",
+    "alertingSpecificResourcesDescription": "Wybierz określone zasoby do obserwacji",
+    "alertingSelectResources": "Wybierz zasoby…",
+    "alertingResourcesSelected": "{count} zasobów wybrano",
+    "alertingResourcesEmpty": "Brak zasobów z celami w pierwszych 10 wynikach.",
+    "alertingSectionTrigger": "Ustawienie",
+    "alertingTrigger": "Kiedy alarmować",
+    "alertingTriggerSiteOnline": "Strona online",
+    "alertingTriggerSiteOffline": "Strona offline",
+    "alertingTriggerSiteToggle": "Status strony zmienia się",
+    "alertingTriggerHcHealthy": "Kontrola zdrowia zdrowa",
+    "alertingTriggerHcUnhealthy": "Kontrola zdrowia niezdrowa",
+    "alertingTriggerHcToggle": "Status kontroli zdrowia zmienia się",
+    "alertingTriggerResourceHealthy": "Zasób zdrowy",
+    "alertingTriggerResourceUnhealthy": "Zasób niezdrowy",
+    "alertingTriggerResourceDegraded": "Zasób pogorszony",
+    "alertingSearchHealthChecks": "Szukaj kontroli zdrowia…",
+    "alertingHealthChecksEmpty": "Brak dostępnych kontroli zdrowia.",
+    "alertingTriggerResourceToggle": "Zmiany statusu zasobu",
+    "alertingSourceResource": "Zasób",
+    "alertingSectionActions": "Akcje",
+    "alertingAddAction": "Dodaj Akcję",
+    "alertingActionNotify": "E-mail",
+    "alertingActionNotifyDescription": "Wyślij powiadomienia e-mail do użytkowników lub ról",
+    "alertingActionWebhook": "Webhook",
+    "alertingActionWebhookDescription": "Wyślij żądanie HTTP do niestandardowego punktu końcowego",
+    "alertingExternalIntegration": "Integracja Zewnętrzna",
+    "alertingExternalPagerDutyDescription": "Przesyłaj alerty do PagerDuty do zarządzania incydentami",
+    "alertingExternalOpsgenieDescription": "Kieruj alerty do Opsgenie dla zarządzania dyżurem",
+    "alertingExternalServiceNowDescription": "Twórz incydenty ServiceNow z alertów",
+    "alertingExternalIncidentIoDescription": "Wyzwalaj przepływy Incident.io z alertów",
+    "alertingActionType": "Typ akcji",
+    "alertingNotifyUsers": "Użytkownicy",
+    "alertingNotifyRoles": "Role",
+    "alertingNotifyEmails": "Adres e-mail",
+    "alertingEmailPlaceholder": "Dodaj e-mail i naciśnij Enter",
+    "alertingWebhookMethod": "Metoda HTTP",
+    "alertingWebhookSecret": "Sekret podpisu (opcjonalny)",
+    "alertingWebhookSecretPlaceholder": "Sekret HMAC",
+    "alertingWebhookHeaders": "Nagłówki",
+    "alertingAddHeader": "Dodaj nagłówek",
+    "alertingSelectSites": "Wybierz witryny…",
+    "alertingSitesSelected": "{count} witryny wybrano",
+    "alertingSelectHealthChecks": "Wybierz wyniki zdrowia…",
+    "alertingHealthChecksSelected": "{count} wyniki zdrowia wybrane",
+    "alertingNoHealthChecks": "Brak celów z aktywowanymi kontrolami zdrowia",
+    "alertingHealthCheckStub": "Wybór źródła kontroli zdrowia jeszcze nie skonfigurowany - możesz nadal skonfigurować wyzwalacze i akcje.",
+    "alertingSelectUsers": "Wybierz użytkowników…",
+    "alertingUsersSelected": "{count} użytkowników wybrano",
+    "alertingSelectRoles": "Wybierz role…",
+    "alertingRolesSelected": "{count} ról wybrano",
+    "alertingSummarySites": "Witryny ({count})",
+    "alertingSummaryAllSites": "Wszystkie witryny",
+    "alertingSummaryHealthChecks": "Kontrole zdrowia ({count})",
+    "alertingSummaryAllHealthChecks": "Wszystkie kontrole zdrowia",
+    "alertingSummaryResources": "Zasoby ({count})",
+    "alertingSummaryAllResources": "Wszystkie zasoby",
+    "alertingErrorNameRequired": "Wprowadź nazwę",
+    "alertingErrorActionsMin": "Dodaj co najmniej jedną akcję",
+    "alertingErrorPickSites": "Wybierz co najmniej jedną witrynę",
+    "alertingErrorPickHealthChecks": "Wybierz co najmniej jedną kontrolę zdrowia",
+    "alertingErrorPickResources": "Wybierz co najmniej jeden zasób",
+    "alertingErrorTriggerSite": "Wybierz wyzwalacz witryny",
+    "alertingErrorTriggerHealth": "Wybierz wyzwalacz kontroli zdrowia",
+    "alertingErrorTriggerResource": "Wybierz wyzwalacz zasobu",
+    "alertingErrorNotifyRecipients": "Wybierz użytkowników, role lub co najmniej jeden e-mail",
+    "alertingConfigureSource": "Skonfiguruj źródło",
+    "alertingConfigureTrigger": "Skonfiguruj wyzwalacz",
+    "alertingConfigureActions": "Skonfiguruj akcje",
+    "alertingBackToRules": "Powrót do reguł",
+    "alertingRuleCooldown": "Czas ochłodzenia (sekundy)",
+    "alertingRuleCooldownDescription": "Minimalny czas między powtórzonymi alarmami dla tej samej reguły. Ustaw na 0, aby wyzwalać za każdym razem.",
+    "alertingDraftBadge": "Szkic - zapisz, aby zachować tę regułę",
+    "alertingSidebarHint": "Kliknij krok na kanwie, aby edytować go tutaj.",
+    "alertingGraphCanvasTitle": "Przepływ reguł",
+    "alertingGraphCanvasDescription": "Wizualny podgląd źródła, wyzwalacza i akcji. Wybierz węzeł, aby edytować go w panelu.",
+    "alertingNodeNotConfigured": "Nie skonfigurowano jeszcze",
+    "alertingNodeActionsCount": "{count, plural, one {# akcja} few {# akcje} many {# akcji} other {# akcji}}",
+    "alertingNodeRoleSource": "Źródło",
+    "alertingNodeRoleTrigger": "Wyzwalacz",
+    "alertingNodeRoleAction": "Akcja",
+    "alertingTabRules": "Reguły Alarmowe",
+    "alertingTabHealthChecks": "Kontrole Zdrowia",
+    "alertingRulesBannerTitle": "Otrzymaj Powiadomienie",
+    "alertingRulesBannerDescription": "Każda reguła wiąże ze sobą co obserwować (np. witryna, kontrola zdrowia czy zasób), kiedy uruchomić (np. offline lub niezdrowy), oraz jak powiadomić zespół przez e-mail, webhooks lub integracje. Użyj tej listy, aby utworzyć, włączyć i zarządzać tymi regułami.",
+    "alertingHealthChecksBannerTitle": "Monitor Zdrowia i Zasobów",
+    "alertingHealthChecksBannerDescription": "Kontrole zdrowia to monitory HTTP lub TCP, które definiujesz raz. Następnie możesz używać ich jako źródeł w regułach alarmowych, aby otrzymywać powiadomienia, kiedy cel stanie się zdrowy lub niezdrowy. Kontrole zdrowia w zasobach również pojawiają się tutaj.",
+    "standaloneHcTableTitle": "Kontrole Zdrowia",
+    "standaloneHcSearchPlaceholder": "Szukaj kontroli zdrowia…",
+    "standaloneHcAddButton": "Utwórz Kontrolę Zdrowia",
+    "standaloneHcCreateTitle": "Utwórz Kontrolę Zdrowia",
+    "standaloneHcEditTitle": "Edytuj Kontrolę Zdrowia",
+    "standaloneHcDescription": "Skonfiguruj kontrolę zdrowia HTTP lub TCP do wykorzystania w regułach alarmowych.",
+    "standaloneHcNameLabel": "Nazwa",
+    "standaloneHcNamePlaceholder": "Mój Monitor HTTP",
+    "standaloneHcDeleteTitle": "Usuń kontrolę zdrowia",
+    "standaloneHcDeleteQuestion": "Potwierdź, że chcesz usunąć tę kontrolę zdrowia.",
+    "standaloneHcDeleted": "Kontrola zdrowia usunięta",
+    "standaloneHcSaved": "Kontrola zdrowia zapisana",
+    "standaloneHcColumnHealth": "Zdrowie",
+    "standaloneHcColumnMode": "Tryb",
+    "standaloneHcColumnTarget": "Cel",
+    "standaloneHcHealthStateHealthy": "Zdrowy",
+    "standaloneHcHealthStateUnhealthy": "Niezdrowy",
+    "standaloneHcHealthStateUnknown": "Nieznany",
+    "standaloneHcFilterAnySite": "Wszystkie witryny",
+    "standaloneHcFilterAnyResource": "Wszystkie zasoby",
+    "standaloneHcFilterMode": "Tryb",
+    "standaloneHcFilterModeHttp": "HTTP",
+    "standaloneHcFilterModeTcp": "TCP",
+    "standaloneHcFilterModeSnmp": "SNMP",
+    "standaloneHcFilterModePing": "Ping",
+    "standaloneHcFilterHealth": "Zdrowie",
+    "standaloneHcFilterEnabled": "Włączone",
+    "standaloneHcFilterEnabledOn": "Włączone",
+    "standaloneHcFilterEnabledOff": "Wyłączone",
+    "standaloneHcFilterSiteIdFallback": "Witryna {id}",
+    "standaloneHcFilterResourceIdFallback": "Zasób {id}",
     "blueprints": "Schematy",
     "blueprintsDescription": "Zastosuj konfiguracje deklaracyjne i wyświetl poprzednie operacje",
     "blueprintAdd": "Dodaj schemat",
@@ -1272,7 +1560,6 @@
     "parsedContents": "Przetworzona zawartość (tylko do odczytu)",
     "enableDockerSocket": "Włącz schemat dokera",
     "enableDockerSocketDescription": "Włącz etykietowanie kieszeni dokującej dla etykiet schematów. Ścieżka do gniazda musi być dostarczona do Newt.",
-    "enableDockerSocketLink": "Dowiedz się więcej",
     "viewDockerContainers": "Zobacz kontenery dokujące",
     "containersIn": "Pojemniki w {siteName}",
     "selectContainerDescription": "Wybierz dowolny kontener do użycia jako nazwa hosta dla tego celu. Kliknij port, aby użyć portu.",
@@ -1314,7 +1601,8 @@
     "initialSetupDescription": "Utwórz początkowe konto administratora serwera. Może istnieć tylko jeden administrator serwera. Zawsze można zmienić te dane uwierzytelniające.",
     "createAdminAccount": "Utwórz konto administratora",
     "setupErrorCreateAdmin": "Wystąpił błąd podczas tworzenia konta administratora serwera.",
-    "certificateStatus": "Status certyfikatu",
+    "certificateStatus": "Certyfikat",
+    "certificateStatusAutoRefreshHint": "Status odświeża się automatycznie.",
     "loading": "Ładowanie",
     "loadingAnalytics": "Ładowanie Analityki",
     "restart": "Uruchom ponownie",
@@ -1383,6 +1671,7 @@
     "pangolinUpdateAvailableReleaseNotes": "Zobacz informacje o wydaniu",
     "newtUpdateAvailable": "Dostępna aktualizacja",
     "newtUpdateAvailableInfo": "Nowa wersja Newt jest dostępna. Prosimy o aktualizację do najnowszej wersji dla najlepszej pracy.",
+    "pangolinNodeUpdateAvailableInfo": "Nowa wersja Pangolin Node jest dostępna. Prosimy o aktualizację do najnowszej wersji dla najlepszej pracy.",
     "domainPickerEnterDomain": "Domena",
     "domainPickerPlaceholder": "mojapp.example.com",
     "domainPickerDescription": "Wpisz pełną domenę zasobu, aby zobaczyć dostępne opcje.",
@@ -1400,6 +1689,7 @@
     "domainPickerNamespace": "Przestrzeń nazw: {namespace}",
     "domainPickerShowMore": "Pokaż więcej",
     "regionSelectorTitle": "Wybierz region",
+    "domainPickerRemoteExitNodeWarning": "Podane domeny nie są obsługiwane, gdy witryny łączą się ze zdalnymi węzłami wyjścia. Aby zasoby były dostępne w węzłach zdalnych, użyj domeny niestandardowej.",
     "regionSelectorInfo": "Wybór regionu pomaga nam zapewnić lepszą wydajność dla Twojej lokalizacji. Nie musisz być w tym samym regionie co Twój serwer.",
     "regionSelectorPlaceholder": "Wybierz region",
     "regionSelectorComingSoon": "Wkrótce dostępne",
@@ -1412,6 +1702,7 @@
     "billingSites": "Witryny",
     "billingUsers": "Użytkownicy",
     "billingDomains": "Domeny",
+    "billingOrganizations": "O masie całkowitej pojazdu przekraczającej 5 ton, ale nieprzekraczającej 5 ton",
     "billingRemoteExitNodes": "Zdalne węzły",
     "billingNoLimitConfigured": "Nie skonfigurowano limitu",
     "billingEstimatedPeriod": "Szacowany Okres Rozliczeniowy",
@@ -1454,6 +1745,7 @@
     "failed": "Niepowodzenie",
     "createNewOrgDescription": "Utwórz nową organizację",
     "organization": "Organizacja",
+    "primary": "Podstawowy",
     "port": "Port",
     "securityKeyManage": "Zarządzaj kluczami bezpieczeństwa",
     "securityKeyDescription": "Dodaj lub usuń klucze bezpieczeństwa do uwierzytelniania bez hasła",
@@ -1551,6 +1843,16 @@
     "billingFeatureLossWarning": "Powiadomienie o dostępności funkcji",
     "billingFeatureLossDescription": "Po obniżeniu wartości funkcje niedostępne w nowym planie zostaną automatycznie wyłączone. Niektóre ustawienia i konfiguracje mogą zostać utracone. Zapoznaj się z matrycą cenową, aby zrozumieć, które funkcje nie będą już dostępne.",
     "billingUsageExceedsLimit": "Bieżące użycie ({current}) przekracza limit ({limit})",
+    "billingPastDueTitle": "Płatność w przeszłości",
+    "billingPastDueDescription": "Twoja płatność jest zaległa. Zaktualizuj metodę płatności, aby kontynuować korzystanie z funkcji aktualnego planu. Jeśli nie zostanie rozwiązana, Twoja subskrypcja zostanie anulowana i zostaniesz przywrócony do darmowego poziomu.",
+    "billingUnpaidTitle": "Subskrypcja niezapłacona",
+    "billingUnpaidDescription": "Twoja subskrypcja jest niezapłacona i została przywrócona do darmowego poziomu. Zaktualizuj swoją metodę płatności, aby przywrócić subskrypcję.",
+    "billingIncompleteTitle": "Płatność niezakończona",
+    "billingIncompleteDescription": "Twoja płatność jest niekompletna. Ukończ proces płatności, aby aktywować subskrypcję.",
+    "billingIncompleteExpiredTitle": "Płatność wygasła",
+    "billingIncompleteExpiredDescription": "Twoja płatność nigdy nie została zakończona i wygasła. Zostałeś przywrócony do darmowego poziomu. Zapisz się ponownie, aby przywrócić dostęp do płatnych funkcji.",
+    "billingManageSubscription": "Zarządzaj subskrypcją",
+    "billingResolvePaymentIssue": "Rozwiąż problem z płatnościami przed aktualizacją lub obniżeniem oceny",
     "signUpTerms": {
         "IAgreeToThe": "Zgadzam się z",
         "termsOfService": "warunkami usługi",
@@ -1609,6 +1911,7 @@
     "configureHealthCheck": "Skonfiguruj Kontrolę Zdrowia",
     "configureHealthCheckDescription": "Skonfiguruj monitorowanie zdrowia dla {target}",
     "enableHealthChecks": "Włącz Kontrole Zdrowia",
+    "healthCheckDisabledStateDescription": "Gdy wyłączone, strona nie będzie wykonywać kontroli zdrowia, a stan zostanie uznany za nieznany.",
     "enableHealthChecksDescription": "Monitoruj zdrowie tego celu. Możesz monitorować inny punkt końcowy niż docelowy w razie potrzeby.",
     "healthScheme": "Metoda",
     "healthSelectScheme": "Wybierz metodę",
@@ -1624,6 +1927,24 @@
     "timeIsInSeconds": "Czas w sekundach",
     "requireDeviceApproval": "Wymagaj zatwierdzenia urządzenia",
     "requireDeviceApprovalDescription": "Użytkownicy o tej roli potrzebują nowych urządzeń zatwierdzonych przez administratora, zanim będą mogli połączyć się i uzyskać dostęp do zasobów.",
+    "sshAccess": "Dostęp SSH",
+    "roleAllowSsh": "Zezwalaj na SSH",
+    "roleAllowSshAllow": "Zezwól",
+    "roleAllowSshDisallow": "Nie zezwalaj",
+    "roleAllowSshDescription": "Zezwalaj użytkownikom z tej roli na łączenie się z zasobami za pomocą SSH. Gdy wyłączone, rola nie może korzystać z dostępu SSH.",
+    "sshSudoMode": "Dostęp Sudo",
+    "sshSudoModeNone": "Brak",
+    "sshSudoModeNoneDescription": "Użytkownik nie może uruchamiać poleceń z sudo.",
+    "sshSudoModeFull": "Pełne Sudo",
+    "sshSudoModeFullDescription": "Użytkownik może uruchomić dowolne polecenie z sudo.",
+    "sshSudoModeCommands": "Polecenia",
+    "sshSudoModeCommandsDescription": "Użytkownik może uruchamiać tylko określone polecenia z sudo.",
+    "sshSudo": "Zezwól na sudo",
+    "sshSudoCommands": "Komendy Sudo",
+    "sshSudoCommandsDescription": "Lista poleceń oddzielonych przecinkami, które użytkownik może uruchamiać z sudo.",
+    "sshCreateHomeDir": "Utwórz katalog domowy",
+    "sshUnixGroups": "Grupy Unix",
+    "sshUnixGroupsDescription": "Oddzielone przecinkami grupy Unix, aby dodać użytkownika do docelowego hosta.",
     "retryAttempts": "Próby Ponowienia",
     "expectedResponseCodes": "Oczekiwane Kody Odpowiedzi",
     "expectedResponseCodesDescription": "Kod statusu HTTP, który wskazuje zdrowy status. Jeśli pozostanie pusty, uznaje się 200-300 za zdrowy.",
@@ -1640,9 +1961,20 @@
     "healthCheckIntervalMin": "Interwał sprawdzania musi wynosić co najmniej 5 sekund",
     "healthCheckTimeoutMin": "Limit czasu musi wynosić co najmniej 1 sekundę",
     "healthCheckRetryMin": "Liczba prób ponowienia musi wynosić co najmniej 1",
+    "healthCheckMode": "Tryb kontroli",
+    "healthCheckStrategy": "Strategia",
+    "healthCheckModeDescription": "Tryb TCP weryfikuje tylko łączność. Tryb HTTP ocenia odpowiedź HTTP.",
+    "healthyThreshold": "Próg zdrowia",
+    "healthyThresholdDescription": "Wymagane sukcesy pod rząd, zanim oznaczy się jako zdrowe.",
+    "unhealthyThreshold": "Próg niezdrowia",
+    "unhealthyThresholdDescription": "Wymagane niepowodzenia z rzędu, zanim oznaczy się jako niezdrowe.",
+    "healthCheckHealthyThresholdMin": "Próg zdrowia musi wynosić co najmniej 1",
+    "healthCheckUnhealthyThresholdMin": "Próg niezdrowia musi wynosić co najmniej 1",
     "httpMethod": "Metoda HTTP",
     "selectHttpMethod": "Wybierz metodę HTTP",
     "domainPickerSubdomainLabel": "Poddomena",
+    "domainPickerWildcard": "Uniwersalny",
+    "domainPickerWildcardPaidOnly": "Uniwersalne subdomeny są płatną funkcją. Proszę dokonać aktualizacji, aby uzyskać dostęp do tej funkcji.",
     "domainPickerBaseDomainLabel": "Domen bazowa",
     "domainPickerSearchDomains": "Szukaj domen...",
     "domainPickerNoDomainsFound": "Nie znaleziono domen",
@@ -1668,12 +2000,12 @@
     "resourcesTableAliasAddressInfo": "Ten adres jest częścią podsieci użyteczności organizacji. Jest używany do rozwiązywania rekordów aliasu przy użyciu wewnętrznej rozdzielczości DNS.",
     "resourcesTableClients": "Klientami",
     "resourcesTableAndOnlyAccessibleInternally": "i są dostępne tylko wewnętrznie po połączeniu z klientem.",
-    "resourcesTableNoTargets": "Brak celów",
     "resourcesTableHealthy": "Zdrowe",
     "resourcesTableDegraded": "Degradacja",
-    "resourcesTableOffline": "Offline",
+    "resourcesTableUnhealthy": "Niezdrowy",
     "resourcesTableUnknown": "Nieznane",
     "resourcesTableNotMonitored": "Nie monitorowano",
+    "resourcesTableNoTargets": "Brak celów",
     "editInternalResourceDialogEditClientResource": "Edytuj Zasoby Prywatne",
     "editInternalResourceDialogUpdateResourceProperties": "Aktualizuj konfigurację zasobów i kontrolę dostępu dla {resourceName}",
     "editInternalResourceDialogResourceProperties": "Właściwości zasobów",
@@ -1699,6 +2031,11 @@
     "editInternalResourceDialogModePort": "Port",
     "editInternalResourceDialogModeHost": "Host",
     "editInternalResourceDialogModeCidr": "CIDR",
+    "editInternalResourceDialogModeHttp": "HTTP",
+    "editInternalResourceDialogModeHttps": "HTTPS",
+    "editInternalResourceDialogScheme": "Schemat",
+    "editInternalResourceDialogEnableSsl": "Włącz SSL",
+    "editInternalResourceDialogEnableSslDescription": "Włącz szyfrowanie SSL/TLS dla bezpiecznych połączeń HTTPS z miejscem docelowym.",
     "editInternalResourceDialogDestination": "Miejsce docelowe",
     "editInternalResourceDialogDestinationHostDescription": "Adres IP lub nazwa hosta zasobu w sieci witryny.",
     "editInternalResourceDialogDestinationIPDescription": "Adres IP lub nazwa hosta zasobu w sieci witryny.",
@@ -1714,6 +2051,7 @@
     "createInternalResourceDialogName": "Nazwa",
     "createInternalResourceDialogSite": "Witryna",
     "selectSite": "Wybierz stronę...",
+    "multiSitesSelectorSitesCount": "{count, plural, one {# witryna} few {# witryny} many {# witryn} other {# witryn}}",
     "noSitesFound": "Nie znaleziono stron.",
     "createInternalResourceDialogProtocol": "Protokół",
     "createInternalResourceDialogTcp": "TCP",
@@ -1742,11 +2080,19 @@
     "createInternalResourceDialogModePort": "Port",
     "createInternalResourceDialogModeHost": "Host",
     "createInternalResourceDialogModeCidr": "CIDR",
+    "createInternalResourceDialogModeHttp": "HTTP",
+    "createInternalResourceDialogModeHttps": "HTTPS",
+    "scheme": "Schemat",
+    "createInternalResourceDialogScheme": "Schemat",
+    "createInternalResourceDialogEnableSsl": "Włącz SSL",
+    "createInternalResourceDialogEnableSslDescription": "Włącz szyfrowanie SSL/TLS dla bezpiecznych połączeń HTTPS z miejscem docelowym.",
     "createInternalResourceDialogDestination": "Miejsce docelowe",
     "createInternalResourceDialogDestinationHostDescription": "Adres IP lub nazwa hosta zasobu w sieci witryny.",
     "createInternalResourceDialogDestinationCidrDescription": "Zakres CIDR zasobu w sieci witryny.",
     "createInternalResourceDialogAlias": "Alias",
     "createInternalResourceDialogAliasDescription": "Opcjonalny wewnętrzny alias DNS dla tego zasobu.",
+    "internalResourceDownstreamSchemeRequired": "Schemat jest wymagany dla zasobów HTTP",
+    "internalResourceHttpPortRequired": "Port docelowy jest wymagany dla zasobów HTTP",
     "siteConfiguration": "Konfiguracja",
     "siteAcceptClientConnections": "Akceptuj połączenia klienta",
     "siteAcceptClientConnectionsDescription": "Zezwalaj urządzeniom i klientom na dostęp do zasobów na tej stronie. Może to zostać zmienione później.",
@@ -1832,12 +2178,46 @@
     "exitNode": "Węzeł Wyjściowy",
     "country": "Kraj",
     "rulesMatchCountry": "Obecnie bazuje na adresie IP źródła",
+    "region": "Region",
+    "selectRegion": "Wybierz region",
+    "searchRegions": "Szukaj regionów...",
+    "noRegionFound": "Nie znaleziono regionu.",
+    "rulesMatchRegion": "Wybierz regionalną grupę krajów",
+    "rulesErrorInvalidRegion": "Nieprawidłowy region",
+    "rulesErrorInvalidRegionDescription": "Proszę wybrać prawidłowy region.",
+    "regionAfrica": "Afryka",
+    "regionNorthernAfrica": "Afryka Północna",
+    "regionEasternAfrica": "Afryka Wschodnia",
+    "regionMiddleAfrica": "Afryka Środkowa",
+    "regionSouthernAfrica": "Afryka Południowa",
+    "regionWesternAfrica": "Afryka Zachodnia",
+    "regionAmericas": "Ameryka",
+    "regionCaribbean": "Karaiby",
+    "regionCentralAmerica": "Ameryka Środkowa",
+    "regionSouthAmerica": "Ameryka Południowej",
+    "regionNorthernAmerica": "Ameryka Północna",
+    "regionAsia": "Akwakultura",
+    "regionCentralAsia": "Azja Środkowa",
+    "regionEasternAsia": "Azja Wschodnia",
+    "regionSouthEasternAsia": "Azja Południowo-Wschodnia",
+    "regionSouthernAsia": "Azja Południowa",
+    "regionWesternAsia": "Azja Zachodnia",
+    "regionEurope": "Europa",
+    "regionEasternEurope": "Europa Wschodnia",
+    "regionNorthernEurope": "Europa Północna",
+    "regionSouthernEurope": "Europa Południowa",
+    "regionWesternEurope": "Europa Zachodnia",
+    "regionOceania": "Oceania",
+    "regionAustraliaAndNewZealand": "Australia i Nowa Zelandia",
+    "regionMelanesia": "Melanesia",
+    "regionMicronesia": "Micronesia",
+    "regionPolynesia": "Polynesia",
     "managedSelfHosted": {
         "title": "Zarządzane Samodzielnie-Hostingowane",
         "description": "Większa niezawodność i niska konserwacja serwera Pangolin z dodatkowymi dzwonkami i sygnałami",
         "introTitle": "Zarządzany samowystarczalny Pangolin",
         "introDescription": "jest opcją wdrażania zaprojektowaną dla osób, które chcą prostoty i dodatkowej niezawodności, przy jednoczesnym utrzymaniu swoich danych prywatnych i samodzielnych.",
-        "introDetail": "Z tą opcją nadal obsługujesz swój własny węzeł Pangolin — tunele, zakończenie SSL i ruch na Twoim serwerze. Różnica polega na tym, że zarządzanie i monitorowanie odbywa się za pomocą naszej tablicy rozdzielczej, która odblokowuje szereg korzyści:",
+        "introDetail": "Z tą opcją nadal obsługujesz swój własny węzeł Pangolin - tunele, zakończenie SSL i ruch na Twoim serwerze. Różnica polega na tym, że zarządzanie i monitorowanie odbywa się za pomocą naszej tablicy rozdzielczej, która odblokowuje szereg korzyści:",
         "benefitSimplerOperations": {
             "title": "Uproszczone operacje",
             "description": "Nie ma potrzeby uruchamiania własnego serwera pocztowego lub ustawiania skomplikowanych powiadomień. Będziesz mieć kontrolę zdrowia i powiadomienia o przestoju."
@@ -1870,7 +2250,7 @@
     },
     "internationaldomaindetected": "Wykryto międzynarodową domenę",
     "willbestoredas": "Będą przechowywane jako:",
-    "roleMappingDescription": "Określ jak role są przypisywane do użytkowników podczas logowania się, gdy automatyczne świadczenie jest włączone.",
+    "roleMappingDescription": "Określ, jak role są przypisywane użytkownikom podczas logowania się z tym dostawcą tożsamości.",
     "selectRole": "Wybierz rolę",
     "roleMappingExpression": "Wyrażenie",
     "selectRolePlaceholder": "Wybierz rolę",
@@ -1880,6 +2260,25 @@
     "invalidValue": "Nieprawidłowa wartość",
     "idpTypeLabel": "Typ dostawcy tożsamości",
     "roleMappingExpressionPlaceholder": "np. zawiera(grupy, 'admin') && 'Admin' || 'Członek'",
+    "roleMappingModeFixedRoles": "Stałe role",
+    "roleMappingModeMappingBuilder": "Konstruktor mapowania",
+    "roleMappingModeRawExpression": "Surowe wyrażenie",
+    "roleMappingFixedRolesPlaceholderSelect": "Wybierz jedną lub więcej ról",
+    "roleMappingFixedRolesPlaceholderFreeform": "Wpisz nazwy ról (dopasowanie na organizację)",
+    "roleMappingFixedRolesDescriptionSameForAll": "Przypisz tę samą rolę do każdego automatycznie udostępnionego użytkownika.",
+    "roleMappingFixedRolesDescriptionDefaultPolicy": "W przypadku domyślnych zasad nazwy ról typu które istnieją w każdej organizacji, gdzie użytkownicy są zapisywani. Nazwy muszą się dokładnie zgadzać.",
+    "roleMappingClaimPath": "Ścieżka przejęcia",
+    "roleMappingClaimPathPlaceholder": "grupy",
+    "roleMappingClaimPathDescription": "Ścieżka w payloadzie tokenów, która zawiera wartości źródłowe (np. grupy).",
+    "roleMappingMatchValue": "Wartość dopasowania",
+    "roleMappingAssignRoles": "Przypisz role",
+    "roleMappingAddMappingRule": "Dodaj regułę mapowania",
+    "roleMappingRawExpressionResultDescription": "Wyrażenie musi ocenić do tablicy ciągów lub ciągów.",
+    "roleMappingRawExpressionResultDescriptionSingleRole": "Wyrażenie musi oceniać ciąg znaków (pojedyncza nazwa).",
+    "roleMappingMatchValuePlaceholder": "Wartość dopasowania (na przykład: admin)",
+    "roleMappingAssignRolesPlaceholderFreeform": "Wpisz nazwy ról (aktywizacja na org)",
+    "roleMappingBuilderFreeformRowHint": "Nazwy ról muszą pasować do roli w każdej organizacji docelowej.",
+    "roleMappingRemoveRule": "Usuń",
     "idpGoogleConfiguration": "Konfiguracja Google",
     "idpGoogleConfigurationDescription": "Skonfiguruj dane logowania Google OAuth2",
     "idpGoogleClientIdDescription": "Google OAuth2 Client ID",
@@ -1916,6 +2315,9 @@
     "authPageBrandingQuestionRemove": "Czy na pewno chcesz usunąć branding dla stron uwierzytelniania?",
     "authPageBrandingDeleteConfirm": "Potwierdź usunięcie brandingu",
     "brandingLogoURL": "URL logo",
+    "brandingLogoURLOrPath": "Adres URL logo lub ścieżka",
+    "brandingLogoPathDescription": "Wprowadź adres URL lub ścieżkę lokalną.",
+    "brandingLogoURLDescription": "Wprowadź publicznie dostępny adres URL do obrazu logo.",
     "brandingPrimaryColor": "Główny kolor",
     "brandingLogoWidth": "Szerokość (piksele)",
     "brandingLogoHeight": "Wysokość (piksele)",
@@ -1940,9 +2342,11 @@
     "selectDomainForOrgAuthPage": "Wybierz domenę dla strony uwierzytelniania organizacji",
     "domainPickerProvidedDomain": "Dostarczona domena",
     "domainPickerFreeProvidedDomain": "Darmowa oferowana domena",
+    "domainPickerFreeDomainsPaidFeature": "Dostarczane domeny to funkcja płatna. Subskrybuj, aby uzyskać domenę w ramach swojego planu - nie ma potrzeby przynoszenia własnej.",
     "domainPickerVerified": "Zweryfikowano",
     "domainPickerUnverified": "Niezweryfikowane",
-    "domainPickerInvalidSubdomainStructure": "Ta subdomena zawiera nieprawidłowe znaki lub strukturę. Zostanie ona automatycznie oczyszczona po zapisaniu.",
+    "domainPickerManual": "Podręcznik",
+    "domainPickerInvalidSubdomainStructure": "Nieprawidłowe znaki zostaną zsanitowane, gdy zostaną zapisane.",
     "domainPickerError": "Błąd",
     "domainPickerErrorLoadDomains": "Nie udało się załadować domen organizacji",
     "domainPickerErrorCheckAvailability": "Nie udało się sprawdzić dostępności domeny",
@@ -1955,7 +2359,7 @@
     "orgAuthChooseIdpDescription": "Wybierz swojego dostawcę tożsamości, aby kontynuować",
     "orgAuthNoIdpConfigured": "Ta organizacja nie ma skonfigurowanych żadnych dostawców tożsamości. Zamiast tego możesz zalogować się za pomocą swojej tożsamości Pangolin.",
     "orgAuthSignInWithPangolin": "Zaloguj się używając Pangolin",
-    "orgAuthSignInToOrg": "Zaloguj się do organizacji",
+    "orgAuthSignInToOrg": "Dostawca tożsamości organizacji (SSO)",
     "orgAuthSelectOrgTitle": "Logowanie do organizacji",
     "orgAuthSelectOrgDescription": "Wprowadź identyfikator organizacji, aby kontynuować",
     "orgAuthOrgIdPlaceholder": "twoja-organizacja",
@@ -2171,10 +2575,10 @@
             },
             "scale": {
                 "title": "Skala",
-                "description": "Cechy przedsiębiorstw, 50 użytkowników, 50 obiektów i wsparcie priorytetowe."
+                "description": "Funkcje dla przedsiębiorstw, 50 użytkowników, 100 witryn i priorytetowe wsparcie."
             }
         },
-        "personalUseOnly": "Wyłącznie do użytku osobistego (bezpłatna licencja – brak zamówień)",
+        "personalUseOnly": "Tylko do użytku osobistego (darmowa licencja - bez płatności)",
         "buttons": {
             "continueToCheckout": "Przejdź do zamówienia"
         },
@@ -2248,6 +2652,7 @@
     "validPassword": "Prawidłowe hasło",
     "validEmail": "Valid email",
     "validSSO": "Valid SSO",
+    "connectedClient": "Połączony Klient",
     "resourceBlocked": "Zasób zablokowany",
     "droppedByRule": "Upuszczone przez regułę",
     "noSessions": "Brak sesji",
@@ -2273,6 +2678,8 @@
     "logRetentionAccessDescription": "Jak długo zachować dzienniki dostępu",
     "logRetentionActionLabel": "Zachowanie dziennika akcji",
     "logRetentionActionDescription": "Jak długo zachować dzienniki akcji",
+    "logRetentionConnectionLabel": "Zachowanie dziennika połączeń",
+    "logRetentionConnectionDescription": "Jak długo zachować dzienniki połączeń",
     "logRetentionDisabled": "Wyłączone",
     "logRetention3Days": "3 dni",
     "logRetention7Days": "7 dni",
@@ -2283,8 +2690,15 @@
     "logRetentionEndOfFollowingYear": "Koniec następnego roku",
     "actionLogsDescription": "Zobacz historię działań wykonywanych w tej organizacji",
     "accessLogsDescription": "Wyświetl prośby o autoryzację dostępu do zasobów w tej organizacji",
-    "licenseRequiredToUse": "Do korzystania z tej funkcji wymagana jest licencja <enterpriseLicenseLink>Enterprise Edition</enterpriseLicenseLink> . Ta funkcja jest również dostępna w <pangolinCloudLink>Pangolin Cloud</pangolinCloudLink>.",
-    "ossEnterpriseEditionRequired": "<enterpriseEditionLink>Enterprise Edition</enterpriseEditionLink> jest wymagany do korzystania z tej funkcji. Ta funkcja jest również dostępna w <pangolinCloudLink>Pangolin Cloud</pangolinCloudLink>.",
+    "connectionLogs": "Dzienniki połączeń",
+    "connectionLogsDescription": "Wyświetl dzienniki połączeń dla tuneli w tej organizacji",
+    "sidebarLogsConnection": "Dzienniki połączeń",
+    "sidebarLogsStreaming": "Strumieniowanie",
+    "sourceAddress": "Adres źródłowy",
+    "destinationAddress": "Adres docelowy",
+    "duration": "Czas trwania",
+    "licenseRequiredToUse": "Do korzystania z tej funkcji wymagana jest licencja <enterpriseLicenseLink>Enterprise Edition</enterpriseLicenseLink> lub <pangolinCloudLink>Pangolin Cloud</pangolinCloudLink> . <bookADemoLink>Zarezerwuj wersję demonstracyjną lub wersję próbną POC</bookADemoLink>.",
+    "ossEnterpriseEditionRequired": "<enterpriseEditionLink>Enterprise Edition</enterpriseEditionLink> jest wymagany do korzystania z tej funkcji. Ta funkcja jest również dostępna w <pangolinCloudLink>Pangolin Cloud</pangolinCloudLink>. <bookADemoLink>Zarezerwuj demo lub okres próbny POC</bookADemoLink>.",
     "certResolver": "Rozwiązywanie certyfikatów",
     "certResolverDescription": "Wybierz resolver certyfikatów do użycia dla tego zasobu.",
     "selectCertResolver": "Wybierz Resolver certyfikatów",
@@ -2426,6 +2840,9 @@
     "machineClients": "Klienci maszyn",
     "install": "Zainstaluj",
     "run": "Uruchom",
+    "envFile": "Plik środowiska",
+    "serviceFile": "Plik serwisu",
+    "enableAndStart": "Włącz i Uruchom",
     "clientNameDescription": "Wyświetlana nazwa klienta, która może zostać zmieniona później.",
     "clientAddress": "Adres klienta (Zaawansowany)",
     "setupFailedToFetchSubnet": "Nie udało się pobrać domyślnej podsieci",
@@ -2474,13 +2891,30 @@
     "editInternalResourceDialogAddClients": "Dodaj klientów",
     "editInternalResourceDialogDestinationLabel": "Miejsce docelowe",
     "editInternalResourceDialogDestinationDescription": "Określ adres docelowy dla wewnętrznego zasobu. Może to być nazwa hosta, adres IP lub zakres CIDR, w zależności od wybranego trybu. Opcjonalnie ustaw wewnętrzny alias DNS dla łatwiejszej identyfikacji.",
+    "internalResourceFormMultiSiteRoutingHelp": "Wybór wielu stron umożliwia odporne trasowanie i awarię dla wysokiej dostępności.",
+    "internalResourceFormMultiSiteRoutingHelpLearnMore": "Dowiedz się więcej",
     "editInternalResourceDialogPortRestrictionsDescription": "Ogranicz dostęp do konkretnych portów TCP/UDP lub zezwól/zablokuj wszystkie porty.",
+    "createInternalResourceDialogHttpConfiguration": "Konfiguracja HTTP",
+    "createInternalResourceDialogHttpConfigurationDescription": "Wybierz domenę, której klienci będą używać, aby dotrzeć do tego zasobu przez HTTP lub HTTPS.",
+    "editInternalResourceDialogHttpConfiguration": "Konfiguracja HTTP",
+    "editInternalResourceDialogHttpConfigurationDescription": "Wybierz domenę, której klienci będą używać, aby dotrzeć do tego zasobu przez HTTP lub HTTPS.",
     "editInternalResourceDialogTcp": "TCP",
     "editInternalResourceDialogUdp": "UDP",
     "editInternalResourceDialogIcmp": "ICMP",
     "editInternalResourceDialogAccessControl": "Kontrola dostępu",
     "editInternalResourceDialogAccessControlDescription": "Kontroluj, które role, użytkownicy i klienci maszyn mają dostęp do tego zasobu po połączeniu. Administratorzy zawsze mają dostęp.",
     "editInternalResourceDialogPortRangeValidationError": "Zakres portów musi być \"*\" dla wszystkich portów lub listą portów i zakresów oddzielonych przecinkami (np. \"80,443,8000-9000\"). Porty muszą znajdować się w przedziale od 1 do 65535.",
+    "internalResourceAuthDaemonStrategy": "SSH Auth Daemon Lokalizacja",
+    "internalResourceAuthDaemonStrategyDescription": "Wybierz, gdzie działa demon uwierzytelniania SSH: na stronie (Newt) lub na zdalnym serwerze.",
+    "internalResourceAuthDaemonDescription": "Uwierzytelnianie SSH obsługuje podpisywanie klucza SSH i uwierzytelnianie PAM dla tego zasobu. Wybierz, czy działa na stronie (Newt), czy na oddzielnym serwerze zdalnym. Zobacz <docsLink>dokumentację</docsLink> dla więcej.",
+    "internalResourceAuthDaemonDocsUrl": "https://docs.pangolin.net",
+    "internalResourceAuthDaemonStrategyPlaceholder": "Wybierz strategię",
+    "internalResourceAuthDaemonStrategyLabel": "Lokalizacja",
+    "internalResourceAuthDaemonSite": "Na stronie",
+    "internalResourceAuthDaemonSiteDescription": "Demon Auth działa na stronie (nowy).",
+    "internalResourceAuthDaemonRemote": "Zdalny host",
+    "internalResourceAuthDaemonRemoteDescription": "Demon Auth działa na serwerze, który nie jest stroną.",
+    "internalResourceAuthDaemonPort": "Port Daemon (opcjonalnie)",
     "orgAuthWhatsThis": "Gdzie mogę znaleźć swój identyfikator organizacji?",
     "learnMore": "Dowiedz się więcej",
     "backToHome": "Wróć do strony głównej",
@@ -2502,6 +2936,9 @@
     "maintenancePageMessagePlaceholder": "Wrócimy wkrótce! Nasza strona przechodzi obecnie zaplanowaną konserwację.",
     "maintenancePageMessageDescription": "Szczegółowy komunikat wyjaśniający konserwację",
     "maintenancePageTimeTitle": "Szacowany czas zakończenia (opcjonalnie)",
+    "privateMaintenanceScreenTitle": "Ekraan prywatnego utrzymania",
+    "privateMaintenanceScreenMessage": "Ta domena jest wykorzystywana na prywatnym zasobie. Połącz się za pomocą klienta Pangolin, aby uzyskać dostęp do tego zasobu.",
+    "privateMaintenanceScreenSteps": "Po połączeniu, jeśli nadal widzisz tę wiadomość, pamięć podręczna DNS przeglądarki może nadal wskazywać na stary adres. Aby to naprawić: zamknij i otwórz ponownie tę kartę lub przeglądarkę, a następnie przejdź z powrotem na tę stronę.",
     "maintenanceTime": "np. 2 godziny, 1 listopad o 17:00",
     "maintenanceEstimatedTimeDescription": "Kiedy oczekujesz zakończenia konserwacji",
     "editDomain": "Edytuj domenę",
@@ -2610,5 +3047,166 @@
     "approvalsEmptyStateStep2Title": "Włącz zatwierdzanie urządzenia",
     "approvalsEmptyStateStep2Description": "Edytuj rolę i włącz opcję \"Wymagaj zatwierdzenia urządzenia\". Użytkownicy z tą rolą będą potrzebowali zatwierdzenia administratora dla nowych urządzeń.",
     "approvalsEmptyStatePreviewDescription": "Podgląd: Gdy włączone, oczekujące prośby o sprawdzenie pojawią się tutaj",
-    "approvalsEmptyStateButtonText": "Zarządzaj rolami"
+    "approvalsEmptyStateButtonText": "Zarządzaj rolami",
+    "domainErrorTitle": "Mamy problem z weryfikacją Twojej domeny",
+    "idpAdminAutoProvisionPoliciesTabHint": "Skonfiguruj mapowanie ról i zasady organizacji na karcie <policiesTabLink>Auto Provivision Settings</policiesTabLink>.",
+    "streamingTitle": "Strumieniowanie wydarzeń",
+    "streamingDescription": "Wydarzenia strumieniowe z Twojej organizacji do zewnętrznych miejsc przeznaczenia w czasie rzeczywistym.",
+    "streamingUnnamedDestination": "Miejsce przeznaczenia bez nazwy",
+    "streamingNoUrlConfigured": "Brak skonfigurowanego adresu URL",
+    "streamingAddDestination": "Dodaj cel",
+    "streamingHttpWebhookTitle": "Webhook HTTP",
+    "streamingHttpWebhookDescription": "Wyślij zdarzenia do dowolnego punktu końcowego HTTP z elastycznym uwierzytelnianiem i szablonem.",
+    "streamingS3Title": "Amazon S3",
+    "streamingS3Description": "Zdarzenia strumieniowe do magazynu obiektów kompatybilnych z S3. Już wkrótce.",
+    "streamingDatadogTitle": "Datadog",
+    "streamingDatadogDescription": "Przekaż wydarzenia bezpośrednio do Twojego konta Datadog. Już wkrótce.",
+    "streamingTypePickerDescription": "Wybierz typ docelowy, aby rozpocząć.",
+    "streamingFailedToLoad": "Nie udało się załadować miejsc docelowych",
+    "streamingUnexpectedError": "Wystąpił nieoczekiwany błąd.",
+    "streamingFailedToUpdate": "Nie udało się zaktualizować miejsca docelowego",
+    "streamingDeletedSuccess": "Cel usunięty pomyślnie",
+    "streamingFailedToDelete": "Nie udało się usunąć miejsca docelowego",
+    "streamingDeleteTitle": "Usuń cel",
+    "streamingDeleteButtonText": "Usuń cel",
+    "streamingDeleteDialogAreYouSure": "Czy na pewno chcesz usunąć",
+    "streamingDeleteDialogThisDestination": "ten cel",
+    "streamingDeleteDialogPermanentlyRemoved": "? Wszystkie konfiguracje zostaną trwale usunięte.",
+    "httpDestEditTitle": "Edytuj cel",
+    "httpDestAddTitle": "Dodaj cel HTTP",
+    "httpDestEditDescription": "Aktualizuj konfigurację dla tego celu przesyłania strumieniowego zdarzeń HTTP.",
+    "httpDestAddDescription": "Skonfiguruj nowy punkt końcowy HTTP, aby otrzymywać wydarzenia organizacji.",
+    "S3DestEditTitle": "Edytuj Miejsce Docelowe",
+    "S3DestAddTitle": "Dodaj Miejsce Docelowe S3",
+    "S3DestEditDescription": "Zaktualizuj konfigurację dla tego miejsca docelowego strumieniowego zdarzeń S3.",
+    "S3DestAddDescription": "Skonfiguruj nowy punkt końcowy S3, aby odbierać zdarzenia Twojej organizacji.",
+    "datadogDestEditTitle": "Edytuj Miejsce Docelowe",
+    "datadogDestAddTitle": "Dodaj Miejsce Docelowe Datadog",
+    "datadogDestEditDescription": "Zaktualizuj konfigurację dla tego miejsca docelowego strumieniowego zdarzeń Datadog.",
+    "datadogDestAddDescription": "Skonfiguruj nowy punkt końcowy Datadog, aby odbierać zdarzenia Twojej organizacji.",
+    "httpDestTabSettings": "Ustawienia",
+    "httpDestTabHeaders": "Nagłówki",
+    "httpDestTabBody": "Ciało",
+    "httpDestTabLogs": "Logi",
+    "httpDestNamePlaceholder": "Mój cel HTTP",
+    "httpDestUrlLabel": "Adres docelowy",
+    "httpDestUrlErrorHttpRequired": "Adres URL musi używać http lub https",
+    "httpDestUrlErrorHttpsRequired": "HTTPS jest wymagany dla wdrożenia w chmurze",
+    "httpDestUrlErrorInvalid": "Wprowadź poprawny adres URL (np. https://example.com/webhook)",
+    "httpDestAuthTitle": "Uwierzytelnianie",
+    "httpDestAuthDescription": "Wybierz sposób uwierzytelniania żądań do Twojego punktu końcowego.",
+    "httpDestAuthNoneTitle": "Brak uwierzytelniania",
+    "httpDestAuthNoneDescription": "Wysyła żądania bez nagłówka autoryzacji.",
+    "httpDestAuthBearerTitle": "Token Bearer",
+    "httpDestAuthBearerDescription": "Dodaje nagłówek Authorization: Bearer '<token>' do każdego żądania.",
+    "httpDestAuthBearerPlaceholder": "Twój klucz API lub token",
+    "httpDestAuthBasicTitle": "Podstawowa Autoryzacja",
+    "httpDestAuthBasicDescription": "Dodaje nagłówek Authorization: Basic '<credentials>'. Podaj poświadczenia w formacie użytkownik:hasło.",
+    "httpDestAuthBasicPlaceholder": "Nazwa użytkownika:hasło",
+    "httpDestAuthCustomTitle": "Niestandardowy nagłówek",
+    "httpDestAuthCustomDescription": "Określ niestandardową nazwę nagłówka HTTP i wartość dla uwierzytelniania (np. X-API-Key).",
+    "httpDestAuthCustomHeaderNamePlaceholder": "Nazwa nagłówka (np. klucz X-API)",
+    "httpDestAuthCustomHeaderValuePlaceholder": "Wartość nagłówka",
+    "httpDestCustomHeadersTitle": "Niestandardowe nagłówki HTTP",
+    "httpDestCustomHeadersDescription": "Dodaj własne nagłówki do każdego wychodzącego żądania. Przydatne dla tokenów statycznych lub niestandardowego typu zawartości. Domyślnie Content-Type: aplikacja/json jest wysyłane.",
+    "httpDestNoHeadersConfigured": "Nie skonfigurowano nagłówków niestandardowych. Kliknij \"Dodaj nagłówek\", aby go dodać.",
+    "httpDestHeaderNamePlaceholder": "Nazwa nagłówka",
+    "httpDestHeaderValuePlaceholder": "Wartość",
+    "httpDestAddHeader": "Dodaj nagłówek",
+    "httpDestBodyTemplateTitle": "Własny szablon ciała",
+    "httpDestBodyTemplateDescription": "Kontroluj strukturę JSON wysyłaną do Twojego punktu końcowego. Jeśli wyłączone, dla każdego zdarzenia wysyłany jest domyślny obiekt JSON.",
+    "httpDestEnableBodyTemplate": "Włącz niestandardowy szablon ciała",
+    "httpDestBodyTemplateLabel": "Szablon ciała (JSON)",
+    "httpDestBodyTemplateHint": "Użyj zmiennych szablonu do odniesienia pól zdarzeń w twoim payloadzie.",
+    "httpDestPayloadFormatTitle": "Format obciążenia",
+    "httpDestPayloadFormatDescription": "Jak zdarzenia są serializowane w każdym organie żądania.",
+    "httpDestFormatJsonArrayTitle": "Tablica JSON",
+    "httpDestFormatJsonArrayDescription": "Jedna prośba na partię, treść jest tablicą JSON. Kompatybilna z najbardziej ogólnymi webhookami i Datadog.",
+    "httpDestFormatNdjsonTitle": "NDJSON",
+    "httpDestFormatNdjsonDescription": "Jedno żądanie na partię, ciałem jest plik JSON rozdzielony na newline-delimited - jeden obiekt na wiersz, bez tablicy zewnętrznej. Wymagane przez Splunk HEC, Elastic / OpenSesearch i Grafana Loki.",
+    "httpDestFormatSingleTitle": "Jedno wydarzenie na żądanie",
+    "httpDestFormatSingleDescription": "Wysyła oddzielny POST HTTP dla każdego zdarzenia. Użyj tylko dla punktów końcowych, które nie mogą obsługiwać partii.",
+    "httpDestLogTypesTitle": "Typy logów",
+    "httpDestLogTypesDescription": "Wybierz, które typy logów są przekazywane do tego miejsca docelowego. Tylko włączone typy logów będą strumieniowane.",
+    "httpDestAccessLogsTitle": "Logi dostępu",
+    "httpDestAccessLogsDescription": "Próby dostępu do zasobów, w tym uwierzytelnione i odrzucone żądania.",
+    "httpDestActionLogsTitle": "Dzienniki działań",
+    "httpDestActionLogsDescription": "Działania administracyjne wykonywane przez użytkowników w organizacji.",
+    "httpDestConnectionLogsTitle": "Dzienniki połączeń",
+    "httpDestConnectionLogsDescription": "Zdarzenia związane z miejscem i tunelem, w tym połączenia i rozłączenia.",
+    "httpDestRequestLogsTitle": "Dzienniki żądań",
+    "httpDestRequestLogsDescription": "Logi żądań HTTP dla zasobów proxy, w tym metody, ścieżki i kodu odpowiedzi.",
+    "httpDestSaveChanges": "Zapisz zmiany",
+    "httpDestCreateDestination": "Utwórz cel",
+    "httpDestUpdatedSuccess": "Cel został pomyślnie zaktualizowany",
+    "httpDestCreatedSuccess": "Cel został utworzony pomyślnie",
+    "httpDestUpdateFailed": "Nie udało się zaktualizować miejsca docelowego",
+    "httpDestCreateFailed": "Nie udało się utworzyć miejsca docelowego",
+    "followRedirects": "Podążaj za przekierowaniami",
+    "followRedirectsDescription": "Automatycznie podążaj za przekierowaniami HTTP dla żądań.",
+    "alertingErrorWebhookUrl": "Proszę wprowadzić poprawny URL dla web hooka.",
+    "healthCheckStrategyHttp": "Weryfikuje łączność i sprawdza status odpowiedzi HTTP.",
+    "healthCheckStrategyTcp": "Weryfikuje wyłącznie łączność TCP, bez sprawdzania odpowiedzi.",
+    "healthCheckStrategySnmp": "Wykonuje żądanie SNMP get w celu sprawdzenia stanu urządzeń sieciowych i infrastruktury.",
+    "healthCheckStrategyIcmp": "Używa żądań ICMP echo (pingów), aby sprawdzić, czy zasób jest dostępny i reagujący.",
+    "healthCheckTabStrategy": "Strategia",
+    "healthCheckTabConnection": "Łączenie",
+    "healthCheckTabAdvanced": "Zaawansowane",
+    "healthCheckStrategyNotAvailable": "Strategia ta nie jest dostępna. Skontaktuj się z działem sprzedaży, aby włączyć tę funkcję.",
+    "uptime30d": "Czas działania (30d)",
+    "idpAddActionCreateNew": "Utwórz nowego dostawcę tożsamości",
+    "idpAddActionImportFromOrg": "Importuj z innej organizacji",
+    "idpImportDialogTitle": "Importuj dostawcę tożsamości",
+    "idpImportDialogDescription": "Wybierz dostawcę tożsamości z organizacji, w której jesteś administratorem. Zostanie on powiązany z tą organizacją.",
+    "idpImportSearchPlaceholder": "Szukaj według nazwy organizacji lub dostawcy...",
+    "idpImportEmpty": "Nie znaleziono dostawców tożsamości.",
+    "idpImportedDescription": "Dostawca tożsamości został pomyślnie zaimportowany.",
+    "idpDeleteGlobalQuestion": "Czy na pewno chcesz trwale usunąć tego dostawcę tożsamości?",
+    "idpDeleteGlobalDescription": "Spowoduje to trwałe usunięcie dostawcy tożsamości ze wszystkich organizacji, z którymi jest powiązany.",
+    "idpUnassociateTitle": "Odłącz dostawcę tożsamości",
+    "idpUnassociateQuestion": "Czy na pewno chcesz odłączyć tego dostawcę tożsamości od tej organizacji?",
+    "idpUnassociateDescription": "Wszystkie użytkownicy powiązani z tym dostawcą tożsamości zostaną usunięci z tej organizacji, ale dostawca tożsamości będzie nadal istniał dla innych powiązanych organizacji.",
+    "idpUnassociateConfirm": "Potwierdź odłączenie dostawcy tożsamości",
+    "idpUnassociateWarning": "Tego nie można cofnąć dla tej organizacji.",
+    "idpUnassociatedDescription": "Dostawca tożsamości pomyślnie odłączony od tej organizacji",
+    "idpUnassociateMenu": "Odłącz",
+    "idpDeleteAllOrgsMenu": "Usuń",
+    "publicIpEndpoint": "Koniec punktu pracy",
+    "lastTriggeredAt": "Ostatnie Wyzwolenie",
+    "reject": "Odrzuć",
+    "uptimeDaysAgo": "{count} dni temu",
+    "uptimeToday": "Dzisiaj",
+    "uptimeNoDataAvailable": "Brak danych dostępnych",
+    "uptimeSuffix": "czas pracy",
+    "uptimeDowntimeSuffix": "czas przestoju",
+    "uptimeTooltipUptimeLabel": "Czas pracy",
+    "uptimeTooltipDowntimeLabel": "Czas przestoju",
+    "uptimeOngoing": "w toku",
+    "uptimeNoMonitoringData": "Brak danych monitorowania",
+    "uptimeNoData": "Brak danych",
+    "uptimeMiniBarDown": "Nieaktywny",
+    "uptimeSectionTitle": "Czas pracy",
+    "uptimeSectionDescription": "Dostępność za ostatnie {days} dni",
+    "uptimeAddAlert": "Dodaj Alert",
+    "uptimeViewAlerts": "Zobacz Alerty",
+    "uptimeCreateEmailAlert": "Utwórz Alert Email",
+    "uptimeAlertDescriptionSite": "Otrzymuj powiadomienia e-mail, gdy ta strona jest offline lub wraca online.",
+    "uptimeAlertDescriptionResource": "Otrzymuj powiadomienia e-mail, gdy to zasób jest offline lub wraca online.",
+    "uptimeAlertNamePlaceholder": "Nazwa alertu",
+    "uptimeAdditionalEmails": "Dodatkowe adresy e-mail",
+    "uptimeCreateAlert": "Utwórz Alert",
+    "uptimeAlertNoRecipients": "Brak odbiorców",
+    "uptimeAlertNoRecipientsDescription": "Proszę dodać przynajmniej jednego użytkownika, rolę lub adres email do powiadomienia.",
+    "uptimeAlertCreated": "Alert utworzony",
+    "uptimeAlertCreatedDescription": "Zostaniesz powiadomiony, gdy status się zmieni.",
+    "uptimeAlertCreateFailed": "Nie udało się utworzyć alertu",
+    "webhookUrlLabel": "URL",
+    "webhookHeaderKeyPlaceholder": "Klucz",
+    "webhookHeaderValuePlaceholder": "Wartość",
+    "alertLabel": "Alert",
+    "domainPickerWildcardSubdomainNotAllowed": "Uniwersalne subdomeny nie są dozwolone.",
+    "domainPickerWildcardCertWarning": "Uniwersalne zasoby mogą wymagać dodatkowej konfiguracji, aby działać poprawnie.",
+    "domainPickerWildcardCertWarningLink": "Dowiedz się więcej",
+    "health": "Zdrowie",
+    "domainPendingErrorTitle": "Problem z weryfikacją"
 }