the postiz backend image uses dotenv-cli to load /app/.env, which
doesn't exist when config is only passed via docker environment vars.
generate postiz.env from root .env and mount it read-only. also handle
edge case where docker creates the file as a directory on bind mount
failure, and quote values to prevent dotenv-cli misparses.
load COMPOSE_PROFILES early in 05_configure_services.sh so
is_profile_active guards n8n workflow import and worker config
sections, avoiding confusing prompts for users who don't use n8n
adds appsmith as an optional service with caddy reverse proxy,
auto-generated encryption secrets, wizard selection, welcome page
integration, update preview support, and final report output.
bumps version to 1.3.0.
mount nginx config to conf.d/default.conf instead of
sites-available/default, and set SVR_HTTP_PORT to 9380
(official default) instead of 80 which conflicts with
nginx and causes 502 on api requests
users may mistakenly use https:// for http proxies, which causes
gost to fail connecting to upstream. the protocol refers to proxy
type, not connection security.
docker volume mounts preserve host permissions, and caddy container
may run as different uid than host user, causing certificate read
failures with restrictive (600) permissions.
when accessing welcome page through cloudflare tunnel, caddy was
redirecting http to https, causing an infinite redirect loop.
adding an explicit http block prevents automatic https redirect.
temporal with sql visibility has a hard limit of 3 text search
attributes per namespace. postiz requires more, causing startup
failure. adding elasticsearch enables advanced visibility mode
which removes this limitation.
add temporal and temporal-ui services to the postiz profile for
workflow orchestration. includes caddy reverse proxy with basic
auth, secret generation, and welcome page integration.
- update dashboard navigation to match current cloudflare ui
- add nocodb and welcome page to services table
- add notes explaining external compose files and caddy-served content
adds caddy-addon mechanism for custom certificates when let's encrypt
is not available. includes setup script with interactive wizard,
example configs, and documentation.
adds support for forks that maintain custom changes and need to merge
from upstream instead of resetting. the new GIT_MODE=merge option in
update.sh calls git_merge_from_upstream() which fetches and merges
upstream/main while preserving local commits.
Reformatted CHANGELOG.md to follow keepachangelog.com standard:
- Added [Unreleased] section
- Converted from date-based to version-based format
- Added 38 version entries (v0.1.0 - v2.5.3)
- Added comparison links for all versions
This change supports the awesome-selfhosted PR requirements.
add cidr blocks and port-specific entries to gost_no_proxy to fix
redis connectivity issues when proxy is enabled. different libraries
interpret no_proxy differently, so we now include multiple formats.
also fix open-webui healthcheck to bypass proxy for localhost checks.
- fix credentials counter bug caused by posix sh subshell behavior
- add trap for temp file cleanup on exit
- make import_workflows.sh executable
- add explanatory comments in restart.sh for down/up logic
- extract sleep value to EXTERNAL_SERVICE_INIT_DELAY constant
docker compose resolves relative paths from the first compose file's
directory. when multiple compose files are combined, supabase's
./volumes/logs/vector.yml path resolves from project root instead of
supabase/docker/, causing vector container to fail with "is a directory"
error. this matches the behavior of start_services.py.
- add detailed dns transfer instructions for external providers
- reorder sections: dns config before public hostnames
- add comprehensive tunnel verification steps with cf-ray header check
- add troubleshooting for external dns scenarios
