diff --git a/.dockerignore b/.dockerignore index 816d8ee3..a883e89c 100644 --- a/.dockerignore +++ b/.dockerignore @@ -26,3 +26,6 @@ install/ bruno/ LICENSE CONTRIBUTING.md +dist +.git +config/ \ No newline at end of file diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..196676e9 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,62 @@ +version: 2 +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + groups: + dev-patch-updates: + dependency-type: "development" + update-types: + - "patch" + dev-minor-updates: + dependency-type: "development" + update-types: + - "minor" + prod-patch-updates: + dependency-type: "production" + update-types: + - "patch" + prod-minor-updates: + dependency-type: "production" + update-types: + - "minor" + + - package-ecosystem: "docker" + directory: "/" + schedule: + interval: "daily" + groups: + patch-updates: + update-types: + - "patch" + minor-updates: + update-types: + - "minor" + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + + - package-ecosystem: "gomod" + directory: "/install" + schedule: + interval: "daily" + groups: + dev-patch-updates: + dependency-type: "development" + update-types: + - "patch" + dev-minor-updates: + dependency-type: "development" + update-types: + - "minor" + prod-patch-updates: + dependency-type: "production" + update-types: + - "patch" + prod-minor-updates: + dependency-type: "production" + update-types: + - "minor" \ No newline at end of file diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index bc581582..fb0b516a 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -12,13 +12,13 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Log in to Docker Hub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} @@ -28,9 +28,9 @@ jobs: run: echo "TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV - name: Install Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: - go-version: 1.23.0 + go-version: 1.24 - name: Update version in package.json run: | diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml new file mode 100644 index 00000000..c3db3738 --- /dev/null +++ b/.github/workflows/linting.yml @@ -0,0 +1,34 @@ +name: ESLint + +on: + pull_request: + paths: + - '**/*.js' + - '**/*.jsx' + - '**/*.ts' + - '**/*.tsx' + - '.eslintrc*' + - 'package.json' + - 'yarn.lock' + - 'pnpm-lock.yaml' + - 'package-lock.json' + +jobs: + Linter: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v5 + + - name: Set up Node.js + uses: actions/setup-node@v4 + with: + node-version: '22' + + - name: Install dependencies + run: | + npm ci + + - name: Run ESLint + run: | + npx eslint . --ext .js,.jsx,.ts,.tsx \ No newline at end of file diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 00000000..12316cd7 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,55 @@ +name: Run Tests + +on: + pull_request: + branches: + - main + - dev + +jobs: + test: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v5 + + - uses: actions/setup-node@v4 + with: + node-version: '22' + + - name: Copy config file + run: cp config/config.example.yml config/config.yml + + - name: Install dependencies + run: npm ci + + - name: Create database index.ts + run: echo 'export * from "./sqlite";' > server/db/index.ts + + - name: Generate database migrations + run: npm run db:sqlite:generate + + - name: Apply database migrations + run: npm run db:sqlite:push + + - name: Start app in background + run: nohup npm run dev & + + - name: Wait for app availability + run: | + for i in {1..5}; do + if curl --silent --fail http://localhost:3002/auth/login; then + echo "App is up" + exit 0 + fi + echo "Waiting for the app... attempt $i" + sleep 5 + done + echo "App failed to start" + exit 1 + + - name: Build Docker image sqlite + run: make build-sqlite + + - name: Build Docker image pg + run: make build-pg diff --git a/.gitignore b/.gitignore index cd73cef1..95b1b9be 100644 --- a/.gitignore +++ b/.gitignore @@ -18,6 +18,7 @@ yarn-error.log* next-env.d.ts *.db *.sqlite +!Dockerfile.sqlite *.sqlite3 *.log .machinelogs*.json @@ -25,6 +26,10 @@ next-env.d.ts migrations tsconfig.tsbuildinfo config/config.yml +config/postgres +config/postgres* +config/openapi.yaml +config/key dist .dist installer @@ -32,4 +37,10 @@ installer bin .secrets test_event.json -.idea/ \ No newline at end of file +.idea/ +public/branding +server/db/index.ts +server/build.ts +postgres/ +dynamic/ +certificates/ diff --git a/.nvmrc b/.nvmrc index 209e3ef4..2bd5a0a9 100644 --- a/.nvmrc +++ b/.nvmrc @@ -1 +1 @@ -20 +22 diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 44acedb1..9bd2bc67 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -4,11 +4,7 @@ Contributions are welcome! Please see the contribution and local development guide on the docs page before getting started: -https://docs.fossorial.io/development - -For ideas about what features to work on and our future plans, please see the roadmap: - -https://docs.fossorial.io/roadmap +https://docs.digpangolin.com/development/contributing ### Licensing Considerations diff --git a/Dockerfile b/Dockerfile index 6b2c55aa..996ef057 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,17 +1,26 @@ -FROM node:20-alpine AS builder +FROM node:22-alpine AS builder WORKDIR /app -COPY package.json package-lock.json ./ -RUN npm install +ARG BUILD=oss +ARG DATABASE=sqlite + +# COPY package.json package-lock.json ./ +COPY package*.json ./ +RUN npm ci COPY . . -RUN npx drizzle-kit generate --dialect sqlite --schema ./server/db/schemas/ --out init +RUN echo "export * from \"./$DATABASE\";" > server/db/index.ts -RUN npm run build +RUN echo "export const build = \"$BUILD\" as any;" > server/build.ts -FROM node:20-alpine AS runner +RUN if [ "$DATABASE" = "pg" ]; then npx drizzle-kit generate --dialect postgresql --schema ./server/db/pg/schema.ts --out init; else npx drizzle-kit generate --dialect $DATABASE --schema ./server/db/$DATABASE/schema.ts --out init; fi + +RUN npm run build:$DATABASE +RUN npm run build:cli + +FROM node:22-alpine AS runner WORKDIR /app @@ -19,16 +28,19 @@ WORKDIR /app RUN apk add --no-cache curl # COPY package.json package-lock.json ./ -COPY package.json ./ -RUN npm install --omit=dev && npm cache clean --force +COPY package*.json ./ +RUN npm ci --omit=dev && npm cache clean --force COPY --from=builder /app/.next/standalone ./ COPY --from=builder /app/.next/static ./.next/static COPY --from=builder /app/dist ./dist COPY --from=builder /app/init ./dist/init +COPY ./cli/wrapper.sh /usr/local/bin/pangctl +RUN chmod +x /usr/local/bin/pangctl ./dist/cli.mjs + COPY server/db/names.json ./dist/names.json COPY public ./public -CMD ["npm", "start"] +CMD ["npm", "run", "start"] diff --git a/Dockerfile.dev b/Dockerfile.dev new file mode 100644 index 00000000..c40775c2 --- /dev/null +++ b/Dockerfile.dev @@ -0,0 +1,14 @@ +FROM node:22-alpine + +WORKDIR /app + +COPY package*.json ./ + +# Install dependencies +RUN npm ci + +# Copy source code +COPY . . + +# Use tsx watch for development with hot reload +CMD ["npm", "run", "dev"] diff --git a/LICENSE b/LICENSE index 0e38f56b..0ad25db4 100644 --- a/LICENSE +++ b/LICENSE @@ -1,5 +1,3 @@ -Copyright (c) 2025 Fossorial, LLC. - GNU AFFERO GENERAL PUBLIC LICENSE Version 3, 19 November 2007 diff --git a/Makefile b/Makefile index 793a3481..de67a5f2 100644 --- a/Makefile +++ b/Makefile @@ -1,10 +1,14 @@ +.PHONY: build build-pg build-release build-arm build-x86 test clean + build-release: @if [ -z "$(tag)" ]; then \ - echo "Error: tag is required. Usage: make build-all tag="; \ + echo "Error: tag is required. Usage: make build-release tag="; \ exit 1; \ fi - docker buildx build --platform linux/arm64,linux/amd64 -t fosrl/pangolin:latest -f Dockerfile --push . - docker buildx build --platform linux/arm64,linux/amd64 -t fosrl/pangolin:$(tag) -f Dockerfile --push . + docker buildx build --build-arg DATABASE=sqlite --platform linux/arm64,linux/amd64 -t fosrl/pangolin:latest --push . + docker buildx build --build-arg DATABASE=sqlite --platform linux/arm64,linux/amd64 -t fosrl/pangolin:$(tag) --push . + docker buildx build --build-arg DATABASE=pg --platform linux/arm64,linux/amd64 -t fosrl/pangolin:postgresql-latest --push . + docker buildx build --build-arg DATABASE=pg --platform linux/arm64,linux/amd64 -t fosrl/pangolin:postgresql-$(tag) --push . build-arm: docker buildx build --platform linux/arm64 -t fosrl/pangolin:latest . @@ -12,8 +16,11 @@ build-arm: build-x86: docker buildx build --platform linux/amd64 -t fosrl/pangolin:latest . -build: - docker build -t fosrl/pangolin:latest . +build-sqlite: + docker build --build-arg DATABASE=sqlite -t fosrl/pangolin:latest . + +build-pg: + docker build --build-arg DATABASE=pg -t fosrl/pangolin:postgresql-latest . test: docker run -it -p 3000:3000 -p 3001:3001 -p 3002:3002 -v ./config:/app/config fosrl/pangolin:latest diff --git a/README.md b/README.md index e513a136..287f5e20 100644 --- a/README.md +++ b/README.md @@ -1,28 +1,26 @@
-

pangolin

- -[![Documentation](https://img.shields.io/badge/docs-latest-blue.svg?style=flat-square)](https://docs.fossorial.io/) -[![Docker](https://img.shields.io/docker/pulls/fosrl/pangolin?style=flat-square)](https://hub.docker.com/r/fosrl/pangolin) -![Stars](https://img.shields.io/github/stars/fosrl/pangolin?style=flat-square) -[![Discord](https://img.shields.io/discord/1325658630518865980?logo=discord&style=flat-square)](https://discord.gg/HCJR8Xhme4) -[![Youtube](https://img.shields.io/badge/YouTube-red?logo=youtube&logoColor=white&style=flat-square)](https://www.youtube.com/@fossorial-app) - +

+ + + Pangolin Logo + +

-

Tunneled Mesh Reverse Proxy Server with Access Control

+

Secure gateway to your private networks

-_Your own self-hosted zero trust tunnel._ +_Pangolin tunnels your services to the internet so you can access anything from anywhere._
- + Website | - + Install Guide | @@ -30,13 +28,25 @@ _Your own self-hosted zero trust tunnel._ Contact Us
+ +[![Docker](https://img.shields.io/docker/pulls/fosrl/pangolin?style=flat-square)](https://hub.docker.com/r/fosrl/pangolin) +![Stars](https://img.shields.io/github/stars/fosrl/pangolin?style=flat-square) +[![Discord](https://img.shields.io/discord/1325658630518865980?logo=discord&style=flat-square)](https://discord.gg/HCJR8Xhme4) +[![Youtube](https://img.shields.io/badge/YouTube-red?logo=youtube&logoColor=white&style=flat-square)](https://www.youtube.com/@fossorial-app) +
+

+ + Start testing Pangolin at pangolin.fossorial.io + +

+ Pangolin is a self-hosted tunneled reverse proxy server with identity and access control, designed to securely expose private resources on distributed networks. Acting as a central hub, it connects isolated networks — even those behind restrictive firewalls — through encrypted tunnels, enabling easy access to remote services without opening ports. Preview -_Resources page of Pangolin dashboard (dark mode) showing multiple resources available to connect._ +![gif](public/clip.gif) This is a fork of Pangolin with all proprietary code removed. Proprietary and paywalled features will be reimplemented under the AGPL license. @@ -46,11 +56,14 @@ will be reimplemented under the AGPL license. ### Reverse Proxy Through WireGuard Tunnel - Expose private resources on your network **without opening ports** (firewall punching). -- Secure and easy to configure site-to-site connectivity via a custom **user space WireGuard client**, [Newt](https://github.com/fosrl/newt). +- Secure and easy to configure private connectivity via a custom **user space WireGuard client**, [Newt](https://github.com/fosrl/newt). - Built-in support for any WireGuard client. - Automated **SSL certificates** (https) via [LetsEncrypt](https://letsencrypt.org/). - Support for HTTP/HTTPS and **raw TCP/UDP services**. - Load balancing. +- Extend functionality with existing [Traefik](https://github.com/traefik/traefik) plugins, such as [CrowdSec](https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin) and [Geoblock](https://github.com/PascalMinder/geoblock). + - **Automatically install and configure Crowdsec via Pangolin's installer script.** +- Attach as many sites to the central server as you wish. ### Identity & Access Management @@ -64,89 +77,73 @@ will be reimplemented under the AGPL license. - **Temporary, self-destructing share links.** - Resource specific pin codes. - Resource specific passwords. + - Passkeys - External identity provider (IdP) support with OAuth2/OIDC, such as Authentik, Keycloak, Okta, and others. - Auto-provision users and roles from your IdP. -### Simple Dashboard UI +Auth and diagram -- Manage sites, users, and roles with a clean and intuitive UI. -- Monitor site usage and connectivity. -- Light and dark mode options. -- Mobile friendly. +## Use Cases -### Easy Deployment +### Manage Access to Internal Apps -- Run on any cloud provider or on-premises. -- **Docker Compose based setup** for simplified deployment. -- Future-proof installation script for streamlined setup and feature additions. -- Use any WireGuard client to connect, or use **Newt, our custom user space client** for the best experience. -- Use the API to create custom integrations and scripts. - - Fine-grained access control to the API via scoped API keys. - - Comprehensive Swagger documentation for the API. +- Grant users access to your apps from anywhere using just a web browser. No client software required. -### Modular Design +### Developers and DevOps -- Extend functionality with existing [Traefik](https://github.com/traefik/traefik) plugins, such as [CrowdSec](https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin) and [Geoblock](github.com/PascalMinder/geoblock). - - **Automatically install and configure Crowdsec via Pangolin's installer script.** -- Attach as many sites to the central server as you wish. +- Expose and test internal tools and dashboards like **Grafana**. Bring localhost or private IPs online for easy access. -Collage +### Secure API Gateway -## Deployment and Usage Example +- One application load balancer across multiple clouds and on-premises. -1. **Deploy the Central Server**: +### IoT and Edge Devices - - Deploy the Docker Compose stack onto a VPS hosted on a cloud platform like RackNerd, Amazon EC2, DigitalOcean Droplet, or similar. There are many cheap VPS hosting options available to suit your needs. +- Easily expose **IoT devices**, **edge servers**, or **Raspberry Pi** to the internet for field equipment monitoring. -> [!TIP] -> Many of our users have had a great experience with [RackNerd](https://my.racknerd.com/aff.php?aff=13788). Depending on promotions, you can likely get a **VPS with 1 vCPU, 1GB RAM, and ~20GB SSD for just around $12/year**. That's a great deal! -> We are part of the [RackNerd](https://my.racknerd.com/aff.php?aff=13788) affiliate program, so if you purchase through [our link](https://my.racknerd.com/aff.php?aff=13788), we receive a small commission which helps us maintain the project and keep it free for everyone. +Sites -2. **Domain Configuration**: +## Deployment Options - - Point your domain name to the VPS and configure Pangolin with your preferred settings. +### Fully Self Hosted -3. **Connect Private Sites**: +Host the full application on your own server or on the cloud with a VPS. Take a look at the [documentation](https://docs.digpangolin.com/self-host/quick-install) to get started. - - Install Newt or use another WireGuard client on private sites. - - Automatically establish a connection from these sites to the central server. +> Many of our users have had a great experience with [RackNerd](https://my.racknerd.com/aff.php?aff=13788). Depending on promotions, you can get a [**VPS with 1 vCPU, 1GB RAM, and ~20GB SSD for just around $12/year**](https://my.racknerd.com/aff.php?aff=13788&pid=912). That's a great deal! -4. **Expose Resources**: +### Pangolin Cloud - - Add resources to the central server and configure access control rules. - - Access these resources securely from anywhere. +Easy to use with simple [pay as you go pricing](https://digpangolin.com/pricing). [Check it out here](https://pangolin.fossorial.io/auth/signup). -**Use Case Example - Bypassing Port Restrictions in Home Lab**: - Imagine private sites where the ISP restricts port forwarding. By connecting these sites to Pangolin via WireGuard, you can securely expose HTTP and HTTPS resources on the private network without any networking complexity. +- Everything you get with self hosted Pangolin, but fully managed for you. -**Use Case Example - Deploying Services For Your Business**: -You can use Pangolin as an easy way to expose your business applications to your users behind a safe authentication portal you can integrate into your IdP solution. Expose resources on prem and on the cloud. +### Managed & High Availability -**Use Case Example - IoT Networks**: - IoT networks are often fragmented and difficult to manage. By deploying Pangolin on a central server, you can connect all your IoT sites via Newt or another WireGuard client. This creates a simple, secure, and centralized way to access IoT resources without the need for intricate networking setups. +Managed control plane, your infrastructure -## Similar Projects and Inspirations +- We manage database and control plane. +- You self-host lightweight exit-node. +- Traffic flows through your infra. +- We coordinate failover between your nodes or to Cloud when things go bad. -**Cloudflare Tunnels**: - A similar approach to proxying private resources securely, but Pangolin is a self-hosted alternative, giving you full control over your infrastructure. +Try it out using [Pangolin Cloud](https://pangolin.fossorial.io) -**Authelia**: - This inspired Pangolin’s centralized authentication system for proxies, enabling robust user and role management. +### Full Enterprise On-Premises + +[Contact us](mailto:numbat@fossorial.io) for a full distributed and enterprise deployments on your infrastructure controlled by your team. ## Project Development / Roadmap -> [!NOTE] -> Pangolin is under heavy development. The roadmap is subject to change as we fix bugs, add new features, and make improvements. - -View the [project board](https://github.com/orgs/fosrl/projects/1) for more detailed info. +We want to hear your feature requests! Add them to the [discussion board](https://github.com/orgs/fosrl/discussions/categories/feature-requests). ## Licensing -Pangolin is dual licensed under the AGPL-3 and the Fossorial Commercial license. Please see the [LICENSE](./LICENSE) file in the repository for details. For inquiries about commercial licensing, please contact us at [numbat@fossorial.io](mailto:numbat@fossorial.io). +Pangolin is dual licensed under the AGPL-3 and the Fossorial Commercial license. For inquiries about commercial licensing, please contact us at [numbat@fossorial.io](mailto:numbat@fossorial.io). ## Contributions +Looking for something to contribute? Take a look at issues marked with [help wanted](https://github.com/fosrl/pangolin/issues?q=is%3Aissue%20state%3Aopen%20label%3A%22help%20wanted%22). Also take a look through the freature requests in Discussions - any are available and some are marked as a good first issue. + Please see [CONTRIBUTING](./CONTRIBUTING.md) in the repository for guidelines and best practices. Please post bug reports and other functional issues in the [Issues](https://github.com/fosrl/pangolin/issues) section of the repository. -For all feature requests, or other ideas, please use the [Discussions](https://github.com/orgs/fosrl/discussions) section. diff --git a/bruno/Clients/createClient.bru b/bruno/Clients/createClient.bru new file mode 100644 index 00000000..7577bb28 --- /dev/null +++ b/bruno/Clients/createClient.bru @@ -0,0 +1,22 @@ +meta { + name: createClient + type: http + seq: 1 +} + +put { + url: http://localhost:3000/api/v1/site/1/client + body: json + auth: none +} + +body:json { + { + "siteId": 1, + "name": "test", + "type": "olm", + "subnet": "100.90.129.4/30", + "olmId": "029yzunhx6nh3y5", + "secret": "l0ymp075y3d4rccb25l6sqpgar52k09etunui970qq5gj7x6" + } +} diff --git a/bruno/Clients/pickClientDefaults.bru b/bruno/Clients/pickClientDefaults.bru new file mode 100644 index 00000000..61509c11 --- /dev/null +++ b/bruno/Clients/pickClientDefaults.bru @@ -0,0 +1,11 @@ +meta { + name: pickClientDefaults + type: http + seq: 2 +} + +get { + url: http://localhost:3000/api/v1/site/1/pick-client-defaults + body: none + auth: none +} diff --git a/cli/commands/resetUserSecurityKeys.ts b/cli/commands/resetUserSecurityKeys.ts new file mode 100644 index 00000000..fdae0ebd --- /dev/null +++ b/cli/commands/resetUserSecurityKeys.ts @@ -0,0 +1,72 @@ +import { CommandModule } from "yargs"; +import { db, users, securityKeys } from "@server/db"; +import { eq } from "drizzle-orm"; + +type ResetUserSecurityKeysArgs = { + email: string; +}; + +export const resetUserSecurityKeys: CommandModule< + {}, + ResetUserSecurityKeysArgs +> = { + command: "reset-user-security-keys", + describe: + "Reset a user's security keys (passkeys) by deleting all their webauthn credentials", + builder: (yargs) => { + return yargs.option("email", { + type: "string", + demandOption: true, + describe: "User email address" + }); + }, + handler: async (argv: { email: string }) => { + try { + const { email } = argv; + + console.log(`Looking for user with email: ${email}`); + + // Find the user by email + const [user] = await db + .select() + .from(users) + .where(eq(users.email, email)) + .limit(1); + + if (!user) { + console.error(`User with email '${email}' not found`); + process.exit(1); + } + + console.log(`Found user: ${user.email} (ID: ${user.userId})`); + + // Check if user has any security keys + const userSecurityKeys = await db + .select() + .from(securityKeys) + .where(eq(securityKeys.userId, user.userId)); + + if (userSecurityKeys.length === 0) { + console.log(`User '${email}' has no security keys to reset`); + process.exit(0); + } + + console.log( + `Found ${userSecurityKeys.length} security key(s) for user '${email}'` + ); + + // Delete all security keys for the user + await db + .delete(securityKeys) + .where(eq(securityKeys.userId, user.userId)); + + console.log(`Successfully reset security keys for user '${email}'`); + console.log(`Deleted ${userSecurityKeys.length} security key(s)`); + + process.exit(0); + } catch (error) { + console.error("Error:", error); + process.exit(1); + } + } +}; diff --git a/cli/commands/setAdminCredentials.ts b/cli/commands/setAdminCredentials.ts new file mode 100644 index 00000000..91a6bcf7 --- /dev/null +++ b/cli/commands/setAdminCredentials.ts @@ -0,0 +1,143 @@ +import { CommandModule } from "yargs"; +import { hashPassword, verifyPassword } from "@server/auth/password"; +import { db, resourceSessions, sessions } from "@server/db"; +import { users } from "@server/db"; +import { eq, inArray } from "drizzle-orm"; +import moment from "moment"; +import { fromError } from "zod-validation-error"; +import { passwordSchema } from "@server/auth/passwordSchema"; +import { UserType } from "@server/types/UserTypes"; +import { generateRandomString, RandomReader } from "@oslojs/crypto/random"; + +type SetAdminCredentialsArgs = { + email: string; + password: string; +}; + +export const setAdminCredentials: CommandModule<{}, SetAdminCredentialsArgs> = { + command: "set-admin-credentials", + describe: "Set the server admin credentials", + builder: (yargs) => { + return yargs + .option("email", { + type: "string", + demandOption: true, + describe: "Admin email address" + }) + .option("password", { + type: "string", + demandOption: true, + describe: "Admin password" + }); + }, + handler: async (argv: { email: string; password: string }) => { + try { + const { password } = argv; + let { email } = argv; + email = email.trim().toLowerCase(); + + const parsed = passwordSchema.safeParse(password); + + if (!parsed.success) { + throw Error( + `Invalid server admin password: ${fromError(parsed.error).toString()}` + ); + } + + const passwordHash = await hashPassword(password); + + await db.transaction(async (trx) => { + try { + const [existing] = await trx + .select() + .from(users) + .where(eq(users.serverAdmin, true)); + + if (existing) { + const passwordChanged = !(await verifyPassword( + password, + existing.passwordHash! + )); + + if (passwordChanged) { + await trx + .update(users) + .set({ passwordHash }) + .where(eq(users.userId, existing.userId)); + + await invalidateAllSessions(existing.userId); + console.log("Server admin password updated"); + } + + if (existing.email !== email) { + await trx + .update(users) + .set({ email, username: email }) + .where(eq(users.userId, existing.userId)); + + console.log("Server admin email updated"); + } + } else { + const userId = generateId(15); + + await trx.update(users).set({ serverAdmin: false }); + + await db.insert(users).values({ + userId: userId, + email: email, + type: UserType.Internal, + username: email, + passwordHash, + dateCreated: moment().toISOString(), + serverAdmin: true, + emailVerified: true + }); + + console.log("Server admin created"); + } + } catch (e) { + console.error("Failed to set admin credentials", e); + trx.rollback(); + throw e; + } + }); + + console.log("Admin credentials updated successfully"); + process.exit(0); + } catch (error) { + console.error("Error:", error); + process.exit(1); + } + } +}; + +export async function invalidateAllSessions(userId: string): Promise { + try { + await db.transaction(async (trx) => { + const userSessions = await trx + .select() + .from(sessions) + .where(eq(sessions.userId, userId)); + await trx.delete(resourceSessions).where( + inArray( + resourceSessions.userSessionId, + userSessions.map((s) => s.sessionId) + ) + ); + await trx.delete(sessions).where(eq(sessions.userId, userId)); + }); + } catch (e) { + console.log("Failed to all invalidate user sessions", e); + } +} + +const random: RandomReader = { + read(bytes: Uint8Array): void { + crypto.getRandomValues(bytes); + } +}; + +export function generateId(length: number): string { + const alphabet = "abcdefghijklmnopqrstuvwxyz0123456789"; + return generateRandomString(random, alphabet, length); +} diff --git a/cli/index.ts b/cli/index.ts new file mode 100644 index 00000000..f9e884cc --- /dev/null +++ b/cli/index.ts @@ -0,0 +1,13 @@ +#!/usr/bin/env node + +import yargs from "yargs"; +import { hideBin } from "yargs/helpers"; +import { setAdminCredentials } from "@cli/commands/setAdminCredentials"; +import { resetUserSecurityKeys } from "@cli/commands/resetUserSecurityKeys"; + +yargs(hideBin(process.argv)) + .scriptName("pangctl") + .command(setAdminCredentials) + .command(resetUserSecurityKeys) + .demandCommand() + .help().argv; diff --git a/cli/wrapper.sh b/cli/wrapper.sh new file mode 100644 index 00000000..0f65092b --- /dev/null +++ b/cli/wrapper.sh @@ -0,0 +1,3 @@ +#!/bin/sh +cd /app/ +./dist/cli.mjs "$@" diff --git a/config/config.example.yml b/config/config.example.yml index 7b5c144d..fcb7edde 100644 --- a/config/config.example.yml +++ b/config/config.example.yml @@ -1,54 +1,28 @@ # To see all available options, please visit the docs: -# https://docs.fossorial.io/Pangolin/Configuration/config +# https://docs.digpangolin.com/self-host/advanced/config-file app: - dashboard_url: "http://localhost:3002" - log_level: "info" - save_logs: false + dashboard_url: http://localhost:3002 + log_level: debug domains: - domain1: - base_domain: "example.com" - cert_resolver: "letsencrypt" + domain1: + base_domain: example.com server: - external_port: 3000 - internal_port: 3001 - next_port: 3002 - internal_hostname: "pangolin" - session_cookie_name: "p_session_token" - resource_access_token_param: "p_token" - secret: "your_secret_key_here" - resource_access_token_headers: - id: "P-Access-Token-Id" - token: "P-Access-Token" - resource_session_request_param: "p_session_request" - -traefik: - http_entrypoint: "web" - https_entrypoint: "websecure" + secret: my_secret_key gerbil: - start_port: 51820 - base_endpoint: "localhost" - block_size: 24 - site_block_size: 30 - subnet_group: 100.89.137.0/20 - use_subdomain: true + base_endpoint: example.com -rate_limits: - global: - window_minutes: 1 - max_requests: 500 - -users: - server_admin: - email: "admin@example.com" - password: "Password123!" +orgs: + block_size: 24 + subnet_group: 100.90.137.0/20 flags: - require_email_verification: false - disable_signup_without_invite: true - disable_user_create_org: true - allow_raw_resources: true - allow_base_domain_resources: true + require_email_verification: false + disable_signup_without_invite: true + disable_user_create_org: true + allow_raw_resources: true + enable_integration_api: true + enable_clients: true diff --git a/config/traefik/dynamic_config.yml b/config/traefik/dynamic_config.yml new file mode 100644 index 00000000..8fcf8e55 --- /dev/null +++ b/config/traefik/dynamic_config.yml @@ -0,0 +1,53 @@ +http: + middlewares: + redirect-to-https: + redirectScheme: + scheme: https + + routers: + # HTTP to HTTPS redirect router + main-app-router-redirect: + rule: "Host(`{{.DashboardDomain}}`)" + service: next-service + entryPoints: + - web + middlewares: + - redirect-to-https + + # Next.js router (handles everything except API and WebSocket paths) + next-router: + rule: "Host(`{{.DashboardDomain}}`) && !PathPrefix(`/api/v1`)" + service: next-service + entryPoints: + - websecure + tls: + certResolver: letsencrypt + + # API router (handles /api/v1 paths) + api-router: + rule: "Host(`{{.DashboardDomain}}`) && PathPrefix(`/api/v1`)" + service: api-service + entryPoints: + - websecure + tls: + certResolver: letsencrypt + + # WebSocket router + ws-router: + rule: "Host(`{{.DashboardDomain}}`)" + service: api-service + entryPoints: + - websecure + tls: + certResolver: letsencrypt + + services: + next-service: + loadBalancer: + servers: + - url: "http://pangolin:3002" # Next.js server + + api-service: + loadBalancer: + servers: + - url: "http://pangolin:3000" # API/WebSocket server diff --git a/config/traefik/traefik_config.yml b/config/traefik/traefik_config.yml new file mode 100644 index 00000000..43ea97be --- /dev/null +++ b/config/traefik/traefik_config.yml @@ -0,0 +1,34 @@ +api: + insecure: true + dashboard: true + +providers: + file: + directory: "/var/dynamic" + watch: true + +experimental: + plugins: + badger: + moduleName: "github.com/fosrl/badger" + version: "v1.2.0" + +log: + level: "DEBUG" + format: "common" + maxSize: 100 + maxBackups: 3 + maxAge: 3 + compress: true + +entryPoints: + web: + address: ":80" + websecure: + address: ":9443" + transport: + respondingTimeouts: + readTimeout: "30m" + +serversTransport: + insecureSkipVerify: true diff --git a/crowdin.yml b/crowdin.yml new file mode 100644 index 00000000..6787087e --- /dev/null +++ b/crowdin.yml @@ -0,0 +1,3 @@ +files: + - source: /messages/en-US.json + translation: /messages/%locale%.json \ No newline at end of file diff --git a/docker-compose.example.yml b/docker-compose.example.yml index 973d27fa..28097f32 100644 --- a/docker-compose.example.yml +++ b/docker-compose.example.yml @@ -22,8 +22,7 @@ services: command: - --reachableAt=http://gerbil:3003 - --generateAndSaveKeyTo=/var/config/key - - --remoteConfig=http://pangolin:3001/api/v1/gerbil/get-config - - --reportBandwidthTo=http://pangolin:3001/api/v1/gerbil/receive-bandwidth + - --remoteConfig=http://pangolin:3001/api/v1/ volumes: - ./config/:/var/config cap_add: @@ -31,11 +30,12 @@ services: - SYS_MODULE ports: - 51820:51820/udp + - 21820:21820/udp - 443:443 # Port for traefik because of the network_mode - 80:80 # Port for traefik because of the network_mode traefik: - image: traefik:v3.3.3 + image: traefik:v3.5 container_name: traefik restart: unless-stopped network_mode: service:gerbil # Ports appear on the gerbil service @@ -51,4 +51,5 @@ services: networks: default: driver: bridge - name: pangolin \ No newline at end of file + name: pangolin + enable_ipv6: true \ No newline at end of file diff --git a/docker-compose.pg.yml b/docker-compose.pg.yml new file mode 100644 index 00000000..ee50d328 --- /dev/null +++ b/docker-compose.pg.yml @@ -0,0 +1,14 @@ +services: + # PostgreSQL Service + db: + image: postgres:17 # Use the PostgreSQL 17 image + container_name: dev_postgres # Name your PostgreSQL container + environment: + POSTGRES_DB: postgres # Default database name + POSTGRES_USER: postgres # Default user + POSTGRES_PASSWORD: password # Default password (change for production!) + volumes: + - ./config/postgres:/var/lib/postgresql/data + ports: + - "5432:5432" # Map host port 5432 to container port 5432 + restart: no diff --git a/docker-compose.t.yml b/docker-compose.t.yml new file mode 100644 index 00000000..1c7716dd --- /dev/null +++ b/docker-compose.t.yml @@ -0,0 +1,32 @@ +name: pangolin +services: + gerbil: + image: gerbil + container_name: gerbil + network_mode: host + restart: unless-stopped + command: + - --reachableAt=http://localhost:3003 + - --generateAndSaveKeyTo=/var/config/key + - --remoteConfig=http://localhost:3001/api/v1/ + - --sni-port=443 + volumes: + - ./config/:/var/config + cap_add: + - NET_ADMIN + - SYS_MODULE + + traefik: + image: docker.io/traefik:v3.4.1 + container_name: traefik + restart: unless-stopped + network_mode: host + command: + - --configFile=/etc/traefik/traefik_config.yml + volumes: + - ./config/traefik:/etc/traefik:ro # Volume to store the Traefik configuration + - ./config/letsencrypt:/letsencrypt # Volume to store the Let's Encrypt certificates + - ./config/traefik/logs:/var/log/traefik # Volume to store Traefik logs + - ./certificates:/var/certificates:ro + - ./dynamic:/var/dynamic:ro + diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 00000000..09b150d7 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,30 @@ +services: + # Development application service + app: + build: + context: . + dockerfile: Dockerfile.dev + container_name: dev_pangolin + ports: + - "3000:3000" + - "3001:3001" + - "3002:3002" + - "3003:3003" + environment: + - NODE_ENV=development + - ENVIRONMENT=dev + - DB_TYPE=pg + volumes: + # Mount source code for hot reload + - ./src:/app/src + - ./server:/app/server + - ./public:/app/public + - ./messages:/app/messages + - ./components.json:/app/components.json + - ./next.config.mjs:/app/next.config.mjs + - ./tsconfig.json:/app/tsconfig.json + - ./tailwind.config.js:/app/tailwind.config.js + - ./postcss.config.mjs:/app/postcss.config.mjs + - ./eslint.config.js:/app/eslint.config.js + - ./config:/app/config + restart: no diff --git a/drizzle.pg.config.ts b/drizzle.pg.config.ts new file mode 100644 index 00000000..4d1f1e43 --- /dev/null +++ b/drizzle.pg.config.ts @@ -0,0 +1,12 @@ +import { defineConfig } from "drizzle-kit"; +import path from "path"; + +export default defineConfig({ + dialect: "postgresql", + schema: [path.join("server", "db", "pg", "schema.ts")], + out: path.join("server", "migrations"), + verbose: true, + dbCredentials: { + url: process.env.DATABASE_URL as string + } +}); diff --git a/drizzle.config.ts b/drizzle.sqlite.config.ts similarity index 83% rename from drizzle.config.ts rename to drizzle.sqlite.config.ts index dcfc55c6..94574a89 100644 --- a/drizzle.config.ts +++ b/drizzle.sqlite.config.ts @@ -4,7 +4,7 @@ import path from "path"; export default defineConfig({ dialect: "sqlite", - schema: path.join("server", "db", "schemas"), + schema: path.join("server", "db", "sqlite", "schema.ts"), out: path.join("server", "migrations"), verbose: true, dbCredentials: { diff --git a/esbuild.mjs b/esbuild.mjs index 48a2fb31..d76c0753 100644 --- a/esbuild.mjs +++ b/esbuild.mjs @@ -63,8 +63,8 @@ esbuild packagePath: getPackagePaths(), }), ], - sourcemap: true, - target: "node20", + sourcemap: "external", + target: "node22", }) .then(() => { console.log("Build completed successfully"); diff --git a/eslint.config.js b/eslint.config.js index 71dc862c..dfc194bc 100644 --- a/eslint.config.js +++ b/eslint.config.js @@ -1,9 +1,19 @@ -// eslint.config.js -export default [ - { - rules: { - semi: "error", - "prefer-const": "error" - } +import tseslint from 'typescript-eslint'; + +export default tseslint.config({ + files: ["**/*.{ts,tsx,js,jsx}"], + languageOptions: { + parser: tseslint.parser, + parserOptions: { + ecmaVersion: "latest", + sourceType: "module", + ecmaFeatures: { + jsx: true + } } -]; + }, + rules: { + "semi": "error", + "prefer-const": "warn" + } +}); \ No newline at end of file diff --git a/install/Makefile b/install/Makefile index 9bde02cf..8b65cadd 100644 --- a/install/Makefile +++ b/install/Makefile @@ -1,4 +1,5 @@ all: update-versions go-build-release put-back +dev-all: dev-update-versions dev-build dev-clean go-build-release: CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o bin/installer_linux_amd64 @@ -11,6 +12,12 @@ clean: update-versions: @echo "Fetching latest versions..." cp main.go main.go.bak && \ + $(MAKE) dev-update-versions + +put-back: + mv main.go.bak main.go + +dev-update-versions: PANGOLIN_VERSION=$$(curl -s https://api.github.com/repos/fosrl/pangolin/tags | jq -r '.[0].name') && \ GERBIL_VERSION=$$(curl -s https://api.github.com/repos/fosrl/gerbil/tags | jq -r '.[0].name') && \ BADGER_VERSION=$$(curl -s https://api.github.com/repos/fosrl/badger/tags | jq -r '.[0].name') && \ @@ -20,5 +27,11 @@ update-versions: sed -i "s/config.BadgerVersion = \".*\"/config.BadgerVersion = \"$$BADGER_VERSION\"/" main.go && \ echo "Updated main.go with latest versions" -put-back: - mv main.go.bak main.go \ No newline at end of file +dev-build: go-build-release + +dev-clean: + @echo "Restoring version values ..." + sed -i "s/config.PangolinVersion = \".*\"/config.PangolinVersion = \"replaceme\"/" main.go && \ + sed -i "s/config.GerbilVersion = \".*\"/config.GerbilVersion = \"replaceme\"/" main.go && \ + sed -i "s/config.BadgerVersion = \".*\"/config.BadgerVersion = \"replaceme\"/" main.go + @echo "Restored version strings in main.go" diff --git a/install/config.go b/install/config.go index 3be62601..e75dd50d 100644 --- a/install/config.go +++ b/install/config.go @@ -37,15 +37,28 @@ type DynamicConfig struct { } `yaml:"http"` } -// ConfigValues holds the extracted configuration values -type ConfigValues struct { +// TraefikConfigValues holds the extracted configuration values +type TraefikConfigValues struct { DashboardDomain string LetsEncryptEmail string BadgerVersion string } +// AppConfig represents the app section of the config.yml +type AppConfig struct { + App struct { + DashboardURL string `yaml:"dashboard_url"` + LogLevel string `yaml:"log_level"` + } `yaml:"app"` +} + +type AppConfigValues struct { + DashboardURL string + LogLevel string +} + // ReadTraefikConfig reads and extracts values from Traefik configuration files -func ReadTraefikConfig(mainConfigPath, dynamicConfigPath string) (*ConfigValues, error) { +func ReadTraefikConfig(mainConfigPath string) (*TraefikConfigValues, error) { // Read main config file mainConfigData, err := os.ReadFile(mainConfigPath) if err != nil { @@ -57,48 +70,33 @@ func ReadTraefikConfig(mainConfigPath, dynamicConfigPath string) (*ConfigValues, return nil, fmt.Errorf("error parsing main config file: %w", err) } - // Read dynamic config file - dynamicConfigData, err := os.ReadFile(dynamicConfigPath) - if err != nil { - return nil, fmt.Errorf("error reading dynamic config file: %w", err) - } - - var dynamicConfig DynamicConfig - if err := yaml.Unmarshal(dynamicConfigData, &dynamicConfig); err != nil { - return nil, fmt.Errorf("error parsing dynamic config file: %w", err) - } - // Extract values - values := &ConfigValues{ + values := &TraefikConfigValues{ BadgerVersion: mainConfig.Experimental.Plugins.Badger.Version, LetsEncryptEmail: mainConfig.CertificatesResolvers.LetsEncrypt.Acme.Email, } - // Extract DashboardDomain from router rules - // Look for it in the main router rules - for _, router := range dynamicConfig.HTTP.Routers { - if router.Rule != "" { - // Extract domain from Host(`mydomain.com`) - if domain := extractDomainFromRule(router.Rule); domain != "" { - values.DashboardDomain = domain - break - } - } - } - return values, nil } -// extractDomainFromRule extracts the domain from a router rule -func extractDomainFromRule(rule string) string { - // Look for the Host(`mydomain.com`) pattern - if start := findPattern(rule, "Host(`"); start != -1 { - end := findPattern(rule[start:], "`)") - if end != -1 { - return rule[start+6 : start+end] - } +func ReadAppConfig(configPath string) (*AppConfigValues, error) { + // Read config file + configData, err := os.ReadFile(configPath) + if err != nil { + return nil, fmt.Errorf("error reading config file: %w", err) } - return "" + + var appConfig AppConfig + if err := yaml.Unmarshal(configData, &appConfig); err != nil { + return nil, fmt.Errorf("error parsing config file: %w", err) + } + + values := &AppConfigValues{ + DashboardURL: appConfig.App.DashboardURL, + LogLevel: appConfig.App.LogLevel, + } + + return values, nil } // findPattern finds the start of a pattern in a string diff --git a/install/config/config.yml b/install/config/config.yml index f7d4552d..7d8ac865 100644 --- a/install/config/config.yml +++ b/install/config/config.yml @@ -1,10 +1,18 @@ # To see all available options, please visit the docs: -# https://docs.fossorial.io/Pangolin/Configuration/config +# https://docs.digpangolin.com/self-host/advanced/config-file +gerbil: + start_port: 51820 + base_endpoint: "{{.DashboardDomain}}" +{{if .HybridMode}} +managed: + id: "{{.HybridId}}" + secret: "{{.HybridSecret}}" + +{{else}} app: dashboard_url: "https://{{.DashboardDomain}}" log_level: "info" - save_logs: false domains: domain1: @@ -12,40 +20,12 @@ domains: cert_resolver: "letsencrypt" server: - external_port: 3000 - internal_port: 3001 - next_port: 3002 - internal_hostname: "pangolin" - session_cookie_name: "p_session_token" - resource_access_token_param: "p_token" - resource_access_token_headers: - id: "P-Access-Token-Id" - token: "P-Access-Token" - resource_session_request_param: "p_session_request" - secret: {{.Secret}} + secret: "{{.Secret}}" cors: origins: ["https://{{.DashboardDomain}}"] methods: ["GET", "POST", "PUT", "DELETE", "PATCH"] - headers: ["X-CSRF-Token", "Content-Type"] + allowed_headers: ["X-CSRF-Token", "Content-Type"] credentials: false - -traefik: - cert_resolver: "letsencrypt" - http_entrypoint: "web" - https_entrypoint: "websecure" - -gerbil: - start_port: 51820 - base_endpoint: "{{.DashboardDomain}}" - use_subdomain: false - block_size: 24 - site_block_size: 30 - subnet_group: 100.89.137.0/20 - -rate_limits: - global: - window_minutes: 1 - max_requests: 500 {{if .EnableEmail}} email: smtp_host: "{{.EmailSMTPHost}}" @@ -54,14 +34,9 @@ email: smtp_pass: "{{.EmailSMTPPass}}" no_reply: "{{.EmailNoReply}}" {{end}} -users: - server_admin: - email: "{{.AdminUserEmail}}" - password: "{{.AdminUserPassword}}" - flags: require_email_verification: {{.EnableEmail}} - disable_signup_without_invite: {{.DisableSignupWithoutInvite}} - disable_user_create_org: {{.DisableUserCreateOrg}} + disable_signup_without_invite: true + disable_user_create_org: false allow_raw_resources: true - allow_base_domain_resources: true +{{end}} diff --git a/install/config/crowdsec/docker-compose.yml b/install/config/crowdsec/docker-compose.yml index 28470d14..17289ef2 100644 --- a/install/config/crowdsec/docker-compose.yml +++ b/install/config/crowdsec/docker-compose.yml @@ -1,6 +1,6 @@ services: crowdsec: - image: crowdsecurity/crowdsec:latest + image: docker.io/crowdsecurity/crowdsec:latest container_name: crowdsec environment: GID: "1000" diff --git a/install/config/crowdsec/profiles.yaml b/install/config/crowdsec/profiles.yaml index 3796b47f..5781cf62 100644 --- a/install/config/crowdsec/profiles.yaml +++ b/install/config/crowdsec/profiles.yaml @@ -22,4 +22,4 @@ filters: decisions: - type: ban duration: 4h -on_success: break \ No newline at end of file +on_success: break diff --git a/install/config/crowdsec/traefik_config.yml b/install/config/crowdsec/traefik_config.yml index f16e9c60..198693ef 100644 --- a/install/config/crowdsec/traefik_config.yml +++ b/install/config/crowdsec/traefik_config.yml @@ -16,11 +16,15 @@ experimental: version: "{{.BadgerVersion}}" crowdsec: # CrowdSec plugin configuration added moduleName: "github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin" - version: "v1.4.2" + version: "v1.4.4" log: level: "INFO" format: "json" # Log format changed to json for better parsing + maxSize: 100 + maxBackups: 3 + maxAge: 3 + compress: true accessLog: # We enable access logs as json filePath: "/var/log/traefik/access.log" diff --git a/install/config/docker-compose.yml b/install/config/docker-compose.yml index 6c1a3755..97b30317 100644 --- a/install/config/docker-compose.yml +++ b/install/config/docker-compose.yml @@ -1,11 +1,13 @@ name: pangolin services: pangolin: - image: fosrl/pangolin:{{.PangolinVersion}} + image: docker.io/fosrl/pangolin:{{.PangolinVersion}} container_name: pangolin restart: unless-stopped volumes: - ./config:/app/config + - pangolin-data:/var/certificates + - pangolin-data:/var/dynamic healthcheck: test: ["CMD", "curl", "-f", "http://localhost:3001/api/v1/"] interval: "10s" @@ -13,7 +15,7 @@ services: retries: 15 {{if .InstallGerbil}} gerbil: - image: fosrl/gerbil:{{.GerbilVersion}} + image: docker.io/fosrl/gerbil:{{.GerbilVersion}} container_name: gerbil restart: unless-stopped depends_on: @@ -22,8 +24,7 @@ services: command: - --reachableAt=http://gerbil:3003 - --generateAndSaveKeyTo=/var/config/key - - --remoteConfig=http://pangolin:3001/api/v1/gerbil/get-config - - --reportBandwidthTo=http://pangolin:3001/api/v1/gerbil/receive-bandwidth + - --remoteConfig=http://pangolin:3001/api/v1/ volumes: - ./config/:/var/config cap_add: @@ -31,11 +32,12 @@ services: - SYS_MODULE ports: - 51820:51820/udp - - 443:443 # Port for traefik because of the network_mode - - 80:80 # Port for traefik because of the network_mode + - 21820:21820/udp + - 443:{{if .HybridMode}}8443{{else}}443{{end}} + - 80:80 {{end}} traefik: - image: traefik:v3.3.6 + image: docker.io/traefik:v3.5 container_name: traefik restart: unless-stopped {{if .InstallGerbil}} @@ -54,8 +56,15 @@ services: - ./config/traefik:/etc/traefik:ro # Volume to store the Traefik configuration - ./config/letsencrypt:/letsencrypt # Volume to store the Let's Encrypt certificates - ./config/traefik/logs:/var/log/traefik # Volume to store Traefik logs + # Shared volume for certificates and dynamic config in file mode + - pangolin-data:/var/certificates:ro + - pangolin-data:/var/dynamic:ro networks: default: driver: bridge - name: pangolin \ No newline at end of file + name: pangolin +{{if .EnableIPv6}} enable_ipv6: true{{end}} + +volumes: + pangolin-data: diff --git a/install/config/traefik/traefik_config.yml b/install/config/traefik/traefik_config.yml index 40507c24..8bb5aa6c 100644 --- a/install/config/traefik/traefik_config.yml +++ b/install/config/traefik/traefik_config.yml @@ -3,12 +3,17 @@ api: dashboard: true providers: +{{if not .HybridMode}} http: endpoint: "http://pangolin:3001/api/v1/traefik-config" pollInterval: "5s" file: filename: "/etc/traefik/dynamic_config.yml" - +{{else}} + file: + directory: "/var/dynamic" + watch: true +{{end}} experimental: plugins: badger: @@ -18,7 +23,11 @@ experimental: log: level: "INFO" format: "common" - + maxSize: 100 + maxBackups: 3 + maxAge: 3 + compress: true +{{if not .HybridMode}} certificatesResolvers: letsencrypt: acme: @@ -27,18 +36,25 @@ certificatesResolvers: email: "{{.LetsEncryptEmail}}" storage: "/letsencrypt/acme.json" caServer: "https://acme-v02.api.letsencrypt.org/directory" - +{{end}} entryPoints: web: address: ":80" websecure: address: ":443" +{{if .HybridMode}} proxyProtocol: + trustedIPs: + - 0.0.0.0/0 + - ::1/128{{end}} transport: respondingTimeouts: readTimeout: "30m" - http: +{{if not .HybridMode}} http: tls: - certResolver: "letsencrypt" + certResolver: "letsencrypt"{{end}} serversTransport: insecureSkipVerify: true + +ping: + entryPoint: "web" \ No newline at end of file diff --git a/install/containers.go b/install/containers.go new file mode 100644 index 00000000..cea3a6ef --- /dev/null +++ b/install/containers.go @@ -0,0 +1,332 @@ +package main + +import ( + "bytes" + "fmt" + "os" + "os/exec" + "os/user" + "runtime" + "strconv" + "strings" + "time" +) + +func waitForContainer(containerName string, containerType SupportedContainer) error { + maxAttempts := 30 + retryInterval := time.Second * 2 + + for attempt := 0; attempt < maxAttempts; attempt++ { + // Check if container is running + cmd := exec.Command(string(containerType), "container", "inspect", "-f", "{{.State.Running}}", containerName) + var out bytes.Buffer + cmd.Stdout = &out + + if err := cmd.Run(); err != nil { + // If the container doesn't exist or there's another error, wait and retry + time.Sleep(retryInterval) + continue + } + + isRunning := strings.TrimSpace(out.String()) == "true" + if isRunning { + return nil + } + + // Container exists but isn't running yet, wait and retry + time.Sleep(retryInterval) + } + + return fmt.Errorf("container %s did not start within %v seconds", containerName, maxAttempts*int(retryInterval.Seconds())) +} + +func installDocker() error { + // Detect Linux distribution + cmd := exec.Command("cat", "/etc/os-release") + output, err := cmd.Output() + if err != nil { + return fmt.Errorf("failed to detect Linux distribution: %v", err) + } + osRelease := string(output) + + // Detect system architecture + archCmd := exec.Command("uname", "-m") + archOutput, err := archCmd.Output() + if err != nil { + return fmt.Errorf("failed to detect system architecture: %v", err) + } + arch := strings.TrimSpace(string(archOutput)) + + // Map architecture to Docker's architecture naming + var dockerArch string + switch arch { + case "x86_64": + dockerArch = "amd64" + case "aarch64": + dockerArch = "arm64" + default: + return fmt.Errorf("unsupported architecture: %s", arch) + } + + var installCmd *exec.Cmd + switch { + case strings.Contains(osRelease, "ID=ubuntu"): + installCmd = exec.Command("bash", "-c", fmt.Sprintf(` + apt-get update && + apt-get install -y apt-transport-https ca-certificates curl software-properties-common && + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg && + echo "deb [arch=%s signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list && + apt-get update && + apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin + `, dockerArch)) + case strings.Contains(osRelease, "ID=debian"): + installCmd = exec.Command("bash", "-c", fmt.Sprintf(` + apt-get update && + apt-get install -y apt-transport-https ca-certificates curl software-properties-common && + curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg && + echo "deb [arch=%s signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list && + apt-get update && + apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin + `, dockerArch)) + case strings.Contains(osRelease, "ID=fedora"): + // Detect Fedora version to handle DNF 5 changes + versionCmd := exec.Command("bash", "-c", "grep VERSION_ID /etc/os-release | cut -d'=' -f2 | tr -d '\"'") + versionOutput, err := versionCmd.Output() + var fedoraVersion int + if err == nil { + if v, parseErr := strconv.Atoi(strings.TrimSpace(string(versionOutput))); parseErr == nil { + fedoraVersion = v + } + } + + // Use appropriate DNF syntax based on version + var repoCmd string + if fedoraVersion >= 41 { + // DNF 5 syntax for Fedora 41+ + repoCmd = "dnf config-manager addrepo --from-repofile=https://download.docker.com/linux/fedora/docker-ce.repo" + } else { + // DNF 4 syntax for Fedora < 41 + repoCmd = "dnf config-manager --add-repo https://download.docker.com/linux/fedora/docker-ce.repo" + } + + installCmd = exec.Command("bash", "-c", fmt.Sprintf(` + dnf -y install dnf-plugins-core && + %s && + dnf install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin + `, repoCmd)) + case strings.Contains(osRelease, "ID=opensuse") || strings.Contains(osRelease, "ID=\"opensuse-"): + installCmd = exec.Command("bash", "-c", ` + zypper install -y docker docker-compose && + systemctl enable docker + `) + case strings.Contains(osRelease, "ID=rhel") || strings.Contains(osRelease, "ID=\"rhel"): + installCmd = exec.Command("bash", "-c", ` + dnf remove -y runc && + dnf -y install yum-utils && + dnf config-manager --add-repo https://download.docker.com/linux/rhel/docker-ce.repo && + dnf install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin && + systemctl enable docker + `) + case strings.Contains(osRelease, "ID=amzn"): + installCmd = exec.Command("bash", "-c", ` + yum update -y && + yum install -y docker && + systemctl enable docker && + usermod -a -G docker ec2-user + `) + default: + return fmt.Errorf("unsupported Linux distribution") + } + + installCmd.Stdout = os.Stdout + installCmd.Stderr = os.Stderr + return installCmd.Run() +} + +func startDockerService() error { + if runtime.GOOS == "linux" { + cmd := exec.Command("systemctl", "enable", "--now", "docker") + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + return cmd.Run() + } else if runtime.GOOS == "darwin" { + // On macOS, Docker is usually started via the Docker Desktop application + fmt.Println("Please start Docker Desktop manually on macOS.") + return nil + } + return fmt.Errorf("unsupported operating system for starting Docker service") +} + +func isDockerInstalled() bool { + return isContainerInstalled("docker") +} + +func isPodmanInstalled() bool { + return isContainerInstalled("podman") && isContainerInstalled("podman-compose") +} + +func isContainerInstalled(container string) bool { + cmd := exec.Command(container, "--version") + if err := cmd.Run(); err != nil { + return false + } + return true +} + +func isUserInDockerGroup() bool { + if runtime.GOOS == "darwin" { + // Docker group is not applicable on macOS + // So we assume that the user can run Docker commands + return true + } + + if os.Geteuid() == 0 { + return true // Root user can run Docker commands anyway + } + + // Check if the current user is in the docker group + if dockerGroup, err := user.LookupGroup("docker"); err == nil { + if currentUser, err := user.Current(); err == nil { + if currentUserGroupIds, err := currentUser.GroupIds(); err == nil { + for _, groupId := range currentUserGroupIds { + if groupId == dockerGroup.Gid { + return true + } + } + } + } + } + + // Eventually, if any of the checks fail, we assume the user cannot run Docker commands + return false +} + +// isDockerRunning checks if the Docker daemon is running by using the `docker info` command. +func isDockerRunning() bool { + cmd := exec.Command("docker", "info") + if err := cmd.Run(); err != nil { + return false + } + return true +} + +// executeDockerComposeCommandWithArgs executes the appropriate docker command with arguments supplied +func executeDockerComposeCommandWithArgs(args ...string) error { + var cmd *exec.Cmd + var useNewStyle bool + + if !isDockerInstalled() { + return fmt.Errorf("docker is not installed") + } + + checkCmd := exec.Command("docker", "compose", "version") + if err := checkCmd.Run(); err == nil { + useNewStyle = true + } else { + checkCmd = exec.Command("docker-compose", "version") + if err := checkCmd.Run(); err == nil { + useNewStyle = false + } else { + return fmt.Errorf("neither 'docker compose' nor 'docker-compose' command is available") + } + } + + if useNewStyle { + cmd = exec.Command("docker", append([]string{"compose"}, args...)...) + } else { + cmd = exec.Command("docker-compose", args...) + } + + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + return cmd.Run() +} + +// pullContainers pulls the containers using the appropriate command. +func pullContainers(containerType SupportedContainer) error { + fmt.Println("Pulling the container images...") + if containerType == Podman { + if err := run("podman-compose", "-f", "docker-compose.yml", "pull"); err != nil { + return fmt.Errorf("failed to pull the containers: %v", err) + } + + return nil + } + + if containerType == Docker { + if err := executeDockerComposeCommandWithArgs("-f", "docker-compose.yml", "pull", "--policy", "always"); err != nil { + return fmt.Errorf("failed to pull the containers: %v", err) + } + + return nil + } + + return fmt.Errorf("Unsupported container type: %s", containerType) +} + +// startContainers starts the containers using the appropriate command. +func startContainers(containerType SupportedContainer) error { + fmt.Println("Starting containers...") + + if containerType == Podman { + if err := run("podman-compose", "-f", "docker-compose.yml", "up", "-d", "--force-recreate"); err != nil { + return fmt.Errorf("failed start containers: %v", err) + } + + return nil + } + + if containerType == Docker { + if err := executeDockerComposeCommandWithArgs("-f", "docker-compose.yml", "up", "-d", "--force-recreate"); err != nil { + return fmt.Errorf("failed to start containers: %v", err) + } + + return nil + } + + return fmt.Errorf("Unsupported container type: %s", containerType) +} + +// stopContainers stops the containers using the appropriate command. +func stopContainers(containerType SupportedContainer) error { + fmt.Println("Stopping containers...") + if containerType == Podman { + if err := run("podman-compose", "-f", "docker-compose.yml", "down"); err != nil { + return fmt.Errorf("failed to stop containers: %v", err) + } + + return nil + } + + if containerType == Docker { + if err := executeDockerComposeCommandWithArgs("-f", "docker-compose.yml", "down"); err != nil { + return fmt.Errorf("failed to stop containers: %v", err) + } + + return nil + } + + return fmt.Errorf("Unsupported container type: %s", containerType) +} + +// restartContainer restarts a specific container using the appropriate command. +func restartContainer(container string, containerType SupportedContainer) error { + fmt.Println("Restarting containers...") + if containerType == Podman { + if err := run("podman-compose", "-f", "docker-compose.yml", "restart"); err != nil { + return fmt.Errorf("failed to stop the container \"%s\": %v", container, err) + } + + return nil + } + + if containerType == Docker { + if err := executeDockerComposeCommandWithArgs("-f", "docker-compose.yml", "restart", container); err != nil { + return fmt.Errorf("failed to stop the container \"%s\": %v", container, err) + } + + return nil + } + + return fmt.Errorf("Unsupported container type: %s", containerType) +} diff --git a/install/crowdsec.go b/install/crowdsec.go index c17bf540..2e388e92 100644 --- a/install/crowdsec.go +++ b/install/crowdsec.go @@ -13,7 +13,7 @@ import ( func installCrowdsec(config Config) error { - if err := stopContainers(); err != nil { + if err := stopContainers(config.InstallationContainerType); err != nil { return fmt.Errorf("failed to stop containers: %v", err) } @@ -72,12 +72,12 @@ func installCrowdsec(config Config) error { os.Exit(1) } - if err := startContainers(); err != nil { + if err := startContainers(config.InstallationContainerType); err != nil { return fmt.Errorf("failed to start containers: %v", err) } // get API key - apiKey, err := GetCrowdSecAPIKey() + apiKey, err := GetCrowdSecAPIKey(config.InstallationContainerType) if err != nil { return fmt.Errorf("failed to get API key: %v", err) } @@ -87,7 +87,7 @@ func installCrowdsec(config Config) error { return fmt.Errorf("failed to replace bouncer key: %v", err) } - if err := restartContainer("traefik"); err != nil { + if err := restartContainer("traefik", config.InstallationContainerType); err != nil { return fmt.Errorf("failed to restart containers: %v", err) } @@ -110,9 +110,9 @@ func checkIsCrowdsecInstalledInCompose() bool { return bytes.Contains(content, []byte("crowdsec:")) } -func GetCrowdSecAPIKey() (string, error) { +func GetCrowdSecAPIKey(containerType SupportedContainer) (string, error) { // First, ensure the container is running - if err := waitForContainer("crowdsec"); err != nil { + if err := waitForContainer("crowdsec", containerType); err != nil { return "", fmt.Errorf("waiting for container: %w", err) } diff --git a/install/go.mod b/install/go.mod index 1d12aa12..b12f9ef4 100644 --- a/install/go.mod +++ b/install/go.mod @@ -1,10 +1,10 @@ module installer -go 1.23.0 +go 1.24 require ( - golang.org/x/term v0.28.0 + golang.org/x/term v0.34.0 gopkg.in/yaml.v3 v3.0.1 ) -require golang.org/x/sys v0.29.0 // indirect +require golang.org/x/sys v0.35.0 // indirect diff --git a/install/go.sum b/install/go.sum index 169165e4..320762f0 100644 --- a/install/go.sum +++ b/install/go.sum @@ -1,7 +1,7 @@ -golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= -golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.28.0 h1:/Ts8HFuMR2E6IP/jlo7QVLZHggjKQbhu/7H0LJFr3Gg= -golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek= +golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI= +golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= +golang.org/x/term v0.34.0 h1:O/2T7POpk0ZZ7MAzMeWFSg6S5IpWd/RXDlM9hgM3DR4= +golang.org/x/term v0.34.0/go.mod h1:5jC53AEywhIVebHgPVeg0mj8OD3VO9OzclacVrqpaAw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= diff --git a/install/input.go b/install/input.go new file mode 100644 index 00000000..cf8fd7a3 --- /dev/null +++ b/install/input.go @@ -0,0 +1,74 @@ +package main + +import ( + "bufio" + "fmt" + "strings" + "syscall" + + "golang.org/x/term" +) + +func readString(reader *bufio.Reader, prompt string, defaultValue string) string { + if defaultValue != "" { + fmt.Printf("%s (default: %s): ", prompt, defaultValue) + } else { + fmt.Print(prompt + ": ") + } + input, _ := reader.ReadString('\n') + input = strings.TrimSpace(input) + if input == "" { + return defaultValue + } + return input +} + +func readStringNoDefault(reader *bufio.Reader, prompt string) string { + fmt.Print(prompt + ": ") + input, _ := reader.ReadString('\n') + return strings.TrimSpace(input) +} + +func readPassword(prompt string, reader *bufio.Reader) string { + if term.IsTerminal(int(syscall.Stdin)) { + fmt.Print(prompt + ": ") + // Read password without echo if we're in a terminal + password, err := term.ReadPassword(int(syscall.Stdin)) + fmt.Println() // Add a newline since ReadPassword doesn't add one + if err != nil { + return "" + } + input := strings.TrimSpace(string(password)) + if input == "" { + return readPassword(prompt, reader) + } + return input + } else { + // Fallback to reading from stdin if not in a terminal + return readString(reader, prompt, "") + } +} + +func readBool(reader *bufio.Reader, prompt string, defaultValue bool) bool { + defaultStr := "no" + if defaultValue { + defaultStr = "yes" + } + input := readString(reader, prompt+" (yes/no)", defaultStr) + return strings.ToLower(input) == "yes" +} + +func readBoolNoDefault(reader *bufio.Reader, prompt string) bool { + input := readStringNoDefault(reader, prompt+" (yes/no)") + return strings.ToLower(input) == "yes" +} + +func readInt(reader *bufio.Reader, prompt string, defaultValue int) int { + input := readString(reader, prompt, fmt.Sprintf("%d", defaultValue)) + if input == "" { + return defaultValue + } + value := defaultValue + fmt.Sscanf(input, "%d", &value) + return value +} diff --git a/install/input.txt b/install/input.txt index 9bca8081..12df39d7 100644 --- a/install/input.txt +++ b/install/input.txt @@ -1,5 +1,7 @@ +docker example.com pangolin.example.com +yes admin@example.com yes admin@example.com diff --git a/install/main.go b/install/main.go index abb67acd..1d684b51 100644 --- a/install/main.go +++ b/install/main.go @@ -7,18 +7,15 @@ import ( "fmt" "io" "io/fs" + "math/rand" "os" "os/exec" "path/filepath" "runtime" "strings" - "syscall" "text/template" "time" - "unicode" - "math/rand" - - "golang.org/x/term" + "net" ) // DO NOT EDIT THIS FUNCTION; IT MATCHED BY REGEX IN CICD @@ -32,46 +29,88 @@ func loadVersions(config *Config) { var configFiles embed.FS type Config struct { - PangolinVersion string - GerbilVersion string - BadgerVersion string - BaseDomain string - DashboardDomain string - LetsEncryptEmail string - AdminUserEmail string - AdminUserPassword string - DisableSignupWithoutInvite bool - DisableUserCreateOrg bool - EnableEmail bool - EmailSMTPHost string - EmailSMTPPort int - EmailSMTPUser string - EmailSMTPPass string - EmailNoReply string - InstallGerbil bool - TraefikBouncerKey string - DoCrowdsecInstall bool - Secret string + InstallationContainerType SupportedContainer + PangolinVersion string + GerbilVersion string + BadgerVersion string + BaseDomain string + DashboardDomain string + EnableIPv6 bool + LetsEncryptEmail string + EnableEmail bool + EmailSMTPHost string + EmailSMTPPort int + EmailSMTPUser string + EmailSMTPPass string + EmailNoReply string + InstallGerbil bool + TraefikBouncerKey string + DoCrowdsecInstall bool + Secret string + HybridMode bool + HybridId string + HybridSecret string } -func main() { - reader := bufio.NewReader(os.Stdin) +type SupportedContainer string - // check if the user is root - if os.Geteuid() != 0 { - fmt.Println("This script must be run as root") - os.Exit(1) +const ( + Docker SupportedContainer = "docker" + Podman SupportedContainer = "podman" +) + +func main() { + + // print a banner about prerequisites - opening port 80, 443, 51820, and 21820 on the VPS and firewall and pointing your domain to the VPS IP with a records. Docs are at http://localhost:3000/Getting%20Started/dns-networking + + fmt.Println("Welcome to the Pangolin installer!") + fmt.Println("This installer will help you set up Pangolin on your server.") + fmt.Println("\nPlease make sure you have the following prerequisites:") + fmt.Println("- Open TCP ports 80 and 443 and UDP ports 51820 and 21820 on your VPS and firewall.") + fmt.Println("\nLets get started!") + + if os.Geteuid() == 0 { // WE NEED TO BE SUDO TO CHECK THIS + for _, p := range []int{80, 443} { + if err := checkPortsAvailable(p); err != nil { + fmt.Fprintln(os.Stderr, err) + + fmt.Printf("Please close any services on ports 80/443 in order to run the installation smoothly") + os.Exit(1) + } + } } + reader := bufio.NewReader(os.Stdin) + var config Config - config.DoCrowdsecInstall = false - config.Secret = generateRandomSecretKey() // check if there is already a config file if _, err := os.Stat("config/config.yml"); err != nil { config = collectUserInput(reader) loadVersions(&config) + config.DoCrowdsecInstall = false + config.Secret = generateRandomSecretKey() + + fmt.Println("\n=== Generating Configuration Files ===") + + // If the secret and id are not generated then generate them + if config.HybridMode && (config.HybridId == "" || config.HybridSecret == "") { + // fmt.Println("Requesting hybrid credentials from cloud...") + credentials, err := requestHybridCredentials() + if err != nil { + fmt.Printf("Error requesting hybrid credentials: %v\n", err) + fmt.Println("Please obtain credentials manually from the dashboard and run the installer again.") + os.Exit(1) + } + config.HybridId = credentials.RemoteExitNodeId + config.HybridSecret = credentials.Secret + fmt.Printf("Your managed credentials have been obtained successfully.\n") + fmt.Printf(" ID: %s\n", config.HybridId) + fmt.Printf(" Secret: %s\n", config.HybridSecret) + fmt.Println("Take these to the Pangolin dashboard https://pangolin.fossorial.io to adopt your node.") + readBool(reader, "Have you adopted your node?", true) + } if err := createConfigFiles(config); err != nil { fmt.Printf("Error creating config files: %v\n", err) @@ -80,44 +119,77 @@ func main() { moveFile("config/docker-compose.yml", "docker-compose.yml") - if !isDockerInstalled() && runtime.GOOS == "linux" { - if readBool(reader, "Docker is not installed. Would you like to install it?", true) { - installDocker() - } - } + fmt.Println("\nConfiguration files created successfully!") fmt.Println("\n=== Starting installation ===") - if isDockerInstalled() { - if readBool(reader, "Would you like to install and start the containers?", true) { - if err := pullContainers(); err != nil { - fmt.Println("Error: ", err) - return - } + if readBool(reader, "Would you like to install and start the containers?", true) { - if err := startContainers(); err != nil { - fmt.Println("Error: ", err) - return + config.InstallationContainerType = podmanOrDocker(reader) + + if !isDockerInstalled() && runtime.GOOS == "linux" && config.InstallationContainerType == Docker { + if readBool(reader, "Docker is not installed. Would you like to install it?", true) { + installDocker() + // try to start docker service but ignore errors + if err := startDockerService(); err != nil { + fmt.Println("Error starting Docker service:", err) + } else { + fmt.Println("Docker service started successfully!") + } + // wait 10 seconds for docker to start checking if docker is running every 2 seconds + fmt.Println("Waiting for Docker to start...") + for i := 0; i < 5; i++ { + if isDockerRunning() { + fmt.Println("Docker is running!") + break + } + fmt.Println("Docker is not running yet, waiting...") + time.Sleep(2 * time.Second) + } + if !isDockerRunning() { + fmt.Println("Docker is still not running after 10 seconds. Please check the installation.") + os.Exit(1) + } + fmt.Println("Docker installed successfully!") } } + + if err := pullContainers(config.InstallationContainerType); err != nil { + fmt.Println("Error: ", err) + return + } + + if err := startContainers(config.InstallationContainerType); err != nil { + fmt.Println("Error: ", err) + return + } } + } else { - fmt.Println("Looks like you already installed, so I am going to do the setup...") + fmt.Println("Looks like you already installed Pangolin!") } - if !checkIsCrowdsecInstalledInCompose() { + if !checkIsCrowdsecInstalledInCompose() && !checkIsPangolinInstalledWithHybrid() { fmt.Println("\n=== CrowdSec Install ===") // check if crowdsec is installed if readBool(reader, "Would you like to install CrowdSec?", false) { fmt.Println("This installer constitutes a minimal viable CrowdSec deployment. CrowdSec will add extra complexity to your Pangolin installation and may not work to the best of its abilities out of the box. Users are expected to implement configuration adjustments on their own to achieve the best security posture. Consult the CrowdSec documentation for detailed configuration instructions.") + + // BUG: crowdsec installation will be skipped if the user chooses to install on the first installation. if readBool(reader, "Are you willing to manage CrowdSec?", false) { if config.DashboardDomain == "" { - traefikConfig, err := ReadTraefikConfig("config/traefik/traefik_config.yml", "config/traefik/dynamic_config.yml") + traefikConfig, err := ReadTraefikConfig("config/traefik/traefik_config.yml") if err != nil { fmt.Printf("Error reading config: %v\n", err) return } - config.DashboardDomain = traefikConfig.DashboardDomain + appConfig, err := ReadAppConfig("config/config.yml") + if err != nil { + fmt.Printf("Error reading config: %v\n", err) + return + } + + config.DashboardDomain = appConfig.DashboardURL config.LetsEncryptEmail = traefikConfig.LetsEncryptEmail config.BadgerVersion = traefikConfig.BadgerVersion @@ -138,60 +210,97 @@ func main() { } } - fmt.Println("Installation complete!") -} + if !config.HybridMode { + // Setup Token Section + fmt.Println("\n=== Setup Token ===") -func readString(reader *bufio.Reader, prompt string, defaultValue string) string { - if defaultValue != "" { - fmt.Printf("%s (default: %s): ", prompt, defaultValue) - } else { - fmt.Print(prompt + ": ") - } - input, _ := reader.ReadString('\n') - input = strings.TrimSpace(input) - if input == "" { - return defaultValue - } - return input -} - -func readPassword(prompt string, reader *bufio.Reader) string { - if term.IsTerminal(int(syscall.Stdin)) { - fmt.Print(prompt + ": ") - // Read password without echo if we're in a terminal - password, err := term.ReadPassword(int(syscall.Stdin)) - fmt.Println() // Add a newline since ReadPassword doesn't add one - if err != nil { - return "" + // Check if containers were started during this installation + containersStarted := false + if (isDockerInstalled() && config.InstallationContainerType == Docker) || + (isPodmanInstalled() && config.InstallationContainerType == Podman) { + // Try to fetch and display the token if containers are running + containersStarted = true + printSetupToken(config.InstallationContainerType, config.DashboardDomain) } - input := strings.TrimSpace(string(password)) - if input == "" { - return readPassword(prompt, reader) + + // If containers weren't started or token wasn't found, show instructions + if !containersStarted { + showSetupTokenInstructions(config.InstallationContainerType, config.DashboardDomain) } - return input + } + + fmt.Println("\nInstallation complete!") + + if !config.HybridMode && !checkIsPangolinInstalledWithHybrid() { + fmt.Printf("\nTo complete the initial setup, please visit:\nhttps://%s/auth/initial-setup\n", config.DashboardDomain) + } +} + +func podmanOrDocker(reader *bufio.Reader) SupportedContainer { + inputContainer := readString(reader, "Would you like to run Pangolin as Docker or Podman containers?", "docker") + + chosenContainer := Docker + if strings.EqualFold(inputContainer, "docker") { + chosenContainer = Docker + } else if strings.EqualFold(inputContainer, "podman") { + chosenContainer = Podman } else { - // Fallback to reading from stdin if not in a terminal - return readString(reader, prompt, "") + fmt.Printf("Unrecognized container type: %s. Valid options are 'docker' or 'podman'.\n", inputContainer) + os.Exit(1) } -} -func readBool(reader *bufio.Reader, prompt string, defaultValue bool) bool { - defaultStr := "no" - if defaultValue { - defaultStr = "yes" - } - input := readString(reader, prompt+" (yes/no)", defaultStr) - return strings.ToLower(input) == "yes" -} + if chosenContainer == Podman { + if !isPodmanInstalled() { + fmt.Println("Podman or podman-compose is not installed. Please install both manually. Automated installation will be available in a later release.") + os.Exit(1) + } -func readInt(reader *bufio.Reader, prompt string, defaultValue int) int { - input := readString(reader, prompt, fmt.Sprintf("%d", defaultValue)) - if input == "" { - return defaultValue + if err := exec.Command("bash", "-c", "cat /etc/sysctl.conf | grep 'net.ipv4.ip_unprivileged_port_start='").Run(); err != nil { + fmt.Println("Would you like to configure ports >= 80 as unprivileged ports? This enables podman containers to listen on low-range ports.") + fmt.Println("Pangolin will experience startup issues if this is not configured, because it needs to listen on port 80/443 by default.") + approved := readBool(reader, "The installer is about to execute \"echo 'net.ipv4.ip_unprivileged_port_start=80' >> /etc/sysctl.conf && sysctl -p\". Approve?", true) + if approved { + if os.Geteuid() != 0 { + fmt.Println("You need to run the installer as root for such a configuration.") + os.Exit(1) + } + + // Podman containers are not able to listen on privileged ports. The official recommendation is to + // container low-range ports as unprivileged ports. + // Linux only. + + if err := run("bash", "-c", "echo 'net.ipv4.ip_unprivileged_port_start=80' >> /etc/sysctl.conf && sysctl -p"); err != nil { + fmt.Sprintf("failed to configure unprivileged ports: %v.\n", err) + os.Exit(1) + } + } else { + fmt.Println("You need to configure port forwarding or adjust the listening ports before running pangolin.") + } + } else { + fmt.Println("Unprivileged ports have been configured.") + } + + } else if chosenContainer == Docker { + // check if docker is not installed and the user is root + if !isDockerInstalled() { + if os.Geteuid() != 0 { + fmt.Println("Docker is not installed. Please install Docker manually or run this installer as root.") + os.Exit(1) + } + } + + // check if the user is in the docker group (linux only) + if !isUserInDockerGroup() { + fmt.Println("You are not in the docker group.") + fmt.Println("The installer will not be able to run docker commands without running it as root.") + os.Exit(1) + } + } else { + // This shouldn't happen unless there's a third container runtime. + os.Exit(1) } - value := defaultValue - fmt.Sscanf(input, "%d", &value) - return value + + return chosenContainer } func collectUserInput(reader *bufio.Reader) Config { @@ -199,119 +308,77 @@ func collectUserInput(reader *bufio.Reader) Config { // Basic configuration fmt.Println("\n=== Basic Configuration ===") - config.BaseDomain = readString(reader, "Enter your base domain (no subdomain e.g. example.com)", "") - config.DashboardDomain = readString(reader, "Enter the domain for the Pangolin dashboard", "pangolin."+config.BaseDomain) - config.LetsEncryptEmail = readString(reader, "Enter email for Let's Encrypt certificates", "") - config.InstallGerbil = readBool(reader, "Do you want to use Gerbil to allow tunneled connections", true) - - // Admin user configuration - fmt.Println("\n=== Admin User Configuration ===") - config.AdminUserEmail = readString(reader, "Enter admin user email", "admin@"+config.BaseDomain) for { - pass1 := readPassword("Create admin user password", reader) - pass2 := readPassword("Confirm admin user password", reader) + response := readString(reader, "Do you want to install Pangolin as a cloud-managed (beta) node? (yes/no)", "") + if strings.EqualFold(response, "yes") || strings.EqualFold(response, "y") { + config.HybridMode = true + break + } else if strings.EqualFold(response, "no") || strings.EqualFold(response, "n") { + config.HybridMode = false + break + } + fmt.Println("Please answer 'yes' or 'no'") + } - if pass1 != pass2 { - fmt.Println("Passwords do not match") - } else { - config.AdminUserPassword = pass1 - if valid, message := validatePassword(config.AdminUserPassword); valid { - break - } else { - fmt.Println("Invalid password:", message) - fmt.Println("Password requirements:") - fmt.Println("- At least one uppercase English letter") - fmt.Println("- At least one lowercase English letter") - fmt.Println("- At least one digit") - fmt.Println("- At least one special character") - } + if config.HybridMode { + alreadyHaveCreds := readBool(reader, "Do you already have credentials from the dashboard? If not, we will create them later", false) + + if alreadyHaveCreds { + config.HybridId = readString(reader, "Enter your ID", "") + config.HybridSecret = readString(reader, "Enter your secret", "") + } + + config.DashboardDomain = readString(reader, "The public addressable IP address for this node or a domain pointing to it", "") + config.InstallGerbil = true + } else { + config.BaseDomain = readString(reader, "Enter your base domain (no subdomain e.g. example.com)", "") + + // Set default dashboard domain after base domain is collected + defaultDashboardDomain := "" + if config.BaseDomain != "" { + defaultDashboardDomain = "pangolin." + config.BaseDomain + } + config.DashboardDomain = readString(reader, "Enter the domain for the Pangolin dashboard", defaultDashboardDomain) + config.LetsEncryptEmail = readString(reader, "Enter email for Let's Encrypt certificates", "") + config.InstallGerbil = readBool(reader, "Do you want to use Gerbil to allow tunneled connections", true) + + // Email configuration + fmt.Println("\n=== Email Configuration ===") + config.EnableEmail = readBool(reader, "Enable email functionality (SMTP)", false) + + if config.EnableEmail { + config.EmailSMTPHost = readString(reader, "Enter SMTP host", "") + config.EmailSMTPPort = readInt(reader, "Enter SMTP port (default 587)", 587) + config.EmailSMTPUser = readString(reader, "Enter SMTP username", "") + config.EmailSMTPPass = readString(reader, "Enter SMTP password", "") // Should this be readPassword? + config.EmailNoReply = readString(reader, "Enter no-reply email address", "") + } + + // Validate required fields + if config.BaseDomain == "" { + fmt.Println("Error: Domain name is required") + os.Exit(1) + } + if config.LetsEncryptEmail == "" { + fmt.Println("Error: Let's Encrypt email is required") + os.Exit(1) } } - // Security settings - fmt.Println("\n=== Security Settings ===") - config.DisableSignupWithoutInvite = readBool(reader, "Disable signup without invite", true) - config.DisableUserCreateOrg = readBool(reader, "Disable users from creating organizations", false) + // Advanced configuration - // Email configuration - fmt.Println("\n=== Email Configuration ===") - config.EnableEmail = readBool(reader, "Enable email functionality", false) + fmt.Println("\n=== Advanced Configuration ===") - if config.EnableEmail { - config.EmailSMTPHost = readString(reader, "Enter SMTP host", "") - config.EmailSMTPPort = readInt(reader, "Enter SMTP port (default 587)", 587) - config.EmailSMTPUser = readString(reader, "Enter SMTP username", "") - config.EmailSMTPPass = readString(reader, "Enter SMTP password", "") - config.EmailNoReply = readString(reader, "Enter no-reply email address", "") - } + config.EnableIPv6 = readBool(reader, "Is your server IPv6 capable?", true) - // Validate required fields - if config.BaseDomain == "" { - fmt.Println("Error: Domain name is required") - os.Exit(1) - } if config.DashboardDomain == "" { fmt.Println("Error: Dashboard Domain name is required") os.Exit(1) } - if config.LetsEncryptEmail == "" { - fmt.Println("Error: Let's Encrypt email is required") - os.Exit(1) - } - if config.AdminUserEmail == "" || config.AdminUserPassword == "" { - fmt.Println("Error: Admin user email and password are required") - os.Exit(1) - } return config } -func validatePassword(password string) (bool, string) { - if len(password) == 0 { - return false, "Password cannot be empty" - } - - var ( - hasUpper bool - hasLower bool - hasDigit bool - hasSpecial bool - ) - - for _, char := range password { - switch { - case unicode.IsUpper(char): - hasUpper = true - case unicode.IsLower(char): - hasLower = true - case unicode.IsDigit(char): - hasDigit = true - case unicode.IsPunct(char) || unicode.IsSymbol(char): - hasSpecial = true - } - } - - var missing []string - if !hasUpper { - missing = append(missing, "an uppercase letter") - } - if !hasLower { - missing = append(missing, "a lowercase letter") - } - if !hasDigit { - missing = append(missing, "a digit") - } - if !hasSpecial { - missing = append(missing, "a special character") - } - - if len(missing) > 0 { - return false, fmt.Sprintf("Password must contain %s", strings.Join(missing, ", ")) - } - - return true, "" -} - func createConfigFiles(config Config) error { os.MkdirAll("config", 0755) os.MkdirAll("config/letsencrypt", 0755) @@ -337,6 +404,11 @@ func createConfigFiles(config Config) error { return nil } + // the hybrid does not need the dynamic config + if config.HybridMode && strings.Contains(path, "dynamic_config.yml") { + return nil + } + // skip .DS_Store if strings.Contains(path, ".DS_Store") { return nil @@ -381,7 +453,6 @@ func createConfigFiles(config Config) error { return nil }) - if err != nil { return fmt.Errorf("error walking config files: %v", err) } @@ -389,171 +460,6 @@ func createConfigFiles(config Config) error { return nil } -func installDocker() error { - // Detect Linux distribution - cmd := exec.Command("cat", "/etc/os-release") - output, err := cmd.Output() - if err != nil { - return fmt.Errorf("failed to detect Linux distribution: %v", err) - } - osRelease := string(output) - - // Detect system architecture - archCmd := exec.Command("uname", "-m") - archOutput, err := archCmd.Output() - if err != nil { - return fmt.Errorf("failed to detect system architecture: %v", err) - } - arch := strings.TrimSpace(string(archOutput)) - - // Map architecture to Docker's architecture naming - var dockerArch string - switch arch { - case "x86_64": - dockerArch = "amd64" - case "aarch64": - dockerArch = "arm64" - default: - return fmt.Errorf("unsupported architecture: %s", arch) - } - - var installCmd *exec.Cmd - switch { - case strings.Contains(osRelease, "ID=ubuntu"): - installCmd = exec.Command("bash", "-c", fmt.Sprintf(` - apt-get update && - apt-get install -y apt-transport-https ca-certificates curl software-properties-common && - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg && - echo "deb [arch=%s signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list && - apt-get update && - apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin - `, dockerArch)) - case strings.Contains(osRelease, "ID=debian"): - installCmd = exec.Command("bash", "-c", fmt.Sprintf(` - apt-get update && - apt-get install -y apt-transport-https ca-certificates curl software-properties-common && - curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg && - echo "deb [arch=%s signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list && - apt-get update && - apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin - `, dockerArch)) - case strings.Contains(osRelease, "ID=fedora"): - installCmd = exec.Command("bash", "-c", ` - dnf -y install dnf-plugins-core && - dnf config-manager --add-repo https://download.docker.com/linux/fedora/docker-ce.repo && - dnf install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin - `) - case strings.Contains(osRelease, "ID=opensuse") || strings.Contains(osRelease, "ID=\"opensuse-"): - installCmd = exec.Command("bash", "-c", ` - zypper install -y docker docker-compose && - systemctl enable docker - `) - case strings.Contains(osRelease, "ID=rhel") || strings.Contains(osRelease, "ID=\"rhel"): - installCmd = exec.Command("bash", "-c", ` - dnf remove -y runc && - dnf -y install yum-utils && - dnf config-manager --add-repo https://download.docker.com/linux/rhel/docker-ce.repo && - dnf install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin && - systemctl enable docker - `) - case strings.Contains(osRelease, "ID=amzn"): - installCmd = exec.Command("bash", "-c", ` - yum update -y && - yum install -y docker && - systemctl enable docker && - usermod -a -G docker ec2-user - `) - default: - return fmt.Errorf("unsupported Linux distribution") - } - installCmd.Stdout = os.Stdout - installCmd.Stderr = os.Stderr - return installCmd.Run() -} - -func isDockerInstalled() bool { - cmd := exec.Command("docker", "--version") - if err := cmd.Run(); err != nil { - return false - } - return true -} - -// executeDockerComposeCommandWithArgs executes the appropriate docker command with arguments supplied -func executeDockerComposeCommandWithArgs(args ...string) error { - var cmd *exec.Cmd - var useNewStyle bool - - if !isDockerInstalled() { - return fmt.Errorf("docker is not installed") - } - - checkCmd := exec.Command("docker", "compose", "version") - if err := checkCmd.Run(); err == nil { - useNewStyle = true - } else { - checkCmd = exec.Command("docker-compose", "version") - if err := checkCmd.Run(); err == nil { - useNewStyle = false - } else { - return fmt.Errorf("neither 'docker compose' nor 'docker-compose' command is available") - } - } - - if useNewStyle { - cmd = exec.Command("docker", append([]string{"compose"}, args...)...) - } else { - cmd = exec.Command("docker-compose", args...) - } - - cmd.Stdout = os.Stdout - cmd.Stderr = os.Stderr - return cmd.Run() -} - -// pullContainers pulls the containers using the appropriate command. -func pullContainers() error { - fmt.Println("Pulling the container images...") - - if err := executeDockerComposeCommandWithArgs("-f", "docker-compose.yml", "pull", "--policy", "always"); err != nil { - return fmt.Errorf("failed to pull the containers: %v", err) - } - - return nil -} - -// startContainers starts the containers using the appropriate command. -func startContainers() error { - fmt.Println("Starting containers...") - if err := executeDockerComposeCommandWithArgs("-f", "docker-compose.yml", "up", "-d", "--force-recreate"); err != nil { - return fmt.Errorf("failed to start containers: %v", err) - } - - return nil -} - -// stopContainers stops the containers using the appropriate command. -func stopContainers() error { - fmt.Println("Stopping containers...") - - if err := executeDockerComposeCommandWithArgs("-f", "docker-compose.yml", "down"); err != nil { - return fmt.Errorf("failed to stop containers: %v", err) - } - - return nil -} - -// restartContainer restarts a specific container using the appropriate command. -func restartContainer(container string) error { - fmt.Println("Restarting containers...") - - if err := executeDockerComposeCommandWithArgs("-f", "docker-compose.yml", "restart", container); err != nil { - return fmt.Errorf("failed to stop the container \"%s\": %v", container, err) - } - - return nil -} - func copyFile(src, dst string) error { source, err := os.Open(src) if err != nil { @@ -579,32 +485,89 @@ func moveFile(src, dst string) error { return os.Remove(src) } -func waitForContainer(containerName string) error { - maxAttempts := 30 - retryInterval := time.Second * 2 +func printSetupToken(containerType SupportedContainer, dashboardDomain string) { + fmt.Println("Waiting for Pangolin to generate setup token...") - for attempt := 0; attempt < maxAttempts; attempt++ { - // Check if container is running - cmd := exec.Command("docker", "container", "inspect", "-f", "{{.State.Running}}", containerName) - var out bytes.Buffer - cmd.Stdout = &out - - if err := cmd.Run(); err != nil { - // If the container doesn't exist or there's another error, wait and retry - time.Sleep(retryInterval) - continue - } - - isRunning := strings.TrimSpace(out.String()) == "true" - if isRunning { - return nil - } - - // Container exists but isn't running yet, wait and retry - time.Sleep(retryInterval) + // Wait for Pangolin to be healthy + if err := waitForContainer("pangolin", containerType); err != nil { + fmt.Println("Warning: Pangolin container did not become healthy in time.") + return } - return fmt.Errorf("container %s did not start within %v seconds", containerName, maxAttempts*int(retryInterval.Seconds())) + // Give a moment for the setup token to be generated + time.Sleep(2 * time.Second) + + // Fetch logs + var cmd *exec.Cmd + if containerType == Docker { + cmd = exec.Command("docker", "logs", "pangolin") + } else { + cmd = exec.Command("podman", "logs", "pangolin") + } + output, err := cmd.Output() + if err != nil { + fmt.Println("Warning: Could not fetch Pangolin logs to find setup token.") + return + } + + // Parse for setup token + lines := strings.Split(string(output), "\n") + for i, line := range lines { + if strings.Contains(line, "=== SETUP TOKEN GENERATED ===") || strings.Contains(line, "=== SETUP TOKEN EXISTS ===") { + // Look for "Token: ..." in the next few lines + for j := i + 1; j < i+5 && j < len(lines); j++ { + trimmedLine := strings.TrimSpace(lines[j]) + if strings.Contains(trimmedLine, "Token:") { + // Extract token after "Token:" + tokenStart := strings.Index(trimmedLine, "Token:") + if tokenStart != -1 { + token := strings.TrimSpace(trimmedLine[tokenStart+6:]) + fmt.Printf("Setup token: %s\n", token) + fmt.Println("") + fmt.Println("This token is required to register the first admin account in the web UI at:") + fmt.Printf("https://%s/auth/initial-setup\n", dashboardDomain) + fmt.Println("") + fmt.Println("Save this token securely. It will be invalid after the first admin is created.") + return + } + } + } + } + } + fmt.Println("Warning: Could not find a setup token in Pangolin logs.") +} + +func showSetupTokenInstructions(containerType SupportedContainer, dashboardDomain string) { + fmt.Println("\n=== Setup Token Instructions ===") + fmt.Println("To get your setup token, you need to:") + fmt.Println("") + fmt.Println("1. Start the containers:") + if containerType == Docker { + fmt.Println(" docker-compose up -d") + } else { + fmt.Println(" podman-compose up -d") + } + fmt.Println("") + fmt.Println("2. Wait for the Pangolin container to start and generate the token") + fmt.Println("") + fmt.Println("3. Check the container logs for the setup token:") + if containerType == Docker { + fmt.Println(" docker logs pangolin | grep -A 2 -B 2 'SETUP TOKEN'") + } else { + fmt.Println(" podman logs pangolin | grep -A 2 -B 2 'SETUP TOKEN'") + } + fmt.Println("") + fmt.Println("4. Look for output like:") + fmt.Println(" === SETUP TOKEN GENERATED ===") + fmt.Println(" Token: [your-token-here]") + fmt.Println(" Use this token on the initial setup page") + fmt.Println("") + fmt.Println("5. Use the token to complete initial setup at:") + fmt.Printf(" https://%s/auth/initial-setup\n", dashboardDomain) + fmt.Println("") + fmt.Println("The setup token is required to register the first admin account.") + fmt.Println("Save it securely - it will be invalid after the first admin is created.") + fmt.Println("================================") } func generateRandomSecretKey() string { @@ -619,4 +582,46 @@ func generateRandomSecretKey() string { b[i] = charset[seededRand.Intn(len(charset))] } return string(b) -} \ No newline at end of file +} + +// Run external commands with stdio/stderr attached. +func run(name string, args ...string) error { + cmd := exec.Command(name, args...) + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + return cmd.Run() +} + +func checkPortsAvailable(port int) error { + addr := fmt.Sprintf(":%d", port) + ln, err := net.Listen("tcp", addr) + if err != nil { + return fmt.Errorf( + "ERROR: port %d is occupied or cannot be bound: %w\n\n", + port, err, + ) + } + if closeErr := ln.Close(); closeErr != nil { + fmt.Fprintf(os.Stderr, + "WARNING: failed to close test listener on port %d: %v\n", + port, closeErr, + ) + } + return nil +} + +func checkIsPangolinInstalledWithHybrid() bool { + // Check if config/config.yml exists and contains hybrid section + if _, err := os.Stat("config/config.yml"); err != nil { + return false + } + + // Read config file to check for hybrid section + content, err := os.ReadFile("config/config.yml") + if err != nil { + return false + } + + // Check for hybrid section + return bytes.Contains(content, []byte("managed:")) +} diff --git a/install/quickStart.go b/install/quickStart.go new file mode 100644 index 00000000..ece8e8ff --- /dev/null +++ b/install/quickStart.go @@ -0,0 +1,110 @@ +package main + +import ( + "bytes" + "encoding/base64" + "encoding/json" + "fmt" + "io" + "net/http" + "time" +) + +const ( + FRONTEND_SECRET_KEY = "af4e4785-7e09-11f0-b93a-74563c4e2a7e" + // CLOUD_API_URL = "https://pangolin.fossorial.io/api/v1/remote-exit-node/quick-start" + CLOUD_API_URL = "https://pangolin.fossorial.io/api/v1/remote-exit-node/quick-start" +) + +// HybridCredentials represents the response from the cloud API +type HybridCredentials struct { + RemoteExitNodeId string `json:"remoteExitNodeId"` + Secret string `json:"secret"` +} + +// APIResponse represents the full response structure from the cloud API +type APIResponse struct { + Data HybridCredentials `json:"data"` +} + +// RequestPayload represents the request body structure +type RequestPayload struct { + Token string `json:"token"` +} + +func generateValidationToken() string { + timestamp := time.Now().UnixMilli() + data := fmt.Sprintf("%s|%d", FRONTEND_SECRET_KEY, timestamp) + obfuscated := make([]byte, len(data)) + for i, char := range []byte(data) { + obfuscated[i] = char + 5 + } + return base64.StdEncoding.EncodeToString(obfuscated) +} + +// requestHybridCredentials makes an HTTP POST request to the cloud API +// to get hybrid credentials (ID and secret) +func requestHybridCredentials() (*HybridCredentials, error) { + // Generate validation token + token := generateValidationToken() + + // Create request payload + payload := RequestPayload{ + Token: token, + } + + // Marshal payload to JSON + jsonData, err := json.Marshal(payload) + if err != nil { + return nil, fmt.Errorf("failed to marshal request payload: %v", err) + } + + // Create HTTP request + req, err := http.NewRequest("POST", CLOUD_API_URL, bytes.NewBuffer(jsonData)) + if err != nil { + return nil, fmt.Errorf("failed to create HTTP request: %v", err) + } + + // Set headers + req.Header.Set("Content-Type", "application/json") + req.Header.Set("X-CSRF-Token", "x-csrf-protection") + + // Create HTTP client with timeout + client := &http.Client{ + Timeout: 30 * time.Second, + } + + // Make the request + resp, err := client.Do(req) + if err != nil { + return nil, fmt.Errorf("failed to make HTTP request: %v", err) + } + defer resp.Body.Close() + + // Check response status + if resp.StatusCode != http.StatusOK { + return nil, fmt.Errorf("API request failed with status code: %d", resp.StatusCode) + } + + // Read response body for debugging + body, err := io.ReadAll(resp.Body) + if err != nil { + return nil, fmt.Errorf("failed to read response body: %v", err) + } + + // Print the raw JSON response for debugging + // fmt.Printf("Raw JSON response: %s\n", string(body)) + + // Parse response + var apiResponse APIResponse + if err := json.Unmarshal(body, &apiResponse); err != nil { + return nil, fmt.Errorf("failed to decode API response: %v", err) + } + + // Validate response data + if apiResponse.Data.RemoteExitNodeId == "" || apiResponse.Data.Secret == "" { + return nil, fmt.Errorf("invalid response: missing remoteExitNodeId or secret") + } + + return &apiResponse.Data, nil +} diff --git a/internationalization/de.md b/internationalization/de.md deleted file mode 100644 index c84249f7..00000000 --- a/internationalization/de.md +++ /dev/null @@ -1,287 +0,0 @@ -## Authentication Site - -| EN | DE | Notes | -| -------------------------------------------------------- | ---------------------------------------------------------------------------------- | ---------- | -| Powered by [Pangolin](https://github.com/fosrl/pangolin) | Bereitgestellt von [Pangolin](https://github.com/fosrl/pangolin) | | -| Authentication Required | Authentifizierung erforderlich | | -| Choose your preferred method to access {resource} | Wählen Sie Ihre bevorzugte Methode, um auf {resource} zuzugreifen | | -| PIN | PIN | | -| User | Benutzer | | -| 6-digit PIN Code | 6-stelliger PIN-Code | pin login | -| Login in with PIN | Mit PIN anmelden | pin login | -| Email | E-Mail | user login | -| Enter your email | Geben Sie Ihre E-Mail-Adresse ein | user login | -| Password | Passwort | user login | -| Enter your password | Geben Sie Ihr Passwort ein | user login | -| Forgot your password? | Passwort vergessen? | user login | -| Log in | Anmelden | user login | - ---- - -## Login site - -| EN | DE | Notes | -| --------------------- | ---------------------------------- | ----------- | -| Welcome to Pangolin | Willkommen bei Pangolin | | -| Log in to get started | Melden Sie sich an, um zu beginnen | | -| Email | E-Mail | | -| Enter your email | Geben Sie Ihre E-Mail-Adresse ein | placeholder | -| Password | Passwort | | -| Enter your password | Geben Sie Ihr Passwort ein | placeholder | -| Forgot your password? | Passwort vergessen? | | -| Log in | Anmelden | | - -# Ogranization site after successful login - -| EN | DE | Notes | -| ----------------------------------------- | -------------------------------------------- | ----- | -| Welcome to Pangolin | Willkommen bei Pangolin | | -| You're a member of {number} organization. | Sie sind Mitglied von {number} Organisation. | | - -## Shared Header, Navbar and Footer -##### Header - -| EN | DE | Notes | -| ------------------- | ------------------- | ----- | -| Documentation | Dokumentation | | -| Support | Support | | -| Organization {name} | Organisation {name} | | -##### Organization selector - -| EN | DE | Notes | -| ---------------- | ----------------- | ----- | -| Search… | Suchen… | | -| Create | Erstellen | | -| New Organization | Neue Organisation | | -| Organizations | Organisationen | | - -##### Navbar - -| EN | DE | Notes | -| --------------- | ----------------- | ----- | -| Sites | Websites | | -| Resources | Ressourcen | | -| User & Roles | Benutzer & Rollen | | -| Shareable Links | Teilbare Links | | -| General | Allgemein | | -##### Footer -| EN | DE | | -| ------------------------- | --------------------------- | ------------------- | -| Page {number} of {number} | Seite {number} von {number} | | -| Rows per page | Zeilen pro Seite | | -| Pangolin | Pangolin | unten auf der Seite | -| Built by Fossorial | Erstellt von Fossorial | unten auf der Seite | -| Open Source | Open Source | unten auf der Seite | -| Documentation | Dokumentation | unten auf der Seite | -| {version} | {version} | unten auf der Seite | - -## Main “Sites” -##### “Hero” section - -| EN | DE | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------ | ----- | -| Newt (Recommended) | Newt (empfohlen) | | -| For the best user experience, use Newt. It uses WireGuard under the hood and allows you to address your private resources by their LAN address on your private network from within the Pangolin dashboard. | Für das beste Benutzererlebnis verwenden Sie Newt. Es nutzt WireGuard im Hintergrund und ermöglicht es Ihnen, auf Ihre privaten Ressourcen über ihre LAN-Adresse in Ihrem privaten Netzwerk direkt aus dem Pangolin-Dashboard zuzugreifen. | | -| Runs in Docker | Läuft in Docker | | -| Runs in shell on macOS, Linux, and Windows | Läuft in der Shell auf macOS, Linux und Windows | | -| Install Newt | Newt installieren | | -| Basic WireGuard
| Verwenden Sie einen beliebigen WireGuard-Client, um eine Verbindung herzustellen. Sie müssen auf Ihre internen Ressourcen über die Peer-IP-Adresse zugreifen. | | -| Compatible with all WireGuard clients
| Kompatibel mit allen WireGuard-Clients
| | -| Manual configuration required | Manuelle Konfiguration erforderlich
| | -##### Content - -| EN | DE | Notes | -| --------------------------------------------------------- | ------------------------------------------------------------ | -------------------------------- | -| Manage Sites | Seiten verwalten | | -| Allow connectivity to your network through secure tunnels | Ermöglichen Sie die Verbindung zu Ihrem Netzwerk über ein sicheren Tunnel | | -| Search sites | Seiten suchen | placeholder | -| Add Site | Seite hinzufügen | | -| Name | Name | table header | -| Online | Status | table header | -| Site | Seite | table header | -| Data In | Eingehende Daten | table header | -| Data Out | Ausgehende Daten | table header | -| Connection Type | Verbindungstyp | table header | -| Online | Online | site state | -| Offline | Offline | site state | -| Edit → | Bearbeiten → | | -| View settings | Einstellungen anzeigen | Popup after clicking “…” on site | -| Delete | Löschen | Popup after clicking “…” on site | -##### Add Site Popup - -| EN | DE | Notes | -| ------------------------------------------------------ | ----------------------------------------------------------- | ----------- | -| Create Site | Seite erstellen | | -| Create a new site to start connection for this site | Erstellen Sie eine neue Seite, um die Verbindung zu starten | | -| Name | Name | | -| Site name | Seiten-Name | placeholder | -| This is the name that will be displayed for this site. | So wird Ihre Seite angezeigt | desc | -| Method | Methode | | -| Local | Lokal | | -| Newt | Newt | | -| WireGuard | WireGuard | | -| This is how you will expose connections. | So werden Verbindungen freigegeben. | | -| You will only be able to see the configuration once. | Diese Konfiguration können Sie nur einmal sehen. | | -| Learn how to install Newt on your system | Erfahren Sie, wie Sie Newt auf Ihrem System installieren | | -| I have copied the config | Ich habe die Konfiguration kopiert | | -| Create Site | Website erstellen | | -| Close | Schließen | | - -## Main “Resources” - -##### “Hero” section - -| EN | DE | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------ | ----- | -| Resources | Ressourcen | | -| Ressourcen sind Proxy-Server für Anwendungen, die in Ihrem privaten Netzwerk laufen. Erstellen Sie eine Ressource für jede HTTP- oder HTTPS-Anwendung in Ihrem privaten Netzwerk. Jede Ressource muss mit einer Website verbunden sein, um eine private und sichere Verbindung über den verschlüsselten WireGuard-Tunnel zu ermöglichen. | Ressourcen sind Proxy-Server für Anwendungen, die in Ihrem privaten Netzwerk laufen. Erstellen Sie eine Ressource für jede HTTP- oder HTTPS-Anwendung in Ihrem privaten Netzwerk. Jede Ressource muss mit einer Website verbunden sein, um eine private und sichere Verbindung über den verschlüsselten WireGuard-Tunnel zu ermöglichen. | | -| Secure connectivity with WireGuard encryption | Sichere Verbindung mit WireGuard-Verschlüsselung | | -| Configure multiple authentication methods | Konfigurieren Sie mehrere Authentifizierungsmethoden | | -| User and role-based access control | Benutzer- und rollenbasierte Zugriffskontrolle | | -##### Content - -| EN | DE | Notes | -| -------------------------------------------------- | ---------------------------------------------------------- | -------------------- | -| Manage Resources | Ressourcen verwalten | | -| Create secure proxies to your private applications | Erstellen Sie sichere Proxys für Ihre privaten Anwendungen | | -| Search resources | Ressourcen durchsuchen | placeholder | -| Name | Name | | -| Site | Website | | -| Full URL | Vollständige URL | | -| Authentication | Authentifizierung | | -| Not Protected | Nicht geschützt | authentication state | -| Protected | Geschützt | authentication state | -| Edit → | Bearbeiten → | | -| Add Resource | Ressource hinzufügen | | -##### Add Resource Popup - -| EN | DE | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------- | -| Create Resource | Ressource erstellen | | -| Create a new resource to proxy request to your app | Erstellen Sie eine neue Ressource, um Anfragen an Ihre App zu proxen | | -| Name | Name | | -| My Resource | Neue Ressource | name placeholder | -| This is the name that will be displayed for this resource. | Dies ist der Name, der für diese Ressource angezeigt wird | | -| Subdomain | Subdomain | | -| Enter subdomain | Subdomain eingeben | | -| This is the fully qualified domain name that will be used to access the resource. | Dies ist der vollständige Domainname, der für den Zugriff auf die Ressource verwendet wird. | | -| Site | Website | | -| Search site… | Website suchen… | Site selector popup | -| This is the site that will be used in the dashboard. | Dies ist die Website, die im Dashboard verwendet wird. | | -| Create Resource | Ressource erstellen | | -| Close | Schließen | | - - -## Main “User & Roles” -##### Content - -| EN | DE | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------ | ----------------------------- | -| Manage User & Roles | Benutzer & Rollen verwalten | | -| Invite users and add them to roles to manage access to your organization | Laden Sie Benutzer ein und weisen Sie ihnen Rollen zu, um den Zugriff auf Ihre Organisation zu verwalten | | -| Users | Benutzer | sidebar item | -| Roles | Rollen | sidebar item | -| **User tab** | | | -| Search users | Benutzer suchen | placeholder | -| Invite User | Benutzer einladen | addbutton | -| Email | E-Mail | table header | -| Status | Status | table header | -| Role | Rolle | table header | -| Confirmed | Bestätigt | account status | -| Not confirmed (?) | Nicht bestätigt (?) | unknown for me account status | -| Owner | Besitzer | role | -| Admin | Administrator | role | -| Member | Mitglied | role | -| **Roles Tab** | | | -| Search roles | Rollen suchen | placeholder | -| Add Role | Rolle hinzufügen | addbutton | -| Name | Name | table header | -| Description | Beschreibung | table header | -| Admin | Administrator | role | -| Member | Mitglied | role | -| Admin role with the most permissions | Administratorrolle mit den meisten Berechtigungen | admin role desc | -| Members can only view resources | Mitglieder können nur Ressourcen anzeigen | member role desc | - -##### Invite User popup - -| EN | DE | Notes | -| ----------------- | ------------------------------------------------------- | ----------- | -| Invite User | Geben Sie neuen Benutzern Zugriff auf Ihre Organisation | | -| Email | E-Mail | | -| Enter an email | E-Mail eingeben | placeholder | -| Role | Rolle | | -| Select role | Rolle auswählen | placeholder | -| Gültig für | Gültig bis | | -| 1 day | Tag | | -| 2 days | 2 Tage | | -| 3 days | 3 Tage | | -| 4 days | 4 Tage | | -| 5 days | 5 Tage | | -| 6 days | 6 Tage | | -| 7 days | 7 Tage | | -| Create Invitation | Einladung erstellen | | -| Close | Schließen | | - - -## Main “Shareable Links” -##### “Hero” section - -| EN | DE | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------ | ----- | -| Shareable Links | Teilbare Links | | -| Create shareable links to your resources. Links provide temporary or unlimited access to your resource. You can configure the expiration duration of the link when you create one. | Erstellen Sie teilbare Links zu Ihren Ressourcen. Links bieten temporären oder unbegrenzten Zugriff auf Ihre Ressource. Sie können die Gültigkeitsdauer des Links beim Erstellen konfigurieren. | | -| Easy to create and share | Einfach zu erstellen und zu teilen | | -| Configurable expiration duration | Konfigurierbare Gültigkeitsdauer | | -| Secure and revocable | Sicher und widerrufbar | | -##### Content - -| EN | DE | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------ | ----------------- | -| Manage Shareable Links | Teilbare Links verwalten | | -| Create shareable links to grant temporary or permanent access to your resources | Erstellen Sie teilbare Links, um temporären oder permanenten Zugriff auf Ihre Ressourcen zu gewähren | | -| Search links | Links suchen | placeholder | -| Create Share Link | Neuen Link erstellen | addbutton | -| Resource | Ressource | table header | -| Title | Titel | table header | -| Created | Erstellt | table header | -| Expires | Gültig bis | table header | -| No links. Create one to get started. | Keine Links. Erstellen Sie einen, um zu beginnen. | table placeholder | - -##### Create Shareable Link popup - -| EN | DE | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------ | ----------------------- | -| Create Shareable Link | Teilbaren Link erstellen | | -| Anyone with this link can access the resource | Jeder mit diesem Link kann auf die Ressource zugreifen | | -| Resource | Ressource | | -| Select resource | Ressource auswählen | | -| Search resources… | Ressourcen suchen… | resource selector popup | -| Title (optional) | Titel (optional) | | -| Enter title | Titel eingeben | placeholder | -| Expire in | Gültig bis | | -| Minutes | Minuten | | -| Hours | Stunden | | -| Days | Tage | | -| Months | Monate | | -| Years | Jahre | | -| Never expire | Nie ablaufen | | -| Expiration time is how long the link will be usable and provide access to the resource. After this time, the link will no longer work, and users who used this link will lose access to the resource. | Die Gültigkeitsdauer bestimmt, wie lange der Link nutzbar ist und Zugriff auf die Ressource bietet. Nach Ablauf dieser Zeit funktioniert der Link nicht mehr, und Benutzer, die diesen Link verwendet haben, verlieren den Zugriff auf die Ressource. | | -| Create Link | Link erstellen | | -| Close | Schließen | | - - -## Main “General” - -| EN | DE | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------ | ------------ | -| General | Allgemein | | -| Configure your organization’s general settings | Konfigurieren Sie die allgemeinen Einstellungen Ihrer Organisation | | -| General | Allgemein | sidebar item | -| Organization Settings | Organisationseinstellungen | | -| Manage your organization details and configuration | Verwalten Sie die Details und Konfiguration Ihrer Organisation | | -| Name | Name | | -| This is the display name of the org | Dies ist der Anzeigename Ihrer Organisation | | -| Save Settings | Einstellungen speichern | | -| Danger Zone | Gefahrenzone | | -| Once you delete this org, there is no going back. Please be certain. | Wenn Sie diese Organisation löschen, gibt es kein Zurück. Bitte seien Sie sicher. | | -| Delete Organization Data | Organisationsdaten löschen | | \ No newline at end of file diff --git a/internationalization/es.md b/internationalization/es.md deleted file mode 100644 index c4477fbf..00000000 --- a/internationalization/es.md +++ /dev/null @@ -1,291 +0,0 @@ -## Authentication Site - - -| EN | ES | Notes | -| -------------------------------------------------------- | ------------------------------------------------------------ | ---------- | -| Powered by [Pangolin](https://github.com/fosrl/pangolin) | Desarrollado por [Pangolin](https://github.com/fosrl/pangolin) | | -| Authentication Required | Se requiere autenticación | | -| Choose your preferred method to access {resource} | Elije tu método requerido para acceder a {resource} | | -| PIN | PIN | | -| User | Usuario | | -| 6-digit PIN Code | Código PIN de 6 dígitos | pin login | -| Login in with PIN | Registrate con PIN | pin login | -| Email | Email | user login | -| Enter your email | Introduce tu email | user login | -| Password | Contraseña | user login | -| Enter your password | Introduce tu contraseña | user login | -| Forgot your password? | ¿Olvidaste tu contraseña? | user login | -| Log in | Iniciar sesión | user login | - - -## Login site - -| EN | ES | Notes | -| --------------------- | ---------------------------------- | ----------- | -| Welcome to Pangolin | Binvenido a Pangolin | | -| Log in to get started | Registrate para comenzar | | -| Email | Email | | -| Enter your email | Introduce tu email | placeholder | -| Password | Contraseña | | -| Enter your password | Introduce tu contraseña | placeholder | -| Forgot your password? | ¿Olvidaste tu contraseña? | | -| Log in | Iniciar sesión | | - -# Ogranization site after successful login - -| EN | ES | Notes | -| ----------------------------------------- | -------------------------------------------- | ----- | -| Welcome to Pangolin | Binvenido a Pangolin | | -| You're a member of {number} organization. | Eres miembro de la organización {number}. | | - -## Shared Header, Navbar and Footer -##### Header - -| EN | ES | Notes | -| ------------------- | ------------------- | ----- | -| Documentation | Documentación | | -| Support | Soporte | | -| Organization {name} | Organización {name} | | -##### Organization selector - -| EN | ES | Notes | -| ---------------- | ----------------- | ----- | -| Search… | Buscar… | | -| Create | Crear | | -| New Organization | Nueva Organización| | -| Organizations | Organizaciones | | - -##### Navbar - -| EN | ES | Notes | -| --------------- | -----------------------| ----- | -| Sites | Sitios | | -| Resources | Recursos | | -| User & Roles | Usuarios y roles | | -| Shareable Links | Enlaces para compartir | | -| General | General | | - -##### Footer -| EN | ES | | -| ------------------------- | --------------------------- | -------| -| Page {number} of {number} | Página {number} de {number} | footer | -| Rows per page | Filas por página | footer | -| Pangolin | Pangolin | footer | -| Built by Fossorial | Construido por Fossorial | footer | -| Open Source | Código abierto | footer | -| Documentation | Documentación | footer | -| {version} | {version} | footer | - -## Main “Sites” -##### “Hero” section - -| EN | ES | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------ | ----- | -| Newt (Recommended) | Newt (Recomendado) | | -| For the best user experience, use Newt. It uses WireGuard under the hood and allows you to address your private resources by their LAN address on your private network from within the Pangolin dashboard. | Para obtener la mejor experiencia de usuario, utiliza Newt. Utiliza WireGuard internamente y te permite abordar tus recursos privados mediante tu dirección LAN en tu red privada desde el panel de Pangolin. | | -| Runs in Docker | Se ejecuta en Docker | | -| Runs in shell on macOS, Linux, and Windows | Se ejecuta en shell en macOS, Linux y Windows | | -| Install Newt | Instalar Newt | | -| Basic WireGuard
| WireGuard básico
| | -| Compatible with all WireGuard clients
| Compatible con todos los clientes WireGuard
| | -| Manual configuration required | Se requiere configuración manual | | - -##### Content - -| EN | ES | Notes | -| --------------------------------------------------------- | ------------------------------------------------------------ | -------------------------------- | -| Manage Sites | Administrar sitios | | -| Allow connectivity to your network through secure tunnels | Permitir la conectividad a tu red a través de túneles seguros| | -| Search sites | Buscar sitios | placeholder | -| Add Site | Agregar sitio | | -| Name | Nombre | table header | -| Online | Conectado | table header | -| Site | Sitio | table header | -| Data In | Datos en | table header | -| Data Out | Datos de salida | table header | -| Connection Type | Tipo de conexión | table header | -| Online | Conectado | site state | -| Offline | Desconectado | site state | -| Edit → | Editar → | | -| View settings | Ver configuración | Popup after clicking “…” on site | -| Delete | Borrar | Popup after clicking “…” on site | - -##### Add Site Popup - -| EN | ES | Notes | -| ------------------------------------------------------ | ----------------------------------------------------------- | ----------- | -| Create Site | Crear sitio | | -| Create a new site to start connection for this site | Crear un nuevo sitio para iniciar la conexión para este sitio | | -| Name | Nombre | | -| Site name | Nombre del sitio | placeholder | -| This is the name that will be displayed for this site. | Este es el nombre que se mostrará para este sitio. | desc | -| Method | Método | | -| Local | Local | | -| Newt | Newt | | -| WireGuard | WireGuard | | -| This is how you will expose connections. | Así es como expondrás las conexiones. | | -| You will only be able to see the configuration once. | Solo podrás ver la configuración una vez. | | -| Learn how to install Newt on your system | Aprende a instalar Newt en tu sistema | | -| I have copied the config | He copiado la configuración | | -| Create Site | Crear sitio | | -| Close | Cerrar | | - -## Main “Resources” - -##### “Hero” section - -| EN | ES | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------ | ----- | -| Resources | Recursos | | -| Ressourcen sind Proxy-Server für Anwendungen, die in Ihrem privaten Netzwerk laufen. Erstellen Sie eine Ressource für jede HTTP- oder HTTPS-Anwendung in Ihrem privaten Netzwerk. Jede Ressource muss mit einer Website verbunden sein, um eine private und sichere Verbindung über den verschlüsselten WireGuard-Tunnel zu ermöglichen. |Los recursos son servidores proxy para aplicaciones que se ejecutan en su red privada. Cree un recurso para cada aplicación HTTP o HTTPS en su red privada. Cada recurso debe estar conectado a un sitio web para proporcionar una conexión privada y segura a través del túnel cifrado WireGuard. | | -| Secure connectivity with WireGuard encryption | Conectividad segura con encriptación WireGuard | | -| Configure multiple authentication methods | Configura múltiples métodos de autenticación | | -| User and role-based access control | Control de acceso basado en usuarios y roles | | - -##### Content - -| EN | ES | Notes | -| -------------------------------------------------- | ---------------------------------------------------------- | -------------------- | -| Manage Resources | Administrar recursos | | -| Create secure proxies to your private applications | Crea servidores proxy seguros para tus aplicaciones privadas | | -| Search resources | Buscar recursos | placeholder | -| Name | Nombre | | -| Site | Sitio | | -| Full URL | URL completa | | -| Authentication | Autenticación | | -| Not Protected | No protegido | authentication state | -| Protected | Protegido | authentication state | -| Edit → | Editar → | | -| Add Resource | Agregar recurso | | - -##### Add Resource Popup - -| EN | ES | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------- | -| Create Resource | Crear recurso | | -| Create a new resource to proxy request to your app | Crea un nuevo recurso para enviar solicitudes a tu aplicación | | -| Name | Nombre | | -| My Resource | Mi recurso | name placeholder | -| This is the name that will be displayed for this resource. | Este es el nombre que se mostrará para este recurso. | | -| Subdomain | Subdominio | | -| Enter subdomain | Ingresar subdominio | | -| This is the fully qualified domain name that will be used to access the resource. | Este es el nombre de dominio completo que se utilizará para acceder al recurso. | | -| Site | Sitio | | -| Search site… | Buscar sitio… | Site selector popup | -| This is the site that will be used in the dashboard. | Este es el sitio que se utilizará en el panel de control. | | -| Create Resource | Crear recurso | | -| Close | Cerrar | | - -## Main “User & Roles” -##### Content - -| EN | ES | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------ | ----------------------------- | -| Manage User & Roles | Administrar usuarios y roles | | -| Invite users and add them to roles to manage access to your organization | Invita a usuarios y agrégalos a roles para administrar el acceso a tu organización | | -| Users | Usuarios | sidebar item | -| Roles | Roles | sidebar item | -| **User tab** | **Pestaña de usuario** | | -| Search users | Buscar usuarios | placeholder | -| Invite User | Invitar usuario | addbutton | -| Email | Email | table header | -| Status | Estado | table header | -| Role | Role | table header | -| Confirmed | Confirmado | account status | -| Not confirmed (?) | No confirmado (?) | unknown for me account status | -| Owner | Dueño | role | -| Admin | Administrador | role | -| Member | Miembro | role | -| **Roles Tab** | **Pestaña Roles** | | -| Search roles | Buscar roles | placeholder | -| Add Role | Agregar rol | addbutton | -| Name | Nombre | table header | -| Description | Descripción | table header | -| Admin | Administrador | role | -| Member | Miembro | role | -| Admin role with the most permissions | Rol de administrador con más permisos | admin role desc | -| Members can only view resources | Los miembros sólo pueden ver los recursos | member role desc | - -##### Invite User popup - -| EN | ES | Notes | -| ----------------- | ------------------------------------------------------- | ----------- | -| Invite User | Invitar usuario | | -| Email | Email | | -| Enter an email | Introduzca un email | placeholder | -| Role | Rol | | -| Select role | Seleccionar rol | placeholder | -| Gültig für | Válido para | | -| 1 day | 1 día | | -| 2 days | 2 días | | -| 3 days | 3 días | | -| 4 days | 4 días | | -| 5 days | 5 días | | -| 6 days | 6 días | | -| 7 days | 7 días | | -| Create Invitation | Crear invitación | | -| Close | Cerrar | | - - -## Main “Shareable Links” -##### “Hero” section - -| EN | ES | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------ | ----- | -| Shareable Links | Enlaces para compartir | | -| Create shareable links to your resources. Links provide temporary or unlimited access to your resource. You can configure the expiration duration of the link when you create one. | Crear enlaces que se puedan compartir a tus recursos. Los enlaces proporcionan acceso temporal o ilimitado a tu recurso. Puedes configurar la duración de caducidad del enlace cuando lo creas. | | -| Easy to create and share | Fácil de crear y compartir | | -| Configurable expiration duration | Duración de expiración configurable | | -| Secure and revocable | Seguro y revocable | | -##### Content - -| EN | ES | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------ | ----------------- | -| Manage Shareable Links | Administrar enlaces compartibles | | -| Create shareable links to grant temporary or permanent access to your resources | Crear enlaces compartibles para otorgar acceso temporal o permanente a tus recursos | | -| Search links | Buscar enlaces | placeholder | -| Create Share Link | Crear enlace para compartir | addbutton | -| Resource | Recurso | table header | -| Title | Título | table header | -| Created | Creado | table header | -| Expires | Caduca | table header | -| No links. Create one to get started. | No hay enlaces. Crea uno para comenzar. | table placeholder | - -##### Create Shareable Link popup - -| EN | ES | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------ | ----------------------- | -| Create Shareable Link | Crear un enlace para compartir | | -| Anyone with this link can access the resource | Cualquier persona con este enlace puede acceder al recurso. | | -| Resource | Recurso | | -| Select resource | Seleccionar recurso | | -| Search resources… | Buscar recursos… | resource selector popup | -| Title (optional) | Título (opcional) | | -| Enter title | Introducir título | placeholder | -| Expire in | Caduca en | | -| Minutes | Minutos | | -| Hours | Horas | | -| Days | Días | | -| Months | Meses | | -| Years | Años | | -| Never expire | Nunca caduca | | -| Expiration time is how long the link will be usable and provide access to the resource. After this time, the link will no longer work, and users who used this link will lose access to the resource. | El tiempo de expiración es el tiempo durante el cual el enlace se podrá utilizar y brindará acceso al recurso. Después de este tiempo, el enlace dejará de funcionar y los usuarios que lo hayan utilizado perderán el acceso al recurso. | | -| Create Link | Crear enlace | | -| Close | Cerrar | | - - -## Main “General” - -| EN | ES | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------ | ------------ | -| General | General | | -| Configure your organization’s general settings | Configura los ajustes generales de tu organización | | -| General | General | sidebar item | -| Organization Settings | Configuración de la organización | | -| Manage your organization details and configuration | Administra los detalles y la configuración de tu organización| | -| Name | Nombre | | -| This is the display name of the org | Este es el nombre para mostrar de la organización. | | -| Save Settings | Guardar configuración | | -| Danger Zone | Zona de peligro | | -| Once you delete this org, there is no going back. Please be certain. | Una vez que elimines esta organización, no habrá vuelta atrás. Asegúrate de hacerlo. | | -| Delete Organization Data | Eliminar datos de la organización | | \ No newline at end of file diff --git a/internationalization/pl.md b/internationalization/pl.md deleted file mode 100644 index a55866e2..00000000 --- a/internationalization/pl.md +++ /dev/null @@ -1,287 +0,0 @@ -## Authentication Site - - -| EN | PL | Notes | -| -------------------------------------------------------- | ------------------------------------------------------------ | ---------- | -| Powered by [Pangolin](https://github.com/fosrl/pangolin) | Zasilane przez [Pangolin](https://github.com/fosrl/pangolin) | | -| Authentication Required | Wymagane uwierzytelnienie | | -| Choose your preferred method to access {resource} | Wybierz preferowaną metodę dostępu do {resource} | | -| PIN | PIN | | -| User | Zaloguj | | -| 6-digit PIN Code | 6-cyfrowy kod PIN | pin login | -| Login in with PIN | Zaloguj się PIN’em | pin login | -| Email | Email | user login | -| Enter your email | Wprowadź swój email | user login | -| Password | Hasło | user login | -| Enter your password | Wprowadź swoje hasło | user login | -| Forgot your password? | Zapomniałeś hasła? | user login | -| Log in | Zaloguj | user login | - - -## Login site - -| EN | PL | Notes | -| --------------------- | ------------------------------ | ----------- | -| Welcome to Pangolin | Witaj w Pangolin | | -| Log in to get started | Zaloguj się, aby rozpocząć
| | -| Email | Email | | -| Enter your email | Wprowadź swój adres e-mail
| placeholder | -| Password | Hasło | | -| Enter your password | Wprowadź swoje hasło | placeholder | -| Forgot your password? | Nie pamiętasz hasła? | | -| Log in | Zaloguj | | - -# Ogranization site after successful login - - -| EN | PL | Notes | -| ----------------------------------------- | ------------------------------------------ | ----- | -| Welcome to Pangolin | Witaj w Pangolin | | -| You're a member of {number} organization. | Jesteś użytkownikiem {number} organizacji. | | - -## Shared Header, Navbar and Footer -##### Header - -| EN | PL | Notes | -| ------------------- | ------------------ | ----- | -| Documentation | Dokumentacja | | -| Support | Wsparcie | | -| Organization {name} | Organizacja {name} | | -##### Organization selector - -| EN | PL | Notes | -| ---------------- | ---------------- | ----- | -| Search… | Szukaj… | | -| Create | Utwórz | | -| New Organization | Nowa organizacja | | -| Organizations | Organizacje | | - -##### Navbar - -| EN | PL | Notes | -| --------------- | ---------------------- | ----- | -| Sites | Witryny | | -| Resources | Zasoby | | -| User & Roles | Użytkownicy i Role | | -| Shareable Links | Łącza do udostępniania | | -| General | Ogólne | | -##### Footer -| EN | PL | | -| ------------------------- | -------------------------- | -------------- | -| Page {number} of {number} | Strona {number} z {number} | | -| Rows per page | Wierszy na stronę | | -| Pangolin | Pangolin | bottom of site | -| Built by Fossorial | Stworzone przez Fossorial | bottom of site | -| Open Source | Open source | bottom of site | -| Documentation | Dokumentacja | bottom of site | -| {version} | {version} | bottom of site | -## Main “Sites” -##### “Hero” section - -| EN | PL | Notes | -| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----- | -| Newt (Recommended) | Newt (zalecane) | | -| For the best user experience, use Newt. It uses WireGuard under the hood and allows you to address your private resources by their LAN address on your private network from within the Pangolin dashboard. | Aby zapewnić najlepsze doświadczenie użytkownika, korzystaj z Newt. Wykorzystuje on technologię WireGuard w tle i pozwala na dostęp do Twoich prywatnych zasobów za pomocą ich adresu LAN w prywatnej sieci bezpośrednio z poziomu pulpitu nawigacyjnego Pangolin. | | -| Runs in Docker | Działa w Dockerze | | -| Runs in shell on macOS, Linux, and Windows | Działa w powłoce na systemach macOS, Linux i Windows | | -| Install Newt | Zainstaluj Newt | | -| Podstawowy WireGuard
| Użyj dowolnego klienta WireGuard, aby się połączyć. Będziesz musiał uzyskiwać dostęp do swoich wewnętrznych zasobów za pomocą adresu IP równorzędnego | | -| Compatible with all WireGuard clients
| Kompatybilny ze wszystkimi klientami WireGuard
| | -| Manual configuration required | Wymagana ręczna konfiguracja
| | -##### Content - -| EN | PL | Notes | -| --------------------------------------------------------- | ------------------------------------------------------------------------ | -------------------------------- | -| Manage Sites | Zarządzanie witrynami | | -| Allow connectivity to your network through secure tunnels | Zezwalaj na łączność z Twoją siecią za pośrednictwem bezpiecznych tuneli | | -| Search sites | Szukaj witryny | placeholder | -| Add Site | Dodaj witrynę | | -| Name | Nazwa | table header | -| Online | Status | table header | -| Site | Witryna | table header | -| Data In | Dane wchodzące | table header | -| Data Out | Dane wychodzące | table header | -| Connection Type | Typ połączenia | table header | -| Online | Online | site state | -| Offline | Poza siecią | site state | -| Edit → | Edytuj → | | -| View settings | Pokaż ustawienia | Popup after clicking “…” on site | -| Delete | Usuń | Popup after clicking “…” on site | -##### Add Site Popup - -| EN | PL | Notes | -| ------------------------------------------------------ | --------------------------------------------------- | ----------- | -| Create Site | Utwórz witrynę | | -| Create a new site to start connection for this site | Utwórz nową witrynę aby rozpocząć połączenie | | -| Name | Nazwa | | -| Site name | Nazwa witryny | placeholder | -| This is the name that will be displayed for this site. | Tak będzie wyświetlana twoja witryna | desc | -| Method | Metoda | | -| Local | Lokalna | | -| Newt | Newt | | -| WireGuard | WireGuard | | -| This is how you will expose connections. | Tak będą eksponowane połączenie. | | -| You will only be able to see the configuration once. | Tą konfigurację możesz zobaczyć tylko raz. | | -| Learn how to install Newt on your system | Dowiedz się jak zainstalować Newt na twoim systemie | | -| I have copied the config | Skopiowałem konfigurację | | -| Create Site | Utwórz witrynę | | -| Close | Zamknij | | - -## Main “Resources” - -##### “Hero” section - -| EN | PL | Notes | -| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----- | -| Resources | Zasoby | | -| Zasoby to serwery proxy dla aplikacji działających w Twojej prywatnej sieci. Utwórz zasób dla dowolnej aplikacji HTTP lub HTTPS w swojej prywatnej sieci. Każdy zasób musi być połączony z witryną, aby umożliwić prywatne i bezpieczne połączenie przez szyfrowany tunel WireGuard. | Zasoby to serwery proxy dla aplikacji działających w Twojej prywatnej sieci. Utwórz zasób dla dowolnej aplikacji HTTP lub HTTPS w swojej prywatnej sieci. Każdy zasób musi być połączony z witryną, aby umożliwić prywatne i bezpieczne połączenie przez szyfrowany tunel WireGuard. | | -| Secure connectivity with WireGuard encryption | Bezpieczna łączność z szyfrowaniem WireGuard | | -| Configure multiple authentication methods | Konfigurowanie wielu metod uwierzytelniania | | -| User and role-based access control | Kontrola dostępu oparta na użytkownikach i rolach | | -##### Content - -| EN | PL | Notes | -| -------------------------------------------------- | -------------------------------------------------------------- | -------------------- | -| Manage Resources | Zarządzaj zasobami | | -| Create secure proxies to your private applications | Twórz bezpieczne serwery proxy dla swoich prywatnych aplikacji | | -| Search resources | Szukaj w zasobach | placeholder | -| Name | Nazwa | | -| Site | Witryna | | -| Full URL | Pełny URL | | -| Authentication | Uwierzytelnianie | | -| Not Protected | Niezabezpieczony | authentication state | -| Protected | Zabezpieczony | authentication state | -| Edit → | Edytuj → | | -| Add Resource | Dodaj zasób | | -##### Add Resource Popup - -| EN | PL | Notes | -| --------------------------------------------------------------------------------- | ---------------------------------------------------------------------- | ------------------- | -| Create Resource | Utwórz zasób | | -| Create a new resource to proxy request to your app | Utwórz nowy zasób, aby przekazywać żądania do swojej aplikacji | | -| Name | Nazwa | | -| My Resource | Nowy zasób | name placeholder | -| This is the name that will be displayed for this resource. | To jest nazwa, która będzie wyświetlana dla tego zasobu | | -| Subdomain | Subdomena | | -| Enter subdomain | Wprowadź subdomenę | | -| This is the fully qualified domain name that will be used to access the resource. | To jest pełna nazwa domeny, która będzie używana do dostępu do zasobu. | | -| Site | Witryna | | -| Search site… | Szukaj witryny… | Site selector popup | -| This is the site that will be used in the dashboard. | To jest witryna, która będzie używana w pulpicie nawigacyjnym. | | -| Create Resource | Utwórz zasób | | -| Close | Zamknij | | - - -## Main “User & Roles” -##### Content - -| EN | PL | Notes | -| ------------------------------------------------------------------------ | ------------------------------------------------------------------------------------ | ----------------------------- | -| Manage User & Roles | Zarządzanie użytkownikami i rolami | | -| Invite users and add them to roles to manage access to your organization | Zaproś użytkowników i przypisz im role, aby zarządzać dostępem do Twojej organizacji | | -| Users | Użytkownicy | sidebar item | -| Roles | Role | sidebar item | -| **User tab** | | | -| Search users | Wyszukaj użytkownika | placeholder | -| Invite User | Zaproś użytkownika | addbutton | -| Email | Email | table header | -| Status | Status | table header | -| Role | Rola | table header | -| Confirmed | Zatwierdzony | account status | -| Not confirmed (?) | Niezatwierdzony (?) | unknown for me account status | -| Owner | Właściciel | role | -| Admin | Administrator | role | -| Member | Użytkownik | role | -| **Roles Tab** | | | -| Search roles | Wyszukaj role | placeholder | -| Add Role | Dodaj role | addbutton | -| Name | Nazwa | table header | -| Description | Opis | table header | -| Admin | Administrator | role | -| Member | Użytkownik | role | -| Admin role with the most permissions | Rola administratora z najszerszymi uprawnieniami | admin role desc | -| Members can only view resources | Członkowie mogą jedynie przeglądać zasoby | member role desc | - -##### Invite User popup - -| EN | PL | Notes | -| ----------------- | ------------------------------------------ | ----------- | -| Invite User | Give new users access to your organization | | -| Email | Email | | -| Enter an email | Wprowadź email | placeholder | -| Role | Rola | | -| Select role | Wybierz role | placeholder | -| Vaild for | Ważne do | | -| 1 day | Dzień | | -| 2 days | 2 dni | | -| 3 days | 3 dni | | -| 4 days | 4 dni | | -| 5 days | 5 dni | | -| 6 days | 6 dni | | -| 7 days | 7 dni | | -| Create Invitation | Utwórz zaproszenie | | -| Close | Zamknij | | - - -## Main “Shareable Links” -##### “Hero” section - -| EN | PL | Notes | -| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----- | -| Shareable Links | Łącza do udostępniania | | -| Create shareable links to your resources. Links provide temporary or unlimited access to your resource. You can configure the expiration duration of the link when you create one. | Twórz linki do udostępniania swoich zasobów. Linki zapewniają tymczasowy lub nieograniczony dostęp do zasobu. Możesz skonfigurować czas wygaśnięcia linku podczas jego tworzenia. | | -| Easy to create and share | Łatwe tworzenie i udostępnianie | | -| Configurable expiration duration | Konfigurowalny czas wygaśnięcia | | -| Secure and revocable | Bezpieczne i odwołalne | | -##### Content - -| EN | PL | Notes | -| ------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------- | ----------------- | -| Manage Shareable Links | Zarządzaj łączami do udostępniania | | -| Create shareable links to grant temporary or permament access to your resources | Utwórz łącze do udostępniania w celu przyznania tymczasowego lub stałego dostępu do zasobów | | -| Search links | Szukaj łączy | placeholder | -| Create Share Link | Utwórz nowe łącze | addbutton | -| Resource | Zasób | table header | -| Title | Tytuł | table header | -| Created | Utworzone | table header | -| Expires | Wygasa | table header | -| No links. Create one to get started. | Brak łączy. Utwórz, aby rozpocząć. | table placeholder | - -##### Create Shareable Link popup - -| EN | PL | Notes | -| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- | -| Create Shareable Link | Utwórz łącze do udostępnienia | | -| Anyone with this link can access the resource | Każdy kto ma ten link może korzystać z zasobu | | -| Resource | Zasób | | -| Select resource | Wybierz zasób | | -| Search resources… | Szukaj zasobów… | resource selector popup | -| Title (optional) | Tytuł (opcjonalny) | | -| Enter title | Wprowadź tytuł | placeholder | -| Expire in | Wygasa za | | -| Minutes | Minut | | -| Hours | Godzin | | -| Days | Dni | | -| Months | Miesięcy | | -| Years | Lat | | -| Never expire | Nie wygasa | | -| Expiration time is how long the link will be usable and provide access to the resource. After this time, the link will no longer work, and users who used this link will lose access to the resource. | Czas wygaśnięcia to okres, przez który link będzie aktywny i zapewni dostęp do zasobu. Po upływie tego czasu link przestanie działać, a użytkownicy, którzy go użyli, stracą dostęp do zasobu. | | -| Create Link | Utwórz łącze | | -| Close | Zamknij | | - - -## Main “General” - -| EN | PL | Notes | -| -------------------------------------------------------------------- | ------------------------------------------------------------------- | ------------ | -| General | Ogólne | | -| Configure your organization’s general settings | Zarządzaj ogólnymi ustawieniami twoich organizacji | | -| General | Ogólne | sidebar item | -| Organization Settings | Ustawienia organizacji | | -| Manage your organization details and configuration | Zarządzaj szczegółami i konfiguracją organizacji | | -| Name | Nazwa | | -| This is the display name of the org | To jest wyświetlana nazwa Twojej organizacji | | -| Save Settings | Zapisz ustawienia | | -| Danger Zone | Niebezpieczna strefa | | -| Once you delete this org, there is no going back. Please be certain. | Jeśli usuniesz swoją tą organizację, nie ma odwrotu. Bądź ostrożny! | | -| Delete Organization Data | Usuń dane organizacji | | diff --git a/internationalization/tr.md b/internationalization/tr.md deleted file mode 100644 index 9e5bd274..00000000 --- a/internationalization/tr.md +++ /dev/null @@ -1,310 +0,0 @@ -## Authentication Site - -| EN | TR | Notes | -| -------------------------------------------------------- | ---------------------------------------------------------------------------------- | ---------- | -| Powered by [Pangolin](https://github.com/fosrl/pangolin) | Pangolin Tarafından Destekleniyor | | -| Authentication Required | Kimlik Doğrulaması Gerekli | | -| Choose your preferred method to access {resource} | {resource}'a erişmek için tercih ettiğiniz yöntemi seçin | | -| PIN | PIN | | -| User | Kullanıcı | | -| 6-digit PIN Code | 6 haneli PIN Kodu | pin login | -| Login in with PIN | PIN ile Giriş Yap | pin login | -| Email | E-posta | user login | -| Enter your email | E-postanızı girin | user login | -| Password | Şifre | user login | -| Enter your password | Şifrenizi girin | user login | -| Forgot your password? | Şifrenizi mi unuttunuz? | user login | -| Log in | Giriş Yap | user login | - ---- - -## Login site - -| EN | TR | Notes | -| --------------------- | ------------------------------------------------------ | ----------- | -| Welcome to Pangolin | Pangolin'e Hoşgeldiniz | | -| Log in to get started | Başlamak için giriş yapın | | -| Email | E-posta | | -| Enter your email | E-posta adresinizi girin | placeholder | -| Password | Şifre | | -| Enter your password | Şifrenizi girin | placeholder | -| Forgot your password? | Şifrenizi mi unuttunuz? | | -| Log in | Giriş Yap | | - ---- - -# Organization site after successful login - -| EN | TR | Notes | -| ----------------------------------------- | ------------------------------------------------------------------- | ----- | -| Welcome to Pangolin | Pangolin'e Hoşgeldiniz | | -| You're a member of {number} organization. | {number} organizasyonunun üyesiniz. | | - ---- - -## Shared Header, Navbar and Footer - -##### Header - -| EN | TR | Notes | -| ------------------- | -------------------------- | ----- | -| Documentation | Dokümantasyon | | -| Support | Destek | | -| Organization {name} | Organizasyon {name} | | - -##### Organization selector - -| EN | TR | Notes | -| ---------------- | ---------------------- | ----- | -| Search… | Ara… | | -| Create | Oluştur | | -| New Organization | Yeni Organizasyon | | -| Organizations | Organizasyonlar | | - -##### Navbar - -| EN | TR | Notes | -| --------------- | ------------------------------- | ----- | -| Sites | Siteler | | -| Resources | Kaynaklar | | -| User & Roles | Kullanıcılar ve Roller | | -| Shareable Links | Paylaşılabilir Linkler | | -| General | Genel | | - -##### Footer - -| EN | TR | Notes | -| ------------------------- | ------------------------------------------------ | -------------------- | -| Page {number} of {number} | Sayfa {number} / {number} | | -| Rows per page | Sayfa başına satırlar | | -| Pangolin | Pangolin | Footer'da yer alır | -| Built by Fossorial | Fossorial tarafından oluşturuldu | Footer'da yer alır | -| Open Source | Açık Kaynak | Footer'da yer alır | -| Documentation | Dokümantasyon | Footer'da yer alır | -| {version} | {version} | Footer'da yer alır | - ---- - -## Main “Sites” - -##### “Hero” section - -| EN | TR | Notes | -| ------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------- | ----- | -| Newt (Recommended) | Newt (Tavsiye Edilen) | | -| For the best user experience, use Newt. It uses WireGuard under the hood and allows you to address your private resources by their LAN address on your private network from within the Pangolin dashboard. | En iyi kullanıcı deneyimi için Newt'i kullanın. Newt, arka planda WireGuard kullanır ve Pangolin kontrol paneli üzerinden özel ağınızdaki kaynaklarınıza LAN adresleriyle erişmenizi sağlar. | | -| Runs in Docker | Docker üzerinde çalışır | | -| Runs in shell on macOS, Linux, and Windows | macOS, Linux ve Windows’ta komut satırında çalışır | | -| Install Newt | Newt'i Yükle | | -| Basic WireGuard
| Temel WireGuard
| | -| Compatible with all WireGuard clients
| Tüm WireGuard istemcileriyle uyumlu
| | -| Manual configuration required | Manuel yapılandırma gereklidir | | - -##### Content - -| EN | TR | Notes | -| --------------------------------------------------------- | --------------------------------------------------------------------------- | ------------ | -| Manage Sites | Siteleri Yönet | | -| Allow connectivity to your network through secure tunnels | Güvenli tüneller aracılığıyla ağınıza bağlantı sağlayın | | -| Search sites | Siteleri ara | placeholder | -| Add Site | Site Ekle | | -| Name | Ad | Table Header | -| Online | Çevrimiçi | Table Header | -| Site | Site | Table Header | -| Data In | Gelen Veri | Table Header | -| Data Out | Giden Veri | Table Header | -| Connection Type | Bağlantı Türü | Table Header | -| Online | Çevrimiçi | Site state | -| Offline | Çevrimdışı | Site state | -| Edit → | Düzenle → | | -| View settings | Ayarları Görüntüle | Popup | -| Delete | Sil | Popup | - -##### Add Site Popup - -| EN | TR | Notes | -| ------------------------------------------------------ | ------------------------------------------------------------------------------------------- | ----------- | -| Create Site | Site Oluştur | | -| Create a new site to start connection for this site | Bu site için bağlantıyı başlatmak amacıyla yeni bir site oluşturun | | -| Name | Ad | | -| Site name | Site adı | placeholder | -| This is the name that will be displayed for this site. | Bu, site için görüntülenecek addır. | desc | -| Method | Yöntem | | -| Local | Yerel | | -| Newt | Newt | | -| WireGuard | WireGuard | | -| This is how you will expose connections. | Bağlantılarınızı bu şekilde açığa çıkaracaksınız. | | -| You will only be able to see the configuration once. | Yapılandırmayı yalnızca bir kez görüntüleyebilirsiniz. | | -| Learn how to install Newt on your system | Sisteminizde Newt'in nasıl kurulacağını öğrenin | | -| I have copied the config | Yapılandırmayı kopyaladım | | -| Create Site | Site Oluştur | | -| Close | Kapat | | - ---- - -## Main “Resources” - -##### “Hero” section - -| EN | TR | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------ | ----- | -| Resources | Kaynaklar | | -| Ressourcen sind Proxy-Server für Anwendungen, die in Ihrem privaten Netzwerk laufen. Erstellen Sie eine Ressource für jede HTTP- oder HTTPS-Anwendung in Ihrem privaten Netzwerk. Jede Ressource muss mit einer Website verbunden sein, um eine private und sichere Verbindung über den verschlüsselten WireGuard-Tunnel zu ermöglichen. | Kaynaklar, özel ağınızda çalışan uygulamalar için proxy sunucularıdır. Özel ağınızdaki her HTTP veya HTTPS uygulaması için bir kaynak oluşturun. Her kaynağın, şifrelenmiş WireGuard tüneli üzerinden özel ve güvenli bağlantı sağlamak üzere bir siteyle ilişkili olması gerekir. | | -| Secure connectivity with WireGuard encryption | WireGuard şifrelemesiyle güvenli bağlantı | | -| Configure multiple authentication methods | Birden çok kimlik doğrulama yöntemini yapılandırın | | -| User and role-based access control | Kullanıcı ve role dayalı erişim kontrolü | | - -##### Content - -| EN | TR | Notes | -| -------------------------------------------------- | ------------------------------------------------------------- | -------------------- | -| Manage Resources | Kaynakları Yönet | | -| Create secure proxies to your private applications | Özel uygulamalarınız için güvenli proxy’ler oluşturun | | -| Search resources | Kaynakları ara | placeholder | -| Name | Ad | | -| Site | Site | | -| Full URL | Tam URL | | -| Authentication | Kimlik Doğrulama | | -| Not Protected | Korunmayan | authentication state | -| Protected | Korunan | authentication state | -| Edit → | Düzenle → | | -| Add Resource | Kaynak Ekle | | - -##### Add Resource Popup - -| EN | TR | Notes | -| ------------------------------------------------------------ | ----------------------------------------------------------------------------------------------- | ------------- | -| Create Resource | Kaynak Oluştur | | -| Create a new resource to proxy request to your app | Uygulamanıza gelen istekleri yönlendirmek için yeni bir kaynak oluşturun | | -| Name | Ad | | -| My Resource | Kaynağım | name placeholder | -| This is the name that will be displayed for this resource. | Bu, kaynağın görüntülenecek adıdır. | | -| Subdomain | Alt alan adı | | -| Enter subdomain | Alt alan adını girin | | -| This is the fully qualified domain name that will be used to access the resource. | Kaynağa erişmek için kullanılacak tam nitelikli alan adıdır. | | -| Site | Site | | -| Search site… | Site ara… | Site selector popup | -| This is the site that will be used in the dashboard. | Kontrol panelinde kullanılacak sitedir. | | -| Create Resource | Kaynak Oluştur | | -| Close | Kapat | | - ---- - -## Main “User & Roles” - -##### Content - -| EN | TR | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------------------------------------ | ----------------------------- | -| Manage User & Roles | Kullanıcılar ve Rolleri Yönet | | -| Invite users and add them to roles to manage access to your organization | Organizasyonunuza erişimi yönetmek için kullanıcıları davet edin ve rollere atayın | | -| Users | Kullanıcılar | sidebar item | -| Roles | Roller | sidebar item | -| **User tab** | **Kullanıcı Sekmesi** | | -| Search users | Kullanıcıları ara | placeholder | -| Invite User | Kullanıcı Davet Et | addbutton | -| Email | E-posta | table header | -| Status | Durum | table header | -| Role | Rol | table header | -| Confirmed | Onaylandı | account status | -| Not confirmed (?) | Onaylanmadı (?) | account status | -| Owner | Sahip | role | -| Admin | Yönetici | role | -| Member | Üye | role | -| **Roles Tab** | **Roller Sekmesi** | | -| Search roles | Rolleri ara | placeholder | -| Add Role | Rol Ekle | addbutton | -| Name | Ad | table header | -| Description | Açıklama | table header | -| Admin | Yönetici | role | -| Member | Üye | role | -| Admin role with the most permissions | En fazla yetkiye sahip yönetici rolü | admin role desc | -| Members can only view resources | Üyeler yalnızca kaynakları görüntüleyebilir | member role desc | - -##### Invite User popup - -| EN | TR | Notes | -| ----------------- | ----------------------------------------------------------------------- | ----------- | -| Invite User | Kullanıcı Davet Et | | -| Email | E-posta | | -| Enter an email | Bir e-posta adresi girin | placeholder | -| Role | Rol | | -| Select role | Rol seçin | placeholder | -| Gültig für | Geçerlilik Süresi | | -| 1 day | 1 gün | | -| 2 days | 2 gün | | -| 3 days | 3 gün | | -| 4 days | 4 gün | | -| 5 days | 5 gün | | -| 6 days | 6 gün | | -| 7 days | 7 gün | | -| Create Invitation | Davetiye Oluştur | | -| Close | Kapat | | - ---- - -## Main “Shareable Links” - -##### “Hero” section - -| EN | TR | Notes | -| ------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------- | ----- | -| Shareable Links | Paylaşılabilir Bağlantılar | | -| Create shareable links to your resources. Links provide temporary or unlimited access to your resource. You can configure the expiration duration of the link when you create one. | Kaynaklarınıza paylaşılabilir bağlantılar oluşturun. Bağlantılar, kaynağınıza geçici veya sınırsız erişim sağlar. Oluştururken bağlantının geçerlilik süresini ayarlayabilirsiniz. | | -| Easy to create and share | Oluşturması ve paylaşması kolay | | -| Configurable expiration duration | Yapılandırılabilir geçerlilik süresi | | -| Secure and revocable | Güvenli ve iptal edilebilir | | - -##### Content - -| EN | TR | Notes | -| ------------------------------------------------------------ | ---------------------------------------------------------------------------------------- | -------------- | -| Manage Shareable Links | Paylaşılabilir Bağlantıları Yönet | | -| Create shareable links to grant temporary or permanent access to your resources | Kaynaklarınıza geçici veya kalıcı erişim sağlamak için paylaşılabilir bağlantılar oluşturun | | -| Search links | Bağlantıları ara | placeholder | -| Create Share Link | Bağlantı Oluştur | addbutton | -| Resource | Kaynak | table header | -| Title | Başlık | table header | -| Created | Oluşturulma Tarihi | table header | -| Expires | Son Kullanma Tarihi | table header | -| No links. Create one to get started. | Bağlantı yok. Başlamak için bir tane oluşturun. | table placeholder | - -##### Create Shareable Link popup - -| EN | TR | Notes | -| ------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------- | ----------------------- | -| Create Shareable Link | Paylaşılabilir Bağlantı Oluştur | | -| Anyone with this link can access the resource | Bu bağlantıya sahip olan herkes kaynağa erişebilir | | -| Resource | Kaynak | | -| Select resource | Kaynak seçin | | -| Search resources… | Kaynak ara… | resource selector popup | -| Title (optional) | Başlık (isteğe bağlı) | | -| Enter title | Başlık girin | placeholder | -| Expire in | Sona Erme Süresi | | -| Minutes | Dakika | | -| Hours | Saat | | -| Days | Gün | | -| Months | Ay | | -| Years | Yıl | | -| Never expire | Asla sona erme | | -| Expiration time is how long the link will be usable and provide access to the resource. After this time, the link will no longer work, and users who used this link will lose access to the resource. | Bağlantının geçerlilik süresi, bağlantının ne kadar süreyle kullanılabilir olacağını ve kaynağa erişim sağlayacağını belirler. Bu sürenin sonunda bağlantı çalışmaz hale gelir ve bağlantıyı kullananlar kaynağa erişimini kaybeder. | | -| Create Link | Bağlantı Oluştur | | -| Close | Kapat | | - ---- - -## Main “General” - -| EN | TR | Notes | -| ------------------------------------------------------------ | ------------------------------------------------------------------------------------------- | ------------ | -| General | Genel | | -| Configure your organization’s general settings | Organizasyonunuzun genel ayarlarını yapılandırın | | -| General | Genel | sidebar item | -| Organization Settings | Organizasyon Ayarları | | -| Manage your organization details and configuration | Organizasyonunuzun detaylarını ve yapılandırmasını yönetin | | -| Name | Ad | | -| This is the display name of the org | Bu, organizasyonunuzun görüntülenecek adıdır. | | -| Save Settings | Ayarları Kaydet | | -| Danger Zone | Tehlikeli Bölge | | -| Once you delete this org, there is no going back. Please be certain. | Bu organizasyonu sildikten sonra geri dönüş yoktur. Lütfen emin olun. | | -| Delete Organization Data | Organizasyon Verilerini Sil | | diff --git a/messages/bg-BG.json b/messages/bg-BG.json new file mode 100644 index 00000000..d17c99f3 --- /dev/null +++ b/messages/bg-BG.json @@ -0,0 +1,1500 @@ +{ + "setupCreate": "Създайте своя организация, сайт и ресурси", + "setupNewOrg": "Нова организация", + "setupCreateOrg": "Създаване на организация", + "setupCreateResources": "Създаване на ресурси", + "setupOrgName": "Име на организацията", + "orgDisplayName": "Това е публичното име на вашата организация.", + "orgId": "Идентификатор на организация", + "setupIdentifierMessage": "Това е уникалният идентификатор на вашата организация. Това е различно от публичното ѝ име.", + "setupErrorIdentifier": "Идентификаторът на организация вече е зает. Моля, изберете друг.", + "componentsErrorNoMemberCreate": "В момента не сте част от организация. Създайте организация, за да продължите.", + "componentsErrorNoMember": "В момента не сте част от организация.", + "welcome": "Добре дошли!", + "welcomeTo": "Добре дошли в", + "componentsCreateOrg": "Създаване на организация", + "componentsMember": "Вие сте част от {count, plural, =0 {нула организации} one {една организация} other {# организации}}.", + "componentsInvalidKey": "Засечен е невалиден или изтекъл лиценз. Проверете лицензионните условия, за да се възползвате от всички функционалности.", + "dismiss": "Отхвърляне", + "componentsLicenseViolation": "Нарушение на лиценза: Сървърът използва {usedSites} сайта, което надвишава лицензионния лимит от {maxSites} сайта. Проверете лицензионните условия, за да се възползвате от всички функционалности.", + "componentsSupporterMessage": "Благодарим ви, че подкрепяте Pangolin като {tier}!", + "inviteErrorNotValid": "We're sorry, but it looks like the invite you're trying to access has not been accepted or is no longer valid.", + "inviteErrorUser": "We're sorry, but it looks like the invite you're trying to access is not for this user.", + "inviteLoginUser": "Please make sure you're logged in as the correct user.", + "inviteErrorNoUser": "We're sorry, but it looks like the invite you're trying to access is not for a user that exists.", + "inviteCreateUser": "Please create an account first.", + "goHome": "Go Home", + "inviteLogInOtherUser": "Log In as a Different User", + "createAnAccount": "Create an Account", + "inviteNotAccepted": "Invite Not Accepted", + "authCreateAccount": "Create an account to get started", + "authNoAccount": "Don't have an account?", + "email": "Имейл", + "password": "Парола", + "confirmPassword": "Потвърждение на паролата", + "createAccount": "Създаване на профил", + "viewSettings": "Преглед на настройките", + "delete": "Изтриване", + "name": "Име", + "online": "На линия", + "offline": "Извън линия", + "site": "Сайт", + "dataIn": "Входящ трафик", + "dataOut": "Изходящ трафик", + "connectionType": "Вид на връзката", + "tunnelType": "Вид на тунела", + "local": "Локална", + "edit": "Редактиране", + "siteConfirmDelete": "Потвърждение на изтриване на сайта", + "siteDelete": "Изтриване на сайта", + "siteMessageRemove": "Once removed, the site will no longer be accessible. All resources and targets associated with the site will also be removed.", + "siteMessageConfirm": "To confirm, please type the name of the site below.", + "siteQuestionRemove": "Are you sure you want to remove the site {selectedSite} from the organization?", + "siteManageSites": "Manage Sites", + "siteDescription": "Allow connectivity to your network through secure tunnels", + "siteCreate": "Create Site", + "siteCreateDescription2": "Follow the steps below to create and connect a new site", + "siteCreateDescription": "Create a new site to start connecting your resources", + "close": "Close", + "siteErrorCreate": "Error creating site", + "siteErrorCreateKeyPair": "Key pair or site defaults not found", + "siteErrorCreateDefaults": "Site defaults not found", + "method": "Method", + "siteMethodDescription": "This is how you will expose connections.", + "siteLearnNewt": "Learn how to install Newt on your system", + "siteSeeConfigOnce": "You will only be able to see the configuration once.", + "siteLoadWGConfig": "Loading WireGuard configuration...", + "siteDocker": "Expand for Docker Deployment Details", + "toggle": "Toggle", + "dockerCompose": "Docker Compose", + "dockerRun": "Docker Run", + "siteLearnLocal": "Local sites do not tunnel, learn more", + "siteConfirmCopy": "I have copied the config", + "searchSitesProgress": "Search sites...", + "siteAdd": "Add Site", + "siteInstallNewt": "Install Newt", + "siteInstallNewtDescription": "Get Newt running on your system", + "WgConfiguration": "WireGuard Configuration", + "WgConfigurationDescription": "Use the following configuration to connect to your network", + "operatingSystem": "Operating System", + "commands": "Commands", + "recommended": "Recommended", + "siteNewtDescription": "For the best user experience, use Newt. It uses WireGuard under the hood and allows you to address your private resources by their LAN address on your private network from within the Pangolin dashboard.", + "siteRunsInDocker": "Runs in Docker", + "siteRunsInShell": "Runs in shell on macOS, Linux, and Windows", + "siteErrorDelete": "Error deleting site", + "siteErrorUpdate": "Failed to update site", + "siteErrorUpdateDescription": "An error occurred while updating the site.", + "siteUpdated": "Сайтът е обновен", + "siteUpdatedDescription": "The site has been updated.", + "siteGeneralDescription": "Configure the general settings for this site", + "siteSettingDescription": "Configure the settings on your site", + "siteSetting": "{siteName} Settings", + "siteNewtTunnel": "Newt Tunnel (Recommended)", + "siteNewtTunnelDescription": "Easiest way to create an entrypoint into your network. No extra setup.", + "siteWg": "Basic WireGuard", + "siteWgDescription": "Use any WireGuard client to establish a tunnel. Manual NAT setup required.", + "siteWgDescriptionSaas": "Use any WireGuard client to establish a tunnel. Manual NAT setup required. ONLY WORKS ON SELF HOSTED NODES", + "siteLocalDescription": "Local resources only. No tunneling.", + "siteLocalDescriptionSaas": "Local resources only. No tunneling. ONLY WORKS ON SELF HOSTED NODES", + "siteSeeAll": "See All Sites", + "siteTunnelDescription": "Determine how you want to connect to your site", + "siteNewtCredentials": "Newt Credentials", + "siteNewtCredentialsDescription": "This is how Newt will authenticate with the server", + "siteCredentialsSave": "Save Your Credentials", + "siteCredentialsSaveDescription": "You will only be able to see this once. Make sure to copy it to a secure place.", + "siteInfo": "Site Information", + "status": "Status", + "shareTitle": "Manage Share Links", + "shareDescription": "Create shareable links to grant temporary or permanent access to your resources", + "shareSearch": "Search share links...", + "shareCreate": "Create Share Link", + "shareErrorDelete": "Failed to delete link", + "shareErrorDeleteMessage": "An error occurred deleting link", + "shareDeleted": "Link deleted", + "shareDeletedDescription": "The link has been deleted", + "shareTokenDescription": "Your access token can be passed in two ways: as a query parameter or in the request headers. These must be passed from the client on every request for authenticated access.", + "accessToken": "Access Token", + "usageExamples": "Usage Examples", + "tokenId": "Token ID", + "requestHeades": "Request Headers", + "queryParameter": "Query Parameter", + "importantNote": "Important Note", + "shareImportantDescription": "For security reasons, using headers is recommended over query parameters when possible, as query parameters may be logged in server logs or browser history.", + "token": "Token", + "shareTokenSecurety": "Keep your access token secure. Do not share it in publicly accessible areas or client-side code.", + "shareErrorFetchResource": "Failed to fetch resources", + "shareErrorFetchResourceDescription": "An error occurred while fetching the resources", + "shareErrorCreate": "Failed to create share link", + "shareErrorCreateDescription": "An error occurred while creating the share link", + "shareCreateDescription": "Anyone with this link can access the resource", + "shareTitleOptional": "Title (optional)", + "expireIn": "Expire In", + "neverExpire": "Never expire", + "shareExpireDescription": "Expiration time is how long the link will be usable and provide access to the resource. After this time, the link will no longer work, and users who used this link will lose access to the resource.", + "shareSeeOnce": "You will only be able to see this linkonce. Make sure to copy it.", + "shareAccessHint": "Anyone with this link can access the resource. Share it with care.", + "shareTokenUsage": "See Access Token Usage", + "createLink": "Create Link", + "resourcesNotFound": "No resources found", + "resourceSearch": "Search resources", + "openMenu": "Open menu", + "resource": "Resource", + "title": "Title", + "created": "Created", + "expires": "Expires", + "never": "Never", + "shareErrorSelectResource": "Please select a resource", + "resourceTitle": "Manage Resources", + "resourceDescription": "Create secure proxies to your private applications", + "resourcesSearch": "Search resources...", + "resourceAdd": "Add Resource", + "resourceErrorDelte": "Error deleting resource", + "authentication": "Authentication", + "protected": "Protected", + "notProtected": "Not Protected", + "resourceMessageRemove": "Once removed, the resource will no longer be accessible. All targets associated with the resource will also be removed.", + "resourceMessageConfirm": "To confirm, please type the name of the resource below.", + "resourceQuestionRemove": "Are you sure you want to remove the resource {selectedResource} from the organization?", + "resourceHTTP": "HTTPS Resource", + "resourceHTTPDescription": "Proxy requests to your app over HTTPS using a subdomain or base domain.", + "resourceRaw": "Raw TCP/UDP Resource", + "resourceRawDescription": "Proxy requests to your app over TCP/UDP using a port number.", + "resourceCreate": "Create Resource", + "resourceCreateDescription": "Follow the steps below to create a new resource", + "resourceSeeAll": "See All Resources", + "resourceInfo": "Resource Information", + "resourceNameDescription": "This is the display name for the resource.", + "siteSelect": "Select site", + "siteSearch": "Search site", + "siteNotFound": "No site found.", + "siteSelectionDescription": "This site will provide connectivity to the target.", + "resourceType": "Resource Type", + "resourceTypeDescription": "Determine how you want to access your resource", + "resourceHTTPSSettings": "HTTPS Settings", + "resourceHTTPSSettingsDescription": "Configure how your resource will be accessed over HTTPS", + "domainType": "Domain Type", + "subdomain": "Subdomain", + "baseDomain": "Base Domain", + "subdomnainDescription": "The subdomain where your resource will be accessible.", + "resourceRawSettings": "TCP/UDP Settings", + "resourceRawSettingsDescription": "Configure how your resource will be accessed over TCP/UDP", + "protocol": "Protocol", + "protocolSelect": "Select a protocol", + "resourcePortNumber": "Port Number", + "resourcePortNumberDescription": "The external port number to proxy requests.", + "cancel": "Cancel", + "resourceConfig": "Configuration Snippets", + "resourceConfigDescription": "Copy and paste these configuration snippets to set up your TCP/UDP resource", + "resourceAddEntrypoints": "Traefik: Add Entrypoints", + "resourceExposePorts": "Gerbil: Expose Ports in Docker Compose", + "resourceLearnRaw": "Learn how to configure TCP/UDP resources", + "resourceBack": "Back to Resources", + "resourceGoTo": "Go to Resource", + "resourceDelete": "Delete Resource", + "resourceDeleteConfirm": "Confirm Delete Resource", + "visibility": "Visibility", + "enabled": "Enabled", + "disabled": "Disabled", + "general": "General", + "generalSettings": "General Settings", + "proxy": "Proxy", + "internal": "Internal", + "rules": "Rules", + "resourceSettingDescription": "Configure the settings on your resource", + "resourceSetting": "{resourceName} Settings", + "alwaysAllow": "Always Allow", + "alwaysDeny": "Always Deny", + "passToAuth": "Pass to Auth", + "orgSettingsDescription": "Configure your organization's general settings", + "orgGeneralSettings": "Organization Settings", + "orgGeneralSettingsDescription": "Manage your organization details and configuration", + "saveGeneralSettings": "Save General Settings", + "saveSettings": "Save Settings", + "orgDangerZone": "Danger Zone", + "orgDangerZoneDescription": "Once you delete this org, there is no going back. Please be certain.", + "orgDelete": "Delete Organization", + "orgDeleteConfirm": "Confirm Delete Organization", + "orgMessageRemove": "This action is irreversible and will delete all associated data.", + "orgMessageConfirm": "To confirm, please type the name of the organization below.", + "orgQuestionRemove": "Are you sure you want to remove the organization {selectedOrg}?", + "orgUpdated": "Organization updated", + "orgUpdatedDescription": "The organization has been updated.", + "orgErrorUpdate": "Failed to update organization", + "orgErrorUpdateMessage": "An error occurred while updating the organization.", + "orgErrorFetch": "Failed to fetch organizations", + "orgErrorFetchMessage": "An error occurred while listing your organizations", + "orgErrorDelete": "Failed to delete organization", + "orgErrorDeleteMessage": "An error occurred while deleting the organization.", + "orgDeleted": "Organization deleted", + "orgDeletedMessage": "The organization and its data has been deleted.", + "orgMissing": "Organization ID Missing", + "orgMissingMessage": "Unable to regenerate invitation without an organization ID.", + "accessUsersManage": "Manage Users", + "accessUsersDescription": "Invite users and add them to roles to manage access to your organization", + "accessUsersSearch": "Search users...", + "accessUserCreate": "Create User", + "accessUserRemove": "Remove User", + "username": "Username", + "identityProvider": "Identity Provider", + "role": "Role", + "nameRequired": "Name is required", + "accessRolesManage": "Manage Roles", + "accessRolesDescription": "Configure roles to manage access to your organization", + "accessRolesSearch": "Search roles...", + "accessRolesAdd": "Add Role", + "accessRoleDelete": "Delete Role", + "description": "Description", + "inviteTitle": "Open Invitations", + "inviteDescription": "Manage your invitations to other users", + "inviteSearch": "Search invitations...", + "minutes": "Minutes", + "hours": "Hours", + "days": "Days", + "weeks": "Weeks", + "months": "Months", + "years": "Years", + "day": "{count, plural, one {# day} other {# days}}", + "apiKeysTitle": "API Key Information", + "apiKeysConfirmCopy2": "You must confirm that you have copied the API key.", + "apiKeysErrorCreate": "Error creating API key", + "apiKeysErrorSetPermission": "Error setting permissions", + "apiKeysCreate": "Generate API Key", + "apiKeysCreateDescription": "Generate a new API key for your organization", + "apiKeysGeneralSettings": "Permissions", + "apiKeysGeneralSettingsDescription": "Determine what this API key can do", + "apiKeysList": "Your API Key", + "apiKeysSave": "Save Your API Key", + "apiKeysSaveDescription": "You will only be able to see this once. Make sure to copy it to a secure place.", + "apiKeysInfo": "Your API key is:", + "apiKeysConfirmCopy": "I have copied the API key", + "generate": "Generate", + "done": "Done", + "apiKeysSeeAll": "See All API Keys", + "apiKeysPermissionsErrorLoadingActions": "Error loading API key actions", + "apiKeysPermissionsErrorUpdate": "Error setting permissions", + "apiKeysPermissionsUpdated": "Permissions updated", + "apiKeysPermissionsUpdatedDescription": "The permissions have been updated.", + "apiKeysPermissionsGeneralSettings": "Permissions", + "apiKeysPermissionsGeneralSettingsDescription": "Determine what this API key can do", + "apiKeysPermissionsSave": "Save Permissions", + "apiKeysPermissionsTitle": "Permissions", + "apiKeys": "API Keys", + "searchApiKeys": "Search API keys...", + "apiKeysAdd": "Generate API Key", + "apiKeysErrorDelete": "Error deleting API key", + "apiKeysErrorDeleteMessage": "Error deleting API key", + "apiKeysQuestionRemove": "Are you sure you want to remove the API key {selectedApiKey} from the organization?", + "apiKeysMessageRemove": "Once removed, the API key will no longer be able to be used.", + "apiKeysMessageConfirm": "To confirm, please type the name of the API key below.", + "apiKeysDeleteConfirm": "Confirm Delete API Key", + "apiKeysDelete": "Delete API Key", + "apiKeysManage": "Manage API Keys", + "apiKeysDescription": "API keys are used to authenticate with the integration API", + "apiKeysSettings": "{apiKeyName} Settings", + "userTitle": "Manage All Users", + "userDescription": "View and manage all users in the system", + "userAbount": "About User Management", + "userAbountDescription": "This table displays all root user objects in the system. Each user may belong to multiple organizations. Removing a user from an organization does not delete their root user object - they will remain in the system. To completely remove a user from the system, you must delete their root user object using the delete action in this table.", + "userServer": "Server Users", + "userSearch": "Search server users...", + "userErrorDelete": "Error deleting user", + "userDeleteConfirm": "Confirm Delete User", + "userDeleteServer": "Delete User from Server", + "userMessageRemove": "The user will be removed from all organizations and be completely removed from the server.", + "userMessageConfirm": "To confirm, please type the name of the user below.", + "userQuestionRemove": "Are you sure you want to permanently delete {selectedUser} from the server?", + "licenseKey": "License Key", + "valid": "Valid", + "numberOfSites": "Number of Sites", + "licenseKeySearch": "Search license keys...", + "licenseKeyAdd": "Add License Key", + "type": "Type", + "licenseKeyRequired": "License key is required", + "licenseTermsAgree": "You must agree to the license terms", + "licenseErrorKeyLoad": "Failed to load license keys", + "licenseErrorKeyLoadDescription": "An error occurred loading license keys.", + "licenseErrorKeyDelete": "Failed to delete license key", + "licenseErrorKeyDeleteDescription": "An error occurred deleting license key.", + "licenseKeyDeleted": "License key deleted", + "licenseKeyDeletedDescription": "The license key has been deleted.", + "licenseErrorKeyActivate": "Failed to activate license key", + "licenseErrorKeyActivateDescription": "An error occurred while activating the license key.", + "licenseAbout": "About Licensing", + "communityEdition": "Community Edition", + "licenseAboutDescription": "This is for business and enterprise users who are using Pangolin in a commercial environment. If you are using Pangolin for personal use, you can ignore this section.", + "licenseKeyActivated": "License key activated", + "licenseKeyActivatedDescription": "The license key has been successfully activated.", + "licenseErrorKeyRecheck": "Failed to recheck license keys", + "licenseErrorKeyRecheckDescription": "An error occurred rechecking license keys.", + "licenseErrorKeyRechecked": "License keys rechecked", + "licenseErrorKeyRecheckedDescription": "All license keys have been rechecked", + "licenseActivateKey": "Activate License Key", + "licenseActivateKeyDescription": "Enter a license key to activate it.", + "licenseActivate": "Activate License", + "licenseAgreement": "By checking this box, you confirm that you have read and agree to the license terms corresponding to the tier associated with your license key.", + "fossorialLicense": "View Fossorial Commercial License & Subscription Terms", + "licenseMessageRemove": "This will remove the license key and all associated permissions granted by it.", + "licenseMessageConfirm": "To confirm, please type the license key below.", + "licenseQuestionRemove": "Are you sure you want to delete the license key {selectedKey} ?", + "licenseKeyDelete": "Delete License Key", + "licenseKeyDeleteConfirm": "Confirm Delete License Key", + "licenseTitle": "Manage License Status", + "licenseTitleDescription": "View and manage license keys in the system", + "licenseHost": "Host License", + "licenseHostDescription": "Manage the main license key for the host.", + "licensedNot": "Not Licensed", + "hostId": "Host ID", + "licenseReckeckAll": "Recheck All Keys", + "licenseSiteUsage": "Sites Usage", + "licenseSiteUsageDecsription": "View the number of sites using this license.", + "licenseNoSiteLimit": "There is no limit on the number of sites using an unlicensed host.", + "licensePurchase": "Purchase License", + "licensePurchaseSites": "Purchase Additional Sites", + "licenseSitesUsedMax": "{usedSites} of {maxSites} sites used", + "licenseSitesUsed": "{count, plural, =0 {# sites} one {# site} other {# sites}} in system.", + "licensePurchaseDescription": "Choose how many sites you want to {selectedMode, select, license {purchase a license for. You can always add more sites later.} other {add to your existing license.}}", + "licenseFee": "License fee", + "licensePriceSite": "Price per site", + "total": "Total", + "licenseContinuePayment": "Continue to Payment", + "pricingPage": "pricing page", + "pricingPortal": "See Purchase Portal", + "licensePricingPage": "For the most up-to-date pricing and discounts, please visit the ", + "invite": "Invitations", + "inviteRegenerate": "Regenerate Invitation", + "inviteRegenerateDescription": "Revoke previous invitation and create a new one", + "inviteRemove": "Remove Invitation", + "inviteRemoveError": "Failed to remove invitation", + "inviteRemoveErrorDescription": "An error occurred while removing the invitation.", + "inviteRemoved": "Invitation removed", + "inviteRemovedDescription": "The invitation for {email} has been removed.", + "inviteQuestionRemove": "Are you sure you want to remove the invitation {email}?", + "inviteMessageRemove": "Once removed, this invitation will no longer be valid. You can always re-invite the user later.", + "inviteMessageConfirm": "To confirm, please type the email address of the invitation below.", + "inviteQuestionRegenerate": "Are you sure you want to regenerate the invitation for {email}? This will revoke the previous invitation.", + "inviteRemoveConfirm": "Confirm Remove Invitation", + "inviteRegenerated": "Invitation Regenerated", + "inviteSent": "A new invitation has been sent to {email}.", + "inviteSentEmail": "Send email notification to the user", + "inviteGenerate": "A new invitation has been generated for {email}.", + "inviteDuplicateError": "Duplicate Invite", + "inviteDuplicateErrorDescription": "An invitation for this user already exists.", + "inviteRateLimitError": "Rate Limit Exceeded", + "inviteRateLimitErrorDescription": "You have exceeded the limit of 3 regenerations per hour. Please try again later.", + "inviteRegenerateError": "Failed to Regenerate Invitation", + "inviteRegenerateErrorDescription": "An error occurred while regenerating the invitation.", + "inviteValidityPeriod": "Validity Period", + "inviteValidityPeriodSelect": "Select validity period", + "inviteRegenerateMessage": "The invitation has been regenerated. The user must access the link below to accept the invitation.", + "inviteRegenerateButton": "Regenerate", + "expiresAt": "Expires At", + "accessRoleUnknown": "Unknown Role", + "placeholder": "Placeholder", + "userErrorOrgRemove": "Failed to remove user", + "userErrorOrgRemoveDescription": "An error occurred while removing the user.", + "userOrgRemoved": "User removed", + "userOrgRemovedDescription": "The user {email} has been removed from the organization.", + "userQuestionOrgRemove": "Are you sure you want to remove {email} from the organization?", + "userMessageOrgRemove": "Once removed, this user will no longer have access to the organization. You can always re-invite them later, but they will need to accept the invitation again.", + "userMessageOrgConfirm": "To confirm, please type the name of the of the user below.", + "userRemoveOrgConfirm": "Confirm Remove User", + "userRemoveOrg": "Remove User from Organization", + "users": "Users", + "accessRoleMember": "Member", + "accessRoleOwner": "Owner", + "userConfirmed": "Confirmed", + "idpNameInternal": "Internal", + "emailInvalid": "Invalid email address", + "inviteValidityDuration": "Please select a duration", + "accessRoleSelectPlease": "Please select a role", + "usernameRequired": "Username is required", + "idpSelectPlease": "Please select an identity provider", + "idpGenericOidc": "Generic OAuth2/OIDC provider.", + "accessRoleErrorFetch": "Failed to fetch roles", + "accessRoleErrorFetchDescription": "An error occurred while fetching the roles", + "idpErrorFetch": "Failed to fetch identity providers", + "idpErrorFetchDescription": "An error occurred while fetching identity providers", + "userErrorExists": "User Already Exists", + "userErrorExistsDescription": "This user is already a member of the organization.", + "inviteError": "Failed to invite user", + "inviteErrorDescription": "An error occurred while inviting the user", + "userInvited": "User invited", + "userInvitedDescription": "The user has been successfully invited.", + "userErrorCreate": "Failed to create user", + "userErrorCreateDescription": "An error occurred while creating the user", + "userCreated": "User created", + "userCreatedDescription": "The user has been successfully created.", + "userTypeInternal": "Internal User", + "userTypeInternalDescription": "Invite a user to join your organization directly.", + "userTypeExternal": "External User", + "userTypeExternalDescription": "Create a user with an external identity provider.", + "accessUserCreateDescription": "Follow the steps below to create a new user", + "userSeeAll": "See All Users", + "userTypeTitle": "User Type", + "userTypeDescription": "Determine how you want to create the user", + "userSettings": "User Information", + "userSettingsDescription": "Enter the details for the new user", + "inviteEmailSent": "Send invite email to user", + "inviteValid": "Valid For", + "selectDuration": "Select duration", + "accessRoleSelect": "Select role", + "inviteEmailSentDescription": "An email has been sent to the user with the access link below. They must access the link to accept the invitation.", + "inviteSentDescription": "The user has been invited. They must access the link below to accept the invitation.", + "inviteExpiresIn": "The invite will expire in {days, plural, one {# day} other {# days}}.", + "idpTitle": "Identity Provider", + "idpSelect": "Select the identity provider for the external user", + "idpNotConfigured": "No identity providers are configured. Please configure an identity provider before creating external users.", + "usernameUniq": "This must match the unique username that exists in the selected identity provider.", + "emailOptional": "Email (Optional)", + "nameOptional": "Name (Optional)", + "accessControls": "Access Controls", + "userDescription2": "Manage the settings on this user", + "accessRoleErrorAdd": "Failed to add user to role", + "accessRoleErrorAddDescription": "An error occurred while adding user to the role.", + "userSaved": "User saved", + "userSavedDescription": "The user has been updated.", + "accessControlsDescription": "Manage what this user can access and do in the organization", + "accessControlsSubmit": "Save Access Controls", + "roles": "Roles", + "accessUsersRoles": "Manage Users & Roles", + "accessUsersRolesDescription": "Invite users and add them to roles to manage access to your organization", + "key": "Key", + "createdAt": "Created At", + "proxyErrorInvalidHeader": "Invalid custom Host Header value. Use domain name format, or save empty to unset custom Host Header.", + "proxyErrorTls": "Invalid TLS Server Name. Use domain name format, or save empty to remove the TLS Server Name.", + "proxyEnableSSL": "Enable SSL (https)", + "targetErrorFetch": "Failed to fetch targets", + "targetErrorFetchDescription": "An error occurred while fetching targets", + "siteErrorFetch": "Failed to fetch resource", + "siteErrorFetchDescription": "An error occurred while fetching resource", + "targetErrorDuplicate": "Duplicate target", + "targetErrorDuplicateDescription": "A target with these settings already exists", + "targetWireGuardErrorInvalidIp": "Invalid target IP", + "targetWireGuardErrorInvalidIpDescription": "Target IP must be within the site subnet", + "targetsUpdated": "Targets updated", + "targetsUpdatedDescription": "Targets and settings updated successfully", + "targetsErrorUpdate": "Failed to update targets", + "targetsErrorUpdateDescription": "An error occurred while updating targets", + "targetTlsUpdate": "TLS settings updated", + "targetTlsUpdateDescription": "Your TLS settings have been updated successfully", + "targetErrorTlsUpdate": "Failed to update TLS settings", + "targetErrorTlsUpdateDescription": "An error occurred while updating TLS settings", + "proxyUpdated": "Proxy settings updated", + "proxyUpdatedDescription": "Your proxy settings have been updated successfully", + "proxyErrorUpdate": "Failed to update proxy settings", + "proxyErrorUpdateDescription": "An error occurred while updating proxy settings", + "targetAddr": "IP / Hostname", + "targetPort": "Port", + "targetProtocol": "Protocol", + "targetTlsSettings": "Secure Connection Configuration", + "targetTlsSettingsDescription": "Configure SSL/TLS settings for your resource", + "targetTlsSettingsAdvanced": "Advanced TLS Settings", + "targetTlsSni": "TLS Server Name (SNI)", + "targetTlsSniDescription": "The TLS Server Name to use for SNI. Leave empty to use the default.", + "targetTlsSubmit": "Save Settings", + "targets": "Targets Configuration", + "targetsDescription": "Set up targets to route traffic to your backend services", + "targetStickySessions": "Enable Sticky Sessions", + "targetStickySessionsDescription": "Keep connections on the same backend target for their entire session.", + "methodSelect": "Select method", + "targetSubmit": "Add Target", + "targetNoOne": "No targets. Add a target using the form.", + "targetNoOneDescription": "Adding more than one target above will enable load balancing.", + "targetsSubmit": "Save Targets", + "proxyAdditional": "Additional Proxy Settings", + "proxyAdditionalDescription": "Configure how your resource handles proxy settings", + "proxyCustomHeader": "Custom Host Header", + "proxyCustomHeaderDescription": "The host header to set when proxying requests. Leave empty to use the default.", + "proxyAdditionalSubmit": "Save Proxy Settings", + "subnetMaskErrorInvalid": "Invalid subnet mask. Must be between 0 and 32.", + "ipAddressErrorInvalidFormat": "Invalid IP address format", + "ipAddressErrorInvalidOctet": "Invalid IP address octet", + "path": "Path", + "ipAddressRange": "IP Range", + "rulesErrorFetch": "Failed to fetch rules", + "rulesErrorFetchDescription": "An error occurred while fetching rules", + "rulesErrorDuplicate": "Duplicate rule", + "rulesErrorDuplicateDescription": "A rule with these settings already exists", + "rulesErrorInvalidIpAddressRange": "Invalid CIDR", + "rulesErrorInvalidIpAddressRangeDescription": "Please enter a valid CIDR value", + "rulesErrorInvalidUrl": "Invalid URL path", + "rulesErrorInvalidUrlDescription": "Please enter a valid URL path value", + "rulesErrorInvalidIpAddress": "Invalid IP", + "rulesErrorInvalidIpAddressDescription": "Please enter a valid IP address", + "rulesErrorUpdate": "Failed to update rules", + "rulesErrorUpdateDescription": "An error occurred while updating rules", + "rulesUpdated": "Enable Rules", + "rulesUpdatedDescription": "Rule evaluation has been updated", + "rulesMatchIpAddressRangeDescription": "Enter an address in CIDR format (e.g., 103.21.244.0/22)", + "rulesMatchIpAddress": "Enter an IP address (e.g., 103.21.244.12)", + "rulesMatchUrl": "Enter a URL path or pattern (e.g., /api/v1/todos or /api/v1/*)", + "rulesErrorInvalidPriority": "Invalid Priority", + "rulesErrorInvalidPriorityDescription": "Please enter a valid priority", + "rulesErrorDuplicatePriority": "Duplicate Priorities", + "rulesErrorDuplicatePriorityDescription": "Please enter unique priorities", + "ruleUpdated": "Rules updated", + "ruleUpdatedDescription": "Rules updated successfully", + "ruleErrorUpdate": "Operation failed", + "ruleErrorUpdateDescription": "An error occurred during the save operation", + "rulesPriority": "Priority", + "rulesAction": "Action", + "rulesMatchType": "Match Type", + "value": "Value", + "rulesAbout": "About Rules", + "rulesAboutDescription": "Rules allow you to control access to your resource based on a set of criteria. You can create rules to allow or deny access based on IP address or URL path.", + "rulesActions": "Actions", + "rulesActionAlwaysAllow": "Always Allow: Bypass all authentication methods", + "rulesActionAlwaysDeny": "Always Deny: Block all requests; no authentication can be attempted", + "rulesActionPassToAuth": "Pass to Auth: Allow authentication methods to be attempted", + "rulesMatchCriteria": "Matching Criteria", + "rulesMatchCriteriaIpAddress": "Match a specific IP address", + "rulesMatchCriteriaIpAddressRange": "Match a range of IP addresses in CIDR notation", + "rulesMatchCriteriaUrl": "Match a URL path or pattern", + "rulesEnable": "Enable Rules", + "rulesEnableDescription": "Enable or disable rule evaluation for this resource", + "rulesResource": "Resource Rules Configuration", + "rulesResourceDescription": "Configure rules to control access to your resource", + "ruleSubmit": "Add Rule", + "rulesNoOne": "No rules. Add a rule using the form.", + "rulesOrder": "Rules are evaluated by priority in ascending order.", + "rulesSubmit": "Save Rules", + "resourceErrorCreate": "Error creating resource", + "resourceErrorCreateDescription": "An error occurred when creating the resource", + "resourceErrorCreateMessage": "Error creating resource:", + "resourceErrorCreateMessageDescription": "An unexpected error occurred", + "sitesErrorFetch": "Error fetching sites", + "sitesErrorFetchDescription": "An error occurred when fetching the sites", + "domainsErrorFetch": "Error fetching domains", + "domainsErrorFetchDescription": "An error occurred when fetching the domains", + "none": "None", + "unknown": "Unknown", + "resources": "Resources", + "resourcesDescription": "Resources are proxies to applications running on your private network. Create a resource for any HTTP/HTTPS or raw TCP/UDP service on your private network. Each resource must be connected to a site to enable private, secure connectivity through an encrypted WireGuard tunnel.", + "resourcesWireGuardConnect": "Secure connectivity with WireGuard encryption", + "resourcesMultipleAuthenticationMethods": "Configure multiple authentication methods", + "resourcesUsersRolesAccess": "User and role-based access control", + "resourcesErrorUpdate": "Failed to toggle resource", + "resourcesErrorUpdateDescription": "An error occurred while updating the resource", + "access": "Access", + "shareLink": "{resource} Share Link", + "resourceSelect": "Select resource", + "shareLinks": "Share Links", + "share": "Shareable Links", + "shareDescription2": "Create shareable links to your resources. Links provide temporary or unlimited access to your resource. You can configure the expiration duration of the link when you create one.", + "shareEasyCreate": "Easy to create and share", + "shareConfigurableExpirationDuration": "Configurable expiration duration", + "shareSecureAndRevocable": "Secure and revocable", + "nameMin": "Name must be at least {len} characters.", + "nameMax": "Name must not be longer than {len} characters.", + "sitesConfirmCopy": "Please confirm that you have copied the config.", + "unknownCommand": "Unknown command", + "newtErrorFetchReleases": "Failed to fetch release info: {err}", + "newtErrorFetchLatest": "Error fetching latest release: {err}", + "newtEndpoint": "Newt Endpoint", + "newtId": "Newt ID", + "newtSecretKey": "Newt Secret Key", + "architecture": "Architecture", + "sites": "Sites", + "siteWgAnyClients": "Use any WireGuard client to connect. You will have to address your internal resources using the peer IP.", + "siteWgCompatibleAllClients": "Compatible with all WireGuard clients", + "siteWgManualConfigurationRequired": "Manual configuration required", + "userErrorNotAdminOrOwner": "User is not an admin or owner", + "pangolinSettings": "Settings - Pangolin", + "accessRoleYour": "Your role:", + "accessRoleSelect2": "Select a role", + "accessUserSelect": "Select a user", + "otpEmailEnter": "Enter an email", + "otpEmailEnterDescription": "Press enter to add an email after typing it in the input field.", + "otpEmailErrorInvalid": "Invalid email address. Wildcard (*) must be the entire local part.", + "otpEmailSmtpRequired": "SMTP Required", + "otpEmailSmtpRequiredDescription": "SMTP must be enabled on the server to use one-time password authentication.", + "otpEmailTitle": "One-time Passwords", + "otpEmailTitleDescription": "Require email-based authentication for resource access", + "otpEmailWhitelist": "Email Whitelist", + "otpEmailWhitelistList": "Whitelisted Emails", + "otpEmailWhitelistListDescription": "Only users with these email addresses will be able to access this resource. They will be prompted to enter a one-time password sent to their email. Wildcards (*@example.com) can be used to allow any email address from a domain.", + "otpEmailWhitelistSave": "Save Whitelist", + "passwordAdd": "Add Password", + "passwordRemove": "Remove Password", + "pincodeAdd": "Add PIN Code", + "pincodeRemove": "Remove PIN Code", + "resourceAuthMethods": "Authentication Methods", + "resourceAuthMethodsDescriptions": "Allow access to the resource via additional auth methods", + "resourceAuthSettingsSave": "Saved successfully", + "resourceAuthSettingsSaveDescription": "Authentication settings have been saved", + "resourceErrorAuthFetch": "Failed to fetch data", + "resourceErrorAuthFetchDescription": "An error occurred while fetching the data", + "resourceErrorPasswordRemove": "Error removing resource password", + "resourceErrorPasswordRemoveDescription": "An error occurred while removing the resource password", + "resourceErrorPasswordSetup": "Error setting resource password", + "resourceErrorPasswordSetupDescription": "An error occurred while setting the resource password", + "resourceErrorPincodeRemove": "Error removing resource pincode", + "resourceErrorPincodeRemoveDescription": "An error occurred while removing the resource pincode", + "resourceErrorPincodeSetup": "Error setting resource PIN code", + "resourceErrorPincodeSetupDescription": "An error occurred while setting the resource PIN code", + "resourceErrorUsersRolesSave": "Failed to set roles", + "resourceErrorUsersRolesSaveDescription": "An error occurred while setting the roles", + "resourceErrorWhitelistSave": "Failed to save whitelist", + "resourceErrorWhitelistSaveDescription": "An error occurred while saving the whitelist", + "resourcePasswordSubmit": "Enable Password Protection", + "resourcePasswordProtection": "Password Protection {status}", + "resourcePasswordRemove": "Resource password removed", + "resourcePasswordRemoveDescription": "The resource password has been removed successfully", + "resourcePasswordSetup": "Resource password set", + "resourcePasswordSetupDescription": "The resource password has been set successfully", + "resourcePasswordSetupTitle": "Set Password", + "resourcePasswordSetupTitleDescription": "Set a password to protect this resource", + "resourcePincode": "PIN Code", + "resourcePincodeSubmit": "Enable PIN Code Protection", + "resourcePincodeProtection": "PIN Code Protection {status}", + "resourcePincodeRemove": "Resource pincode removed", + "resourcePincodeRemoveDescription": "The resource password has been removed successfully", + "resourcePincodeSetup": "Resource PIN code set", + "resourcePincodeSetupDescription": "The resource pincode has been set successfully", + "resourcePincodeSetupTitle": "Set Pincode", + "resourcePincodeSetupTitleDescription": "Set a pincode to protect this resource", + "resourceRoleDescription": "Admins can always access this resource.", + "resourceUsersRoles": "Users & Roles", + "resourceUsersRolesDescription": "Configure which users and roles can visit this resource", + "resourceUsersRolesSubmit": "Save Users & Roles", + "resourceWhitelistSave": "Saved successfully", + "resourceWhitelistSaveDescription": "Whitelist settings have been saved", + "ssoUse": "Use Platform SSO", + "ssoUseDescription": "Existing users will only have to log in once for all resources that have this enabled.", + "proxyErrorInvalidPort": "Invalid port number", + "subdomainErrorInvalid": "Invalid subdomain", + "domainErrorFetch": "Error fetching domains", + "domainErrorFetchDescription": "An error occurred when fetching the domains", + "resourceErrorUpdate": "Failed to update resource", + "resourceErrorUpdateDescription": "An error occurred while updating the resource", + "resourceUpdated": "Resource updated", + "resourceUpdatedDescription": "The resource has been updated successfully", + "resourceErrorTransfer": "Failed to transfer resource", + "resourceErrorTransferDescription": "An error occurred while transferring the resource", + "resourceTransferred": "Resource transferred", + "resourceTransferredDescription": "The resource has been transferred successfully", + "resourceErrorToggle": "Failed to toggle resource", + "resourceErrorToggleDescription": "An error occurred while updating the resource", + "resourceVisibilityTitle": "Visibility", + "resourceVisibilityTitleDescription": "Completely enable or disable resource visibility", + "resourceGeneral": "General Settings", + "resourceGeneralDescription": "Configure the general settings for this resource", + "resourceEnable": "Enable Resource", + "resourceTransfer": "Transfer Resource", + "resourceTransferDescription": "Transfer this resource to a different site", + "resourceTransferSubmit": "Transfer Resource", + "siteDestination": "Destination Site", + "searchSites": "Search sites", + "accessRoleCreate": "Create Role", + "accessRoleCreateDescription": "Create a new role to group users and manage their permissions.", + "accessRoleCreateSubmit": "Create Role", + "accessRoleCreated": "Role created", + "accessRoleCreatedDescription": "The role has been successfully created.", + "accessRoleErrorCreate": "Failed to create role", + "accessRoleErrorCreateDescription": "An error occurred while creating the role.", + "accessRoleErrorNewRequired": "New role is required", + "accessRoleErrorRemove": "Failed to remove role", + "accessRoleErrorRemoveDescription": "An error occurred while removing the role.", + "accessRoleName": "Role Name", + "accessRoleQuestionRemove": "You're about to delete the {name} role. You cannot undo this action.", + "accessRoleRemove": "Remove Role", + "accessRoleRemoveDescription": "Remove a role from the organization", + "accessRoleRemoveSubmit": "Remove Role", + "accessRoleRemoved": "Role removed", + "accessRoleRemovedDescription": "The role has been successfully removed.", + "accessRoleRequiredRemove": "Before deleting this role, please select a new role to transfer existing members to.", + "manage": "Manage", + "sitesNotFound": "No sites found.", + "pangolinServerAdmin": "Server Admin - Pangolin", + "licenseTierProfessional": "Professional License", + "licenseTierEnterprise": "Enterprise License", + "licenseTierCommercial": "Commercial License", + "licensed": "Licensed", + "yes": "Yes", + "no": "No", + "sitesAdditional": "Additional Sites", + "licenseKeys": "License Keys", + "sitestCountDecrease": "Decrease site count", + "sitestCountIncrease": "Increase site count", + "idpManage": "Manage Identity Providers", + "idpManageDescription": "View and manage identity providers in the system", + "idpDeletedDescription": "Identity provider deleted successfully", + "idpOidc": "OAuth2/OIDC", + "idpQuestionRemove": "Are you sure you want to permanently delete the identity provider {name}?", + "idpMessageRemove": "This will remove the identity provider and all associated configurations. Users who authenticate through this provider will no longer be able to log in.", + "idpMessageConfirm": "To confirm, please type the name of the identity provider below.", + "idpConfirmDelete": "Confirm Delete Identity Provider", + "idpDelete": "Delete Identity Provider", + "idp": "Identity Providers", + "idpSearch": "Search identity providers...", + "idpAdd": "Add Identity Provider", + "idpClientIdRequired": "Client ID is required.", + "idpClientSecretRequired": "Client Secret is required.", + "idpErrorAuthUrlInvalid": "Auth URL must be a valid URL.", + "idpErrorTokenUrlInvalid": "Token URL must be a valid URL.", + "idpPathRequired": "Identifier Path is required.", + "idpScopeRequired": "Scopes are required.", + "idpOidcDescription": "Configure an OpenID Connect identity provider", + "idpCreatedDescription": "Identity provider created successfully", + "idpCreate": "Create Identity Provider", + "idpCreateDescription": "Configure a new identity provider for user authentication", + "idpSeeAll": "See All Identity Providers", + "idpSettingsDescription": "Configure the basic information for your identity provider", + "idpDisplayName": "A display name for this identity provider", + "idpAutoProvisionUsers": "Auto Provision Users", + "idpAutoProvisionUsersDescription": "When enabled, users will be automatically created in the system upon first login with the ability to map users to roles and organizations.", + "licenseBadge": "Professional", + "idpType": "Provider Type", + "idpTypeDescription": "Select the type of identity provider you want to configure", + "idpOidcConfigure": "OAuth2/OIDC Configuration", + "idpOidcConfigureDescription": "Configure the OAuth2/OIDC provider endpoints and credentials", + "idpClientId": "Client ID", + "idpClientIdDescription": "The OAuth2 client ID from your identity provider", + "idpClientSecret": "Client Secret", + "idpClientSecretDescription": "The OAuth2 client secret from your identity provider", + "idpAuthUrl": "Authorization URL", + "idpAuthUrlDescription": "The OAuth2 authorization endpoint URL", + "idpTokenUrl": "Token URL", + "idpTokenUrlDescription": "The OAuth2 token endpoint URL", + "idpOidcConfigureAlert": "Important Information", + "idpOidcConfigureAlertDescription": "After creating the identity provider, you will need to configure the callback URL in your identity provider's settings. The callback URL will be provided after successful creation.", + "idpToken": "Token Configuration", + "idpTokenDescription": "Configure how to extract user information from the ID token", + "idpJmespathAbout": "About JMESPath", + "idpJmespathAboutDescription": "The paths below use JMESPath syntax to extract values from the ID token.", + "idpJmespathAboutDescriptionLink": "Learn more about JMESPath", + "idpJmespathLabel": "Identifier Path", + "idpJmespathLabelDescription": "The path to the user identifier in the ID token", + "idpJmespathEmailPathOptional": "Email Path (Optional)", + "idpJmespathEmailPathOptionalDescription": "The path to the user's email in the ID token", + "idpJmespathNamePathOptional": "Name Path (Optional)", + "idpJmespathNamePathOptionalDescription": "The path to the user's name in the ID token", + "idpOidcConfigureScopes": "Scopes", + "idpOidcConfigureScopesDescription": "Space-separated list of OAuth2 scopes to request", + "idpSubmit": "Create Identity Provider", + "orgPolicies": "Organization Policies", + "idpSettings": "{idpName} Settings", + "idpCreateSettingsDescription": "Configure the settings for your identity provider", + "roleMapping": "Role Mapping", + "orgMapping": "Organization Mapping", + "orgPoliciesSearch": "Search organization policies...", + "orgPoliciesAdd": "Add Organization Policy", + "orgRequired": "Organization is required", + "error": "Error", + "success": "Success", + "orgPolicyAddedDescription": "Policy added successfully", + "orgPolicyUpdatedDescription": "Policy updated successfully", + "orgPolicyDeletedDescription": "Policy deleted successfully", + "defaultMappingsUpdatedDescription": "Default mappings updated successfully", + "orgPoliciesAbout": "About Organization Policies", + "orgPoliciesAboutDescription": "Organization policies are used to control access to organizations based on the user's ID token. You can specify JMESPath expressions to extract role and organization information from the ID token.", + "orgPoliciesAboutDescriptionLink": "See documentation, for more information.", + "defaultMappingsOptional": "Default Mappings (Optional)", + "defaultMappingsOptionalDescription": "The default mappings are used when when there is not an organization policy defined for an organization. You can specify the default role and organization mappings to fall back to here.", + "defaultMappingsRole": "Default Role Mapping", + "defaultMappingsRoleDescription": "The result of this expression must return the role name as defined in the organization as a string.", + "defaultMappingsOrg": "Default Organization Mapping", + "defaultMappingsOrgDescription": "This expression must return the org ID or true for the user to be allowed to access the organization.", + "defaultMappingsSubmit": "Save Default Mappings", + "orgPoliciesEdit": "Edit Organization Policy", + "org": "Organization", + "orgSelect": "Select organization", + "orgSearch": "Search org", + "orgNotFound": "No org found.", + "roleMappingPathOptional": "Role Mapping Path (Optional)", + "orgMappingPathOptional": "Organization Mapping Path (Optional)", + "orgPolicyUpdate": "Update Policy", + "orgPolicyAdd": "Add Policy", + "orgPolicyConfig": "Configure access for an organization", + "idpUpdatedDescription": "Identity provider updated successfully", + "redirectUrl": "Redirect URL", + "redirectUrlAbout": "About Redirect URL", + "redirectUrlAboutDescription": "This is the URL to which users will be redirected after authentication. You need to configure this URL in your identity provider settings.", + "pangolinAuth": "Auth - Pangolin", + "verificationCodeLengthRequirements": "Your verification code must be 8 characters.", + "errorOccurred": "An error occurred", + "emailErrorVerify": "Failed to verify email:", + "emailVerified": "Email successfully verified! Redirecting you...", + "verificationCodeErrorResend": "Failed to resend verification code:", + "verificationCodeResend": "Verification code resent", + "verificationCodeResendDescription": "We've resent a verification code to your email address. Please check your inbox.", + "emailVerify": "Verify Email", + "emailVerifyDescription": "Enter the verification code sent to your email address.", + "verificationCode": "Verification Code", + "verificationCodeEmailSent": "We sent a verification code to your email address.", + "submit": "Submit", + "emailVerifyResendProgress": "Resending...", + "emailVerifyResend": "Didn't receive a code? Click here to resend", + "passwordNotMatch": "Passwords do not match", + "signupError": "An error occurred while signing up", + "pangolinLogoAlt": "Pangolin Logo", + "inviteAlready": "Looks like you've been invited!", + "inviteAlreadyDescription": "To accept the invite, you must log in or create an account.", + "signupQuestion": "Already have an account?", + "login": "Log in", + "resourceNotFound": "Resource Not Found", + "resourceNotFoundDescription": "The resource you're trying to access does not exist.", + "pincodeRequirementsLength": "PIN must be exactly 6 digits", + "pincodeRequirementsChars": "PIN must only contain numbers", + "passwordRequirementsLength": "Password must be at least 1 character long", + "passwordRequirementsTitle": "Password requirements:", + "passwordRequirementLength": "At least 8 characters long", + "passwordRequirementUppercase": "At least one uppercase letter", + "passwordRequirementLowercase": "At least one lowercase letter", + "passwordRequirementNumber": "At least one number", + "passwordRequirementSpecial": "At least one special character", + "passwordRequirementsMet": "✓ Password meets all requirements", + "passwordStrength": "Password strength", + "passwordStrengthWeak": "Weak", + "passwordStrengthMedium": "Medium", + "passwordStrengthStrong": "Strong", + "passwordRequirements": "Requirements:", + "passwordRequirementLengthText": "8+ characters", + "passwordRequirementUppercaseText": "Uppercase letter (A-Z)", + "passwordRequirementLowercaseText": "Lowercase letter (a-z)", + "passwordRequirementNumberText": "Number (0-9)", + "passwordRequirementSpecialText": "Special character (!@#$%...)", + "passwordsDoNotMatch": "Passwords do not match", + "otpEmailRequirementsLength": "OTP must be at least 1 character long", + "otpEmailSent": "OTP Sent", + "otpEmailSentDescription": "An OTP has been sent to your email", + "otpEmailErrorAuthenticate": "Failed to authenticate with email", + "pincodeErrorAuthenticate": "Failed to authenticate with pincode", + "passwordErrorAuthenticate": "Failed to authenticate with password", + "poweredBy": "Powered by", + "authenticationRequired": "Authentication Required", + "authenticationMethodChoose": "Choose your preferred method to access {name}", + "authenticationRequest": "You must authenticate to access {name}", + "user": "User", + "pincodeInput": "6-digit PIN Code", + "pincodeSubmit": "Log in with PIN", + "passwordSubmit": "Log In with Password", + "otpEmailDescription": "A one-time code will be sent to this email.", + "otpEmailSend": "Send One-time Code", + "otpEmail": "One-Time Password (OTP)", + "otpEmailSubmit": "Submit OTP", + "backToEmail": "Back to Email", + "noSupportKey": "Server is running without a supporter key. Consider supporting the project!", + "accessDenied": "Access Denied", + "accessDeniedDescription": "You're not allowed to access this resource. If this is a mistake, please contact the administrator.", + "accessTokenError": "Error checking access token", + "accessGranted": "Access Granted", + "accessUrlInvalid": "Access URL Invalid", + "accessGrantedDescription": "You have been granted access to this resource. Redirecting you...", + "accessUrlInvalidDescription": "This shared access URL is invalid. Please contact the resource owner for a new URL.", + "tokenInvalid": "Invalid token", + "pincodeInvalid": "Invalid code", + "passwordErrorRequestReset": "Failed to request reset:", + "passwordErrorReset": "Failed to reset password:", + "passwordResetSuccess": "Password reset successfully! Back to log in...", + "passwordReset": "Reset Password", + "passwordResetDescription": "Follow the steps to reset your password", + "passwordResetSent": "We'll send a password reset code to this email address.", + "passwordResetCode": "Reset Code", + "passwordResetCodeDescription": "Check your email for the reset code.", + "passwordNew": "New Password", + "passwordNewConfirm": "Confirm New Password", + "pincodeAuth": "Authenticator Code", + "pincodeSubmit2": "Submit Code", + "passwordResetSubmit": "Request Reset", + "passwordBack": "Back to Password", + "loginBack": "Go back to log in", + "signup": "Sign up", + "loginStart": "Log in to get started", + "idpOidcTokenValidating": "Validating OIDC token", + "idpOidcTokenResponse": "Validate OIDC token response", + "idpErrorOidcTokenValidating": "Error validating OIDC token", + "idpConnectingTo": "Connecting to {name}", + "idpConnectingToDescription": "Validating your identity", + "idpConnectingToProcess": "Connecting...", + "idpConnectingToFinished": "Connected", + "idpErrorConnectingTo": "There was a problem connecting to {name}. Please contact your administrator.", + "idpErrorNotFound": "IdP not found", + "inviteInvalid": "Invalid Invite", + "inviteInvalidDescription": "The invite link is invalid.", + "inviteErrorWrongUser": "Invite is not for this user", + "inviteErrorUserNotExists": "User does not exist. Please create an account first.", + "inviteErrorLoginRequired": "You must be logged in to accept an invite", + "inviteErrorExpired": "The invite may have expired", + "inviteErrorRevoked": "The invite might have been revoked", + "inviteErrorTypo": "There could be a typo in the invite link", + "pangolinSetup": "Setup - Pangolin", + "orgNameRequired": "Organization name is required", + "orgIdRequired": "Organization ID is required", + "orgErrorCreate": "An error occurred while creating org", + "pageNotFound": "Page Not Found", + "pageNotFoundDescription": "Oops! The page you're looking for doesn't exist.", + "overview": "Overview", + "home": "Home", + "accessControl": "Access Control", + "settings": "Settings", + "usersAll": "All Users", + "license": "License", + "pangolinDashboard": "Dashboard - Pangolin", + "noResults": "No results found.", + "terabytes": "{count} TB", + "gigabytes": "{count} GB", + "megabytes": "{count} MB", + "tagsEntered": "Entered Tags", + "tagsEnteredDescription": "These are the tags you`ve entered.", + "tagsWarnCannotBeLessThanZero": "maxTags and minTags cannot be less than 0", + "tagsWarnNotAllowedAutocompleteOptions": "Tag not allowed as per autocomplete options", + "tagsWarnInvalid": "Invalid tag as per validateTag", + "tagWarnTooShort": "Tag {tagText} is too short", + "tagWarnTooLong": "Tag {tagText} is too long", + "tagsWarnReachedMaxNumber": "Reached the maximum number of tags allowed", + "tagWarnDuplicate": "Duplicate tag {tagText} not added", + "supportKeyInvalid": "Invalid Key", + "supportKeyInvalidDescription": "Your supporter key is invalid.", + "supportKeyValid": "Valid Key", + "supportKeyValidDescription": "Your supporter key has been validated. Thank you for your support!", + "supportKeyErrorValidationDescription": "Failed to validate supporter key.", + "supportKey": "Support Development and Adopt a Pangolin!", + "supportKeyDescription": "Purchase a supporter key to help us continue developing Pangolin for the community. Your contribution allows us to commit more time to maintain and add new features to the application for everyone. We will never use this to paywall features. This is separate from any Commercial Edition.", + "supportKeyPet": "You will also get to adopt and meet your very own pet Pangolin!", + "supportKeyPurchase": "Payments are processed via GitHub. Afterward, you can retrieve your key on", + "supportKeyPurchaseLink": "our website", + "supportKeyPurchase2": "and redeem it here.", + "supportKeyLearnMore": "Learn more.", + "supportKeyOptions": "Please select the option that best suits you.", + "supportKetOptionFull": "Full Supporter", + "forWholeServer": "For the whole server", + "lifetimePurchase": "Lifetime purchase", + "supporterStatus": "Supporter status", + "buy": "Buy", + "supportKeyOptionLimited": "Limited Supporter", + "forFiveUsers": "For 5 or less users", + "supportKeyRedeem": "Redeem Supporter Key", + "supportKeyHideSevenDays": "Hide for 7 days", + "supportKeyEnter": "Enter Supporter Key", + "supportKeyEnterDescription": "Meet your very own pet Pangolin!", + "githubUsername": "GitHub Username", + "supportKeyInput": "Supporter Key", + "supportKeyBuy": "Buy Supporter Key", + "logoutError": "Error logging out", + "signingAs": "Signed in as", + "serverAdmin": "Server Admin", + "managedSelfhosted": "Managed Self-Hosted", + "otpEnable": "Enable Two-factor", + "otpDisable": "Disable Two-factor", + "logout": "Log Out", + "licenseTierProfessionalRequired": "Professional Edition Required", + "licenseTierProfessionalRequiredDescription": "This feature is only available in the Professional Edition.", + "actionGetOrg": "Get Organization", + "actionUpdateOrg": "Update Organization", + "actionUpdateUser": "Update User", + "actionGetUser": "Get User", + "actionGetOrgUser": "Get Organization User", + "actionListOrgDomains": "List Organization Domains", + "actionCreateSite": "Create Site", + "actionDeleteSite": "Delete Site", + "actionGetSite": "Get Site", + "actionListSites": "List Sites", + "setupToken": "Setup Token", + "setupTokenDescription": "Enter the setup token from the server console.", + "setupTokenRequired": "Setup token is required", + "actionUpdateSite": "Update Site", + "actionListSiteRoles": "List Allowed Site Roles", + "actionCreateResource": "Create Resource", + "actionDeleteResource": "Delete Resource", + "actionGetResource": "Get Resource", + "actionListResource": "List Resources", + "actionUpdateResource": "Update Resource", + "actionListResourceUsers": "List Resource Users", + "actionSetResourceUsers": "Set Resource Users", + "actionSetAllowedResourceRoles": "Set Allowed Resource Roles", + "actionListAllowedResourceRoles": "List Allowed Resource Roles", + "actionSetResourcePassword": "Set Resource Password", + "actionSetResourcePincode": "Set Resource Pincode", + "actionSetResourceEmailWhitelist": "Set Resource Email Whitelist", + "actionGetResourceEmailWhitelist": "Get Resource Email Whitelist", + "actionCreateTarget": "Create Target", + "actionDeleteTarget": "Delete Target", + "actionGetTarget": "Get Target", + "actionListTargets": "List Targets", + "actionUpdateTarget": "Update Target", + "actionCreateRole": "Create Role", + "actionDeleteRole": "Delete Role", + "actionGetRole": "Get Role", + "actionListRole": "List Roles", + "actionUpdateRole": "Update Role", + "actionListAllowedRoleResources": "List Allowed Role Resources", + "actionInviteUser": "Invite User", + "actionRemoveUser": "Remove User", + "actionListUsers": "List Users", + "actionAddUserRole": "Add User Role", + "actionGenerateAccessToken": "Generate Access Token", + "actionDeleteAccessToken": "Delete Access Token", + "actionListAccessTokens": "List Access Tokens", + "actionCreateResourceRule": "Create Resource Rule", + "actionDeleteResourceRule": "Delete Resource Rule", + "actionListResourceRules": "List Resource Rules", + "actionUpdateResourceRule": "Update Resource Rule", + "actionListOrgs": "List Organizations", + "actionCheckOrgId": "Check ID", + "actionCreateOrg": "Create Organization", + "actionDeleteOrg": "Delete Organization", + "actionListApiKeys": "List API Keys", + "actionListApiKeyActions": "List API Key Actions", + "actionSetApiKeyActions": "Set API Key Allowed Actions", + "actionCreateApiKey": "Create API Key", + "actionDeleteApiKey": "Delete API Key", + "actionCreateIdp": "Create IDP", + "actionUpdateIdp": "Update IDP", + "actionDeleteIdp": "Delete IDP", + "actionListIdps": "List IDP", + "actionGetIdp": "Get IDP", + "actionCreateIdpOrg": "Create IDP Org Policy", + "actionDeleteIdpOrg": "Delete IDP Org Policy", + "actionListIdpOrgs": "List IDP Orgs", + "actionUpdateIdpOrg": "Update IDP Org", + "actionCreateClient": "Create Client", + "actionDeleteClient": "Delete Client", + "actionUpdateClient": "Update Client", + "actionListClients": "List Clients", + "actionGetClient": "Get Client", + "actionCreateSiteResource": "Create Site Resource", + "actionDeleteSiteResource": "Delete Site Resource", + "actionGetSiteResource": "Get Site Resource", + "actionListSiteResources": "List Site Resources", + "actionUpdateSiteResource": "Update Site Resource", + "actionListInvitations": "List Invitations", + "noneSelected": "None selected", + "orgNotFound2": "No organizations found.", + "searchProgress": "Search...", + "create": "Create", + "orgs": "Organizations", + "loginError": "An error occurred while logging in", + "passwordForgot": "Forgot your password?", + "otpAuth": "Two-Factor Authentication", + "otpAuthDescription": "Enter the code from your authenticator app or one of your single-use backup codes.", + "otpAuthSubmit": "Submit Code", + "idpContinue": "Or continue with", + "otpAuthBack": "Back to Log In", + "navbar": "Navigation Menu", + "navbarDescription": "Main navigation menu for the application", + "navbarDocsLink": "Documentation", + "commercialEdition": "Commercial Edition", + "otpErrorEnable": "Unable to enable 2FA", + "otpErrorEnableDescription": "An error occurred while enabling 2FA", + "otpSetupCheckCode": "Please enter a 6-digit code", + "otpSetupCheckCodeRetry": "Invalid code. Please try again.", + "otpSetup": "Enable Two-factor Authentication", + "otpSetupDescription": "Secure your account with an extra layer of protection", + "otpSetupScanQr": "Scan this QR code with your authenticator app or enter the secret key manually:", + "otpSetupSecretCode": "Authenticator Code", + "otpSetupSuccess": "Two-Factor Authentication Enabled", + "otpSetupSuccessStoreBackupCodes": "Your account is now more secure. Don't forget to save your backup codes.", + "otpErrorDisable": "Unable to disable 2FA", + "otpErrorDisableDescription": "An error occurred while disabling 2FA", + "otpRemove": "Disable Two-factor Authentication", + "otpRemoveDescription": "Disable two-factor authentication for your account", + "otpRemoveSuccess": "Two-Factor Authentication Disabled", + "otpRemoveSuccessMessage": "Two-factor authentication has been disabled for your account. You can enable it again at any time.", + "otpRemoveSubmit": "Disable 2FA", + "paginator": "Page {current} of {last}", + "paginatorToFirst": "Go to first page", + "paginatorToPrevious": "Go to previous page", + "paginatorToNext": "Go to next page", + "paginatorToLast": "Go to last page", + "copyText": "Copy text", + "copyTextFailed": "Failed to copy text: ", + "copyTextClipboard": "Copy to clipboard", + "inviteErrorInvalidConfirmation": "Invalid confirmation", + "passwordRequired": "Password is required", + "allowAll": "Allow All", + "permissionsAllowAll": "Allow All Permissions", + "githubUsernameRequired": "GitHub username is required", + "supportKeyRequired": "Supporter key is required", + "passwordRequirementsChars": "Password must be at least 8 characters", + "language": "Language", + "verificationCodeRequired": "Code is required", + "userErrorNoUpdate": "No user to update", + "siteErrorNoUpdate": "No site to update", + "resourceErrorNoUpdate": "No resource to update", + "authErrorNoUpdate": "No auth info to update", + "orgErrorNoUpdate": "No org to update", + "orgErrorNoProvided": "No org provided", + "apiKeysErrorNoUpdate": "No API key to update", + "sidebarOverview": "Overview", + "sidebarHome": "Home", + "sidebarSites": "Sites", + "sidebarResources": "Resources", + "sidebarAccessControl": "Access Control", + "sidebarUsers": "Users", + "sidebarInvitations": "Invitations", + "sidebarRoles": "Roles", + "sidebarShareableLinks": "Shareable Links", + "sidebarApiKeys": "API Keys", + "sidebarSettings": "Settings", + "sidebarAllUsers": "All Users", + "sidebarIdentityProviders": "Identity Providers", + "sidebarLicense": "License", + "sidebarClients": "Clients (Beta)", + "sidebarDomains": "Domains", + "enableDockerSocket": "Enable Docker Socket", + "enableDockerSocketDescription": "Enable Docker Socket discovery for populating container information. Socket path must be provided to Newt.", + "enableDockerSocketLink": "Learn More", + "viewDockerContainers": "View Docker Containers", + "containersIn": "Containers in {siteName}", + "selectContainerDescription": "Select any container to use as a hostname for this target. Click a port to use a port.", + "containerName": "Name", + "containerImage": "Image", + "containerState": "State", + "containerNetworks": "Networks", + "containerHostnameIp": "Hostname/IP", + "containerLabels": "Labels", + "containerLabelsCount": "{count, plural, one {# label} other {# labels}}", + "containerLabelsTitle": "Container Labels", + "containerLabelEmpty": "", + "containerPorts": "Ports", + "containerPortsMore": "+{count} more", + "containerActions": "Actions", + "select": "Select", + "noContainersMatchingFilters": "No containers found matching the current filters.", + "showContainersWithoutPorts": "Show containers without ports", + "showStoppedContainers": "Show stopped containers", + "noContainersFound": "No containers found. Make sure Docker containers are running.", + "searchContainersPlaceholder": "Search across {count} containers...", + "searchResultsCount": "{count, plural, one {# result} other {# results}}", + "filters": "Filters", + "filterOptions": "Filter Options", + "filterPorts": "Ports", + "filterStopped": "Stopped", + "clearAllFilters": "Clear all filters", + "columns": "Columns", + "toggleColumns": "Toggle Columns", + "refreshContainersList": "Refresh containers list", + "searching": "Searching...", + "noContainersFoundMatching": "No containers found matching \"{filter}\".", + "light": "light", + "dark": "dark", + "system": "system", + "theme": "Theme", + "subnetRequired": "Subnet is required", + "initialSetupTitle": "Initial Server Setup", + "initialSetupDescription": "Create the intial server admin account. Only one server admin can exist. You can always change these credentials later.", + "createAdminAccount": "Create Admin Account", + "setupErrorCreateAdmin": "An error occurred while creating the server admin account.", + "certificateStatus": "Certificate Status", + "loading": "Loading", + "restart": "Restart", + "domains": "Domains", + "domainsDescription": "Manage domains for your organization", + "domainsSearch": "Search domains...", + "domainAdd": "Add Domain", + "domainAddDescription": "Register a new domain with your organization", + "domainCreate": "Create Domain", + "domainCreatedDescription": "Domain created successfully", + "domainDeletedDescription": "Domain deleted successfully", + "domainQuestionRemove": "Are you sure you want to remove the domain {domain} from your account?", + "domainMessageRemove": "Once removed, the domain will no longer be associated with your account.", + "domainMessageConfirm": "To confirm, please type the domain name below.", + "domainConfirmDelete": "Confirm Delete Domain", + "domainDelete": "Delete Domain", + "domain": "Domain", + "selectDomainTypeNsName": "Domain Delegation (NS)", + "selectDomainTypeNsDescription": "This domain and all its subdomains. Use this when you want to control an entire domain zone.", + "selectDomainTypeCnameName": "Single Domain (CNAME)", + "selectDomainTypeCnameDescription": "Just this specific domain. Use this for individual subdomains or specific domain entries.", + "selectDomainTypeWildcardName": "Wildcard Domain", + "selectDomainTypeWildcardDescription": "This domain and its subdomains.", + "domainDelegation": "Single Domain", + "selectType": "Select a type", + "actions": "Actions", + "refresh": "Refresh", + "refreshError": "Failed to refresh data", + "verified": "Verified", + "pending": "Pending", + "sidebarBilling": "Billing", + "billing": "Billing", + "orgBillingDescription": "Manage your billing information and subscriptions", + "github": "GitHub", + "pangolinHosted": "Pangolin Hosted", + "fossorial": "Fossorial", + "completeAccountSetup": "Complete Account Setup", + "completeAccountSetupDescription": "Set your password to get started", + "accountSetupSent": "We'll send an account setup code to this email address.", + "accountSetupCode": "Setup Code", + "accountSetupCodeDescription": "Check your email for the setup code.", + "passwordCreate": "Create Password", + "passwordCreateConfirm": "Confirm Password", + "accountSetupSubmit": "Send Setup Code", + "completeSetup": "Complete Setup", + "accountSetupSuccess": "Account setup completed! Welcome to Pangolin!", + "documentation": "Documentation", + "saveAllSettings": "Save All Settings", + "settingsUpdated": "Settings updated", + "settingsUpdatedDescription": "All settings have been updated successfully", + "settingsErrorUpdate": "Failed to update settings", + "settingsErrorUpdateDescription": "An error occurred while updating settings", + "sidebarCollapse": "Collapse", + "sidebarExpand": "Expand", + "newtUpdateAvailable": "Update Available", + "newtUpdateAvailableInfo": "A new version of Newt is available. Please update to the latest version for the best experience.", + "domainPickerEnterDomain": "Domain", + "domainPickerPlaceholder": "myapp.example.com, api.v1.mydomain.com, or just myapp", + "domainPickerDescription": "Enter the full domain of the resource to see available options.", + "domainPickerDescriptionSaas": "Enter a full domain, subdomain, or just a name to see available options", + "domainPickerTabAll": "All", + "domainPickerTabOrganization": "Organization", + "domainPickerTabProvided": "Provided", + "domainPickerSortAsc": "A-Z", + "domainPickerSortDesc": "Z-A", + "domainPickerCheckingAvailability": "Checking availability...", + "domainPickerNoMatchingDomains": "No matching domains found. Try a different domain or check your organization's domain settings.", + "domainPickerOrganizationDomains": "Organization Domains", + "domainPickerProvidedDomains": "Provided Domains", + "domainPickerSubdomain": "Subdomain: {subdomain}", + "domainPickerNamespace": "Namespace: {namespace}", + "domainPickerShowMore": "Show More", + "domainNotFound": "Domain Not Found", + "domainNotFoundDescription": "This resource is disabled because the domain no longer exists our system. Please set a new domain for this resource.", + "failed": "Failed", + "createNewOrgDescription": "Create a new organization", + "organization": "Organization", + "port": "Port", + "securityKeyManage": "Manage Security Keys", + "securityKeyDescription": "Add or remove security keys for passwordless authentication", + "securityKeyRegister": "Register New Security Key", + "securityKeyList": "Your Security Keys", + "securityKeyNone": "No security keys registered yet", + "securityKeyNameRequired": "Name is required", + "securityKeyRemove": "Remove", + "securityKeyLastUsed": "Last used: {date}", + "securityKeyNameLabel": "Security Key Name", + "securityKeyRegisterSuccess": "Security key registered successfully", + "securityKeyRegisterError": "Failed to register security key", + "securityKeyRemoveSuccess": "Security key removed successfully", + "securityKeyRemoveError": "Failed to remove security key", + "securityKeyLoadError": "Failed to load security keys", + "securityKeyLogin": "Continue with security key", + "securityKeyAuthError": "Failed to authenticate with security key", + "securityKeyRecommendation": "Register a backup security key on another device to ensure you always have access to your account.", + "registering": "Registering...", + "securityKeyPrompt": "Please verify your identity using your security key. Make sure your security key is connected and ready.", + "securityKeyBrowserNotSupported": "Your browser doesn't support security keys. Please use a modern browser like Chrome, Firefox, or Safari.", + "securityKeyPermissionDenied": "Please allow access to your security key to continue signing in.", + "securityKeyRemovedTooQuickly": "Please keep your security key connected until the sign-in process completes.", + "securityKeyNotSupported": "Your security key may not be compatible. Please try a different security key.", + "securityKeyUnknownError": "There was a problem using your security key. Please try again.", + "twoFactorRequired": "Two-factor authentication is required to register a security key.", + "twoFactor": "Two-Factor Authentication", + "adminEnabled2FaOnYourAccount": "Your administrator has enabled two-factor authentication for {email}. Please complete the setup process to continue.", + "continueToApplication": "Continue to Application", + "securityKeyAdd": "Add Security Key", + "securityKeyRegisterTitle": "Register New Security Key", + "securityKeyRegisterDescription": "Connect your security key and enter a name to identify it", + "securityKeyTwoFactorRequired": "Two-Factor Authentication Required", + "securityKeyTwoFactorDescription": "Please enter your two-factor authentication code to register the security key", + "securityKeyTwoFactorRemoveDescription": "Please enter your two-factor authentication code to remove the security key", + "securityKeyTwoFactorCode": "Two-Factor Code", + "securityKeyRemoveTitle": "Remove Security Key", + "securityKeyRemoveDescription": "Enter your password to remove the security key \"{name}\"", + "securityKeyNoKeysRegistered": "No security keys registered", + "securityKeyNoKeysDescription": "Add a security key to enhance your account security", + "createDomainRequired": "Domain is required", + "createDomainAddDnsRecords": "Add DNS Records", + "createDomainAddDnsRecordsDescription": "Add the following DNS records to your domain provider to complete the setup.", + "createDomainNsRecords": "NS Records", + "createDomainRecord": "Record", + "createDomainType": "Type:", + "createDomainName": "Name:", + "createDomainValue": "Value:", + "createDomainCnameRecords": "CNAME Records", + "createDomainARecords": "A Records", + "createDomainRecordNumber": "Record {number}", + "createDomainTxtRecords": "TXT Records", + "createDomainSaveTheseRecords": "Save These Records", + "createDomainSaveTheseRecordsDescription": "Make sure to save these DNS records as you will not see them again.", + "createDomainDnsPropagation": "DNS Propagation", + "createDomainDnsPropagationDescription": "DNS changes may take some time to propagate across the internet. This can take anywhere from a few minutes to 48 hours, depending on your DNS provider and TTL settings.", + "resourcePortRequired": "Port number is required for non-HTTP resources", + "resourcePortNotAllowed": "Port number should not be set for HTTP resources", + "signUpTerms": { + "IAgreeToThe": "I agree to the", + "termsOfService": "terms of service", + "and": "and", + "privacyPolicy": "privacy policy" + }, + "siteRequired": "Site is required.", + "olmTunnel": "Olm Tunnel", + "olmTunnelDescription": "Use Olm for client connectivity", + "errorCreatingClient": "Error creating client", + "clientDefaultsNotFound": "Client defaults not found", + "createClient": "Create Client", + "createClientDescription": "Create a new client for connecting to your sites", + "seeAllClients": "See All Clients", + "clientInformation": "Client Information", + "clientNamePlaceholder": "Client name", + "address": "Address", + "subnetPlaceholder": "Subnet", + "addressDescription": "The address that this client will use for connectivity", + "selectSites": "Select sites", + "sitesDescription": "The client will have connectivity to the selected sites", + "clientInstallOlm": "Install Olm", + "clientInstallOlmDescription": "Get Olm running on your system", + "clientOlmCredentials": "Olm Credentials", + "clientOlmCredentialsDescription": "This is how Olm will authenticate with the server", + "olmEndpoint": "Olm Endpoint", + "olmId": "Olm ID", + "olmSecretKey": "Olm Secret Key", + "clientCredentialsSave": "Save Your Credentials", + "clientCredentialsSaveDescription": "You will only be able to see this once. Make sure to copy it to a secure place.", + "generalSettingsDescription": "Configure the general settings for this client", + "clientUpdated": "Client updated", + "clientUpdatedDescription": "The client has been updated.", + "clientUpdateFailed": "Failed to update client", + "clientUpdateError": "An error occurred while updating the client.", + "sitesFetchFailed": "Failed to fetch sites", + "sitesFetchError": "An error occurred while fetching sites.", + "olmErrorFetchReleases": "An error occurred while fetching Olm releases.", + "olmErrorFetchLatest": "An error occurred while fetching the latest Olm release.", + "remoteSubnets": "Remote Subnets", + "enterCidrRange": "Enter CIDR range", + "remoteSubnetsDescription": "Add CIDR ranges that can be accessed from this site remotely using clients. Use format like 10.0.0.0/24. This ONLY applies to VPN client connectivity.", + "resourceEnableProxy": "Enable Public Proxy", + "resourceEnableProxyDescription": "Enable public proxying to this resource. This allows access to the resource from outside the network through the cloud on an open port. Requires Traefik config.", + "externalProxyEnabled": "External Proxy Enabled", + "addNewTarget": "Add New Target", + "targetsList": "Targets List", + "targetErrorDuplicateTargetFound": "Duplicate target found", + "httpMethod": "HTTP Method", + "selectHttpMethod": "Select HTTP method", + "domainPickerSubdomainLabel": "Subdomain", + "domainPickerBaseDomainLabel": "Base Domain", + "domainPickerSearchDomains": "Search domains...", + "domainPickerNoDomainsFound": "No domains found", + "domainPickerLoadingDomains": "Loading domains...", + "domainPickerSelectBaseDomain": "Select base domain...", + "domainPickerNotAvailableForCname": "Not available for CNAME domains", + "domainPickerEnterSubdomainOrLeaveBlank": "Enter subdomain or leave blank to use base domain.", + "domainPickerEnterSubdomainToSearch": "Enter a subdomain to search and select from available free domains.", + "domainPickerFreeDomains": "Free Domains", + "domainPickerSearchForAvailableDomains": "Search for available domains", + "resourceDomain": "Domain", + "resourceEditDomain": "Edit Domain", + "siteName": "Site Name", + "proxyPort": "Port", + "resourcesTableProxyResources": "Proxy Resources", + "resourcesTableClientResources": "Client Resources", + "resourcesTableNoProxyResourcesFound": "No proxy resources found.", + "resourcesTableNoInternalResourcesFound": "No internal resources found.", + "resourcesTableDestination": "Destination", + "resourcesTableTheseResourcesForUseWith": "These resources are for use with", + "resourcesTableClients": "Clients", + "resourcesTableAndOnlyAccessibleInternally": "and are only accessible internally when connected with a client.", + "editInternalResourceDialogEditClientResource": "Edit Client Resource", + "editInternalResourceDialogUpdateResourceProperties": "Update the resource properties and target configuration for {resourceName}.", + "editInternalResourceDialogResourceProperties": "Resource Properties", + "editInternalResourceDialogName": "Name", + "editInternalResourceDialogProtocol": "Protocol", + "editInternalResourceDialogSitePort": "Site Port", + "editInternalResourceDialogTargetConfiguration": "Target Configuration", + "editInternalResourceDialogDestinationIP": "Destination IP", + "editInternalResourceDialogDestinationPort": "Destination Port", + "editInternalResourceDialogCancel": "Cancel", + "editInternalResourceDialogSaveResource": "Save Resource", + "editInternalResourceDialogSuccess": "Success", + "editInternalResourceDialogInternalResourceUpdatedSuccessfully": "Internal resource updated successfully", + "editInternalResourceDialogError": "Error", + "editInternalResourceDialogFailedToUpdateInternalResource": "Failed to update internal resource", + "editInternalResourceDialogNameRequired": "Name is required", + "editInternalResourceDialogNameMaxLength": "Name must be less than 255 characters", + "editInternalResourceDialogProxyPortMin": "Proxy port must be at least 1", + "editInternalResourceDialogProxyPortMax": "Proxy port must be less than 65536", + "editInternalResourceDialogInvalidIPAddressFormat": "Invalid IP address format", + "editInternalResourceDialogDestinationPortMin": "Destination port must be at least 1", + "editInternalResourceDialogDestinationPortMax": "Destination port must be less than 65536", + "createInternalResourceDialogNoSitesAvailable": "No Sites Available", + "createInternalResourceDialogNoSitesAvailableDescription": "You need to have at least one Newt site with a subnet configured to create internal resources.", + "createInternalResourceDialogClose": "Close", + "createInternalResourceDialogCreateClientResource": "Create Client Resource", + "createInternalResourceDialogCreateClientResourceDescription": "Create a new resource that will be accessible to clients connected to the selected site.", + "createInternalResourceDialogResourceProperties": "Resource Properties", + "createInternalResourceDialogName": "Name", + "createInternalResourceDialogSite": "Site", + "createInternalResourceDialogSelectSite": "Select site...", + "createInternalResourceDialogSearchSites": "Search sites...", + "createInternalResourceDialogNoSitesFound": "No sites found.", + "createInternalResourceDialogProtocol": "Protocol", + "createInternalResourceDialogTcp": "TCP", + "createInternalResourceDialogUdp": "UDP", + "createInternalResourceDialogSitePort": "Site Port", + "createInternalResourceDialogSitePortDescription": "Use this port to access the resource on the site when connected with a client.", + "createInternalResourceDialogTargetConfiguration": "Target Configuration", + "createInternalResourceDialogDestinationIP": "Destination IP", + "createInternalResourceDialogDestinationIPDescription": "The IP address of the resource on the site's network.", + "createInternalResourceDialogDestinationPort": "Destination Port", + "createInternalResourceDialogDestinationPortDescription": "The port on the destination IP where the resource is accessible.", + "createInternalResourceDialogCancel": "Cancel", + "createInternalResourceDialogCreateResource": "Create Resource", + "createInternalResourceDialogSuccess": "Success", + "createInternalResourceDialogInternalResourceCreatedSuccessfully": "Internal resource created successfully", + "createInternalResourceDialogError": "Error", + "createInternalResourceDialogFailedToCreateInternalResource": "Failed to create internal resource", + "createInternalResourceDialogNameRequired": "Name is required", + "createInternalResourceDialogNameMaxLength": "Name must be less than 255 characters", + "createInternalResourceDialogPleaseSelectSite": "Please select a site", + "createInternalResourceDialogProxyPortMin": "Proxy port must be at least 1", + "createInternalResourceDialogProxyPortMax": "Proxy port must be less than 65536", + "createInternalResourceDialogInvalidIPAddressFormat": "Invalid IP address format", + "createInternalResourceDialogDestinationPortMin": "Destination port must be at least 1", + "createInternalResourceDialogDestinationPortMax": "Destination port must be less than 65536", + "siteConfiguration": "Configuration", + "siteAcceptClientConnections": "Accept Client Connections", + "siteAcceptClientConnectionsDescription": "Allow other devices to connect through this Newt instance as a gateway using clients.", + "siteAddress": "Site Address", + "siteAddressDescription": "Specify the IP address of the host for clients to connect to. This is the internal address of the site in the Pangolin network for clients to address. Must fall within the Org subnet.", + "autoLoginExternalIdp": "Auto Login with External IDP", + "autoLoginExternalIdpDescription": "Immediately redirect the user to the external IDP for authentication.", + "selectIdp": "Select IDP", + "selectIdpPlaceholder": "Choose an IDP...", + "selectIdpRequired": "Please select an IDP when auto login is enabled.", + "autoLoginTitle": "Redirecting", + "autoLoginDescription": "Redirecting you to the external identity provider for authentication.", + "autoLoginProcessing": "Preparing authentication...", + "autoLoginRedirecting": "Redirecting to login...", + "autoLoginError": "Auto Login Error", + "autoLoginErrorNoRedirectUrl": "No redirect URL received from the identity provider.", + "autoLoginErrorGeneratingUrl": "Failed to generate authentication URL.", + "managedSelfHosted": { + "title": "Managed Self-Hosted", + "description": "More reliable and low-maintenance self-hosted Pangolin server with extra bells and whistles", + "introTitle": "Managed Self-Hosted Pangolin", + "introDescription": "is a deployment option designed for people who want simplicity and extra reliability while still keeping their data private and self-hosted.", + "introDetail": "With this option, you still run your own Pangolin node — your tunnels, SSL termination, and traffic all stay on your server. The difference is that management and monitoring are handled through our cloud dashboard, which unlocks a number of benefits:", + "benefitSimplerOperations": { + "title": "Simpler operations", + "description": "No need to run your own mail server or set up complex alerting. You'll get health checks and downtime alerts out of the box." + }, + "benefitAutomaticUpdates": { + "title": "Automatic updates", + "description": "The cloud dashboard evolves quickly, so you get new features and bug fixes without having to manually pull new containers every time." + }, + "benefitLessMaintenance": { + "title": "Less maintenance", + "description": "No database migrations, backups, or extra infrastructure to manage. We handle that in the cloud." + }, + "benefitCloudFailover": { + "title": "Cloud failover", + "description": "If your node goes down, your tunnels can temporarily fail over to our cloud points of presence until you bring it back online." + }, + "benefitHighAvailability": { + "title": "High availability (PoPs)", + "description": "You can also attach multiple nodes to your account for redundancy and better performance." + }, + "benefitFutureEnhancements": { + "title": "Future enhancements", + "description": "We're planning to add more analytics, alerting, and management tools to make your deployment even more robust." + }, + "docsAlert": { + "text": "Learn more about the Managed Self-Hosted option in our", + "documentation": "documentation" + }, + "convertButton": "Convert This Node to Managed Self-Hosted" + }, + "internationaldomaindetected": "International Domain Detected", + "willbestoredas": "Will be stored as:" +} diff --git a/messages/cs-CZ.json b/messages/cs-CZ.json new file mode 100644 index 00000000..727d9a5e --- /dev/null +++ b/messages/cs-CZ.json @@ -0,0 +1,1500 @@ +{ + "setupCreate": "Vytvořte si organizaci, lokalitu a služby", + "setupNewOrg": "Nová organizace", + "setupCreateOrg": "Vytvořit organizaci", + "setupCreateResources": "Vytvořit zdroje", + "setupOrgName": "Název organizace", + "orgDisplayName": "Toto je zobrazovaný název vaší organizace.", + "orgId": "ID organizace", + "setupIdentifierMessage": "Toto je jedinečný identifikátor vaší organizace. Nemusí odpovídat názvu organizace.", + "setupErrorIdentifier": "ID organizace je již použito. Zvolte prosím jiné.", + "componentsErrorNoMemberCreate": "Zatím nejste členem žádné organizace. Abyste mohli začít, vytvořte si organizaci.", + "componentsErrorNoMember": "Zatím nejste členem žádných organizací.", + "welcome": "Vítejte!", + "welcomeTo": "Vítejte v", + "componentsCreateOrg": "Vytvořte organizaci", + "componentsMember": "Jste členem {count, plural, =0 {0 organizací} one {1 organizace} other {# organizací}}.", + "componentsInvalidKey": "Byly nalezeny neplatné nebo propadlé licenční klíče. Pokud chcete nadále používat všechny funkce, postupujte podle licenčních podmínek.", + "dismiss": "Zavřít", + "componentsLicenseViolation": "Porušení licenčních podmínek: Tento server používá {usedSites} stránek, což překračuje limit {maxSites} licencovaných stránek. Pokud chcete nadále používat všechny funkce, postupujte podle licenčních podmínek.", + "componentsSupporterMessage": "Děkujeme, že podporujete Pangolin jako {tier}!", + "inviteErrorNotValid": "Je nám líto, ale vypadá to, že pozvánka, ke které se snažíte získat přístup, nebyla přijata nebo již není platná.", + "inviteErrorUser": "Je nám líto, ale vypadá to, že pozvánka, ke které se snažíte získat přístup, není pro tohoto uživatele.", + "inviteLoginUser": "Prosím ujistěte se, že jste přihlášeni jako správný uživatel.", + "inviteErrorNoUser": "Je nám líto, ale vypadá to, že pozvánka, ke které se snažíte získat přístup, není pro existujícího uživatele.", + "inviteCreateUser": "Nejprve si prosím vytvořte účet.", + "goHome": "Přejít na hlavní stránku", + "inviteLogInOtherUser": "Přihlásit se jako jiný uživatel", + "createAnAccount": "Vytvořit účet", + "inviteNotAccepted": "Pozvánka nebyla přijata", + "authCreateAccount": "Vytvořte si účet, abyste mohli začít", + "authNoAccount": "Nemáte účet?", + "email": "Email", + "password": "Heslo", + "confirmPassword": "Potvrďte heslo", + "createAccount": "Vytvořit účet", + "viewSettings": "Zobrazit nastavení", + "delete": "Odstranit", + "name": "Jméno", + "online": "Online", + "offline": "Offline", + "site": "Lokalita", + "dataIn": "Přijatá data", + "dataOut": "Odeslaná data", + "connectionType": "Typ připojení", + "tunnelType": "Typ tunelu", + "local": "Místní", + "edit": "Upravit", + "siteConfirmDelete": "Potvrdit odstranění lokality", + "siteDelete": "Odstranění lokality", + "siteMessageRemove": "Jakmile lokalitu odstraníte, nebude dostupná. Všechny související služby a cíle budou také odstraněny.", + "siteMessageConfirm": "Pro potvrzení zadejte prosím název lokality.", + "siteQuestionRemove": "Opravdu chcete odstranit lokalitu {selectedSite} z organizace?", + "siteManageSites": "Správa lokalit", + "siteDescription": "Umožní připojení k vaší síti prostřednictvím zabezpečených tunelů", + "siteCreate": "Vytvořit lokalitu", + "siteCreateDescription2": "Postupujte podle níže uvedených kroků, abyste vytvořili a připojili novou lokalitu", + "siteCreateDescription": "Vytvořte novou lokalitu, abyste mohli začít připojovat služby", + "close": "Zavřít", + "siteErrorCreate": "Chyba při vytváření lokality", + "siteErrorCreateKeyPair": "Nebyly nalezeny klíče nebo výchozí nastavení lokality", + "siteErrorCreateDefaults": "Výchozí nastavení lokality nenalezeno", + "method": "Způsob", + "siteMethodDescription": "Tímto způsobem budete vystavovat spojení.", + "siteLearnNewt": "Naučte se, jak nainstalovat Newt na svůj systém", + "siteSeeConfigOnce": "Konfiguraci uvidíte pouze jednou.", + "siteLoadWGConfig": "Načítání konfigurace WireGuard...", + "siteDocker": "Rozbalit pro detaily nasazení v Dockeru", + "toggle": "Přepínač", + "dockerCompose": "Docker Compose", + "dockerRun": "Docker Run", + "siteLearnLocal": "Místní lokality se netunelují, dozvědět se více", + "siteConfirmCopy": "Konfiguraci jsem zkopíroval", + "searchSitesProgress": "Hledat lokality...", + "siteAdd": "Přidat lokalitu", + "siteInstallNewt": "Nainstalovat Newt", + "siteInstallNewtDescription": "Spustit Newt na vašem systému", + "WgConfiguration": "Konfigurace WireGuard", + "WgConfigurationDescription": "Použijte následující konfiguraci pro připojení k vaší síti", + "operatingSystem": "Operační systém", + "commands": "Příkazy", + "recommended": "Doporučeno", + "siteNewtDescription": "Ideálně použijte Newt, který využívá WireGuard a umožňuje adresovat vaše soukromé zdroje pomocí jejich LAN adresy ve vaší privátní síti přímo z dashboardu Pangolin.", + "siteRunsInDocker": "Běží v Dockeru", + "siteRunsInShell": "Běží v shellu na macOS, Linuxu a Windows", + "siteErrorDelete": "Chyba při odstraňování lokality", + "siteErrorUpdate": "Nepodařilo se upravit lokalitu", + "siteErrorUpdateDescription": "Při úpravě lokality došlo k chybě.", + "siteUpdated": "Lokalita upravena", + "siteUpdatedDescription": "Lokalita byla upravena.", + "siteGeneralDescription": "Upravte obecná nastavení pro tuto lokalitu", + "siteSettingDescription": "Upravte nastavení vaší lokality", + "siteSetting": "Nastavení {siteName}", + "siteNewtTunnel": "Tunel Newt (doporučeno)", + "siteNewtTunnelDescription": "Nejjednodušší způsob, jak vytvořit vstupní bod do vaší sítě. Žádné další nastavení.", + "siteWg": "Základní WireGuard", + "siteWgDescription": "Použijte jakéhokoli klienta WireGuard abyste sestavili tunel. Vyžaduje se ruční nastavení NAT.", + "siteWgDescriptionSaas": "Použijte jakéhokoli klienta WireGuard abyste sestavili tunel. Vyžaduje se ruční nastavení NAT. FUNGUJE POUZE NA SELF-HOSTED SERVERECH", + "siteLocalDescription": "Pouze lokální zdroje. Žádný tunel.", + "siteLocalDescriptionSaas": "Pouze lokální zdroje. Žádný tunel. FUNGUJE POUZE NA SELF-HOSTED SERVERECH", + "siteSeeAll": "Zobrazit všechny lokality", + "siteTunnelDescription": "Určete jak se chcete připojit k vaší lokalitě", + "siteNewtCredentials": "Přihlašovací údaje Newt", + "siteNewtCredentialsDescription": "Tímto způsobem se bude Newt autentizovat na serveru", + "siteCredentialsSave": "Uložit přihlašovací údaje", + "siteCredentialsSaveDescription": "Toto nastavení uvidíte pouze jednou. Ujistěte se, že jej zkopírujete na bezpečné místo.", + "siteInfo": "Údaje o lokalitě", + "status": "Stav", + "shareTitle": "Spravovat sdílení odkazů", + "shareDescription": "Vytvořte odkazy, abyste udělili dočasný nebo trvalý přístup k vašim zdrojům", + "shareSearch": "Hledat sdílené odkazy...", + "shareCreate": "Vytvořit odkaz", + "shareErrorDelete": "Nepodařilo se odstranit odkaz", + "shareErrorDeleteMessage": "Došlo k chybě při odstraňování odkazu", + "shareDeleted": "Odkaz odstraněn", + "shareDeletedDescription": "Odkaz byl odstraněn", + "shareTokenDescription": "Váš přístupový token může být předán dvěma způsoby: jako parametr dotazu nebo v záhlaví požadavku. Tyto údaje musí být předány klientem v každé žádosti o ověřený přístup.", + "accessToken": "Přístupový token", + "usageExamples": "Příklady použití", + "tokenId": "ID tokenu", + "requestHeades": "Hlavičky požadavku", + "queryParameter": "Parametry dotazu", + "importantNote": "Důležité upozornění", + "shareImportantDescription": "Z bezpečnostních důvodů je doporučeno používat raději hlavičky než parametry dotazu pokud je to možné, protože parametry dotazu mohou být zaznamenány v logu serveru nebo v historii prohlížeče.", + "token": "Token", + "shareTokenSecurety": "Uchovejte přístupový token v bezpečí. Nesdílejte jej na veřejně přístupných místěch nebo v kódu na straně klienta.", + "shareErrorFetchResource": "Nepodařilo se načíst zdroje", + "shareErrorFetchResourceDescription": "Při načítání zdrojů došlo k chybě", + "shareErrorCreate": "Nepodařilo se vytvořit odkaz", + "shareErrorCreateDescription": "Při vytváření odkazu došlo k chybě", + "shareCreateDescription": "Kdokoliv s tímto odkazem může přistupovat ke zdroji", + "shareTitleOptional": "Název (volitelné)", + "expireIn": "Platnost vyprší za", + "neverExpire": "Nikdy nevyprší", + "shareExpireDescription": "Doba platnosti určuje, jak dlouho bude odkaz použitelný a bude poskytovat přístup ke zdroji. Po této době odkaz již nebude fungovat a uživatelé kteří tento odkaz používali ztratí přístup ke zdroji.", + "shareSeeOnce": "Tento odkaz uvidíte pouze jednou. Ujistěte se, že jste jej zkopírovali.", + "shareAccessHint": "Kdokoli s tímto odkazem může přistupovat ke zdroji. Sdílejte jej s rozvahou.", + "shareTokenUsage": "Zobrazit využití přístupového tokenu", + "createLink": "Vytvořit odkaz", + "resourcesNotFound": "Nebyly nalezeny žádné zdroje", + "resourceSearch": "Vyhledat zdroje", + "openMenu": "Otevřít nabídku", + "resource": "Zdroj", + "title": "Název", + "created": "Vytvořeno", + "expires": "Vyprší", + "never": "Nikdy", + "shareErrorSelectResource": "Zvolte prosím zdroj", + "resourceTitle": "Spravovat zdroje", + "resourceDescription": "Vytvořte bezpečné proxy služby pro přístup k privátním aplikacím", + "resourcesSearch": "Prohledat zdroje...", + "resourceAdd": "Přidat zdroj", + "resourceErrorDelte": "Chyba při odstraňování zdroje", + "authentication": "Autentifikace", + "protected": "Chráněno", + "notProtected": "Nechráněno", + "resourceMessageRemove": "Jakmile zdroj odstraníte, nebude dostupný. Všechny související služby a cíle budou také odstraněny.", + "resourceMessageConfirm": "Pro potvrzení zadejte prosím název zdroje.", + "resourceQuestionRemove": "Opravdu chcete odstranit zdroj {selectedResource} z organizace?", + "resourceHTTP": "Zdroj HTTPS", + "resourceHTTPDescription": "Proxy requests to your app over HTTPS using a subdomain or base domain.", + "resourceRaw": "Raw TCP/UDP Resource", + "resourceRawDescription": "Proxy requests to your app over TCP/UDP using a port number.", + "resourceCreate": "Vytvořit zdroj", + "resourceCreateDescription": "Postupujte podle níže uvedených kroků, abyste vytvořili a připojili nový zdroj", + "resourceSeeAll": "Zobrazit všechny zdroje", + "resourceInfo": "Informace o zdroji", + "resourceNameDescription": "Toto je zobrazovaný název zdroje.", + "siteSelect": "Vybrat lokalitu", + "siteSearch": "Hledat lokalitu", + "siteNotFound": "Nebyla nalezena žádná lokalita.", + "siteSelectionDescription": "Tato lokalita poskytne připojení k cíli.", + "resourceType": "Typ zdroje", + "resourceTypeDescription": "Určete, jak chcete přistupovat ke svému zdroji", + "resourceHTTPSSettings": "Nastavení HTTPS", + "resourceHTTPSSettingsDescription": "Nakonfigurujte, jak bude váš zdroj přístupný přes HTTPS", + "domainType": "Typ domény", + "subdomain": "Subdoména", + "baseDomain": "Základní doména", + "subdomnainDescription": "Subdoména, kde bude váš zdroj přístupný.", + "resourceRawSettings": "Nastavení TCP/UDP", + "resourceRawSettingsDescription": "Nakonfigurujte, jak bude váš dokument přístupný přes TCP/UDP", + "protocol": "Protokol", + "protocolSelect": "Vybrat protokol", + "resourcePortNumber": "Číslo portu", + "resourcePortNumberDescription": "Externí port k požadavkům proxy serveru.", + "cancel": "Zrušit", + "resourceConfig": "Konfigurační snippety", + "resourceConfigDescription": "Zkopírujte a vložte tyto konfigurační snippety pro nastavení TCP/UDP zdroje", + "resourceAddEntrypoints": "Traefik: Přidat vstupní body", + "resourceExposePorts": "Gerbil: Expose Ports in Docker Compose", + "resourceLearnRaw": "Learn how to configure TCP/UDP resources", + "resourceBack": "Back to Resources", + "resourceGoTo": "Go to Resource", + "resourceDelete": "Delete Resource", + "resourceDeleteConfirm": "Confirm Delete Resource", + "visibility": "Visibility", + "enabled": "Enabled", + "disabled": "Disabled", + "general": "General", + "generalSettings": "General Settings", + "proxy": "Proxy", + "internal": "Internal", + "rules": "Rules", + "resourceSettingDescription": "Configure the settings on your resource", + "resourceSetting": "{resourceName} Settings", + "alwaysAllow": "Always Allow", + "alwaysDeny": "Always Deny", + "passToAuth": "Pass to Auth", + "orgSettingsDescription": "Configure your organization's general settings", + "orgGeneralSettings": "Organization Settings", + "orgGeneralSettingsDescription": "Manage your organization details and configuration", + "saveGeneralSettings": "Save General Settings", + "saveSettings": "Save Settings", + "orgDangerZone": "Danger Zone", + "orgDangerZoneDescription": "Once you delete this org, there is no going back. Please be certain.", + "orgDelete": "Delete Organization", + "orgDeleteConfirm": "Confirm Delete Organization", + "orgMessageRemove": "This action is irreversible and will delete all associated data.", + "orgMessageConfirm": "To confirm, please type the name of the organization below.", + "orgQuestionRemove": "Are you sure you want to remove the organization {selectedOrg}?", + "orgUpdated": "Organization updated", + "orgUpdatedDescription": "The organization has been updated.", + "orgErrorUpdate": "Failed to update organization", + "orgErrorUpdateMessage": "An error occurred while updating the organization.", + "orgErrorFetch": "Failed to fetch organizations", + "orgErrorFetchMessage": "An error occurred while listing your organizations", + "orgErrorDelete": "Failed to delete organization", + "orgErrorDeleteMessage": "An error occurred while deleting the organization.", + "orgDeleted": "Organization deleted", + "orgDeletedMessage": "The organization and its data has been deleted.", + "orgMissing": "Organization ID Missing", + "orgMissingMessage": "Unable to regenerate invitation without an organization ID.", + "accessUsersManage": "Manage Users", + "accessUsersDescription": "Invite users and add them to roles to manage access to your organization", + "accessUsersSearch": "Search users...", + "accessUserCreate": "Create User", + "accessUserRemove": "Remove User", + "username": "Username", + "identityProvider": "Identity Provider", + "role": "Role", + "nameRequired": "Name is required", + "accessRolesManage": "Manage Roles", + "accessRolesDescription": "Configure roles to manage access to your organization", + "accessRolesSearch": "Search roles...", + "accessRolesAdd": "Add Role", + "accessRoleDelete": "Delete Role", + "description": "Description", + "inviteTitle": "Open Invitations", + "inviteDescription": "Manage your invitations to other users", + "inviteSearch": "Search invitations...", + "minutes": "Minutes", + "hours": "Hours", + "days": "Days", + "weeks": "Weeks", + "months": "Months", + "years": "Years", + "day": "{count, plural, one {# day} other {# days}}", + "apiKeysTitle": "API Key Information", + "apiKeysConfirmCopy2": "You must confirm that you have copied the API key.", + "apiKeysErrorCreate": "Error creating API key", + "apiKeysErrorSetPermission": "Error setting permissions", + "apiKeysCreate": "Generate API Key", + "apiKeysCreateDescription": "Generate a new API key for your organization", + "apiKeysGeneralSettings": "Permissions", + "apiKeysGeneralSettingsDescription": "Determine what this API key can do", + "apiKeysList": "Your API Key", + "apiKeysSave": "Save Your API Key", + "apiKeysSaveDescription": "You will only be able to see this once. Make sure to copy it to a secure place.", + "apiKeysInfo": "Your API key is:", + "apiKeysConfirmCopy": "I have copied the API key", + "generate": "Generate", + "done": "Done", + "apiKeysSeeAll": "See All API Keys", + "apiKeysPermissionsErrorLoadingActions": "Error loading API key actions", + "apiKeysPermissionsErrorUpdate": "Error setting permissions", + "apiKeysPermissionsUpdated": "Permissions updated", + "apiKeysPermissionsUpdatedDescription": "The permissions have been updated.", + "apiKeysPermissionsGeneralSettings": "Permissions", + "apiKeysPermissionsGeneralSettingsDescription": "Determine what this API key can do", + "apiKeysPermissionsSave": "Save Permissions", + "apiKeysPermissionsTitle": "Permissions", + "apiKeys": "API Keys", + "searchApiKeys": "Search API keys...", + "apiKeysAdd": "Generate API Key", + "apiKeysErrorDelete": "Error deleting API key", + "apiKeysErrorDeleteMessage": "Error deleting API key", + "apiKeysQuestionRemove": "Are you sure you want to remove the API key {selectedApiKey} from the organization?", + "apiKeysMessageRemove": "Once removed, the API key will no longer be able to be used.", + "apiKeysMessageConfirm": "To confirm, please type the name of the API key below.", + "apiKeysDeleteConfirm": "Confirm Delete API Key", + "apiKeysDelete": "Delete API Key", + "apiKeysManage": "Manage API Keys", + "apiKeysDescription": "API keys are used to authenticate with the integration API", + "apiKeysSettings": "{apiKeyName} Settings", + "userTitle": "Manage All Users", + "userDescription": "View and manage all users in the system", + "userAbount": "About User Management", + "userAbountDescription": "This table displays all root user objects in the system. Each user may belong to multiple organizations. Removing a user from an organization does not delete their root user object - they will remain in the system. To completely remove a user from the system, you must delete their root user object using the delete action in this table.", + "userServer": "Server Users", + "userSearch": "Search server users...", + "userErrorDelete": "Error deleting user", + "userDeleteConfirm": "Confirm Delete User", + "userDeleteServer": "Delete User from Server", + "userMessageRemove": "The user will be removed from all organizations and be completely removed from the server.", + "userMessageConfirm": "To confirm, please type the name of the user below.", + "userQuestionRemove": "Are you sure you want to permanently delete {selectedUser} from the server?", + "licenseKey": "License Key", + "valid": "Valid", + "numberOfSites": "Number of Sites", + "licenseKeySearch": "Search license keys...", + "licenseKeyAdd": "Add License Key", + "type": "Type", + "licenseKeyRequired": "License key is required", + "licenseTermsAgree": "You must agree to the license terms", + "licenseErrorKeyLoad": "Failed to load license keys", + "licenseErrorKeyLoadDescription": "An error occurred loading license keys.", + "licenseErrorKeyDelete": "Failed to delete license key", + "licenseErrorKeyDeleteDescription": "An error occurred deleting license key.", + "licenseKeyDeleted": "License key deleted", + "licenseKeyDeletedDescription": "The license key has been deleted.", + "licenseErrorKeyActivate": "Failed to activate license key", + "licenseErrorKeyActivateDescription": "An error occurred while activating the license key.", + "licenseAbout": "About Licensing", + "communityEdition": "Community Edition", + "licenseAboutDescription": "This is for business and enterprise users who are using Pangolin in a commercial environment. If you are using Pangolin for personal use, you can ignore this section.", + "licenseKeyActivated": "License key activated", + "licenseKeyActivatedDescription": "The license key has been successfully activated.", + "licenseErrorKeyRecheck": "Failed to recheck license keys", + "licenseErrorKeyRecheckDescription": "An error occurred rechecking license keys.", + "licenseErrorKeyRechecked": "License keys rechecked", + "licenseErrorKeyRecheckedDescription": "All license keys have been rechecked", + "licenseActivateKey": "Activate License Key", + "licenseActivateKeyDescription": "Enter a license key to activate it.", + "licenseActivate": "Activate License", + "licenseAgreement": "By checking this box, you confirm that you have read and agree to the license terms corresponding to the tier associated with your license key.", + "fossorialLicense": "View Fossorial Commercial License & Subscription Terms", + "licenseMessageRemove": "This will remove the license key and all associated permissions granted by it.", + "licenseMessageConfirm": "To confirm, please type the license key below.", + "licenseQuestionRemove": "Are you sure you want to delete the license key {selectedKey} ?", + "licenseKeyDelete": "Delete License Key", + "licenseKeyDeleteConfirm": "Confirm Delete License Key", + "licenseTitle": "Manage License Status", + "licenseTitleDescription": "View and manage license keys in the system", + "licenseHost": "Host License", + "licenseHostDescription": "Manage the main license key for the host.", + "licensedNot": "Not Licensed", + "hostId": "Host ID", + "licenseReckeckAll": "Recheck All Keys", + "licenseSiteUsage": "Sites Usage", + "licenseSiteUsageDecsription": "View the number of sites using this license.", + "licenseNoSiteLimit": "There is no limit on the number of sites using an unlicensed host.", + "licensePurchase": "Purchase License", + "licensePurchaseSites": "Purchase Additional Sites", + "licenseSitesUsedMax": "{usedSites} of {maxSites} sites used", + "licenseSitesUsed": "{count, plural, =0 {# sites} one {# site} other {# sites}} in system.", + "licensePurchaseDescription": "Choose how many sites you want to {selectedMode, select, license {purchase a license for. You can always add more sites later.} other {add to your existing license.}}", + "licenseFee": "License fee", + "licensePriceSite": "Price per site", + "total": "Total", + "licenseContinuePayment": "Continue to Payment", + "pricingPage": "pricing page", + "pricingPortal": "See Purchase Portal", + "licensePricingPage": "For the most up-to-date pricing and discounts, please visit the ", + "invite": "Invitations", + "inviteRegenerate": "Regenerate Invitation", + "inviteRegenerateDescription": "Revoke previous invitation and create a new one", + "inviteRemove": "Remove Invitation", + "inviteRemoveError": "Failed to remove invitation", + "inviteRemoveErrorDescription": "An error occurred while removing the invitation.", + "inviteRemoved": "Invitation removed", + "inviteRemovedDescription": "The invitation for {email} has been removed.", + "inviteQuestionRemove": "Are you sure you want to remove the invitation {email}?", + "inviteMessageRemove": "Once removed, this invitation will no longer be valid. You can always re-invite the user later.", + "inviteMessageConfirm": "To confirm, please type the email address of the invitation below.", + "inviteQuestionRegenerate": "Are you sure you want to regenerate the invitation for {email}? This will revoke the previous invitation.", + "inviteRemoveConfirm": "Confirm Remove Invitation", + "inviteRegenerated": "Invitation Regenerated", + "inviteSent": "A new invitation has been sent to {email}.", + "inviteSentEmail": "Send email notification to the user", + "inviteGenerate": "A new invitation has been generated for {email}.", + "inviteDuplicateError": "Duplicate Invite", + "inviteDuplicateErrorDescription": "An invitation for this user already exists.", + "inviteRateLimitError": "Rate Limit Exceeded", + "inviteRateLimitErrorDescription": "You have exceeded the limit of 3 regenerations per hour. Please try again later.", + "inviteRegenerateError": "Failed to Regenerate Invitation", + "inviteRegenerateErrorDescription": "An error occurred while regenerating the invitation.", + "inviteValidityPeriod": "Validity Period", + "inviteValidityPeriodSelect": "Select validity period", + "inviteRegenerateMessage": "The invitation has been regenerated. The user must access the link below to accept the invitation.", + "inviteRegenerateButton": "Regenerate", + "expiresAt": "Expires At", + "accessRoleUnknown": "Unknown Role", + "placeholder": "Placeholder", + "userErrorOrgRemove": "Failed to remove user", + "userErrorOrgRemoveDescription": "An error occurred while removing the user.", + "userOrgRemoved": "User removed", + "userOrgRemovedDescription": "The user {email} has been removed from the organization.", + "userQuestionOrgRemove": "Are you sure you want to remove {email} from the organization?", + "userMessageOrgRemove": "Once removed, this user will no longer have access to the organization. You can always re-invite them later, but they will need to accept the invitation again.", + "userMessageOrgConfirm": "To confirm, please type the name of the of the user below.", + "userRemoveOrgConfirm": "Confirm Remove User", + "userRemoveOrg": "Remove User from Organization", + "users": "Users", + "accessRoleMember": "Member", + "accessRoleOwner": "Owner", + "userConfirmed": "Confirmed", + "idpNameInternal": "Internal", + "emailInvalid": "Invalid email address", + "inviteValidityDuration": "Please select a duration", + "accessRoleSelectPlease": "Please select a role", + "usernameRequired": "Username is required", + "idpSelectPlease": "Please select an identity provider", + "idpGenericOidc": "Generic OAuth2/OIDC provider.", + "accessRoleErrorFetch": "Failed to fetch roles", + "accessRoleErrorFetchDescription": "An error occurred while fetching the roles", + "idpErrorFetch": "Failed to fetch identity providers", + "idpErrorFetchDescription": "An error occurred while fetching identity providers", + "userErrorExists": "User Already Exists", + "userErrorExistsDescription": "This user is already a member of the organization.", + "inviteError": "Failed to invite user", + "inviteErrorDescription": "An error occurred while inviting the user", + "userInvited": "User invited", + "userInvitedDescription": "The user has been successfully invited.", + "userErrorCreate": "Failed to create user", + "userErrorCreateDescription": "An error occurred while creating the user", + "userCreated": "User created", + "userCreatedDescription": "The user has been successfully created.", + "userTypeInternal": "Internal User", + "userTypeInternalDescription": "Invite a user to join your organization directly.", + "userTypeExternal": "External User", + "userTypeExternalDescription": "Create a user with an external identity provider.", + "accessUserCreateDescription": "Follow the steps below to create a new user", + "userSeeAll": "See All Users", + "userTypeTitle": "User Type", + "userTypeDescription": "Determine how you want to create the user", + "userSettings": "User Information", + "userSettingsDescription": "Enter the details for the new user", + "inviteEmailSent": "Send invite email to user", + "inviteValid": "Valid For", + "selectDuration": "Select duration", + "accessRoleSelect": "Select role", + "inviteEmailSentDescription": "An email has been sent to the user with the access link below. They must access the link to accept the invitation.", + "inviteSentDescription": "The user has been invited. They must access the link below to accept the invitation.", + "inviteExpiresIn": "The invite will expire in {days, plural, one {# day} other {# days}}.", + "idpTitle": "Identity Provider", + "idpSelect": "Select the identity provider for the external user", + "idpNotConfigured": "No identity providers are configured. Please configure an identity provider before creating external users.", + "usernameUniq": "This must match the unique username that exists in the selected identity provider.", + "emailOptional": "Email (Optional)", + "nameOptional": "Name (Optional)", + "accessControls": "Access Controls", + "userDescription2": "Manage the settings on this user", + "accessRoleErrorAdd": "Failed to add user to role", + "accessRoleErrorAddDescription": "An error occurred while adding user to the role.", + "userSaved": "User saved", + "userSavedDescription": "The user has been updated.", + "accessControlsDescription": "Manage what this user can access and do in the organization", + "accessControlsSubmit": "Save Access Controls", + "roles": "Roles", + "accessUsersRoles": "Manage Users & Roles", + "accessUsersRolesDescription": "Invite users and add them to roles to manage access to your organization", + "key": "Key", + "createdAt": "Created At", + "proxyErrorInvalidHeader": "Invalid custom Host Header value. Use domain name format, or save empty to unset custom Host Header.", + "proxyErrorTls": "Invalid TLS Server Name. Use domain name format, or save empty to remove the TLS Server Name.", + "proxyEnableSSL": "Enable SSL (https)", + "targetErrorFetch": "Failed to fetch targets", + "targetErrorFetchDescription": "An error occurred while fetching targets", + "siteErrorFetch": "Failed to fetch resource", + "siteErrorFetchDescription": "An error occurred while fetching resource", + "targetErrorDuplicate": "Duplicate target", + "targetErrorDuplicateDescription": "A target with these settings already exists", + "targetWireGuardErrorInvalidIp": "Invalid target IP", + "targetWireGuardErrorInvalidIpDescription": "Target IP must be within the site subnet", + "targetsUpdated": "Targets updated", + "targetsUpdatedDescription": "Targets and settings updated successfully", + "targetsErrorUpdate": "Failed to update targets", + "targetsErrorUpdateDescription": "An error occurred while updating targets", + "targetTlsUpdate": "TLS settings updated", + "targetTlsUpdateDescription": "Your TLS settings have been updated successfully", + "targetErrorTlsUpdate": "Failed to update TLS settings", + "targetErrorTlsUpdateDescription": "An error occurred while updating TLS settings", + "proxyUpdated": "Proxy settings updated", + "proxyUpdatedDescription": "Your proxy settings have been updated successfully", + "proxyErrorUpdate": "Failed to update proxy settings", + "proxyErrorUpdateDescription": "An error occurred while updating proxy settings", + "targetAddr": "IP / Hostname", + "targetPort": "Port", + "targetProtocol": "Protocol", + "targetTlsSettings": "Secure Connection Configuration", + "targetTlsSettingsDescription": "Configure SSL/TLS settings for your resource", + "targetTlsSettingsAdvanced": "Advanced TLS Settings", + "targetTlsSni": "TLS Server Name (SNI)", + "targetTlsSniDescription": "The TLS Server Name to use for SNI. Leave empty to use the default.", + "targetTlsSubmit": "Save Settings", + "targets": "Targets Configuration", + "targetsDescription": "Set up targets to route traffic to your backend services", + "targetStickySessions": "Enable Sticky Sessions", + "targetStickySessionsDescription": "Keep connections on the same backend target for their entire session.", + "methodSelect": "Select method", + "targetSubmit": "Add Target", + "targetNoOne": "No targets. Add a target using the form.", + "targetNoOneDescription": "Adding more than one target above will enable load balancing.", + "targetsSubmit": "Save Targets", + "proxyAdditional": "Additional Proxy Settings", + "proxyAdditionalDescription": "Configure how your resource handles proxy settings", + "proxyCustomHeader": "Custom Host Header", + "proxyCustomHeaderDescription": "The host header to set when proxying requests. Leave empty to use the default.", + "proxyAdditionalSubmit": "Save Proxy Settings", + "subnetMaskErrorInvalid": "Invalid subnet mask. Must be between 0 and 32.", + "ipAddressErrorInvalidFormat": "Invalid IP address format", + "ipAddressErrorInvalidOctet": "Invalid IP address octet", + "path": "Path", + "ipAddressRange": "IP Range", + "rulesErrorFetch": "Failed to fetch rules", + "rulesErrorFetchDescription": "An error occurred while fetching rules", + "rulesErrorDuplicate": "Duplicate rule", + "rulesErrorDuplicateDescription": "A rule with these settings already exists", + "rulesErrorInvalidIpAddressRange": "Invalid CIDR", + "rulesErrorInvalidIpAddressRangeDescription": "Please enter a valid CIDR value", + "rulesErrorInvalidUrl": "Invalid URL path", + "rulesErrorInvalidUrlDescription": "Please enter a valid URL path value", + "rulesErrorInvalidIpAddress": "Invalid IP", + "rulesErrorInvalidIpAddressDescription": "Please enter a valid IP address", + "rulesErrorUpdate": "Failed to update rules", + "rulesErrorUpdateDescription": "An error occurred while updating rules", + "rulesUpdated": "Enable Rules", + "rulesUpdatedDescription": "Rule evaluation has been updated", + "rulesMatchIpAddressRangeDescription": "Enter an address in CIDR format (e.g., 103.21.244.0/22)", + "rulesMatchIpAddress": "Enter an IP address (e.g., 103.21.244.12)", + "rulesMatchUrl": "Enter a URL path or pattern (e.g., /api/v1/todos or /api/v1/*)", + "rulesErrorInvalidPriority": "Invalid Priority", + "rulesErrorInvalidPriorityDescription": "Please enter a valid priority", + "rulesErrorDuplicatePriority": "Duplicate Priorities", + "rulesErrorDuplicatePriorityDescription": "Please enter unique priorities", + "ruleUpdated": "Rules updated", + "ruleUpdatedDescription": "Rules updated successfully", + "ruleErrorUpdate": "Operation failed", + "ruleErrorUpdateDescription": "An error occurred during the save operation", + "rulesPriority": "Priority", + "rulesAction": "Action", + "rulesMatchType": "Match Type", + "value": "Value", + "rulesAbout": "About Rules", + "rulesAboutDescription": "Rules allow you to control access to your resource based on a set of criteria. You can create rules to allow or deny access based on IP address or URL path.", + "rulesActions": "Actions", + "rulesActionAlwaysAllow": "Always Allow: Bypass all authentication methods", + "rulesActionAlwaysDeny": "Always Deny: Block all requests; no authentication can be attempted", + "rulesActionPassToAuth": "Pass to Auth: Allow authentication methods to be attempted", + "rulesMatchCriteria": "Matching Criteria", + "rulesMatchCriteriaIpAddress": "Match a specific IP address", + "rulesMatchCriteriaIpAddressRange": "Match a range of IP addresses in CIDR notation", + "rulesMatchCriteriaUrl": "Match a URL path or pattern", + "rulesEnable": "Enable Rules", + "rulesEnableDescription": "Enable or disable rule evaluation for this resource", + "rulesResource": "Resource Rules Configuration", + "rulesResourceDescription": "Configure rules to control access to your resource", + "ruleSubmit": "Add Rule", + "rulesNoOne": "No rules. Add a rule using the form.", + "rulesOrder": "Rules are evaluated by priority in ascending order.", + "rulesSubmit": "Save Rules", + "resourceErrorCreate": "Error creating resource", + "resourceErrorCreateDescription": "An error occurred when creating the resource", + "resourceErrorCreateMessage": "Error creating resource:", + "resourceErrorCreateMessageDescription": "An unexpected error occurred", + "sitesErrorFetch": "Error fetching sites", + "sitesErrorFetchDescription": "An error occurred when fetching the sites", + "domainsErrorFetch": "Error fetching domains", + "domainsErrorFetchDescription": "An error occurred when fetching the domains", + "none": "None", + "unknown": "Unknown", + "resources": "Resources", + "resourcesDescription": "Resources are proxies to applications running on your private network. Create a resource for any HTTP/HTTPS or raw TCP/UDP service on your private network. Each resource must be connected to a site to enable private, secure connectivity through an encrypted WireGuard tunnel.", + "resourcesWireGuardConnect": "Secure connectivity with WireGuard encryption", + "resourcesMultipleAuthenticationMethods": "Configure multiple authentication methods", + "resourcesUsersRolesAccess": "User and role-based access control", + "resourcesErrorUpdate": "Failed to toggle resource", + "resourcesErrorUpdateDescription": "An error occurred while updating the resource", + "access": "Access", + "shareLink": "{resource} Share Link", + "resourceSelect": "Select resource", + "shareLinks": "Share Links", + "share": "Shareable Links", + "shareDescription2": "Create shareable links to your resources. Links provide temporary or unlimited access to your resource. You can configure the expiration duration of the link when you create one.", + "shareEasyCreate": "Easy to create and share", + "shareConfigurableExpirationDuration": "Configurable expiration duration", + "shareSecureAndRevocable": "Secure and revocable", + "nameMin": "Name must be at least {len} characters.", + "nameMax": "Name must not be longer than {len} characters.", + "sitesConfirmCopy": "Please confirm that you have copied the config.", + "unknownCommand": "Unknown command", + "newtErrorFetchReleases": "Failed to fetch release info: {err}", + "newtErrorFetchLatest": "Error fetching latest release: {err}", + "newtEndpoint": "Newt Endpoint", + "newtId": "Newt ID", + "newtSecretKey": "Newt Secret Key", + "architecture": "Architecture", + "sites": "Sites", + "siteWgAnyClients": "Use any WireGuard client to connect. You will have to address your internal resources using the peer IP.", + "siteWgCompatibleAllClients": "Compatible with all WireGuard clients", + "siteWgManualConfigurationRequired": "Manual configuration required", + "userErrorNotAdminOrOwner": "User is not an admin or owner", + "pangolinSettings": "Settings - Pangolin", + "accessRoleYour": "Your role:", + "accessRoleSelect2": "Select a role", + "accessUserSelect": "Select a user", + "otpEmailEnter": "Enter an email", + "otpEmailEnterDescription": "Press enter to add an email after typing it in the input field.", + "otpEmailErrorInvalid": "Invalid email address. Wildcard (*) must be the entire local part.", + "otpEmailSmtpRequired": "SMTP Required", + "otpEmailSmtpRequiredDescription": "SMTP must be enabled on the server to use one-time password authentication.", + "otpEmailTitle": "One-time Passwords", + "otpEmailTitleDescription": "Require email-based authentication for resource access", + "otpEmailWhitelist": "Email Whitelist", + "otpEmailWhitelistList": "Whitelisted Emails", + "otpEmailWhitelistListDescription": "Only users with these email addresses will be able to access this resource. They will be prompted to enter a one-time password sent to their email. Wildcards (*@example.com) can be used to allow any email address from a domain.", + "otpEmailWhitelistSave": "Save Whitelist", + "passwordAdd": "Add Password", + "passwordRemove": "Remove Password", + "pincodeAdd": "Add PIN Code", + "pincodeRemove": "Remove PIN Code", + "resourceAuthMethods": "Authentication Methods", + "resourceAuthMethodsDescriptions": "Allow access to the resource via additional auth methods", + "resourceAuthSettingsSave": "Saved successfully", + "resourceAuthSettingsSaveDescription": "Authentication settings have been saved", + "resourceErrorAuthFetch": "Failed to fetch data", + "resourceErrorAuthFetchDescription": "An error occurred while fetching the data", + "resourceErrorPasswordRemove": "Error removing resource password", + "resourceErrorPasswordRemoveDescription": "An error occurred while removing the resource password", + "resourceErrorPasswordSetup": "Error setting resource password", + "resourceErrorPasswordSetupDescription": "An error occurred while setting the resource password", + "resourceErrorPincodeRemove": "Error removing resource pincode", + "resourceErrorPincodeRemoveDescription": "An error occurred while removing the resource pincode", + "resourceErrorPincodeSetup": "Error setting resource PIN code", + "resourceErrorPincodeSetupDescription": "An error occurred while setting the resource PIN code", + "resourceErrorUsersRolesSave": "Failed to set roles", + "resourceErrorUsersRolesSaveDescription": "An error occurred while setting the roles", + "resourceErrorWhitelistSave": "Failed to save whitelist", + "resourceErrorWhitelistSaveDescription": "An error occurred while saving the whitelist", + "resourcePasswordSubmit": "Enable Password Protection", + "resourcePasswordProtection": "Password Protection {status}", + "resourcePasswordRemove": "Resource password removed", + "resourcePasswordRemoveDescription": "The resource password has been removed successfully", + "resourcePasswordSetup": "Resource password set", + "resourcePasswordSetupDescription": "The resource password has been set successfully", + "resourcePasswordSetupTitle": "Set Password", + "resourcePasswordSetupTitleDescription": "Set a password to protect this resource", + "resourcePincode": "PIN Code", + "resourcePincodeSubmit": "Enable PIN Code Protection", + "resourcePincodeProtection": "PIN Code Protection {status}", + "resourcePincodeRemove": "Resource pincode removed", + "resourcePincodeRemoveDescription": "The resource password has been removed successfully", + "resourcePincodeSetup": "Resource PIN code set", + "resourcePincodeSetupDescription": "The resource pincode has been set successfully", + "resourcePincodeSetupTitle": "Set Pincode", + "resourcePincodeSetupTitleDescription": "Set a pincode to protect this resource", + "resourceRoleDescription": "Admins can always access this resource.", + "resourceUsersRoles": "Users & Roles", + "resourceUsersRolesDescription": "Configure which users and roles can visit this resource", + "resourceUsersRolesSubmit": "Save Users & Roles", + "resourceWhitelistSave": "Saved successfully", + "resourceWhitelistSaveDescription": "Whitelist settings have been saved", + "ssoUse": "Use Platform SSO", + "ssoUseDescription": "Existing users will only have to log in once for all resources that have this enabled.", + "proxyErrorInvalidPort": "Invalid port number", + "subdomainErrorInvalid": "Invalid subdomain", + "domainErrorFetch": "Error fetching domains", + "domainErrorFetchDescription": "An error occurred when fetching the domains", + "resourceErrorUpdate": "Failed to update resource", + "resourceErrorUpdateDescription": "An error occurred while updating the resource", + "resourceUpdated": "Resource updated", + "resourceUpdatedDescription": "The resource has been updated successfully", + "resourceErrorTransfer": "Failed to transfer resource", + "resourceErrorTransferDescription": "An error occurred while transferring the resource", + "resourceTransferred": "Resource transferred", + "resourceTransferredDescription": "The resource has been transferred successfully", + "resourceErrorToggle": "Failed to toggle resource", + "resourceErrorToggleDescription": "An error occurred while updating the resource", + "resourceVisibilityTitle": "Visibility", + "resourceVisibilityTitleDescription": "Completely enable or disable resource visibility", + "resourceGeneral": "General Settings", + "resourceGeneralDescription": "Configure the general settings for this resource", + "resourceEnable": "Enable Resource", + "resourceTransfer": "Transfer Resource", + "resourceTransferDescription": "Transfer this resource to a different site", + "resourceTransferSubmit": "Transfer Resource", + "siteDestination": "Destination Site", + "searchSites": "Search sites", + "accessRoleCreate": "Create Role", + "accessRoleCreateDescription": "Create a new role to group users and manage their permissions.", + "accessRoleCreateSubmit": "Create Role", + "accessRoleCreated": "Role created", + "accessRoleCreatedDescription": "The role has been successfully created.", + "accessRoleErrorCreate": "Failed to create role", + "accessRoleErrorCreateDescription": "An error occurred while creating the role.", + "accessRoleErrorNewRequired": "New role is required", + "accessRoleErrorRemove": "Failed to remove role", + "accessRoleErrorRemoveDescription": "An error occurred while removing the role.", + "accessRoleName": "Role Name", + "accessRoleQuestionRemove": "You're about to delete the {name} role. You cannot undo this action.", + "accessRoleRemove": "Remove Role", + "accessRoleRemoveDescription": "Remove a role from the organization", + "accessRoleRemoveSubmit": "Remove Role", + "accessRoleRemoved": "Role removed", + "accessRoleRemovedDescription": "The role has been successfully removed.", + "accessRoleRequiredRemove": "Before deleting this role, please select a new role to transfer existing members to.", + "manage": "Manage", + "sitesNotFound": "No sites found.", + "pangolinServerAdmin": "Server Admin - Pangolin", + "licenseTierProfessional": "Professional License", + "licenseTierEnterprise": "Enterprise License", + "licenseTierCommercial": "Commercial License", + "licensed": "Licensed", + "yes": "Yes", + "no": "No", + "sitesAdditional": "Additional Sites", + "licenseKeys": "License Keys", + "sitestCountDecrease": "Decrease site count", + "sitestCountIncrease": "Increase site count", + "idpManage": "Manage Identity Providers", + "idpManageDescription": "View and manage identity providers in the system", + "idpDeletedDescription": "Identity provider deleted successfully", + "idpOidc": "OAuth2/OIDC", + "idpQuestionRemove": "Are you sure you want to permanently delete the identity provider {name}?", + "idpMessageRemove": "This will remove the identity provider and all associated configurations. Users who authenticate through this provider will no longer be able to log in.", + "idpMessageConfirm": "To confirm, please type the name of the identity provider below.", + "idpConfirmDelete": "Confirm Delete Identity Provider", + "idpDelete": "Delete Identity Provider", + "idp": "Identity Providers", + "idpSearch": "Search identity providers...", + "idpAdd": "Add Identity Provider", + "idpClientIdRequired": "Client ID is required.", + "idpClientSecretRequired": "Client Secret is required.", + "idpErrorAuthUrlInvalid": "Auth URL must be a valid URL.", + "idpErrorTokenUrlInvalid": "Token URL must be a valid URL.", + "idpPathRequired": "Identifier Path is required.", + "idpScopeRequired": "Scopes are required.", + "idpOidcDescription": "Configure an OpenID Connect identity provider", + "idpCreatedDescription": "Identity provider created successfully", + "idpCreate": "Create Identity Provider", + "idpCreateDescription": "Configure a new identity provider for user authentication", + "idpSeeAll": "See All Identity Providers", + "idpSettingsDescription": "Configure the basic information for your identity provider", + "idpDisplayName": "A display name for this identity provider", + "idpAutoProvisionUsers": "Auto Provision Users", + "idpAutoProvisionUsersDescription": "When enabled, users will be automatically created in the system upon first login with the ability to map users to roles and organizations.", + "licenseBadge": "Professional", + "idpType": "Provider Type", + "idpTypeDescription": "Select the type of identity provider you want to configure", + "idpOidcConfigure": "OAuth2/OIDC Configuration", + "idpOidcConfigureDescription": "Configure the OAuth2/OIDC provider endpoints and credentials", + "idpClientId": "Client ID", + "idpClientIdDescription": "The OAuth2 client ID from your identity provider", + "idpClientSecret": "Client Secret", + "idpClientSecretDescription": "The OAuth2 client secret from your identity provider", + "idpAuthUrl": "Authorization URL", + "idpAuthUrlDescription": "The OAuth2 authorization endpoint URL", + "idpTokenUrl": "Token URL", + "idpTokenUrlDescription": "The OAuth2 token endpoint URL", + "idpOidcConfigureAlert": "Important Information", + "idpOidcConfigureAlertDescription": "After creating the identity provider, you will need to configure the callback URL in your identity provider's settings. The callback URL will be provided after successful creation.", + "idpToken": "Token Configuration", + "idpTokenDescription": "Configure how to extract user information from the ID token", + "idpJmespathAbout": "About JMESPath", + "idpJmespathAboutDescription": "The paths below use JMESPath syntax to extract values from the ID token.", + "idpJmespathAboutDescriptionLink": "Learn more about JMESPath", + "idpJmespathLabel": "Identifier Path", + "idpJmespathLabelDescription": "The path to the user identifier in the ID token", + "idpJmespathEmailPathOptional": "Email Path (Optional)", + "idpJmespathEmailPathOptionalDescription": "The path to the user's email in the ID token", + "idpJmespathNamePathOptional": "Name Path (Optional)", + "idpJmespathNamePathOptionalDescription": "The path to the user's name in the ID token", + "idpOidcConfigureScopes": "Scopes", + "idpOidcConfigureScopesDescription": "Space-separated list of OAuth2 scopes to request", + "idpSubmit": "Create Identity Provider", + "orgPolicies": "Organization Policies", + "idpSettings": "{idpName} Settings", + "idpCreateSettingsDescription": "Configure the settings for your identity provider", + "roleMapping": "Role Mapping", + "orgMapping": "Organization Mapping", + "orgPoliciesSearch": "Search organization policies...", + "orgPoliciesAdd": "Add Organization Policy", + "orgRequired": "Organization is required", + "error": "Error", + "success": "Success", + "orgPolicyAddedDescription": "Policy added successfully", + "orgPolicyUpdatedDescription": "Policy updated successfully", + "orgPolicyDeletedDescription": "Policy deleted successfully", + "defaultMappingsUpdatedDescription": "Default mappings updated successfully", + "orgPoliciesAbout": "About Organization Policies", + "orgPoliciesAboutDescription": "Organization policies are used to control access to organizations based on the user's ID token. You can specify JMESPath expressions to extract role and organization information from the ID token.", + "orgPoliciesAboutDescriptionLink": "See documentation, for more information.", + "defaultMappingsOptional": "Default Mappings (Optional)", + "defaultMappingsOptionalDescription": "The default mappings are used when when there is not an organization policy defined for an organization. You can specify the default role and organization mappings to fall back to here.", + "defaultMappingsRole": "Default Role Mapping", + "defaultMappingsRoleDescription": "The result of this expression must return the role name as defined in the organization as a string.", + "defaultMappingsOrg": "Default Organization Mapping", + "defaultMappingsOrgDescription": "This expression must return the org ID or true for the user to be allowed to access the organization.", + "defaultMappingsSubmit": "Save Default Mappings", + "orgPoliciesEdit": "Edit Organization Policy", + "org": "Organization", + "orgSelect": "Select organization", + "orgSearch": "Search org", + "orgNotFound": "No org found.", + "roleMappingPathOptional": "Role Mapping Path (Optional)", + "orgMappingPathOptional": "Organization Mapping Path (Optional)", + "orgPolicyUpdate": "Update Policy", + "orgPolicyAdd": "Add Policy", + "orgPolicyConfig": "Configure access for an organization", + "idpUpdatedDescription": "Identity provider updated successfully", + "redirectUrl": "Redirect URL", + "redirectUrlAbout": "About Redirect URL", + "redirectUrlAboutDescription": "This is the URL to which users will be redirected after authentication. You need to configure this URL in your identity provider settings.", + "pangolinAuth": "Auth - Pangolin", + "verificationCodeLengthRequirements": "Your verification code must be 8 characters.", + "errorOccurred": "An error occurred", + "emailErrorVerify": "Failed to verify email:", + "emailVerified": "Email successfully verified! Redirecting you...", + "verificationCodeErrorResend": "Failed to resend verification code:", + "verificationCodeResend": "Verification code resent", + "verificationCodeResendDescription": "We've resent a verification code to your email address. Please check your inbox.", + "emailVerify": "Verify Email", + "emailVerifyDescription": "Enter the verification code sent to your email address.", + "verificationCode": "Verification Code", + "verificationCodeEmailSent": "We sent a verification code to your email address.", + "submit": "Submit", + "emailVerifyResendProgress": "Resending...", + "emailVerifyResend": "Didn't receive a code? Click here to resend", + "passwordNotMatch": "Passwords do not match", + "signupError": "An error occurred while signing up", + "pangolinLogoAlt": "Pangolin Logo", + "inviteAlready": "Looks like you've been invited!", + "inviteAlreadyDescription": "To accept the invite, you must log in or create an account.", + "signupQuestion": "Already have an account?", + "login": "Log in", + "resourceNotFound": "Resource Not Found", + "resourceNotFoundDescription": "The resource you're trying to access does not exist.", + "pincodeRequirementsLength": "PIN must be exactly 6 digits", + "pincodeRequirementsChars": "PIN must only contain numbers", + "passwordRequirementsLength": "Password must be at least 1 character long", + "passwordRequirementsTitle": "Password requirements:", + "passwordRequirementLength": "At least 8 characters long", + "passwordRequirementUppercase": "At least one uppercase letter", + "passwordRequirementLowercase": "At least one lowercase letter", + "passwordRequirementNumber": "At least one number", + "passwordRequirementSpecial": "At least one special character", + "passwordRequirementsMet": "✓ Password meets all requirements", + "passwordStrength": "Password strength", + "passwordStrengthWeak": "Weak", + "passwordStrengthMedium": "Medium", + "passwordStrengthStrong": "Strong", + "passwordRequirements": "Requirements:", + "passwordRequirementLengthText": "8+ characters", + "passwordRequirementUppercaseText": "Uppercase letter (A-Z)", + "passwordRequirementLowercaseText": "Lowercase letter (a-z)", + "passwordRequirementNumberText": "Number (0-9)", + "passwordRequirementSpecialText": "Special character (!@#$%...)", + "passwordsDoNotMatch": "Passwords do not match", + "otpEmailRequirementsLength": "OTP must be at least 1 character long", + "otpEmailSent": "OTP Sent", + "otpEmailSentDescription": "An OTP has been sent to your email", + "otpEmailErrorAuthenticate": "Failed to authenticate with email", + "pincodeErrorAuthenticate": "Failed to authenticate with pincode", + "passwordErrorAuthenticate": "Failed to authenticate with password", + "poweredBy": "Powered by", + "authenticationRequired": "Authentication Required", + "authenticationMethodChoose": "Choose your preferred method to access {name}", + "authenticationRequest": "You must authenticate to access {name}", + "user": "User", + "pincodeInput": "6-digit PIN Code", + "pincodeSubmit": "Log in with PIN", + "passwordSubmit": "Log In with Password", + "otpEmailDescription": "A one-time code will be sent to this email.", + "otpEmailSend": "Send One-time Code", + "otpEmail": "One-Time Password (OTP)", + "otpEmailSubmit": "Submit OTP", + "backToEmail": "Back to Email", + "noSupportKey": "Server is running without a supporter key. Consider supporting the project!", + "accessDenied": "Access Denied", + "accessDeniedDescription": "You're not allowed to access this resource. If this is a mistake, please contact the administrator.", + "accessTokenError": "Error checking access token", + "accessGranted": "Access Granted", + "accessUrlInvalid": "Access URL Invalid", + "accessGrantedDescription": "You have been granted access to this resource. Redirecting you...", + "accessUrlInvalidDescription": "This shared access URL is invalid. Please contact the resource owner for a new URL.", + "tokenInvalid": "Invalid token", + "pincodeInvalid": "Invalid code", + "passwordErrorRequestReset": "Failed to request reset:", + "passwordErrorReset": "Failed to reset password:", + "passwordResetSuccess": "Password reset successfully! Back to log in...", + "passwordReset": "Reset Password", + "passwordResetDescription": "Follow the steps to reset your password", + "passwordResetSent": "We'll send a password reset code to this email address.", + "passwordResetCode": "Reset Code", + "passwordResetCodeDescription": "Check your email for the reset code.", + "passwordNew": "New Password", + "passwordNewConfirm": "Confirm New Password", + "pincodeAuth": "Authenticator Code", + "pincodeSubmit2": "Submit Code", + "passwordResetSubmit": "Request Reset", + "passwordBack": "Back to Password", + "loginBack": "Go back to log in", + "signup": "Sign up", + "loginStart": "Log in to get started", + "idpOidcTokenValidating": "Validating OIDC token", + "idpOidcTokenResponse": "Validate OIDC token response", + "idpErrorOidcTokenValidating": "Error validating OIDC token", + "idpConnectingTo": "Connecting to {name}", + "idpConnectingToDescription": "Validating your identity", + "idpConnectingToProcess": "Connecting...", + "idpConnectingToFinished": "Connected", + "idpErrorConnectingTo": "There was a problem connecting to {name}. Please contact your administrator.", + "idpErrorNotFound": "IdP not found", + "inviteInvalid": "Invalid Invite", + "inviteInvalidDescription": "The invite link is invalid.", + "inviteErrorWrongUser": "Invite is not for this user", + "inviteErrorUserNotExists": "User does not exist. Please create an account first.", + "inviteErrorLoginRequired": "You must be logged in to accept an invite", + "inviteErrorExpired": "The invite may have expired", + "inviteErrorRevoked": "The invite might have been revoked", + "inviteErrorTypo": "There could be a typo in the invite link", + "pangolinSetup": "Setup - Pangolin", + "orgNameRequired": "Organization name is required", + "orgIdRequired": "Organization ID is required", + "orgErrorCreate": "An error occurred while creating org", + "pageNotFound": "Page Not Found", + "pageNotFoundDescription": "Oops! The page you're looking for doesn't exist.", + "overview": "Overview", + "home": "Home", + "accessControl": "Access Control", + "settings": "Settings", + "usersAll": "All Users", + "license": "License", + "pangolinDashboard": "Dashboard - Pangolin", + "noResults": "No results found.", + "terabytes": "{count} TB", + "gigabytes": "{count} GB", + "megabytes": "{count} MB", + "tagsEntered": "Entered Tags", + "tagsEnteredDescription": "These are the tags you`ve entered.", + "tagsWarnCannotBeLessThanZero": "maxTags and minTags cannot be less than 0", + "tagsWarnNotAllowedAutocompleteOptions": "Tag not allowed as per autocomplete options", + "tagsWarnInvalid": "Invalid tag as per validateTag", + "tagWarnTooShort": "Tag {tagText} is too short", + "tagWarnTooLong": "Tag {tagText} is too long", + "tagsWarnReachedMaxNumber": "Reached the maximum number of tags allowed", + "tagWarnDuplicate": "Duplicate tag {tagText} not added", + "supportKeyInvalid": "Invalid Key", + "supportKeyInvalidDescription": "Your supporter key is invalid.", + "supportKeyValid": "Valid Key", + "supportKeyValidDescription": "Your supporter key has been validated. Thank you for your support!", + "supportKeyErrorValidationDescription": "Failed to validate supporter key.", + "supportKey": "Support Development and Adopt a Pangolin!", + "supportKeyDescription": "Purchase a supporter key to help us continue developing Pangolin for the community. Your contribution allows us to commit more time to maintain and add new features to the application for everyone. We will never use this to paywall features. This is separate from any Commercial Edition.", + "supportKeyPet": "You will also get to adopt and meet your very own pet Pangolin!", + "supportKeyPurchase": "Payments are processed via GitHub. Afterward, you can retrieve your key on", + "supportKeyPurchaseLink": "our website", + "supportKeyPurchase2": "and redeem it here.", + "supportKeyLearnMore": "Learn more.", + "supportKeyOptions": "Please select the option that best suits you.", + "supportKetOptionFull": "Full Supporter", + "forWholeServer": "For the whole server", + "lifetimePurchase": "Lifetime purchase", + "supporterStatus": "Supporter status", + "buy": "Buy", + "supportKeyOptionLimited": "Limited Supporter", + "forFiveUsers": "For 5 or less users", + "supportKeyRedeem": "Redeem Supporter Key", + "supportKeyHideSevenDays": "Hide for 7 days", + "supportKeyEnter": "Enter Supporter Key", + "supportKeyEnterDescription": "Meet your very own pet Pangolin!", + "githubUsername": "GitHub Username", + "supportKeyInput": "Supporter Key", + "supportKeyBuy": "Buy Supporter Key", + "logoutError": "Error logging out", + "signingAs": "Signed in as", + "serverAdmin": "Server Admin", + "managedSelfhosted": "Managed Self-Hosted", + "otpEnable": "Enable Two-factor", + "otpDisable": "Disable Two-factor", + "logout": "Log Out", + "licenseTierProfessionalRequired": "Professional Edition Required", + "licenseTierProfessionalRequiredDescription": "This feature is only available in the Professional Edition.", + "actionGetOrg": "Get Organization", + "actionUpdateOrg": "Update Organization", + "actionUpdateUser": "Update User", + "actionGetUser": "Get User", + "actionGetOrgUser": "Get Organization User", + "actionListOrgDomains": "List Organization Domains", + "actionCreateSite": "Create Site", + "actionDeleteSite": "Delete Site", + "actionGetSite": "Get Site", + "actionListSites": "List Sites", + "setupToken": "Setup Token", + "setupTokenDescription": "Enter the setup token from the server console.", + "setupTokenRequired": "Setup token is required", + "actionUpdateSite": "Update Site", + "actionListSiteRoles": "List Allowed Site Roles", + "actionCreateResource": "Create Resource", + "actionDeleteResource": "Delete Resource", + "actionGetResource": "Get Resource", + "actionListResource": "List Resources", + "actionUpdateResource": "Update Resource", + "actionListResourceUsers": "List Resource Users", + "actionSetResourceUsers": "Set Resource Users", + "actionSetAllowedResourceRoles": "Set Allowed Resource Roles", + "actionListAllowedResourceRoles": "List Allowed Resource Roles", + "actionSetResourcePassword": "Set Resource Password", + "actionSetResourcePincode": "Set Resource Pincode", + "actionSetResourceEmailWhitelist": "Set Resource Email Whitelist", + "actionGetResourceEmailWhitelist": "Get Resource Email Whitelist", + "actionCreateTarget": "Create Target", + "actionDeleteTarget": "Delete Target", + "actionGetTarget": "Get Target", + "actionListTargets": "List Targets", + "actionUpdateTarget": "Update Target", + "actionCreateRole": "Create Role", + "actionDeleteRole": "Delete Role", + "actionGetRole": "Get Role", + "actionListRole": "List Roles", + "actionUpdateRole": "Update Role", + "actionListAllowedRoleResources": "List Allowed Role Resources", + "actionInviteUser": "Invite User", + "actionRemoveUser": "Remove User", + "actionListUsers": "List Users", + "actionAddUserRole": "Add User Role", + "actionGenerateAccessToken": "Generate Access Token", + "actionDeleteAccessToken": "Delete Access Token", + "actionListAccessTokens": "List Access Tokens", + "actionCreateResourceRule": "Create Resource Rule", + "actionDeleteResourceRule": "Delete Resource Rule", + "actionListResourceRules": "List Resource Rules", + "actionUpdateResourceRule": "Update Resource Rule", + "actionListOrgs": "List Organizations", + "actionCheckOrgId": "Check ID", + "actionCreateOrg": "Create Organization", + "actionDeleteOrg": "Delete Organization", + "actionListApiKeys": "List API Keys", + "actionListApiKeyActions": "List API Key Actions", + "actionSetApiKeyActions": "Set API Key Allowed Actions", + "actionCreateApiKey": "Create API Key", + "actionDeleteApiKey": "Delete API Key", + "actionCreateIdp": "Create IDP", + "actionUpdateIdp": "Update IDP", + "actionDeleteIdp": "Delete IDP", + "actionListIdps": "List IDP", + "actionGetIdp": "Get IDP", + "actionCreateIdpOrg": "Create IDP Org Policy", + "actionDeleteIdpOrg": "Delete IDP Org Policy", + "actionListIdpOrgs": "List IDP Orgs", + "actionUpdateIdpOrg": "Update IDP Org", + "actionCreateClient": "Create Client", + "actionDeleteClient": "Delete Client", + "actionUpdateClient": "Update Client", + "actionListClients": "List Clients", + "actionGetClient": "Get Client", + "actionCreateSiteResource": "Create Site Resource", + "actionDeleteSiteResource": "Delete Site Resource", + "actionGetSiteResource": "Get Site Resource", + "actionListSiteResources": "List Site Resources", + "actionUpdateSiteResource": "Update Site Resource", + "actionListInvitations": "List Invitations", + "noneSelected": "None selected", + "orgNotFound2": "No organizations found.", + "searchProgress": "Search...", + "create": "Create", + "orgs": "Organizations", + "loginError": "An error occurred while logging in", + "passwordForgot": "Forgot your password?", + "otpAuth": "Two-Factor Authentication", + "otpAuthDescription": "Enter the code from your authenticator app or one of your single-use backup codes.", + "otpAuthSubmit": "Submit Code", + "idpContinue": "Or continue with", + "otpAuthBack": "Back to Log In", + "navbar": "Navigation Menu", + "navbarDescription": "Main navigation menu for the application", + "navbarDocsLink": "Documentation", + "commercialEdition": "Commercial Edition", + "otpErrorEnable": "Unable to enable 2FA", + "otpErrorEnableDescription": "An error occurred while enabling 2FA", + "otpSetupCheckCode": "Please enter a 6-digit code", + "otpSetupCheckCodeRetry": "Invalid code. Please try again.", + "otpSetup": "Enable Two-factor Authentication", + "otpSetupDescription": "Secure your account with an extra layer of protection", + "otpSetupScanQr": "Scan this QR code with your authenticator app or enter the secret key manually:", + "otpSetupSecretCode": "Authenticator Code", + "otpSetupSuccess": "Two-Factor Authentication Enabled", + "otpSetupSuccessStoreBackupCodes": "Your account is now more secure. Don't forget to save your backup codes.", + "otpErrorDisable": "Unable to disable 2FA", + "otpErrorDisableDescription": "An error occurred while disabling 2FA", + "otpRemove": "Disable Two-factor Authentication", + "otpRemoveDescription": "Disable two-factor authentication for your account", + "otpRemoveSuccess": "Two-Factor Authentication Disabled", + "otpRemoveSuccessMessage": "Two-factor authentication has been disabled for your account. You can enable it again at any time.", + "otpRemoveSubmit": "Disable 2FA", + "paginator": "Page {current} of {last}", + "paginatorToFirst": "Go to first page", + "paginatorToPrevious": "Go to previous page", + "paginatorToNext": "Go to next page", + "paginatorToLast": "Go to last page", + "copyText": "Copy text", + "copyTextFailed": "Failed to copy text: ", + "copyTextClipboard": "Copy to clipboard", + "inviteErrorInvalidConfirmation": "Invalid confirmation", + "passwordRequired": "Password is required", + "allowAll": "Allow All", + "permissionsAllowAll": "Allow All Permissions", + "githubUsernameRequired": "GitHub username is required", + "supportKeyRequired": "Supporter key is required", + "passwordRequirementsChars": "Password must be at least 8 characters", + "language": "Language", + "verificationCodeRequired": "Code is required", + "userErrorNoUpdate": "No user to update", + "siteErrorNoUpdate": "No site to update", + "resourceErrorNoUpdate": "No resource to update", + "authErrorNoUpdate": "No auth info to update", + "orgErrorNoUpdate": "No org to update", + "orgErrorNoProvided": "No org provided", + "apiKeysErrorNoUpdate": "No API key to update", + "sidebarOverview": "Overview", + "sidebarHome": "Home", + "sidebarSites": "Sites", + "sidebarResources": "Resources", + "sidebarAccessControl": "Access Control", + "sidebarUsers": "Users", + "sidebarInvitations": "Invitations", + "sidebarRoles": "Roles", + "sidebarShareableLinks": "Shareable Links", + "sidebarApiKeys": "API Keys", + "sidebarSettings": "Settings", + "sidebarAllUsers": "All Users", + "sidebarIdentityProviders": "Identity Providers", + "sidebarLicense": "License", + "sidebarClients": "Clients (Beta)", + "sidebarDomains": "Domains", + "enableDockerSocket": "Enable Docker Socket", + "enableDockerSocketDescription": "Enable Docker Socket discovery for populating container information. Socket path must be provided to Newt.", + "enableDockerSocketLink": "Learn More", + "viewDockerContainers": "View Docker Containers", + "containersIn": "Containers in {siteName}", + "selectContainerDescription": "Select any container to use as a hostname for this target. Click a port to use a port.", + "containerName": "Name", + "containerImage": "Image", + "containerState": "State", + "containerNetworks": "Networks", + "containerHostnameIp": "Hostname/IP", + "containerLabels": "Labels", + "containerLabelsCount": "{count, plural, one {# label} other {# labels}}", + "containerLabelsTitle": "Container Labels", + "containerLabelEmpty": "", + "containerPorts": "Ports", + "containerPortsMore": "+{count} more", + "containerActions": "Actions", + "select": "Select", + "noContainersMatchingFilters": "No containers found matching the current filters.", + "showContainersWithoutPorts": "Show containers without ports", + "showStoppedContainers": "Show stopped containers", + "noContainersFound": "No containers found. Make sure Docker containers are running.", + "searchContainersPlaceholder": "Search across {count} containers...", + "searchResultsCount": "{count, plural, one {# result} other {# results}}", + "filters": "Filters", + "filterOptions": "Filter Options", + "filterPorts": "Ports", + "filterStopped": "Stopped", + "clearAllFilters": "Clear all filters", + "columns": "Columns", + "toggleColumns": "Toggle Columns", + "refreshContainersList": "Refresh containers list", + "searching": "Searching...", + "noContainersFoundMatching": "No containers found matching \"{filter}\".", + "light": "light", + "dark": "dark", + "system": "system", + "theme": "Theme", + "subnetRequired": "Subnet is required", + "initialSetupTitle": "Initial Server Setup", + "initialSetupDescription": "Create the intial server admin account. Only one server admin can exist. You can always change these credentials later.", + "createAdminAccount": "Create Admin Account", + "setupErrorCreateAdmin": "An error occurred while creating the server admin account.", + "certificateStatus": "Certificate Status", + "loading": "Loading", + "restart": "Restart", + "domains": "Domains", + "domainsDescription": "Manage domains for your organization", + "domainsSearch": "Search domains...", + "domainAdd": "Add Domain", + "domainAddDescription": "Register a new domain with your organization", + "domainCreate": "Create Domain", + "domainCreatedDescription": "Domain created successfully", + "domainDeletedDescription": "Domain deleted successfully", + "domainQuestionRemove": "Are you sure you want to remove the domain {domain} from your account?", + "domainMessageRemove": "Once removed, the domain will no longer be associated with your account.", + "domainMessageConfirm": "To confirm, please type the domain name below.", + "domainConfirmDelete": "Confirm Delete Domain", + "domainDelete": "Delete Domain", + "domain": "Domain", + "selectDomainTypeNsName": "Domain Delegation (NS)", + "selectDomainTypeNsDescription": "This domain and all its subdomains. Use this when you want to control an entire domain zone.", + "selectDomainTypeCnameName": "Single Domain (CNAME)", + "selectDomainTypeCnameDescription": "Just this specific domain. Use this for individual subdomains or specific domain entries.", + "selectDomainTypeWildcardName": "Wildcard Domain", + "selectDomainTypeWildcardDescription": "This domain and its subdomains.", + "domainDelegation": "Single Domain", + "selectType": "Select a type", + "actions": "Actions", + "refresh": "Refresh", + "refreshError": "Failed to refresh data", + "verified": "Verified", + "pending": "Pending", + "sidebarBilling": "Billing", + "billing": "Billing", + "orgBillingDescription": "Manage your billing information and subscriptions", + "github": "GitHub", + "pangolinHosted": "Pangolin Hosted", + "fossorial": "Fossorial", + "completeAccountSetup": "Complete Account Setup", + "completeAccountSetupDescription": "Set your password to get started", + "accountSetupSent": "We'll send an account setup code to this email address.", + "accountSetupCode": "Setup Code", + "accountSetupCodeDescription": "Check your email for the setup code.", + "passwordCreate": "Create Password", + "passwordCreateConfirm": "Confirm Password", + "accountSetupSubmit": "Send Setup Code", + "completeSetup": "Complete Setup", + "accountSetupSuccess": "Account setup completed! Welcome to Pangolin!", + "documentation": "Documentation", + "saveAllSettings": "Save All Settings", + "settingsUpdated": "Settings updated", + "settingsUpdatedDescription": "All settings have been updated successfully", + "settingsErrorUpdate": "Failed to update settings", + "settingsErrorUpdateDescription": "An error occurred while updating settings", + "sidebarCollapse": "Collapse", + "sidebarExpand": "Expand", + "newtUpdateAvailable": "Update Available", + "newtUpdateAvailableInfo": "A new version of Newt is available. Please update to the latest version for the best experience.", + "domainPickerEnterDomain": "Domain", + "domainPickerPlaceholder": "myapp.example.com, api.v1.mydomain.com, or just myapp", + "domainPickerDescription": "Enter the full domain of the resource to see available options.", + "domainPickerDescriptionSaas": "Enter a full domain, subdomain, or just a name to see available options", + "domainPickerTabAll": "All", + "domainPickerTabOrganization": "Organization", + "domainPickerTabProvided": "Provided", + "domainPickerSortAsc": "A-Z", + "domainPickerSortDesc": "Z-A", + "domainPickerCheckingAvailability": "Checking availability...", + "domainPickerNoMatchingDomains": "No matching domains found. Try a different domain or check your organization's domain settings.", + "domainPickerOrganizationDomains": "Organization Domains", + "domainPickerProvidedDomains": "Provided Domains", + "domainPickerSubdomain": "Subdomain: {subdomain}", + "domainPickerNamespace": "Namespace: {namespace}", + "domainPickerShowMore": "Show More", + "domainNotFound": "Domain Not Found", + "domainNotFoundDescription": "This resource is disabled because the domain no longer exists our system. Please set a new domain for this resource.", + "failed": "Failed", + "createNewOrgDescription": "Create a new organization", + "organization": "Organization", + "port": "Port", + "securityKeyManage": "Manage Security Keys", + "securityKeyDescription": "Add or remove security keys for passwordless authentication", + "securityKeyRegister": "Register New Security Key", + "securityKeyList": "Your Security Keys", + "securityKeyNone": "No security keys registered yet", + "securityKeyNameRequired": "Name is required", + "securityKeyRemove": "Remove", + "securityKeyLastUsed": "Last used: {date}", + "securityKeyNameLabel": "Security Key Name", + "securityKeyRegisterSuccess": "Security key registered successfully", + "securityKeyRegisterError": "Failed to register security key", + "securityKeyRemoveSuccess": "Security key removed successfully", + "securityKeyRemoveError": "Failed to remove security key", + "securityKeyLoadError": "Failed to load security keys", + "securityKeyLogin": "Continue with security key", + "securityKeyAuthError": "Failed to authenticate with security key", + "securityKeyRecommendation": "Register a backup security key on another device to ensure you always have access to your account.", + "registering": "Registering...", + "securityKeyPrompt": "Please verify your identity using your security key. Make sure your security key is connected and ready.", + "securityKeyBrowserNotSupported": "Your browser doesn't support security keys. Please use a modern browser like Chrome, Firefox, or Safari.", + "securityKeyPermissionDenied": "Please allow access to your security key to continue signing in.", + "securityKeyRemovedTooQuickly": "Please keep your security key connected until the sign-in process completes.", + "securityKeyNotSupported": "Your security key may not be compatible. Please try a different security key.", + "securityKeyUnknownError": "There was a problem using your security key. Please try again.", + "twoFactorRequired": "Two-factor authentication is required to register a security key.", + "twoFactor": "Two-Factor Authentication", + "adminEnabled2FaOnYourAccount": "Your administrator has enabled two-factor authentication for {email}. Please complete the setup process to continue.", + "continueToApplication": "Continue to Application", + "securityKeyAdd": "Add Security Key", + "securityKeyRegisterTitle": "Register New Security Key", + "securityKeyRegisterDescription": "Connect your security key and enter a name to identify it", + "securityKeyTwoFactorRequired": "Two-Factor Authentication Required", + "securityKeyTwoFactorDescription": "Please enter your two-factor authentication code to register the security key", + "securityKeyTwoFactorRemoveDescription": "Please enter your two-factor authentication code to remove the security key", + "securityKeyTwoFactorCode": "Two-Factor Code", + "securityKeyRemoveTitle": "Remove Security Key", + "securityKeyRemoveDescription": "Enter your password to remove the security key \"{name}\"", + "securityKeyNoKeysRegistered": "No security keys registered", + "securityKeyNoKeysDescription": "Add a security key to enhance your account security", + "createDomainRequired": "Domain is required", + "createDomainAddDnsRecords": "Add DNS Records", + "createDomainAddDnsRecordsDescription": "Add the following DNS records to your domain provider to complete the setup.", + "createDomainNsRecords": "NS Records", + "createDomainRecord": "Record", + "createDomainType": "Type:", + "createDomainName": "Name:", + "createDomainValue": "Value:", + "createDomainCnameRecords": "CNAME Records", + "createDomainARecords": "A Records", + "createDomainRecordNumber": "Record {number}", + "createDomainTxtRecords": "TXT Records", + "createDomainSaveTheseRecords": "Save These Records", + "createDomainSaveTheseRecordsDescription": "Make sure to save these DNS records as you will not see them again.", + "createDomainDnsPropagation": "DNS Propagation", + "createDomainDnsPropagationDescription": "DNS changes may take some time to propagate across the internet. This can take anywhere from a few minutes to 48 hours, depending on your DNS provider and TTL settings.", + "resourcePortRequired": "Port number is required for non-HTTP resources", + "resourcePortNotAllowed": "Port number should not be set for HTTP resources", + "signUpTerms": { + "IAgreeToThe": "I agree to the", + "termsOfService": "terms of service", + "and": "and", + "privacyPolicy": "privacy policy" + }, + "siteRequired": "Site is required.", + "olmTunnel": "Olm Tunnel", + "olmTunnelDescription": "Use Olm for client connectivity", + "errorCreatingClient": "Error creating client", + "clientDefaultsNotFound": "Client defaults not found", + "createClient": "Create Client", + "createClientDescription": "Create a new client for connecting to your sites", + "seeAllClients": "See All Clients", + "clientInformation": "Client Information", + "clientNamePlaceholder": "Client name", + "address": "Address", + "subnetPlaceholder": "Subnet", + "addressDescription": "The address that this client will use for connectivity", + "selectSites": "Select sites", + "sitesDescription": "The client will have connectivity to the selected sites", + "clientInstallOlm": "Install Olm", + "clientInstallOlmDescription": "Get Olm running on your system", + "clientOlmCredentials": "Olm Credentials", + "clientOlmCredentialsDescription": "This is how Olm will authenticate with the server", + "olmEndpoint": "Olm Endpoint", + "olmId": "Olm ID", + "olmSecretKey": "Olm Secret Key", + "clientCredentialsSave": "Save Your Credentials", + "clientCredentialsSaveDescription": "You will only be able to see this once. Make sure to copy it to a secure place.", + "generalSettingsDescription": "Configure the general settings for this client", + "clientUpdated": "Client updated", + "clientUpdatedDescription": "The client has been updated.", + "clientUpdateFailed": "Failed to update client", + "clientUpdateError": "An error occurred while updating the client.", + "sitesFetchFailed": "Failed to fetch sites", + "sitesFetchError": "An error occurred while fetching sites.", + "olmErrorFetchReleases": "An error occurred while fetching Olm releases.", + "olmErrorFetchLatest": "An error occurred while fetching the latest Olm release.", + "remoteSubnets": "Remote Subnets", + "enterCidrRange": "Enter CIDR range", + "remoteSubnetsDescription": "Add CIDR ranges that can be accessed from this site remotely using clients. Use format like 10.0.0.0/24. This ONLY applies to VPN client connectivity.", + "resourceEnableProxy": "Enable Public Proxy", + "resourceEnableProxyDescription": "Enable public proxying to this resource. This allows access to the resource from outside the network through the cloud on an open port. Requires Traefik config.", + "externalProxyEnabled": "External Proxy Enabled", + "addNewTarget": "Add New Target", + "targetsList": "Targets List", + "targetErrorDuplicateTargetFound": "Duplicate target found", + "httpMethod": "HTTP Method", + "selectHttpMethod": "Select HTTP method", + "domainPickerSubdomainLabel": "Subdomain", + "domainPickerBaseDomainLabel": "Base Domain", + "domainPickerSearchDomains": "Search domains...", + "domainPickerNoDomainsFound": "No domains found", + "domainPickerLoadingDomains": "Loading domains...", + "domainPickerSelectBaseDomain": "Select base domain...", + "domainPickerNotAvailableForCname": "Not available for CNAME domains", + "domainPickerEnterSubdomainOrLeaveBlank": "Enter subdomain or leave blank to use base domain.", + "domainPickerEnterSubdomainToSearch": "Enter a subdomain to search and select from available free domains.", + "domainPickerFreeDomains": "Free Domains", + "domainPickerSearchForAvailableDomains": "Search for available domains", + "resourceDomain": "Domain", + "resourceEditDomain": "Edit Domain", + "siteName": "Site Name", + "proxyPort": "Port", + "resourcesTableProxyResources": "Proxy Resources", + "resourcesTableClientResources": "Client Resources", + "resourcesTableNoProxyResourcesFound": "No proxy resources found.", + "resourcesTableNoInternalResourcesFound": "No internal resources found.", + "resourcesTableDestination": "Destination", + "resourcesTableTheseResourcesForUseWith": "These resources are for use with", + "resourcesTableClients": "Clients", + "resourcesTableAndOnlyAccessibleInternally": "and are only accessible internally when connected with a client.", + "editInternalResourceDialogEditClientResource": "Edit Client Resource", + "editInternalResourceDialogUpdateResourceProperties": "Update the resource properties and target configuration for {resourceName}.", + "editInternalResourceDialogResourceProperties": "Resource Properties", + "editInternalResourceDialogName": "Name", + "editInternalResourceDialogProtocol": "Protocol", + "editInternalResourceDialogSitePort": "Site Port", + "editInternalResourceDialogTargetConfiguration": "Target Configuration", + "editInternalResourceDialogDestinationIP": "Destination IP", + "editInternalResourceDialogDestinationPort": "Destination Port", + "editInternalResourceDialogCancel": "Cancel", + "editInternalResourceDialogSaveResource": "Save Resource", + "editInternalResourceDialogSuccess": "Success", + "editInternalResourceDialogInternalResourceUpdatedSuccessfully": "Internal resource updated successfully", + "editInternalResourceDialogError": "Error", + "editInternalResourceDialogFailedToUpdateInternalResource": "Failed to update internal resource", + "editInternalResourceDialogNameRequired": "Name is required", + "editInternalResourceDialogNameMaxLength": "Name must be less than 255 characters", + "editInternalResourceDialogProxyPortMin": "Proxy port must be at least 1", + "editInternalResourceDialogProxyPortMax": "Proxy port must be less than 65536", + "editInternalResourceDialogInvalidIPAddressFormat": "Invalid IP address format", + "editInternalResourceDialogDestinationPortMin": "Destination port must be at least 1", + "editInternalResourceDialogDestinationPortMax": "Destination port must be less than 65536", + "createInternalResourceDialogNoSitesAvailable": "No Sites Available", + "createInternalResourceDialogNoSitesAvailableDescription": "You need to have at least one Newt site with a subnet configured to create internal resources.", + "createInternalResourceDialogClose": "Close", + "createInternalResourceDialogCreateClientResource": "Create Client Resource", + "createInternalResourceDialogCreateClientResourceDescription": "Create a new resource that will be accessible to clients connected to the selected site.", + "createInternalResourceDialogResourceProperties": "Resource Properties", + "createInternalResourceDialogName": "Name", + "createInternalResourceDialogSite": "Site", + "createInternalResourceDialogSelectSite": "Select site...", + "createInternalResourceDialogSearchSites": "Search sites...", + "createInternalResourceDialogNoSitesFound": "No sites found.", + "createInternalResourceDialogProtocol": "Protocol", + "createInternalResourceDialogTcp": "TCP", + "createInternalResourceDialogUdp": "UDP", + "createInternalResourceDialogSitePort": "Site Port", + "createInternalResourceDialogSitePortDescription": "Use this port to access the resource on the site when connected with a client.", + "createInternalResourceDialogTargetConfiguration": "Target Configuration", + "createInternalResourceDialogDestinationIP": "Destination IP", + "createInternalResourceDialogDestinationIPDescription": "The IP address of the resource on the site's network.", + "createInternalResourceDialogDestinationPort": "Destination Port", + "createInternalResourceDialogDestinationPortDescription": "The port on the destination IP where the resource is accessible.", + "createInternalResourceDialogCancel": "Cancel", + "createInternalResourceDialogCreateResource": "Create Resource", + "createInternalResourceDialogSuccess": "Success", + "createInternalResourceDialogInternalResourceCreatedSuccessfully": "Internal resource created successfully", + "createInternalResourceDialogError": "Error", + "createInternalResourceDialogFailedToCreateInternalResource": "Failed to create internal resource", + "createInternalResourceDialogNameRequired": "Name is required", + "createInternalResourceDialogNameMaxLength": "Name must be less than 255 characters", + "createInternalResourceDialogPleaseSelectSite": "Please select a site", + "createInternalResourceDialogProxyPortMin": "Proxy port must be at least 1", + "createInternalResourceDialogProxyPortMax": "Proxy port must be less than 65536", + "createInternalResourceDialogInvalidIPAddressFormat": "Invalid IP address format", + "createInternalResourceDialogDestinationPortMin": "Destination port must be at least 1", + "createInternalResourceDialogDestinationPortMax": "Destination port must be less than 65536", + "siteConfiguration": "Configuration", + "siteAcceptClientConnections": "Accept Client Connections", + "siteAcceptClientConnectionsDescription": "Allow other devices to connect through this Newt instance as a gateway using clients.", + "siteAddress": "Site Address", + "siteAddressDescription": "Specify the IP address of the host for clients to connect to. This is the internal address of the site in the Pangolin network for clients to address. Must fall within the Org subnet.", + "autoLoginExternalIdp": "Auto Login with External IDP", + "autoLoginExternalIdpDescription": "Immediately redirect the user to the external IDP for authentication.", + "selectIdp": "Select IDP", + "selectIdpPlaceholder": "Choose an IDP...", + "selectIdpRequired": "Please select an IDP when auto login is enabled.", + "autoLoginTitle": "Redirecting", + "autoLoginDescription": "Redirecting you to the external identity provider for authentication.", + "autoLoginProcessing": "Preparing authentication...", + "autoLoginRedirecting": "Redirecting to login...", + "autoLoginError": "Auto Login Error", + "autoLoginErrorNoRedirectUrl": "No redirect URL received from the identity provider.", + "autoLoginErrorGeneratingUrl": "Failed to generate authentication URL.", + "managedSelfHosted": { + "title": "Managed Self-Hosted", + "description": "More reliable and low-maintenance self-hosted Pangolin server with extra bells and whistles", + "introTitle": "Managed Self-Hosted Pangolin", + "introDescription": "is a deployment option designed for people who want simplicity and extra reliability while still keeping their data private and self-hosted.", + "introDetail": "With this option, you still run your own Pangolin node — your tunnels, SSL termination, and traffic all stay on your server. The difference is that management and monitoring are handled through our cloud dashboard, which unlocks a number of benefits:", + "benefitSimplerOperations": { + "title": "Simpler operations", + "description": "No need to run your own mail server or set up complex alerting. You'll get health checks and downtime alerts out of the box." + }, + "benefitAutomaticUpdates": { + "title": "Automatic updates", + "description": "The cloud dashboard evolves quickly, so you get new features and bug fixes without having to manually pull new containers every time." + }, + "benefitLessMaintenance": { + "title": "Less maintenance", + "description": "No database migrations, backups, or extra infrastructure to manage. We handle that in the cloud." + }, + "benefitCloudFailover": { + "title": "Cloud failover", + "description": "If your node goes down, your tunnels can temporarily fail over to our cloud points of presence until you bring it back online." + }, + "benefitHighAvailability": { + "title": "High availability (PoPs)", + "description": "You can also attach multiple nodes to your account for redundancy and better performance." + }, + "benefitFutureEnhancements": { + "title": "Future enhancements", + "description": "We're planning to add more analytics, alerting, and management tools to make your deployment even more robust." + }, + "docsAlert": { + "text": "Learn more about the Managed Self-Hosted option in our", + "documentation": "documentation" + }, + "convertButton": "Convert This Node to Managed Self-Hosted" + }, + "internationaldomaindetected": "International Domain Detected", + "willbestoredas": "Will be stored as:" +} diff --git a/messages/de-DE.json b/messages/de-DE.json new file mode 100644 index 00000000..54d14c8d --- /dev/null +++ b/messages/de-DE.json @@ -0,0 +1,1500 @@ +{ + "setupCreate": "Erstelle eine Organisation, einen Standort und Ressourcen", + "setupNewOrg": "Neue Organisation", + "setupCreateOrg": "Organisation erstellen", + "setupCreateResources": "Ressource erstellen", + "setupOrgName": "Name der Organisation", + "orgDisplayName": "Anzeigename der Organisation.", + "orgId": "Organisations-ID", + "setupIdentifierMessage": "Dies ist eine Eindeutige ID für Ihre Organisation. Diese ist unabhängig vom Anzeigenamen.", + "setupErrorIdentifier": "Organisations-ID ist bereits vergeben. Bitte wähle eine andere.", + "componentsErrorNoMemberCreate": "Du bist derzeit kein Mitglied einer Organisation. Erstelle eine Organisation, um zu starten.", + "componentsErrorNoMember": "Du bist aktuell kein Mitglied einer Organisation.", + "welcome": "Willkommen zu Pangolin", + "welcomeTo": "Willkommen bei", + "componentsCreateOrg": "Erstelle eine Organisation", + "componentsMember": "Du bist Mitglied von {count, plural, =0 {keiner Organisation} one {einer Organisation} other {# Organisationen}}.", + "componentsInvalidKey": "Ungültige oder abgelaufene Lizenzschlüssel erkannt. Beachte die Lizenzbedingungen, um alle Funktionen weiterhin zu nutzen.", + "dismiss": "Verwerfen", + "componentsLicenseViolation": "Lizenzverstoß: Dieser Server benutzt {usedSites} Standorte, was das Lizenzlimit von {maxSites} Standorten überschreitet. Beachte die Lizenzbedingungen, um alle Funktionen weiterhin zu nutzen.", + "componentsSupporterMessage": "Vielen Dank für die Unterstützung von Pangolin als {tier}!", + "inviteErrorNotValid": "Es tut uns leid, aber es sieht so aus, als wäre die Einladung, auf die du zugreifen möchtest, entweder nicht angenommen worden oder nicht mehr gültig.", + "inviteErrorUser": "Es tut uns leid, aber es scheint, als sei die Einladung, auf die du zugreifen möchtest, nicht für diesen Benutzer bestimmt.", + "inviteLoginUser": "Bitte stelle sicher, dass du als korrekter Benutzer angemeldet bist.", + "inviteErrorNoUser": "Es tut uns leid, aber es sieht so aus, als sei die Einladung, auf die du zugreifen möchtest, nicht für einen existierenden Benutzer bestimmt.", + "inviteCreateUser": "Bitte erstelle zuerst ein Konto.", + "goHome": "Zur Startseite", + "inviteLogInOtherUser": "Als anderer Benutzer anmelden", + "createAnAccount": "Konto erstellen", + "inviteNotAccepted": "Einladung nicht angenommen", + "authCreateAccount": "Erstellen ein Konto um loszulegen", + "authNoAccount": "Du besitzt noch kein Konto?", + "email": "E-Mail", + "password": "Passwort", + "confirmPassword": "Passwort bestätigen", + "createAccount": "Konto erstellen", + "viewSettings": "Einstellungen anzeigen", + "delete": "Löschen", + "name": "Name", + "online": "Online", + "offline": "Offline", + "site": "Standort", + "dataIn": "Daten eingehend", + "dataOut": "Daten ausgehend", + "connectionType": "Verbindungstyp", + "tunnelType": "Tunneltyp", + "local": "Lokal", + "edit": "Bearbeiten", + "siteConfirmDelete": "Standort löschen bestätigen", + "siteDelete": "Standort löschen", + "siteMessageRemove": "Sobald dieser Standort entfernt ist, wird er nicht mehr zugänglich sein. Alle Ressourcen und Ziele, die mit diesem Standort verbunden sind, werden ebenfalls entfernt.", + "siteMessageConfirm": "Um zu bestätigen, gib den Namen des Standortes unten ein.", + "siteQuestionRemove": "Bist du sicher, dass der Standort {selectedSite} aus der Organisation entfernt werden soll?", + "siteManageSites": "Standorte verwalten", + "siteDescription": "Verbindung zum Netzwerk durch sichere Tunnel erlauben", + "siteCreate": "Standort erstellen", + "siteCreateDescription2": "Folge den nachfolgenden Schritten, um einen neuen Standort zu erstellen und zu verbinden", + "siteCreateDescription": "Erstelle einen neuen Standort, um Ressourcen zu verbinden", + "close": "Schließen", + "siteErrorCreate": "Fehler beim Erstellen des Standortes", + "siteErrorCreateKeyPair": "Schlüsselpaar oder Standardwerte nicht gefunden", + "siteErrorCreateDefaults": "Standardwerte der Site nicht gefunden", + "method": "Methode", + "siteMethodDescription": "So werden Verbindungen freigegeben.", + "siteLearnNewt": "Wie du Newt auf deinem System installieren kannst", + "siteSeeConfigOnce": "Du kannst die Konfiguration nur einmalig ansehen.", + "siteLoadWGConfig": "Lade WireGuard Konfiguration...", + "siteDocker": "Erweitern für Docker Details", + "toggle": "Umschalten", + "dockerCompose": "Docker Compose", + "dockerRun": "Docker Run", + "siteLearnLocal": "Mehr Infos zu lokalen Sites", + "siteConfirmCopy": "Ich habe die Konfiguration kopiert", + "searchSitesProgress": "Standorte durchsuchen...", + "siteAdd": "Standort hinzufügen", + "siteInstallNewt": "Newt installieren", + "siteInstallNewtDescription": "Installiere Newt auf deinem System.", + "WgConfiguration": "WireGuard Konfiguration", + "WgConfigurationDescription": "Verwende folgende Konfiguration, um dich mit deinem Netzwerk zu verbinden", + "operatingSystem": "Betriebssystem", + "commands": "Befehle", + "recommended": "Empfohlen", + "siteNewtDescription": "Nutze Newt für die beste Benutzererfahrung. Newt verwendet WireGuard as Basis und erlaubt Ihnen, Ihre privaten Ressourcen über ihre LAN-Adresse in Ihrem privaten Netzwerk aus dem Pangolin-Dashboard heraus zu adressieren.", + "siteRunsInDocker": "Läuft in Docker", + "siteRunsInShell": "Läuft in der Konsole auf macOS, Linux und Windows", + "siteErrorDelete": "Fehler beim Löschen des Standortes", + "siteErrorUpdate": "Fehler beim Aktualisieren des Standortes", + "siteErrorUpdateDescription": "Beim Aktualisieren des Standortes ist ein Fehler aufgetreten.", + "siteUpdated": "Standort aktualisiert", + "siteUpdatedDescription": "Der Standort wurde aktualisiert.", + "siteGeneralDescription": "Allgemeine Einstellungen für diesen Standort konfigurieren", + "siteSettingDescription": "Konfigurieren der Standort Einstellungen", + "siteSetting": "{siteName} Einstellungen", + "siteNewtTunnel": "Newt-Tunnel (empfohlen)", + "siteNewtTunnelDescription": "Einfachster Weg, einen Zugriffspunkt zu deinem Netzwerk zu erstellen. Keine zusätzliche Einrichtung erforderlich.", + "siteWg": "Einfacher WireGuard Tunnel", + "siteWgDescription": "Verwende jeden WireGuard-Client, um einen Tunnel einzurichten. Manuelles NAT-Setup erforderlich.", + "siteWgDescriptionSaas": "Verwenden Sie jeden WireGuard-Client, um einen Tunnel zu erstellen. Manuelles NAT-Setup erforderlich. FUNKTIONIERT NUR BEI SELBSTGEHOSTETEN KNOTEN", + "siteLocalDescription": "Nur lokale Ressourcen. Kein Tunneling.", + "siteLocalDescriptionSaas": "Nur lokale Ressourcen. Keine Tunneldurchführung. FUNKTIONIERT NUR BEI SELBSTGEHOSTETEN KNOTEN", + "siteSeeAll": "Alle Standorte anzeigen", + "siteTunnelDescription": "Lege fest, wie du dich mit deinem Standort verbinden möchtest", + "siteNewtCredentials": "Neue Newt Zugangsdaten", + "siteNewtCredentialsDescription": "So wird sich Newt mit dem Server authentifizieren", + "siteCredentialsSave": "Ihre Zugangsdaten speichern", + "siteCredentialsSaveDescription": "Du kannst das nur einmal sehen. Stelle sicher, dass du es an einen sicheren Ort kopierst.", + "siteInfo": "Standort-Informationen", + "status": "Status", + "shareTitle": "Links zum Teilen verwalten", + "shareDescription": "Erstellen Sie teilbare Links, um temporären oder permanenten Zugriff auf Ihre Ressourcen zu gewähren", + "shareSearch": "Freigabe-Links suchen...", + "shareCreate": "Link erstellen", + "shareErrorDelete": "Link konnte nicht gelöscht werden", + "shareErrorDeleteMessage": "Fehler beim Löschen des Links", + "shareDeleted": "Link gelöscht", + "shareDeletedDescription": "Der Link wurde gelöscht", + "shareTokenDescription": "Ihr Zugriffstoken kann auf zwei Arten übergeben werden: als Abfrageparameter oder in den Anfrage-Headern. Diese müssen vom Client auf jeder Anfrage für authentifizierten Zugriff weitergegeben werden.", + "accessToken": "Zugangs-Token", + "usageExamples": "Nutzungsbeispiele", + "tokenId": "Token-ID", + "requestHeades": "Anfrage-Header", + "queryParameter": "Abfrageparameter", + "importantNote": "Wichtige Notiz", + "shareImportantDescription": "Aus Sicherheitsgründen wird die Verwendung von Headern über Abfrageparameter empfohlen, wenn möglich, da Abfrageparameter in Server-Logs oder Browserverlauf protokolliert werden können.", + "token": "Token", + "shareTokenSecurety": "Halten Sie Ihr Zugangs-Token sicher. Teilen Sie es nicht in öffentlich zugänglichen Bereichen oder Client-seitigem Code.", + "shareErrorFetchResource": "Fehler beim Abrufen der Ressourcen", + "shareErrorFetchResourceDescription": "Beim Abrufen der Ressourcen ist ein Fehler aufgetreten", + "shareErrorCreate": "Fehler beim Erstellen des Teilen-Links", + "shareErrorCreateDescription": "Beim Erstellen des Teilen-Links ist ein Fehler aufgetreten", + "shareCreateDescription": "Jeder mit diesem Link kann auf die Ressource zugreifen", + "shareTitleOptional": "Titel (optional)", + "expireIn": "Verfällt in", + "neverExpire": "Nie ablaufen", + "shareExpireDescription": "Ablaufzeit ist, wie lange der Link verwendet werden kann und bietet Zugriff auf die Ressource. Nach dieser Zeit wird der Link nicht mehr funktionieren und Benutzer, die diesen Link benutzt haben, verlieren den Zugriff auf die Ressource.", + "shareSeeOnce": "Sie können diese Linie nur sehen. Bitte kopieren Sie sie.", + "shareAccessHint": "Jeder mit diesem Link kann auf die Ressource zugreifen. Teilen Sie sie mit Vorsicht.", + "shareTokenUsage": "Zugriffstoken-Nutzung anzeigen", + "createLink": "Link erstellen", + "resourcesNotFound": "Keine Ressourcen gefunden", + "resourceSearch": "Suche Ressourcen", + "openMenu": "Menü öffnen", + "resource": "Ressource", + "title": "Titel", + "created": "Erstellt", + "expires": "Gültig bis", + "never": "Nie", + "shareErrorSelectResource": "Bitte wählen Sie eine Ressource", + "resourceTitle": "Ressourcen verwalten", + "resourceDescription": "Erstellen Sie sichere Proxies für Ihre privaten Anwendungen", + "resourcesSearch": "Suche Ressourcen...", + "resourceAdd": "Ressource hinzufügen", + "resourceErrorDelte": "Fehler beim Löschen der Ressource", + "authentication": "Authentifizierung", + "protected": "Geschützt", + "notProtected": "Nicht geschützt", + "resourceMessageRemove": "Einmal entfernt, wird die Ressource nicht mehr zugänglich sein. Alle mit der Ressource verbundenen Ziele werden ebenfalls entfernt.", + "resourceMessageConfirm": "Um zu bestätigen, geben Sie bitte den Namen der Ressource unten ein.", + "resourceQuestionRemove": "Sind Sie sicher, dass Sie die Ressource {selectedResource} aus der Organisation entfernen möchten?", + "resourceHTTP": "HTTPS-Ressource", + "resourceHTTPDescription": "Proxy-Anfragen an Ihre App über HTTPS unter Verwendung einer Subdomain oder einer Basis-Domain.", + "resourceRaw": "Rohe TCP/UDP Ressource", + "resourceRawDescription": "Proxy-Anfragen an Ihre App über TCP/UDP mit einer Portnummer.", + "resourceCreate": "Ressource erstellen", + "resourceCreateDescription": "Folgen Sie den Schritten unten, um eine neue Ressource zu erstellen", + "resourceSeeAll": "Alle Ressourcen anzeigen", + "resourceInfo": "Ressourcen-Informationen", + "resourceNameDescription": "Dies ist der Anzeigename für die Ressource.", + "siteSelect": "Standort auswählen", + "siteSearch": "Standorte durchsuchen", + "siteNotFound": "Keinen Standort gefunden.", + "siteSelectionDescription": "Dieser Standort wird die Verbindung zum Ziel herstellen.", + "resourceType": "Ressourcentyp", + "resourceTypeDescription": "Legen Sie fest, wie Sie auf Ihre Ressource zugreifen möchten", + "resourceHTTPSSettings": "HTTPS-Einstellungen", + "resourceHTTPSSettingsDescription": "Konfigurieren Sie den Zugriff auf Ihre Ressource über HTTPS", + "domainType": "Domänentyp", + "subdomain": "Subdomain", + "baseDomain": "Basisdomäne", + "subdomnainDescription": "Die Subdomäne, auf die Ihre Ressource zugegriffen werden soll.", + "resourceRawSettings": "TCP/UDP Einstellungen", + "resourceRawSettingsDescription": "Konfigurieren Sie den Zugriff auf Ihre Ressource über TCP/UDP", + "protocol": "Protokoll", + "protocolSelect": "Wählen Sie ein Protokoll", + "resourcePortNumber": "Portnummer", + "resourcePortNumberDescription": "Die externe Portnummer für Proxy-Anfragen.", + "cancel": "Abbrechen", + "resourceConfig": "Konfiguration Snippets", + "resourceConfigDescription": "Kopieren und fügen Sie diese Konfigurations-Snippets ein, um Ihre TCP/UDP Ressource einzurichten", + "resourceAddEntrypoints": "Traefik: Einstiegspunkte hinzufügen", + "resourceExposePorts": "Gerbil: Ports im Docker Compose ausblenden", + "resourceLearnRaw": "Lernen Sie, wie Sie TCP/UDP Ressourcen konfigurieren", + "resourceBack": "Zurück zu den Ressourcen", + "resourceGoTo": "Zu Ressource gehen", + "resourceDelete": "Ressource löschen", + "resourceDeleteConfirm": "Ressource löschen bestätigen", + "visibility": "Sichtbarkeit", + "enabled": "Aktiviert", + "disabled": "Deaktiviert", + "general": "Allgemein", + "generalSettings": "Allgemeine Einstellungen", + "proxy": "Proxy", + "internal": "Intern", + "rules": "Regeln", + "resourceSettingDescription": "Konfigurieren Sie die Einstellungen Ihrer Ressource", + "resourceSetting": "{resourceName} Einstellungen", + "alwaysAllow": "Immer erlauben", + "alwaysDeny": "Immer ablehnen", + "passToAuth": "Weiterleiten zur Authentifizierung", + "orgSettingsDescription": "Konfiguriere die allgemeinen Einstellungen deiner Organisation", + "orgGeneralSettings": "Organisations-Einstellungen", + "orgGeneralSettingsDescription": "Organisationsdetails und Konfiguration verwalten", + "saveGeneralSettings": "Allgemeine Einstellungen speichern", + "saveSettings": "Einstellungen speichern", + "orgDangerZone": "Gefahrenzone", + "orgDangerZoneDescription": "Sobald Sie diesen Org löschen, gibt es kein Zurück mehr. Bitte seien Sie vorsichtig.", + "orgDelete": "Organisation löschen", + "orgDeleteConfirm": "Organisation löschen bestätigen", + "orgMessageRemove": "Diese Aktion ist unwiderruflich und löscht alle zugehörigen Daten.", + "orgMessageConfirm": "Um zu bestätigen, geben Sie bitte den Namen der Organisation unten ein.", + "orgQuestionRemove": "Sind Sie sicher, dass Sie die Organisation {selectedOrg} entfernen möchten?", + "orgUpdated": "Organisation aktualisiert", + "orgUpdatedDescription": "Die Organisation wurde aktualisiert.", + "orgErrorUpdate": "Fehler beim Aktualisieren der Organisation", + "orgErrorUpdateMessage": "Beim Aktualisieren der Organisation ist ein Fehler aufgetreten.", + "orgErrorFetch": "Fehler beim Abrufen von Organisationen", + "orgErrorFetchMessage": "Beim Auflisten Ihrer Organisationen ist ein Fehler aufgetreten", + "orgErrorDelete": "Organisation konnte nicht gelöscht werden", + "orgErrorDeleteMessage": "Beim Löschen der Organisation ist ein Fehler aufgetreten.", + "orgDeleted": "Organisation gelöscht", + "orgDeletedMessage": "Die Organisation und ihre Daten wurden gelöscht.", + "orgMissing": "Organisations-ID fehlt", + "orgMissingMessage": "Einladung kann ohne Organisations-ID nicht neu generiert werden.", + "accessUsersManage": "Benutzer verwalten", + "accessUsersDescription": "Lade Benutzer ein und füge sie zu Rollen hinzu, um den Zugriff auf deine Organisation zu verwalten", + "accessUsersSearch": "Benutzer suchen...", + "accessUserCreate": "Benutzer erstellen", + "accessUserRemove": "Benutzer entfernen", + "username": "Benutzername", + "identityProvider": "Identitätsanbieter", + "role": "Rolle", + "nameRequired": "Name ist erforderlich", + "accessRolesManage": "Rollen verwalten", + "accessRolesDescription": "Konfigurieren Sie Rollen, um den Zugriff auf Ihre Organisation zu verwalten", + "accessRolesSearch": "Rollen suchen...", + "accessRolesAdd": "Rolle hinzufügen", + "accessRoleDelete": "Rolle löschen", + "description": "Beschreibung", + "inviteTitle": "Einladungen öffnen", + "inviteDescription": "Ihre Einladungen an andere Benutzer verwalten", + "inviteSearch": "Einladungen suchen...", + "minutes": "Minuten", + "hours": "Stunden", + "days": "Tage", + "weeks": "Wochen", + "months": "Monate", + "years": "Jahre", + "day": "{count, plural, one {# Tag} other {# Tage}}", + "apiKeysTitle": "API-Schlüssel Information", + "apiKeysConfirmCopy2": "Sie müssen bestätigen, dass Sie den API-Schlüssel kopiert haben.", + "apiKeysErrorCreate": "Fehler beim Erstellen des API-Schlüssels", + "apiKeysErrorSetPermission": "Fehler beim Setzen der Berechtigungen", + "apiKeysCreate": "API-Schlüssel generieren", + "apiKeysCreateDescription": "Generieren Sie einen neuen API-Schlüssel für Ihre Organisation", + "apiKeysGeneralSettings": "Berechtigungen", + "apiKeysGeneralSettingsDescription": "Legen Sie fest, was dieser API-Schlüssel tun kann", + "apiKeysList": "Ihr API-Schlüssel", + "apiKeysSave": "Speichern Sie Ihren API-Schlüssel", + "apiKeysSaveDescription": "Sie können dies nur einmal sehen. Kopieren Sie es an einen sicheren Ort.", + "apiKeysInfo": "Ihr API-Schlüssel ist:", + "apiKeysConfirmCopy": "Ich habe den API-Schlüssel kopiert", + "generate": "Generieren", + "done": "Fertig", + "apiKeysSeeAll": "Alle API-Schlüssel anzeigen", + "apiKeysPermissionsErrorLoadingActions": "Fehler beim Laden der API-Schlüsselaktionen", + "apiKeysPermissionsErrorUpdate": "Fehler beim Setzen der Berechtigungen", + "apiKeysPermissionsUpdated": "Berechtigungen aktualisiert", + "apiKeysPermissionsUpdatedDescription": "Die Berechtigungen wurden aktualisiert.", + "apiKeysPermissionsGeneralSettings": "Berechtigungen", + "apiKeysPermissionsGeneralSettingsDescription": "Legen Sie fest, was dieser API-Schlüssel tun kann", + "apiKeysPermissionsSave": "Berechtigungen speichern", + "apiKeysPermissionsTitle": "Berechtigungen", + "apiKeys": "API-Schlüssel", + "searchApiKeys": "API-Schlüssel suchen...", + "apiKeysAdd": "API-Schlüssel generieren", + "apiKeysErrorDelete": "Fehler beim Löschen des API-Schlüssels", + "apiKeysErrorDeleteMessage": "Fehler beim Löschen des API-Schlüssels", + "apiKeysQuestionRemove": "Sind Sie sicher, dass Sie den API-Schlüssel {selectedApiKey} aus der Organisation entfernen möchten?", + "apiKeysMessageRemove": "Einmal entfernt, kann der API-Schlüssel nicht mehr verwendet werden.", + "apiKeysMessageConfirm": "Zur Bestätigung geben Sie bitte den Namen des API-Schlüssels unten ein.", + "apiKeysDeleteConfirm": "Löschen des API-Schlüssels bestätigen", + "apiKeysDelete": "API-Schlüssel löschen", + "apiKeysManage": "API-Schlüssel verwalten", + "apiKeysDescription": "API-Schlüssel werden zur Authentifizierung mit der Integrations-API verwendet", + "apiKeysSettings": "{apiKeyName} Einstellungen", + "userTitle": "Alle Benutzer verwalten", + "userDescription": "Alle Benutzer im System anzeigen und verwalten", + "userAbount": "Über Benutzerverwaltung", + "userAbountDescription": "Diese Tabelle zeigt alle root-Benutzerobjekte im System an. Jeder Benutzer kann zu mehreren Organisationen gehören. Das Entfernen eines Benutzers aus einer Organisation löscht nicht sein Root-Benutzerobjekt - er bleibt im System. Um einen Benutzer komplett aus dem System zu entfernen, müssen Sie sein Root-Benutzerobjekt mit der Lösch-Aktion in dieser Tabelle löschen.", + "userServer": "Server Benutzer", + "userSearch": "Serverbenutzer suchen...", + "userErrorDelete": "Fehler beim Löschen des Benutzers", + "userDeleteConfirm": "Benutzer löschen bestätigen", + "userDeleteServer": "Benutzer vom Server löschen", + "userMessageRemove": "Der Benutzer wird von allen Organisationen entfernt und vollständig vom Server entfernt.", + "userMessageConfirm": "Um zu bestätigen, geben Sie bitte den Namen des Benutzers unten ein.", + "userQuestionRemove": "Sind Sie sicher, dass Sie {selectedUser} dauerhaft vom Server löschen möchten?", + "licenseKey": "Lizenzschlüssel", + "valid": "Gültig", + "numberOfSites": "Anzahl der Standorte", + "licenseKeySearch": "Lizenzschlüssel suchen...", + "licenseKeyAdd": "Lizenzschlüssel hinzufügen", + "type": "Typ", + "licenseKeyRequired": "Lizenzschlüssel ist erforderlich", + "licenseTermsAgree": "Sie müssen den Lizenzbedingungen zustimmen", + "licenseErrorKeyLoad": "Fehler beim Laden der Lizenzschlüssel", + "licenseErrorKeyLoadDescription": "Beim Laden der Lizenzschlüssel ist ein Fehler aufgetreten.", + "licenseErrorKeyDelete": "Fehler beim Löschen des Lizenzschlüssels", + "licenseErrorKeyDeleteDescription": "Beim Löschen des Lizenzschlüssels ist ein Fehler aufgetreten.", + "licenseKeyDeleted": "Lizenzschlüssel gelöscht", + "licenseKeyDeletedDescription": "Der Lizenzschlüssel wurde gelöscht.", + "licenseErrorKeyActivate": "Fehler beim Aktivieren des Lizenzschlüssels", + "licenseErrorKeyActivateDescription": "Beim Aktivieren des Lizenzschlüssels ist ein Fehler aufgetreten.", + "licenseAbout": "Über Lizenzierung", + "communityEdition": "Community-Edition", + "licenseAboutDescription": "Dies ist für Geschäfts- und Unternehmensanwender, die Pangolin in einem kommerziellen Umfeld einsetzen. Wenn Sie Pangolin für den persönlichen Gebrauch verwenden, können Sie diesen Abschnitt ignorieren.", + "licenseKeyActivated": "Lizenzschlüssel aktiviert", + "licenseKeyActivatedDescription": "Der Lizenzschlüssel wurde erfolgreich aktiviert.", + "licenseErrorKeyRecheck": "Fehler beim Überprüfen der Lizenzschlüssel", + "licenseErrorKeyRecheckDescription": "Ein Fehler trat auf beim Wiederherstellen der Lizenzschlüssel.", + "licenseErrorKeyRechecked": "Lizenzschlüssel neu geladen", + "licenseErrorKeyRecheckedDescription": "Alle Lizenzschlüssel wurden neu geladen", + "licenseActivateKey": "Lizenzschlüssel aktivieren", + "licenseActivateKeyDescription": "Geben Sie einen Lizenzschlüssel ein, um ihn zu aktivieren.", + "licenseActivate": "Lizenz aktivieren", + "licenseAgreement": "Durch Ankreuzung dieses Kästchens bestätigen Sie, dass Sie die Lizenzbedingungen gelesen und akzeptiert haben, die mit dem Lizenzschlüssel in Verbindung stehen.", + "fossorialLicense": "Fossorial Gewerbelizenz & Abonnementbedingungen anzeigen", + "licenseMessageRemove": "Dadurch werden der Lizenzschlüssel und alle zugehörigen Berechtigungen entfernt.", + "licenseMessageConfirm": "Um zu bestätigen, geben Sie bitte den Lizenzschlüssel unten ein.", + "licenseQuestionRemove": "Sind Sie sicher, dass Sie den Lizenzschlüssel {selectedKey} löschen möchten?", + "licenseKeyDelete": "Lizenzschlüssel löschen", + "licenseKeyDeleteConfirm": "Lizenzschlüssel löschen bestätigen", + "licenseTitle": "Lizenzstatus verwalten", + "licenseTitleDescription": "Lizenzschlüssel im System anzeigen und verwalten", + "licenseHost": "Hostlizenz", + "licenseHostDescription": "Verwalten Sie den Haupt-Lizenzschlüssel für den Host.", + "licensedNot": "Nicht lizenziert", + "hostId": "Host-ID", + "licenseReckeckAll": "Überprüfe alle Schlüssel", + "licenseSiteUsage": "Standort-Nutzung", + "licenseSiteUsageDecsription": "Sehen Sie sich die Anzahl der Standorte an, die diese Lizenz verwenden.", + "licenseNoSiteLimit": "Die Anzahl der Standorte, die einen nicht lizenzierten Host verwenden, ist unbegrenzt.", + "licensePurchase": "Lizenz kaufen", + "licensePurchaseSites": "Zusätzliche Standorte kaufen\n", + "licenseSitesUsedMax": "{usedSites} von {maxSites} Standorten verwendet", + "licenseSitesUsed": "{count, plural, =0 {# Standorte} one {# Standort} other {# Standorte}} im System.", + "licensePurchaseDescription": "Wähle aus, für wieviele Seiten du möchtest {selectedMode, select, license {kaufe eine Lizenz. Du kannst später immer weitere Seiten hinzufügen.} other {Füge zu deiner bestehenden Lizenz hinzu.}}", + "licenseFee": "Lizenzgebühr", + "licensePriceSite": "Preis pro Standort", + "total": "Gesamt", + "licenseContinuePayment": "Weiter zur Zahlung", + "pricingPage": "Preisseite", + "pricingPortal": "Einkaufsportal ansehen", + "licensePricingPage": "Für die aktuellsten Preise und Rabatte, besuchen Sie bitte die ", + "invite": "Einladungen", + "inviteRegenerate": "Einladung neu generieren", + "inviteRegenerateDescription": "Vorherige Einladung widerrufen und neue erstellen", + "inviteRemove": "Einladung entfernen", + "inviteRemoveError": "Einladung konnte nicht entfernt werden", + "inviteRemoveErrorDescription": "Beim Entfernen der Einladung ist ein Fehler aufgetreten.", + "inviteRemoved": "Einladung entfernt", + "inviteRemovedDescription": "Die Einladung für {email} wurde entfernt.", + "inviteQuestionRemove": "Sind Sie sicher, dass Sie die Einladung {email} entfernen möchten?", + "inviteMessageRemove": "Sobald entfernt, wird diese Einladung nicht mehr gültig sein. Sie können den Benutzer später jederzeit erneut einladen.", + "inviteMessageConfirm": "Bitte geben Sie zur Bestätigung die E-Mail-Adresse der Einladung unten ein.", + "inviteQuestionRegenerate": "Sind Sie sicher, dass Sie die Einladung {email} neu generieren möchten? Dies wird die vorherige Einladung widerrufen.", + "inviteRemoveConfirm": "Entfernen der Einladung bestätigen", + "inviteRegenerated": "Einladung neu generiert", + "inviteSent": "Eine neue Einladung wurde an {email} gesendet.", + "inviteSentEmail": "E-Mail-Benachrichtigung an den Benutzer senden", + "inviteGenerate": "Eine neue Einladung wurde für {email} generiert.", + "inviteDuplicateError": "Doppelte Einladung", + "inviteDuplicateErrorDescription": "Eine Einladung für diesen Benutzer existiert bereits.", + "inviteRateLimitError": "Ratenlimit überschritten", + "inviteRateLimitErrorDescription": "Sie haben das Limit von 3 Neugenerierungen pro Stunde überschritten. Bitte versuchen Sie es später erneut.", + "inviteRegenerateError": "Fehler beim Neugenerieren der Einladung", + "inviteRegenerateErrorDescription": "Beim Neugenerieren der Einladung ist ein Fehler aufgetreten.", + "inviteValidityPeriod": "Gültigkeitszeitraum", + "inviteValidityPeriodSelect": "Gültigkeitszeitraum auswählen", + "inviteRegenerateMessage": "Die Einladung wurde neu generiert. Der Benutzer muss den untenstehenden Link aufrufen, um die Einladung anzunehmen.", + "inviteRegenerateButton": "Neu generieren", + "expiresAt": "Läuft ab am", + "accessRoleUnknown": "Unbekannte Rolle", + "placeholder": "Platzhalter", + "userErrorOrgRemove": "Fehler beim Entfernen des Benutzers", + "userErrorOrgRemoveDescription": "Beim Entfernen des Benutzers ist ein Fehler aufgetreten.", + "userOrgRemoved": "Benutzer entfernt", + "userOrgRemovedDescription": "Der Benutzer {email} wurde aus der Organisation entfernt.", + "userQuestionOrgRemove": "Sind Sie sicher, dass Sie {email} aus der Organisation entfernen möchten?", + "userMessageOrgRemove": "Nach dem Entfernen hat dieser Benutzer keinen Zugriff mehr auf die Organisation. Sie können ihn später jederzeit wieder einladen, aber er muss die Einladung erneut annehmen.", + "userMessageOrgConfirm": "Geben Sie zur Bestätigung den Namen des Benutzers unten ein.", + "userRemoveOrgConfirm": "Entfernen des Benutzers bestätigen", + "userRemoveOrg": "Benutzer aus der Organisation entfernen", + "users": "Benutzer", + "accessRoleMember": "Mitglied", + "accessRoleOwner": "Eigentümer", + "userConfirmed": "Bestätigt", + "idpNameInternal": "Intern", + "emailInvalid": "Ungültige E-Mail-Adresse", + "inviteValidityDuration": "Bitte wählen Sie eine Dauer", + "accessRoleSelectPlease": "Bitte wählen Sie eine Rolle", + "usernameRequired": "Benutzername ist erforderlich", + "idpSelectPlease": "Bitte wählen Sie einen Identitätsanbieter", + "idpGenericOidc": "Generischer OAuth2/OIDC-Anbieter.", + "accessRoleErrorFetch": "Fehler beim Abrufen der Rollen", + "accessRoleErrorFetchDescription": "Beim Abrufen der Rollen ist ein Fehler aufgetreten", + "idpErrorFetch": "Fehler beim Abrufen der Identitätsanbieter", + "idpErrorFetchDescription": "Beim Abrufen der Identitätsanbieter ist ein Fehler aufgetreten", + "userErrorExists": "Benutzer existiert bereits", + "userErrorExistsDescription": "Dieser Benutzer ist bereits Mitglied der Organisation.", + "inviteError": "Fehler beim Einladen des Benutzers", + "inviteErrorDescription": "Beim Einladen des Benutzers ist ein Fehler aufgetreten", + "userInvited": "Benutzer eingeladen", + "userInvitedDescription": "Der Benutzer wurde erfolgreich eingeladen.", + "userErrorCreate": "Fehler beim Erstellen des Benutzers", + "userErrorCreateDescription": "Beim Erstellen des Benutzers ist ein Fehler aufgetreten", + "userCreated": "Benutzer erstellt", + "userCreatedDescription": "Der Benutzer wurde erfolgreich erstellt.", + "userTypeInternal": "Interner Benutzer", + "userTypeInternalDescription": "Laden Sie einen Benutzer direkt in Ihre Organisation ein.", + "userTypeExternal": "Externer Benutzer", + "userTypeExternalDescription": "Erstellen Sie einen Benutzer mit einem externen Identitätsanbieter.", + "accessUserCreateDescription": "Folgen Sie den Schritten unten, um einen neuen Benutzer zu erstellen", + "userSeeAll": "Alle Benutzer anzeigen", + "userTypeTitle": "Benutzertyp", + "userTypeDescription": "Legen Sie fest, wie Sie den Benutzer erstellen möchten", + "userSettings": "Benutzerinformationen", + "userSettingsDescription": "Geben Sie die Details für den neuen Benutzer ein", + "inviteEmailSent": "Einladungs-E-Mail an Benutzer senden", + "inviteValid": "Gültig für", + "selectDuration": "Dauer auswählen", + "accessRoleSelect": "Rolle auswählen", + "inviteEmailSentDescription": "Eine E-Mail mit dem Zugangslink wurde an den Benutzer gesendet. Er muss den Link aufrufen, um die Einladung anzunehmen.", + "inviteSentDescription": "Der Benutzer wurde eingeladen. Er muss den unten stehenden Link aufrufen, um die Einladung anzunehmen.", + "inviteExpiresIn": "Die Einladung läuft in {days, plural, one {einem Tag} other {# Tagen}} ab.", + "idpTitle": "Allgemeine Informationen", + "idpSelect": "Wählen Sie den Identitätsanbieter für den externen Benutzer", + "idpNotConfigured": "Es sind keine Identitätsanbieter konfiguriert. Bitte konfigurieren Sie einen Identitätsanbieter, bevor Sie externe Benutzer erstellen.", + "usernameUniq": "Dies muss mit dem eindeutigen Benutzernamen übereinstimmen, der im ausgewählten Identitätsanbieter existiert.", + "emailOptional": "E-Mail (Optional)", + "nameOptional": "Name (optional)", + "accessControls": "Zugriffskontrolle", + "userDescription2": "Verwalten Sie die Einstellungen dieses Benutzers", + "accessRoleErrorAdd": "Fehler beim Hinzufügen des Benutzers zur Rolle", + "accessRoleErrorAddDescription": "Beim Hinzufügen des Benutzers zur Rolle ist ein Fehler aufgetreten.", + "userSaved": "Benutzer gespeichert", + "userSavedDescription": "Der Benutzer wurde aktualisiert.", + "accessControlsDescription": "Verwalten Sie, worauf dieser Benutzer in der Organisation zugreifen und was er tun kann", + "accessControlsSubmit": "Zugriffskontrollen speichern", + "roles": "Rollen", + "accessUsersRoles": "Benutzer & Rollen verwalten", + "accessUsersRolesDescription": "Laden Sie Benutzer ein und fügen Sie sie zu Rollen hinzu, um den Zugriff auf Ihre Organisation zu verwalten", + "key": "Schlüssel", + "createdAt": "Erstellt am", + "proxyErrorInvalidHeader": "Ungültiger benutzerdefinierter Host-Header-Wert. Verwenden Sie das Domänennamensformat oder speichern Sie leer, um den benutzerdefinierten Host-Header zu deaktivieren.", + "proxyErrorTls": "Ungültiger TLS-Servername. Verwenden Sie das Domänennamensformat oder speichern Sie leer, um den TLS-Servernamen zu entfernen.", + "proxyEnableSSL": "SSL aktivieren (https)", + "targetErrorFetch": "Fehler beim Abrufen der Ziele", + "targetErrorFetchDescription": "Beim Abrufen der Ziele ist ein Fehler aufgetreten", + "siteErrorFetch": "Fehler beim Abrufen der Ressource", + "siteErrorFetchDescription": "Beim Abrufen der Ressource ist ein Fehler aufgetreten", + "targetErrorDuplicate": "Doppeltes Ziel", + "targetErrorDuplicateDescription": "Ein Ziel mit diesen Einstellungen existiert bereits", + "targetWireGuardErrorInvalidIp": "Ungültige Ziel-IP", + "targetWireGuardErrorInvalidIpDescription": "Die Ziel-IP muss innerhalb des Standort-Subnets liegen", + "targetsUpdated": "Ziele aktualisiert", + "targetsUpdatedDescription": "Ziele und Einstellungen erfolgreich aktualisiert", + "targetsErrorUpdate": "Fehler beim Aktualisieren der Ziele", + "targetsErrorUpdateDescription": "Beim Aktualisieren der Ziele ist ein Fehler aufgetreten", + "targetTlsUpdate": "TLS-Einstellungen aktualisiert", + "targetTlsUpdateDescription": "Ihre TLS-Einstellungen wurden erfolgreich aktualisiert", + "targetErrorTlsUpdate": "Fehler beim Aktualisieren der TLS-Einstellungen", + "targetErrorTlsUpdateDescription": "Beim Aktualisieren der TLS-Einstellungen ist ein Fehler aufgetreten", + "proxyUpdated": "Proxy-Einstellungen aktualisiert", + "proxyUpdatedDescription": "Ihre Proxy-Einstellungen wurden erfolgreich aktualisiert", + "proxyErrorUpdate": "Fehler beim Aktualisieren der Proxy-Einstellungen", + "proxyErrorUpdateDescription": "Beim Aktualisieren der Proxy-Einstellungen ist ein Fehler aufgetreten", + "targetAddr": "IP / Hostname", + "targetPort": "Port", + "targetProtocol": "Protokoll", + "targetTlsSettings": "Sicherheitskonfiguration", + "targetTlsSettingsDescription": "Konfiguriere SSL/TLS Einstellungen für deine Ressource", + "targetTlsSettingsAdvanced": "Erweiterte TLS-Einstellungen", + "targetTlsSni": "TLS-Servername (SNI)", + "targetTlsSniDescription": "Der zu verwendende TLS-Servername für SNI. Leer lassen, um den Standard zu verwenden.", + "targetTlsSubmit": "Einstellungen speichern", + "targets": "Ziel-Konfiguration", + "targetsDescription": "Richten Sie Ziele ein, um Datenverkehr zu Ihren Backend-Diensten zu leiten", + "targetStickySessions": "Sticky Sessions aktivieren", + "targetStickySessionsDescription": "Verbindungen für die gesamte Sitzung auf demselben Backend-Ziel halten.", + "methodSelect": "Methode auswählen", + "targetSubmit": "Ziel hinzufügen", + "targetNoOne": "Keine Ziele. Fügen Sie ein Ziel über das Formular hinzu.", + "targetNoOneDescription": "Das Hinzufügen von mehr als einem Ziel aktiviert den Lastausgleich.", + "targetsSubmit": "Ziele speichern", + "proxyAdditional": "Zusätzliche Proxy-Einstellungen", + "proxyAdditionalDescription": "Konfigurieren Sie, wie Ihre Ressource mit Proxy-Einstellungen umgeht", + "proxyCustomHeader": "Benutzerdefinierter Host-Header", + "proxyCustomHeaderDescription": "Der Host-Header, der beim Weiterleiten von Anfragen gesetzt werden soll. Leer lassen, um den Standard zu verwenden.", + "proxyAdditionalSubmit": "Proxy-Einstellungen speichern", + "subnetMaskErrorInvalid": "Ungültige Subnetzmaske. Muss zwischen 0 und 32 liegen.", + "ipAddressErrorInvalidFormat": "Ungültiges IP-Adressformat", + "ipAddressErrorInvalidOctet": "Ungültiges IP-Adress-Oktett", + "path": "Pfad", + "ipAddressRange": "IP-Bereich", + "rulesErrorFetch": "Fehler beim Abrufen der Regeln", + "rulesErrorFetchDescription": "Beim Abrufen der Regeln ist ein Fehler aufgetreten", + "rulesErrorDuplicate": "Doppelte Regel", + "rulesErrorDuplicateDescription": "Eine Regel mit diesen Einstellungen existiert bereits", + "rulesErrorInvalidIpAddressRange": "Ungültiger CIDR", + "rulesErrorInvalidIpAddressRangeDescription": "Bitte geben Sie einen gültigen CIDR-Wert ein", + "rulesErrorInvalidUrl": "Ungültiger URL-Pfad", + "rulesErrorInvalidUrlDescription": "Bitte geben Sie einen gültigen URL-Pfad-Wert ein", + "rulesErrorInvalidIpAddress": "Ungültige IP", + "rulesErrorInvalidIpAddressDescription": "Bitte geben Sie eine gültige IP-Adresse ein", + "rulesErrorUpdate": "Fehler beim Aktualisieren der Regeln", + "rulesErrorUpdateDescription": "Beim Aktualisieren der Regeln ist ein Fehler aufgetreten", + "rulesUpdated": "Regeln aktivieren", + "rulesUpdatedDescription": "Die Regelauswertung wurde aktualisiert", + "rulesMatchIpAddressRangeDescription": "Geben Sie eine Adresse im CIDR-Format ein (z.B. 103.21.244.0/22)", + "rulesMatchIpAddress": "Geben Sie eine IP-Adresse ein (z.B. 103.21.244.12)", + "rulesMatchUrl": "Geben Sie einen URL-Pfad oder -Muster ein (z.B. /api/v1/todos oder /api/v1/*)", + "rulesErrorInvalidPriority": "Ungültige Priorität", + "rulesErrorInvalidPriorityDescription": "Bitte geben Sie eine gültige Priorität ein", + "rulesErrorDuplicatePriority": "Doppelte Prioritäten", + "rulesErrorDuplicatePriorityDescription": "Bitte geben Sie eindeutige Prioritäten ein", + "ruleUpdated": "Regeln aktualisiert", + "ruleUpdatedDescription": "Regeln erfolgreich aktualisiert", + "ruleErrorUpdate": "Operation fehlgeschlagen", + "ruleErrorUpdateDescription": "Während des Speichervorgangs ist ein Fehler aufgetreten", + "rulesPriority": "Priorität", + "rulesAction": "Aktion", + "rulesMatchType": "Übereinstimmungstyp", + "value": "Wert", + "rulesAbout": "Über Regeln", + "rulesAboutDescription": "Mit Regeln können Sie den Zugriff auf Ihre Ressource anhand verschiedener Kriterien steuern. Sie können Regeln erstellen, um den Zugriff basierend auf IP-Adresse oder URL-Pfad zu erlauben oder zu verweigern.", + "rulesActions": "Aktionen", + "rulesActionAlwaysAllow": "Immer erlauben: Alle Authentifizierungsmethoden umgehen", + "rulesActionAlwaysDeny": "Immer verweigern: Alle Anfragen blockieren; keine Authentifizierung möglich", + "rulesActionPassToAuth": "Weiterleiten zur Authentifizierung: Erlaubt das Versuchen von Authentifizierungsmethoden", + "rulesMatchCriteria": "Übereinstimmungskriterien", + "rulesMatchCriteriaIpAddress": "Mit einer bestimmten IP-Adresse übereinstimmen", + "rulesMatchCriteriaIpAddressRange": "Mit einem IP-Adressbereich in CIDR-Notation übereinstimmen", + "rulesMatchCriteriaUrl": "Mit einem URL-Pfad oder -Muster übereinstimmen", + "rulesEnable": "Regeln aktivieren", + "rulesEnableDescription": "Regelauswertung für diese Ressource aktivieren oder deaktivieren", + "rulesResource": "Ressourcen-Regelkonfiguration", + "rulesResourceDescription": "Konfigurieren Sie Regeln zur Steuerung des Zugriffs auf Ihre Ressource", + "ruleSubmit": "Regel hinzufügen", + "rulesNoOne": "Keine Regeln. Fügen Sie eine Regel über das Formular hinzu.", + "rulesOrder": "Regeln werden nach aufsteigender Priorität ausgewertet.", + "rulesSubmit": "Regeln speichern", + "resourceErrorCreate": "Fehler beim Erstellen der Ressource", + "resourceErrorCreateDescription": "Beim Erstellen der Ressource ist ein Fehler aufgetreten", + "resourceErrorCreateMessage": "Fehler beim Erstellen der Ressource:", + "resourceErrorCreateMessageDescription": "Ein unerwarteter Fehler ist aufgetreten", + "sitesErrorFetch": "Fehler beim Abrufen der Standorte", + "sitesErrorFetchDescription": "Beim Abrufen der Standorte ist ein Fehler aufgetreten", + "domainsErrorFetch": "Fehler beim Abrufen der Domains", + "domainsErrorFetchDescription": "Beim Abrufen der Domains ist ein Fehler aufgetreten", + "none": "Keine", + "unknown": "Unbekannt", + "resources": "Ressourcen", + "resourcesDescription": "Ressourcen sind Proxies zu Anwendungen in Ihrem privaten Netzwerk. Erstellen Sie eine Ressource für jeden HTTP/HTTPS- oder rohen TCP/UDP-Dienst in Ihrem privaten Netzwerk. Jede Ressource muss mit einer Site verbunden sein, um private, sichere Konnektivität über einen verschlüsselten WireGuard-Tunnel zu ermöglichen.", + "resourcesWireGuardConnect": "Sichere Verbindung mit WireGuard-Verschlüsselung", + "resourcesMultipleAuthenticationMethods": "Mehrere Authentifizierungsmethoden konfigurieren", + "resourcesUsersRolesAccess": "Benutzer- und rollenbasierte Zugriffskontrolle", + "resourcesErrorUpdate": "Fehler beim Umschalten der Ressource", + "resourcesErrorUpdateDescription": "Beim Aktualisieren der Ressource ist ein Fehler aufgetreten", + "access": "Zugriff", + "shareLink": "{resource} Freigabe-Link", + "resourceSelect": "Ressource auswählen", + "shareLinks": "Freigabe-Links", + "share": "Teilbare Links", + "shareDescription2": "Erstellen Sie teilbare Links zu Ihren Ressourcen. Links bieten temporären oder unbegrenzten Zugriff auf Ihre Ressource. Sie können die Ablaufzeit des Links bei der Erstellung konfigurieren.", + "shareEasyCreate": "Einfach zu erstellen und zu teilen", + "shareConfigurableExpirationDuration": "Konfigurierbare Ablaufzeit", + "shareSecureAndRevocable": "Sicher und widerrufbar", + "nameMin": "Der Name muss mindestens {len} Zeichen lang sein.", + "nameMax": "Der Name darf nicht länger als {len} Zeichen sein.", + "sitesConfirmCopy": "Bitte bestätigen Sie, dass Sie die Konfiguration kopiert haben.", + "unknownCommand": "Unbekannter Befehl", + "newtErrorFetchReleases": "Fehler beim Abrufen der Release-Informationen: {err}", + "newtErrorFetchLatest": "Fehler beim Abrufen der neuesten Version: {err}", + "newtEndpoint": "Newt-Endpunkt", + "newtId": "Newt-ID", + "newtSecretKey": "Newt-Geheimschlüssel", + "architecture": "Architektur", + "sites": "Standorte", + "siteWgAnyClients": "Verwenden Sie einen beliebigen WireGuard-Client zur Verbindung. Sie müssen Ihre internen Ressourcen über die Peer-IP adressieren.", + "siteWgCompatibleAllClients": "Kompatibel mit allen WireGuard-Clients", + "siteWgManualConfigurationRequired": "Manuelle Konfiguration erforderlich", + "userErrorNotAdminOrOwner": "Benutzer ist kein Administrator oder Eigentümer", + "pangolinSettings": "Einstellungen - Pangolin", + "accessRoleYour": "Ihre {count, plural, =1 {Rolle} other {Rollen}}:", + "accessRoleSelect2": "Wähle eine Rolle", + "accessUserSelect": "Wähle einen Benutzer", + "otpEmailEnter": "E-Mail-Adresse eingeben", + "otpEmailEnterDescription": "Drücken Sie Enter, um eine E-Mail nach der Eingabe im Eingabefeld hinzuzufügen.", + "otpEmailErrorInvalid": "Ungültige E-Mail-Adresse. Platzhalter (*) muss der gesamte lokale Teil sein.", + "otpEmailSmtpRequired": "SMTP erforderlich", + "otpEmailSmtpRequiredDescription": "SMTP muss auf dem Server aktiviert sein, um die Einmal-Passwort-Authentifizierung zu verwenden.", + "otpEmailTitle": "Einmal-Passwörter", + "otpEmailTitleDescription": "E-Mail-basierte Authentifizierung für Ressourcenzugriff erforderlich", + "otpEmailWhitelist": "E-Mail-Whitelist", + "otpEmailWhitelistList": "Zugelassene E-Mails", + "otpEmailWhitelistListDescription": "Nur Benutzer mit diesen E-Mail-Adressen können auf diese Ressource zugreifen. Sie werden aufgefordert, ein an ihre E-Mail gesendetes Einmal-Passwort einzugeben. Platzhalter (*@example.com) können verwendet werden, um E-Mail-Adressen einer Domain zuzulassen.", + "otpEmailWhitelistSave": "Whitelist speichern", + "passwordAdd": "Passwort hinzufügen", + "passwordRemove": "Passwort entfernen", + "pincodeAdd": "PIN-Code hinzufügen", + "pincodeRemove": "PIN-Code entfernen", + "resourceAuthMethods": "Authentifizierungsmethoden", + "resourceAuthMethodsDescriptions": "Ermöglichen Sie den Zugriff auf die Ressource über zusätzliche Authentifizierungsmethoden", + "resourceAuthSettingsSave": "Erfolgreich gespeichert", + "resourceAuthSettingsSaveDescription": "Authentifizierungseinstellungen wurden gespeichert", + "resourceErrorAuthFetch": "Fehler beim Abrufen der Daten", + "resourceErrorAuthFetchDescription": "Beim Abrufen der Daten ist ein Fehler aufgetreten", + "resourceErrorPasswordRemove": "Fehler beim Entfernen des Ressourcenpassworts", + "resourceErrorPasswordRemoveDescription": "Beim Entfernen des Ressourcenpassworts ist ein Fehler aufgetreten", + "resourceErrorPasswordSetup": "Fehler beim Einrichten des Ressourcenpassworts", + "resourceErrorPasswordSetupDescription": "Beim Einrichten des Ressourcenpassworts ist ein Fehler aufgetreten", + "resourceErrorPincodeRemove": "Fehler beim Entfernen des Ressourcen-PIN-Codes", + "resourceErrorPincodeRemoveDescription": "Beim Entfernen des Ressourcen-PIN-Codes ist ein Fehler aufgetreten", + "resourceErrorPincodeSetup": "Fehler beim Einrichten des Ressourcen-PIN-Codes", + "resourceErrorPincodeSetupDescription": "Beim Einrichten des Ressourcen-PIN-Codes ist ein Fehler aufgetreten", + "resourceErrorUsersRolesSave": "Fehler beim Speichern der Rollen", + "resourceErrorUsersRolesSaveDescription": "Beim Speichern der Rollen ist ein Fehler aufgetreten", + "resourceErrorWhitelistSave": "Fehler beim Speichern der Whitelist", + "resourceErrorWhitelistSaveDescription": "Beim Speichern der Whitelist ist ein Fehler aufgetreten", + "resourcePasswordSubmit": "Passwortschutz aktivieren", + "resourcePasswordProtection": "Passwortschutz {status}", + "resourcePasswordRemove": "Ressourcenpasswort entfernt", + "resourcePasswordRemoveDescription": "Das Ressourcenpasswort wurde erfolgreich entfernt", + "resourcePasswordSetup": "Ressourcenpasswort festgelegt", + "resourcePasswordSetupDescription": "Das Ressourcenpasswort wurde erfolgreich festgelegt", + "resourcePasswordSetupTitle": "Passwort festlegen", + "resourcePasswordSetupTitleDescription": "Legen Sie ein Passwort fest, um diese Ressource zu schützen", + "resourcePincode": "PIN-Code", + "resourcePincodeSubmit": "PIN-Code-Schutz aktivieren", + "resourcePincodeProtection": "PIN-Code-Schutz {status}", + "resourcePincodeRemove": "Ressourcen-PIN-Code entfernt", + "resourcePincodeRemoveDescription": "Der Ressourcen-PIN-Code wurde erfolgreich entfernt", + "resourcePincodeSetup": "Ressourcen-PIN-Code festgelegt", + "resourcePincodeSetupDescription": "Der Ressourcen-PIN-Code wurde erfolgreich festgelegt", + "resourcePincodeSetupTitle": "PIN-Code festlegen", + "resourcePincodeSetupTitleDescription": "Legen Sie einen PIN-Code fest, um diese Ressource zu schützen", + "resourceRoleDescription": "Administratoren haben immer Zugriff auf diese Ressource.", + "resourceUsersRoles": "Benutzer & Rollen", + "resourceUsersRolesDescription": "Konfigurieren Sie, welche Benutzer und Rollen diese Ressource besuchen können", + "resourceUsersRolesSubmit": "Benutzer & Rollen speichern", + "resourceWhitelistSave": "Erfolgreich gespeichert", + "resourceWhitelistSaveDescription": "Whitelist-Einstellungen wurden gespeichert", + "ssoUse": "Plattform SSO verwenden", + "ssoUseDescription": "Bestehende Benutzer müssen sich nur einmal für alle Ressourcen anmelden, bei denen dies aktiviert ist.", + "proxyErrorInvalidPort": "Ungültige Portnummer", + "subdomainErrorInvalid": "Ungültige Subdomain", + "domainErrorFetch": "Fehler beim Abrufen der Domains", + "domainErrorFetchDescription": "Beim Abrufen der Domains ist ein Fehler aufgetreten", + "resourceErrorUpdate": "Ressource konnte nicht aktualisiert werden", + "resourceErrorUpdateDescription": "Beim Aktualisieren der Ressource ist ein Fehler aufgetreten", + "resourceUpdated": "Ressource aktualisiert", + "resourceUpdatedDescription": "Die Ressource wurde erfolgreich aktualisiert", + "resourceErrorTransfer": "Ressource konnte nicht übertragen werden", + "resourceErrorTransferDescription": "Beim Übertragen der Ressource ist ein Fehler aufgetreten", + "resourceTransferred": "Ressource übertragen", + "resourceTransferredDescription": "Die Ressource wurde erfolgreich übertragen", + "resourceErrorToggle": "Ressource konnte nicht umgeschaltet werden", + "resourceErrorToggleDescription": "Beim Aktualisieren der Ressource ist ein Fehler aufgetreten", + "resourceVisibilityTitle": "Sichtbarkeit", + "resourceVisibilityTitleDescription": "Ressourcensichtbarkeit vollständig aktivieren oder deaktivieren", + "resourceGeneral": "Allgemeine Einstellungen", + "resourceGeneralDescription": "Konfigurieren Sie die allgemeinen Einstellungen für diese Ressource", + "resourceEnable": "Ressource aktivieren", + "resourceTransfer": "Ressource übertragen", + "resourceTransferDescription": "Diese Ressource auf einen anderen Standort übertragen", + "resourceTransferSubmit": "Ressource übertragen", + "siteDestination": "Zielort", + "searchSites": "Standorte durchsuchen", + "accessRoleCreate": "Rolle erstellen", + "accessRoleCreateDescription": "Erstellen Sie eine neue Rolle, um Benutzer zu gruppieren und ihre Berechtigungen zu verwalten.", + "accessRoleCreateSubmit": "Rolle erstellen", + "accessRoleCreated": "Rolle erstellt", + "accessRoleCreatedDescription": "Die Rolle wurde erfolgreich erstellt.", + "accessRoleErrorCreate": "Fehler beim Erstellen der Rolle", + "accessRoleErrorCreateDescription": "Beim Erstellen der Rolle ist ein Fehler aufgetreten.", + "accessRoleErrorNewRequired": "Neue Rolle ist erforderlich", + "accessRoleErrorRemove": "Fehler beim Entfernen der Rolle", + "accessRoleErrorRemoveDescription": "Beim Entfernen der Rolle ist ein Fehler aufgetreten.", + "accessRoleName": "Rollenname", + "accessRoleQuestionRemove": "Sie sind dabei, die Rolle {name} zu löschen. Diese Aktion kann nicht rückgängig gemacht werden.", + "accessRoleRemove": "Rolle entfernen", + "accessRoleRemoveDescription": "Eine Rolle aus der Organisation entfernen", + "accessRoleRemoveSubmit": "Rolle entfernen", + "accessRoleRemoved": "Rolle entfernt", + "accessRoleRemovedDescription": "Die Rolle wurde erfolgreich entfernt.", + "accessRoleRequiredRemove": "Bevor Sie diese Rolle löschen, wählen Sie bitte eine neue Rolle aus, zu der die bestehenden Mitglieder übertragen werden sollen.", + "manage": "Verwalten", + "sitesNotFound": "Keine Standorte gefunden.", + "pangolinServerAdmin": "Server-Admin - Pangolin", + "licenseTierProfessional": "Professional Lizenz", + "licenseTierEnterprise": "Enterprise Lizenz", + "licenseTierCommercial": "Gewerbliche Lizenz", + "licensed": "Lizenziert", + "yes": "Ja", + "no": "Nein", + "sitesAdditional": "Zusätzliche Standorte", + "licenseKeys": "Lizenzschlüssel", + "sitestCountDecrease": "Anzahl der Standorte verringern", + "sitestCountIncrease": "Anzahl der Standorte erhöhen", + "idpManage": "Identitätsanbieter verwalten", + "idpManageDescription": "Identitätsanbieter im System anzeigen und verwalten", + "idpDeletedDescription": "Identitätsanbieter erfolgreich gelöscht", + "idpOidc": "OAuth2/OIDC", + "idpQuestionRemove": "Sind Sie sicher, dass Sie den Identitätsanbieter {name} dauerhaft löschen möchten?", + "idpMessageRemove": "Dies wird den Identitätsanbieter und alle zugehörigen Konfigurationen entfernen. Benutzer, die sich über diesen Anbieter authentifizieren, können sich nicht mehr anmelden.", + "idpMessageConfirm": "Bitte geben Sie zur Bestätigung den Namen des Identitätsanbieters unten ein.", + "idpConfirmDelete": "Löschen des Identitätsanbieters bestätigen", + "idpDelete": "Identitätsanbieter löschen", + "idp": "Identitätsanbieter", + "idpSearch": "Identitätsanbieter suchen...", + "idpAdd": "Identitätsanbieter hinzufügen", + "idpClientIdRequired": "Client-ID ist erforderlich.", + "idpClientSecretRequired": "Client-Secret ist erforderlich.", + "idpErrorAuthUrlInvalid": "Auth-URL muss eine gültige URL sein.", + "idpErrorTokenUrlInvalid": "Token-URL muss eine gültige URL sein.", + "idpPathRequired": "Identifikationspfad ist erforderlich.", + "idpScopeRequired": "Scopes sind erforderlich.", + "idpOidcDescription": "Konfigurieren Sie einen OpenID Connect Identitätsanbieter", + "idpCreatedDescription": "Identitätsanbieter erfolgreich erstellt", + "idpCreate": "Identitätsanbieter erstellen", + "idpCreateDescription": "Konfigurieren Sie einen neuen Identitätsanbieter für die Benutzerauthentifizierung", + "idpSeeAll": "Alle Identitätsanbieter anzeigen", + "idpSettingsDescription": "Konfigurieren Sie die grundlegenden Informationen für Ihren Identitätsanbieter", + "idpDisplayName": "Ein Anzeigename für diesen Identitätsanbieter", + "idpAutoProvisionUsers": "Automatische Benutzerbereitstellung", + "idpAutoProvisionUsersDescription": "Wenn aktiviert, werden Benutzer beim ersten Login automatisch im System erstellt, mit der Möglichkeit, Benutzer Rollen und Organisationen zuzuordnen.", + "licenseBadge": "Profi", + "idpType": "Anbietertyp", + "idpTypeDescription": "Wählen Sie den Typ des Identitätsanbieters, den Sie konfigurieren möchten", + "idpOidcConfigure": "OAuth2/OIDC Konfiguration", + "idpOidcConfigureDescription": "Konfigurieren Sie die OAuth2/OIDC Anbieter-Endpunkte und Anmeldeinformationen", + "idpClientId": "Client-ID", + "idpClientIdDescription": "Die OAuth2 Client-ID von Ihrem Identitätsanbieter", + "idpClientSecret": "Client-Secret", + "idpClientSecretDescription": "Das OAuth2 Client-Secret von Ihrem Identitätsanbieter", + "idpAuthUrl": "Autorisierungs-URL", + "idpAuthUrlDescription": "Die OAuth2 Autorisierungs-Endpunkt-URL", + "idpTokenUrl": "Token-URL", + "idpTokenUrlDescription": "Die OAuth2 Token-Endpunkt-URL", + "idpOidcConfigureAlert": "Wichtige Information", + "idpOidcConfigureAlertDescription": "Nach dem Erstellen des Identitätsanbieters müssen Sie die Callback-URL in den Einstellungen Ihres Identitätsanbieters konfigurieren. Die Callback-URL wird nach erfolgreicher Erstellung bereitgestellt.", + "idpToken": "Token-Konfiguration", + "idpTokenDescription": "Konfigurieren Sie, wie Benutzerinformationen aus dem ID-Token extrahiert werden", + "idpJmespathAbout": "Über JMESPath", + "idpJmespathAboutDescription": "Die unten stehenden Pfade verwenden JMESPath-Syntax, um Werte aus dem ID-Token zu extrahieren.", + "idpJmespathAboutDescriptionLink": "Mehr über JMESPath erfahren", + "idpJmespathLabel": "Identifikationspfad", + "idpJmespathLabelDescription": "Der JMESPath zum Benutzeridentifikator im ID-Token", + "idpJmespathEmailPathOptional": "E-Mail-Pfad (Optional)", + "idpJmespathEmailPathOptionalDescription": "Der JMESPath zur E-Mail-Adresse des Benutzers im ID-Token", + "idpJmespathNamePathOptional": "Namenspfad (Optional)", + "idpJmespathNamePathOptionalDescription": "Der JMESPath zum Namen des Benutzers im ID-Token", + "idpOidcConfigureScopes": "Bereiche", + "idpOidcConfigureScopesDescription": "Durch Leerzeichen getrennte Liste der anzufordernden OAuth2-Scopes", + "idpSubmit": "Identitätsanbieter erstellen", + "orgPolicies": "Organisationsrichtlinien", + "idpSettings": "{idpName} Einstellungen", + "idpCreateSettingsDescription": "Konfigurieren Sie die Einstellungen für Ihren Identitätsanbieter", + "roleMapping": "Rollenzuordnung", + "orgMapping": "Organisationszuordnung", + "orgPoliciesSearch": "Organisationsrichtlinien suchen...", + "orgPoliciesAdd": "Organisationsrichtlinie hinzufügen", + "orgRequired": "Organisation ist erforderlich", + "error": "Fehler", + "success": "Erfolg", + "orgPolicyAddedDescription": "Richtlinie erfolgreich hinzugefügt", + "orgPolicyUpdatedDescription": "Richtlinie erfolgreich aktualisiert", + "orgPolicyDeletedDescription": "Richtlinie erfolgreich gelöscht", + "defaultMappingsUpdatedDescription": "Standardzuordnungen erfolgreich aktualisiert", + "orgPoliciesAbout": "Über Organisationsrichtlinien", + "orgPoliciesAboutDescription": "Organisationsrichtlinien werden verwendet, um den Zugriff auf Organisationen basierend auf dem ID-Token des Benutzers zu steuern. Sie können JMESPath-Ausdrücke angeben, um Rollen- und Organisationsinformationen aus dem ID-Token zu extrahieren. Weitere Informationen finden Sie in", + "orgPoliciesAboutDescriptionLink": "der Dokumentation", + "defaultMappingsOptional": "Standardzuordnungen (Optional)", + "defaultMappingsOptionalDescription": "Die Standardzuordnungen werden verwendet, wenn keine Organisationsrichtlinie für eine Organisation definiert ist. Sie können hier die Standard-Rollen- und Organisationszuordnungen festlegen.", + "defaultMappingsRole": "Standard-Rollenzuordnung", + "defaultMappingsRoleDescription": "JMESPath zur Extraktion von Rolleninformationen aus dem ID-Token. Das Ergebnis dieses Ausdrucks muss den Rollennamen als String zurückgeben, wie er in der Organisation definiert ist.", + "defaultMappingsOrg": "Standard-Organisationszuordnung", + "defaultMappingsOrgDescription": "JMESPath zur Extraktion von Organisationsinformationen aus dem ID-Token. Dieser Ausdruck muss die Organisations-ID oder true zurückgeben, damit der Benutzer Zugriff auf die Organisation erhält.", + "defaultMappingsSubmit": "Standardzuordnungen speichern", + "orgPoliciesEdit": "Organisationsrichtlinie bearbeiten", + "org": "Organisation", + "orgSelect": "Organisation auswählen", + "orgSearch": "Organisation suchen", + "orgNotFound": "Keine Organisation gefunden.", + "roleMappingPathOptional": "Rollenzuordnungspfad (Optional)", + "orgMappingPathOptional": "Organisationszuordnungspfad (Optional)", + "orgPolicyUpdate": "Richtlinie aktualisieren", + "orgPolicyAdd": "Richtlinie hinzufügen", + "orgPolicyConfig": "Zugriff für eine Organisation konfigurieren", + "idpUpdatedDescription": "Identitätsanbieter erfolgreich aktualisiert", + "redirectUrl": "Weiterleitungs-URL", + "redirectUrlAbout": "Über die Weiterleitungs-URL", + "redirectUrlAboutDescription": "Dies ist die URL, zu der Benutzer nach der Authentifizierung weitergeleitet werden. Sie müssen diese URL in den Einstellungen Ihres Identitätsanbieters konfigurieren.", + "pangolinAuth": "Authentifizierung - Pangolin", + "verificationCodeLengthRequirements": "Ihr Verifizierungscode muss 8 Zeichen lang sein.", + "errorOccurred": "Ein Fehler ist aufgetreten", + "emailErrorVerify": "E-Mail konnte nicht verifiziert werden:", + "emailVerified": "E-Mail erfolgreich verifiziert! Sie werden weitergeleitet...", + "verificationCodeErrorResend": "Verifizierungscode konnte nicht erneut gesendet werden:", + "verificationCodeResend": "Verifizierungscode erneut gesendet", + "verificationCodeResendDescription": "Wir haben einen neuen Verifizierungscode an Ihre E-Mail-Adresse gesendet. Bitte prüfen Sie Ihren Posteingang.", + "emailVerify": "E-Mail verifizieren", + "emailVerifyDescription": "Geben Sie den an Ihre E-Mail-Adresse gesendeten Verifizierungscode ein.", + "verificationCode": "Verifizierungscode", + "verificationCodeEmailSent": "Wir haben einen Verifizierungscode an Ihre E-Mail-Adresse gesendet.", + "submit": "Absenden", + "emailVerifyResendProgress": "Wird erneut gesendet...", + "emailVerifyResend": "Keinen Code erhalten? Hier klicken zum erneuten Senden", + "passwordNotMatch": "Passwörter stimmen nicht überein", + "signupError": "Beim Registrieren ist ein Fehler aufgetreten", + "pangolinLogoAlt": "Pangolin-Logo", + "inviteAlready": "Sieht aus, als wären Sie eingeladen worden!", + "inviteAlreadyDescription": "Um die Einladung anzunehmen, müssen Sie sich einloggen oder ein Konto erstellen.", + "signupQuestion": "Haben Sie bereits ein Konto?", + "login": "Anmelden", + "resourceNotFound": "Ressource nicht gefunden", + "resourceNotFoundDescription": "Die Ressource, auf die Sie zugreifen möchten, existiert nicht.", + "pincodeRequirementsLength": "PIN muss genau 6 Ziffern lang sein", + "pincodeRequirementsChars": "PIN darf nur Zahlen enthalten", + "passwordRequirementsLength": "Passwort muss mindestens 1 Zeichen lang sein", + "passwordRequirementsTitle": "Passwortanforderungen:", + "passwordRequirementLength": "Mindestens 8 Zeichen lang", + "passwordRequirementUppercase": "Mindestens ein Großbuchstabe", + "passwordRequirementLowercase": "Mindestens ein Kleinbuchstabe", + "passwordRequirementNumber": "Mindestens eine Zahl", + "passwordRequirementSpecial": "Mindestens ein Sonderzeichen", + "passwordRequirementsMet": "✓ Passwort erfüllt alle Anforderungen", + "passwordStrength": "Passwortstärke", + "passwordStrengthWeak": "Schwach", + "passwordStrengthMedium": "Mittel", + "passwordStrengthStrong": "Stark", + "passwordRequirements": "Anforderungen:", + "passwordRequirementLengthText": "8+ Zeichen", + "passwordRequirementUppercaseText": "Großbuchstabe (A-Z)", + "passwordRequirementLowercaseText": "Kleinbuchstabe (a-z)", + "passwordRequirementNumberText": "Zahl (0-9)", + "passwordRequirementSpecialText": "Sonderzeichen (!@#$%...)", + "passwordsDoNotMatch": "Passwörter stimmen nicht überein", + "otpEmailRequirementsLength": "OTP muss mindestens 1 Zeichen lang sein", + "otpEmailSent": "OTP gesendet", + "otpEmailSentDescription": "Ein OTP wurde an Ihre E-Mail gesendet", + "otpEmailErrorAuthenticate": "Authentifizierung per E-Mail fehlgeschlagen", + "pincodeErrorAuthenticate": "Authentifizierung per PIN fehlgeschlagen", + "passwordErrorAuthenticate": "Authentifizierung per Passwort fehlgeschlagen", + "poweredBy": "Bereitgestellt von", + "authenticationRequired": "Authentifizierung erforderlich", + "authenticationMethodChoose": "Wählen Sie Ihre bevorzugte Methode für den Zugriff auf {name}", + "authenticationRequest": "Sie müssen sich authentifizieren, um auf {name} zuzugreifen", + "user": "Benutzer", + "pincodeInput": "6-stelliger PIN-Code", + "pincodeSubmit": "Mit PIN anmelden", + "passwordSubmit": "Mit Passwort anmelden", + "otpEmailDescription": "Ein Einmalcode wird an diese E-Mail gesendet.", + "otpEmailSend": "Einmalcode senden", + "otpEmail": "Einmalpasswort (OTP)", + "otpEmailSubmit": "OTP absenden", + "backToEmail": "Zurück zur E-Mail", + "noSupportKey": "Server läuft ohne Unterstützungsschlüssel. Erwägen Sie die Unterstützung des Projekts!", + "accessDenied": "Zugriff verweigert", + "accessDeniedDescription": "Sie haben keine Berechtigung, auf diese Ressource zuzugreifen. Falls dies ein Fehler ist, kontaktieren Sie bitte den Administrator.", + "accessTokenError": "Fehler beim Prüfen des Zugriffstokens", + "accessGranted": "Zugriff gewährt", + "accessUrlInvalid": "Zugriffs-URL ungültig", + "accessGrantedDescription": "Ihnen wurde Zugriff auf diese Ressource gewährt. Sie werden weitergeleitet...", + "accessUrlInvalidDescription": "Diese geteilte Zugriffs-URL ist ungültig. Bitte kontaktieren Sie den Ressourceneigentümer für eine neue URL.", + "tokenInvalid": "Ungültiger Token", + "pincodeInvalid": "Ungültiger Code", + "passwordErrorRequestReset": "Zurücksetzung konnte nicht angefordert werden:", + "passwordErrorReset": "Passwort konnte nicht zurückgesetzt werden:", + "passwordResetSuccess": "Passwort erfolgreich zurückgesetzt! Zurück zur Anmeldung...", + "passwordReset": "Passwort zurücksetzen", + "passwordResetDescription": "Folgen Sie den Schritten, um Ihr Passwort zurückzusetzen", + "passwordResetSent": "Wir senden einen Code zum Zurücksetzen des Passworts an diese E-Mail-Adresse.", + "passwordResetCode": "Reset-Code", + "passwordResetCodeDescription": "Prüfen Sie Ihre E-Mail für den Reset-Code.", + "passwordNew": "Neues Passwort", + "passwordNewConfirm": "Neues Passwort bestätigen", + "pincodeAuth": "Authentifizierungscode", + "pincodeSubmit2": "Code absenden", + "passwordResetSubmit": "Zurücksetzung anfordern", + "passwordBack": "Zurück zum Passwort", + "loginBack": "Zurück zur Anmeldung", + "signup": "Registrieren", + "loginStart": "Melden Sie sich an, um zu beginnen", + "idpOidcTokenValidating": "OIDC-Token wird validiert", + "idpOidcTokenResponse": "OIDC-Token-Antwort validieren", + "idpErrorOidcTokenValidating": "Fehler beim Validieren des OIDC-Tokens", + "idpConnectingTo": "Verbindung zu {name} wird hergestellt", + "idpConnectingToDescription": "Ihre Identität wird überprüft", + "idpConnectingToProcess": "Verbindung wird hergestellt...", + "idpConnectingToFinished": "Verbunden", + "idpErrorConnectingTo": "Es gab ein Problem bei der Verbindung zu {name}. Bitte kontaktieren Sie Ihren Administrator.", + "idpErrorNotFound": "IdP nicht gefunden", + "inviteInvalid": "Ungültige Einladung", + "inviteInvalidDescription": "Der Einladungslink ist ungültig.", + "inviteErrorWrongUser": "Einladung ist nicht für diesen Benutzer", + "inviteErrorUserNotExists": "Benutzer existiert nicht. Bitte erstelle zuerst ein Konto.", + "inviteErrorLoginRequired": "Du musst angemeldet sein, um eine Einladung anzunehmen", + "inviteErrorExpired": "Die Einladung ist möglicherweise abgelaufen", + "inviteErrorRevoked": "Die Einladung wurde möglicherweise widerrufen", + "inviteErrorTypo": "Es könnte ein Tippfehler im Einladungslink sein", + "pangolinSetup": "Einrichtung - Pangolin", + "orgNameRequired": "Organisationsname ist erforderlich", + "orgIdRequired": "Organisations-ID ist erforderlich", + "orgErrorCreate": "Beim Erstellen der Organisation ist ein Fehler aufgetreten", + "pageNotFound": "Seite nicht gefunden", + "pageNotFoundDescription": "Hoppla! Die gesuchte Seite existiert nicht.", + "overview": "Übersicht", + "home": "Startseite", + "accessControl": "Zugriffskontrolle", + "settings": "Einstellungen", + "usersAll": "Alle Benutzer", + "license": "Lizenz", + "pangolinDashboard": "Dashboard - Pangolin", + "noResults": "Keine Ergebnisse gefunden.", + "terabytes": "{count} TB", + "gigabytes": "{count} GB", + "megabytes": "{count} MB", + "tagsEntered": "Eingegebene Tags", + "tagsEnteredDescription": "Dies sind die von Ihnen eingegebenen Tags.", + "tagsWarnCannotBeLessThanZero": "maxTags und minTags können nicht kleiner als 0 sein", + "tagsWarnNotAllowedAutocompleteOptions": "Tag ist laut Autovervollständigungsoptionen nicht erlaubt", + "tagsWarnInvalid": "Ungültiger Tag laut validateTag", + "tagWarnTooShort": "Tag {tagText} ist zu kurz", + "tagWarnTooLong": "Tag {tagText} ist zu lang", + "tagsWarnReachedMaxNumber": "Maximale Anzahl erlaubter Tags erreicht", + "tagWarnDuplicate": "Doppelter Tag {tagText} nicht hinzugefügt", + "supportKeyInvalid": "Ungültiger Schlüssel", + "supportKeyInvalidDescription": "Ihr Unterstützer-Schlüssel ist ungültig.", + "supportKeyValid": "Gültiger Schlüssel", + "supportKeyValidDescription": "Ihr Unterstützer-Schlüssel wurde validiert. Danke für Ihre Unterstützung!", + "supportKeyErrorValidationDescription": "Unterstützer-Schlüssel konnte nicht validiert werden.", + "supportKey": "Unterstütze die Entwicklung und adoptiere ein Pangolin!", + "supportKeyDescription": "Kaufen Sie einen Unterstützer-Schlüssel, um uns bei der Weiterentwicklung von Pangolin für die Community zu helfen. Ihr Beitrag ermöglicht es uns, mehr Zeit in die Wartung und neue Funktionen für alle zu investieren. Wir werden dies nie für Paywalls nutzen. Dies ist unabhängig von der Commercial Edition.", + "supportKeyPet": "Sie können auch Ihr eigenes Pangolin-Haustier adoptieren und kennenlernen!", + "supportKeyPurchase": "Zahlungen werden über GitHub abgewickelt. Danach können Sie Ihren Schlüssel auf", + "supportKeyPurchaseLink": "unserer Website", + "supportKeyPurchase2": "abrufen und hier einlösen.", + "supportKeyLearnMore": "Mehr erfahren.", + "supportKeyOptions": "Bitte wählen Sie die Option, die am besten zu Ihnen passt.", + "supportKetOptionFull": "Voller Unterstützer", + "forWholeServer": "Für den gesamten Server", + "lifetimePurchase": "Lebenslanger Kauf", + "supporterStatus": "Unterstützer-Status", + "buy": "Kaufen", + "supportKeyOptionLimited": "Eingeschränkter Unterstützer", + "forFiveUsers": "Für 5 oder weniger Benutzer", + "supportKeyRedeem": "Unterstützer-Schlüssel einlösen", + "supportKeyHideSevenDays": "7 Tage ausblenden", + "supportKeyEnter": "Unterstützer-Schlüssel eingeben", + "supportKeyEnterDescription": "Treffen Sie Ihr eigenes Pangolin-Haustier!", + "githubUsername": "GitHub Benutzername", + "supportKeyInput": "Unterstützer-Schlüssel", + "supportKeyBuy": "Unterstützer-Schlüssel kaufen", + "logoutError": "Fehler beim Abmelden", + "signingAs": "Angemeldet als", + "serverAdmin": "Server-Administrator", + "managedSelfhosted": "Verwaltetes Selbsthosted", + "otpEnable": "Zwei-Faktor aktivieren", + "otpDisable": "Zwei-Faktor deaktivieren", + "logout": "Abmelden", + "licenseTierProfessionalRequired": "Professional Edition erforderlich", + "licenseTierProfessionalRequiredDescription": "Diese Funktion ist nur in der Professional Edition verfügbar.", + "actionGetOrg": "Organisation abrufen", + "actionUpdateOrg": "Organisation aktualisieren", + "actionUpdateUser": "Benutzer aktualisieren", + "actionGetUser": "Benutzer abrufen", + "actionGetOrgUser": "Organisationsbenutzer abrufen", + "actionListOrgDomains": "Organisationsdomänen auflisten", + "actionCreateSite": "Standort erstellen", + "actionDeleteSite": "Standort löschen", + "actionGetSite": "Standort abrufen", + "actionListSites": "Standorte auflisten", + "setupToken": "Setup-Token", + "setupTokenDescription": "Geben Sie das Setup-Token von der Serverkonsole ein.", + "setupTokenRequired": "Setup-Token ist erforderlich", + "actionUpdateSite": "Standorte aktualisieren", + "actionListSiteRoles": "Erlaubte Standort-Rollen auflisten", + "actionCreateResource": "Ressource erstellen", + "actionDeleteResource": "Ressource löschen", + "actionGetResource": "Ressource abrufen", + "actionListResource": "Ressourcen auflisten", + "actionUpdateResource": "Ressource aktualisieren", + "actionListResourceUsers": "Ressourcenbenutzer auflisten", + "actionSetResourceUsers": "Ressourcenbenutzer festlegen", + "actionSetAllowedResourceRoles": "Erlaubte Ressourcenrollen festlegen", + "actionListAllowedResourceRoles": "Erlaubte Ressourcenrollen auflisten", + "actionSetResourcePassword": "Ressourcenpasswort festlegen", + "actionSetResourcePincode": "Ressourcen-PIN festlegen", + "actionSetResourceEmailWhitelist": "Ressourcen-E-Mail-Whitelist festlegen", + "actionGetResourceEmailWhitelist": "Ressourcen-E-Mail-Whitelist abrufen", + "actionCreateTarget": "Ziel erstellen", + "actionDeleteTarget": "Ziel löschen", + "actionGetTarget": "Ziel abrufen", + "actionListTargets": "Ziele auflisten", + "actionUpdateTarget": "Ziel aktualisieren", + "actionCreateRole": "Rolle erstellen", + "actionDeleteRole": "Rolle löschen", + "actionGetRole": "Rolle abrufen", + "actionListRole": "Rollen auflisten", + "actionUpdateRole": "Rolle aktualisieren", + "actionListAllowedRoleResources": "Erlaubte Rollenressourcen auflisten", + "actionInviteUser": "Benutzer einladen", + "actionRemoveUser": "Benutzer entfernen", + "actionListUsers": "Benutzer auflisten", + "actionAddUserRole": "Benutzerrolle hinzufügen", + "actionGenerateAccessToken": "Zugriffstoken generieren", + "actionDeleteAccessToken": "Zugriffstoken löschen", + "actionListAccessTokens": "Zugriffstoken auflisten", + "actionCreateResourceRule": "Ressourcenregel erstellen", + "actionDeleteResourceRule": "Ressourcenregel löschen", + "actionListResourceRules": "Ressourcenregeln auflisten", + "actionUpdateResourceRule": "Ressourcenregel aktualisieren", + "actionListOrgs": "Organisationen auflisten", + "actionCheckOrgId": "ID prüfen", + "actionCreateOrg": "Organisation erstellen", + "actionDeleteOrg": "Organisation löschen", + "actionListApiKeys": "API-Schlüssel auflisten", + "actionListApiKeyActions": "API-Schlüsselaktionen auflisten", + "actionSetApiKeyActions": "Erlaubte API-Schlüsselaktionen festlegen", + "actionCreateApiKey": "API-Schlüssel erstellen", + "actionDeleteApiKey": "API-Schlüssel löschen", + "actionCreateIdp": "IDP erstellen", + "actionUpdateIdp": "IDP aktualisieren", + "actionDeleteIdp": "IDP löschen", + "actionListIdps": "IDP auflisten", + "actionGetIdp": "IDP abrufen", + "actionCreateIdpOrg": "IDP-Organisationsrichtlinie erstellen", + "actionDeleteIdpOrg": "IDP-Organisationsrichtlinie löschen", + "actionListIdpOrgs": "IDP-Organisationen auflisten", + "actionUpdateIdpOrg": "IDP-Organisation aktualisieren", + "actionCreateClient": "Kunde erstellen", + "actionDeleteClient": "Kunde löschen", + "actionUpdateClient": "Kunde aktualisieren", + "actionListClients": "Kunden auflisten", + "actionGetClient": "Kunde holen", + "actionCreateSiteResource": "Site-Ressource erstellen", + "actionDeleteSiteResource": "Site-Ressource löschen", + "actionGetSiteResource": "Site-Ressource abrufen", + "actionListSiteResources": "Site-Ressourcen auflisten", + "actionUpdateSiteResource": "Site-Ressource aktualisieren", + "actionListInvitations": "Einladungen auflisten", + "noneSelected": "Keine ausgewählt", + "orgNotFound2": "Keine Organisationen gefunden.", + "searchProgress": "Suche...", + "create": "Erstellen", + "orgs": "Organisationen", + "loginError": "Beim Anmelden ist ein Fehler aufgetreten", + "passwordForgot": "Passwort vergessen?", + "otpAuth": "Zwei-Faktor-Authentifizierung", + "otpAuthDescription": "Geben Sie den Code aus Ihrer Authenticator-App oder einen Ihrer einmaligen Backup-Codes ein.", + "otpAuthSubmit": "Code absenden", + "idpContinue": "Oder weiter mit", + "otpAuthBack": "Zurück zur Anmeldung", + "navbar": "Navigationsmenü", + "navbarDescription": "Hauptnavigationsmenü für die Anwendung", + "navbarDocsLink": "Dokumentation", + "commercialEdition": "Kommerzielle Edition", + "otpErrorEnable": "2FA konnte nicht aktiviert werden", + "otpErrorEnableDescription": "Beim Aktivieren der 2FA ist ein Fehler aufgetreten", + "otpSetupCheckCode": "Bitte geben Sie einen 6-stelligen Code ein", + "otpSetupCheckCodeRetry": "Ungültiger Code. Bitte versuchen Sie es erneut.", + "otpSetup": "Zwei-Faktor-Authentifizierung aktivieren", + "otpSetupDescription": "Sichern Sie Ihr Konto mit einer zusätzlichen Schutzebene", + "otpSetupScanQr": "Scannen Sie diesen QR-Code mit Ihrer Authenticator-App oder geben Sie den Geheimschlüssel manuell ein:", + "otpSetupSecretCode": "Authenticator-Code", + "otpSetupSuccess": "Zwei-Faktor-Authentifizierung aktiviert", + "otpSetupSuccessStoreBackupCodes": "Ihr Konto ist jetzt sicherer. Vergessen Sie nicht, Ihre Backup-Codes zu speichern.", + "otpErrorDisable": "2FA konnte nicht deaktiviert werden", + "otpErrorDisableDescription": "Beim Deaktivieren der 2FA ist ein Fehler aufgetreten", + "otpRemove": "Zwei-Faktor-Authentifizierung deaktivieren", + "otpRemoveDescription": "Deaktivieren Sie die Zwei-Faktor-Authentifizierung für Ihr Konto", + "otpRemoveSuccess": "Zwei-Faktor-Authentifizierung deaktiviert", + "otpRemoveSuccessMessage": "Die Zwei-Faktor-Authentifizierung wurde für Ihr Konto deaktiviert. Sie können sie jederzeit wieder aktivieren.", + "otpRemoveSubmit": "2FA deaktivieren", + "paginator": "Seite {current} von {last}", + "paginatorToFirst": "Zur ersten Seite", + "paginatorToPrevious": "Zur vorherigen Seite", + "paginatorToNext": "Zur nächsten Seite", + "paginatorToLast": "Zur letzten Seite", + "copyText": "Text kopieren", + "copyTextFailed": "Text konnte nicht kopiert werden: ", + "copyTextClipboard": "In die Zwischenablage kopieren", + "inviteErrorInvalidConfirmation": "Ungültige Bestätigung", + "passwordRequired": "Passwort ist erforderlich", + "allowAll": "Alle erlauben", + "permissionsAllowAll": "Alle Berechtigungen erlauben", + "githubUsernameRequired": "GitHub-Benutzername ist erforderlich", + "supportKeyRequired": "Unterstützer-Schlüssel ist erforderlich", + "passwordRequirementsChars": "Das Passwort muss mindestens 8 Zeichen lang sein", + "language": "Sprache", + "verificationCodeRequired": "Code ist erforderlich", + "userErrorNoUpdate": "Kein Benutzer zum Aktualisieren", + "siteErrorNoUpdate": "Keine Standorte zum Aktualisieren", + "resourceErrorNoUpdate": "Keine Ressource zum Aktualisieren", + "authErrorNoUpdate": "Keine Auth-Informationen zum Aktualisieren", + "orgErrorNoUpdate": "Keine Organisation zum Aktualisieren", + "orgErrorNoProvided": "Keine Organisation angegeben", + "apiKeysErrorNoUpdate": "Kein API-Schlüssel zum Aktualisieren", + "sidebarOverview": "Übersicht", + "sidebarHome": "Zuhause", + "sidebarSites": "Standorte", + "sidebarResources": "Ressourcen", + "sidebarAccessControl": "Zugriffskontrolle", + "sidebarUsers": "Benutzer", + "sidebarInvitations": "Einladungen", + "sidebarRoles": "Rollen", + "sidebarShareableLinks": "Teilbare Links", + "sidebarApiKeys": "API-Schlüssel", + "sidebarSettings": "Einstellungen", + "sidebarAllUsers": "Alle Benutzer", + "sidebarIdentityProviders": "Identitätsanbieter", + "sidebarLicense": "Lizenz", + "sidebarClients": "Clients (Beta)", + "sidebarDomains": "Domains", + "enableDockerSocket": "Docker Socket aktivieren", + "enableDockerSocketDescription": "Docker Socket-Erkennung aktivieren, um Container-Informationen zu befüllen. Socket-Pfad muss Newt bereitgestellt werden.", + "enableDockerSocketLink": "Mehr erfahren", + "viewDockerContainers": "Docker Container anzeigen", + "containersIn": "Container in {siteName}", + "selectContainerDescription": "Wählen Sie einen Container, der als Hostname für dieses Ziel verwendet werden soll. Klicken Sie auf einen Port, um einen Port zu verwenden.", + "containerName": "Name", + "containerImage": "Bild", + "containerState": "Bundesland", + "containerNetworks": "Netzwerke", + "containerHostnameIp": "Hostname/IP", + "containerLabels": "Etiketten", + "containerLabelsCount": "{count, plural, one {# Etikett} other {# Etiketten}}", + "containerLabelsTitle": "Container-Labels", + "containerLabelEmpty": "", + "containerPorts": "Häfen", + "containerPortsMore": "+{count} mehr", + "containerActions": "Aktionen", + "select": "Auswählen", + "noContainersMatchingFilters": "Es wurden keine Container gefunden, die den aktuellen Filtern entsprechen.", + "showContainersWithoutPorts": "Container ohne Ports anzeigen", + "showStoppedContainers": "Stoppte Container anzeigen", + "noContainersFound": "Keine Container gefunden. Stellen Sie sicher, dass Docker Container laufen.", + "searchContainersPlaceholder": "Durchsuche {count} Container...", + "searchResultsCount": "{count, plural, one {# Ergebnis} other {# Ergebnisse}}", + "filters": "Filter", + "filterOptions": "Filteroptionen", + "filterPorts": "Häfen", + "filterStopped": "Stoppt", + "clearAllFilters": "Alle Filter löschen", + "columns": "Spalten", + "toggleColumns": "Spalten umschalten", + "refreshContainersList": "Container-Liste aktualisieren", + "searching": "Suche...", + "noContainersFoundMatching": "Keine Container gefunden mit \"{filter}\".", + "light": "hell", + "dark": "dunkel", + "system": "System", + "theme": "Design", + "subnetRequired": "Subnetz ist erforderlich", + "initialSetupTitle": "Initial Einrichtung des Servers", + "initialSetupDescription": "Erstellen Sie das initiale Server-Admin-Konto. Es kann nur einen Server-Admin geben. Sie können diese Anmeldedaten später immer ändern.", + "createAdminAccount": "Admin-Konto erstellen", + "setupErrorCreateAdmin": "Beim Erstellen des Server-Admin-Kontos ist ein Fehler aufgetreten.", + "certificateStatus": "Zertifikatsstatus", + "loading": "Laden", + "restart": "Neustart", + "domains": "Domains", + "domainsDescription": "Domains für Ihre Organisation verwalten", + "domainsSearch": "Domains durchsuchen...", + "domainAdd": "Domain hinzufügen", + "domainAddDescription": "Eine neue Domain in Ihrer Organisation registrieren", + "domainCreate": "Domain erstellen", + "domainCreatedDescription": "Domain erfolgreich erstellt", + "domainDeletedDescription": "Domain erfolgreich gelöscht", + "domainQuestionRemove": "Möchten Sie die Domain {domain} wirklich aus Ihrem Konto entfernen?", + "domainMessageRemove": "Nach dem Entfernen wird die Domain nicht mehr mit Ihrem Konto verknüpft.", + "domainMessageConfirm": "Um zu bestätigen, geben Sie bitte den Domainnamen unten ein.", + "domainConfirmDelete": "Domain-Löschung bestätigen", + "domainDelete": "Domain löschen", + "domain": "Domain", + "selectDomainTypeNsName": "Domain-Delegation (NS)", + "selectDomainTypeNsDescription": "Diese Domain und alle ihre Subdomains. Verwenden Sie dies, wenn Sie eine gesamte Domainzone kontrollieren möchten.", + "selectDomainTypeCnameName": "Einzelne Domain (CNAME)", + "selectDomainTypeCnameDescription": "Nur diese spezifische Domain. Verwenden Sie dies für einzelne Subdomains oder spezifische Domaineinträge.", + "selectDomainTypeWildcardName": "Wildcard-Domain", + "selectDomainTypeWildcardDescription": "Diese Domain und ihre Subdomains.", + "domainDelegation": "Einzelne Domain", + "selectType": "Typ auswählen", + "actions": "Aktionen", + "refresh": "Aktualisieren", + "refreshError": "Datenaktualisierung fehlgeschlagen", + "verified": "Verifiziert", + "pending": "Ausstehend", + "sidebarBilling": "Abrechnung", + "billing": "Abrechnung", + "orgBillingDescription": "Verwalten Sie Ihre Rechnungsinformationen und Abonnements", + "github": "GitHub", + "pangolinHosted": "Pangolin Hosted", + "fossorial": "Fossorial", + "completeAccountSetup": "Kontoeinrichtung abschließen", + "completeAccountSetupDescription": "Legen Sie Ihr Passwort fest, um zu beginnen", + "accountSetupSent": "Wir senden einen Code für die Kontoeinrichtung an diese E-Mail-Adresse.", + "accountSetupCode": "Einrichtungscode", + "accountSetupCodeDescription": "Prüfen Sie Ihre E-Mail auf den Einrichtungscode.", + "passwordCreate": "Passwort erstellen", + "passwordCreateConfirm": "Passwort bestätigen", + "accountSetupSubmit": "Einrichtungscode senden", + "completeSetup": "Einrichtung abschließen", + "accountSetupSuccess": "Kontoeinrichtung abgeschlossen! Willkommen bei Pangolin!", + "documentation": "Dokumentation", + "saveAllSettings": "Alle Einstellungen speichern", + "settingsUpdated": "Einstellungen aktualisiert", + "settingsUpdatedDescription": "Alle Einstellungen wurden erfolgreich aktualisiert", + "settingsErrorUpdate": "Einstellungen konnten nicht aktualisiert werden", + "settingsErrorUpdateDescription": "Beim Aktualisieren der Einstellungen ist ein Fehler aufgetreten", + "sidebarCollapse": "Zusammenklappen", + "sidebarExpand": "Erweitern", + "newtUpdateAvailable": "Update verfügbar", + "newtUpdateAvailableInfo": "Eine neue Version von Newt ist verfügbar. Bitte aktualisieren Sie auf die neueste Version für das beste Erlebnis.", + "domainPickerEnterDomain": "Domain", + "domainPickerPlaceholder": "myapp.example.com, api.v1.mydomain.com, oder einfach myapp", + "domainPickerDescription": "Geben Sie die vollständige Domäne der Ressource ein, um verfügbare Optionen zu sehen.", + "domainPickerDescriptionSaas": "Geben Sie eine vollständige Domäne, Subdomäne oder einfach einen Namen ein, um verfügbare Optionen zu sehen", + "domainPickerTabAll": "Alle", + "domainPickerTabOrganization": "Organisation", + "domainPickerTabProvided": "Bereitgestellt", + "domainPickerSortAsc": "A-Z", + "domainPickerSortDesc": "Z-A", + "domainPickerCheckingAvailability": "Verfügbarkeit prüfen...", + "domainPickerNoMatchingDomains": "Keine passenden Domains gefunden. Versuchen Sie es mit einer anderen Domain oder überprüfen Sie die Domain-Einstellungen Ihrer Organisation.", + "domainPickerOrganizationDomains": "Organisations-Domains", + "domainPickerProvidedDomains": "Bereitgestellte Domains", + "domainPickerSubdomain": "Subdomain: {subdomain}", + "domainPickerNamespace": "Namespace: {namespace}", + "domainPickerShowMore": "Mehr anzeigen", + "domainNotFound": "Domain nicht gefunden", + "domainNotFoundDescription": "Diese Ressource ist deaktiviert, weil die Domain nicht mehr in unserem System existiert. Bitte setzen Sie eine neue Domain für diese Ressource.", + "failed": "Fehlgeschlagen", + "createNewOrgDescription": "Eine neue Organisation erstellen", + "organization": "Organisation", + "port": "Port", + "securityKeyManage": "Sicherheitsschlüssel verwalten", + "securityKeyDescription": "Sicherheitsschlüssel für passwortlose Authentifizierung hinzufügen oder entfernen", + "securityKeyRegister": "Neuen Sicherheitsschlüssel registrieren", + "securityKeyList": "Ihre Sicherheitsschlüssel", + "securityKeyNone": "Noch keine Sicherheitsschlüssel registriert", + "securityKeyNameRequired": "Name ist erforderlich", + "securityKeyRemove": "Entfernen", + "securityKeyLastUsed": "Zuletzt verwendet: {date}", + "securityKeyNameLabel": "Name", + "securityKeyRegisterSuccess": "Sicherheitsschlüssel erfolgreich registriert", + "securityKeyRegisterError": "Fehler beim Registrieren des Sicherheitsschlüssels", + "securityKeyRemoveSuccess": "Sicherheitsschlüssel erfolgreich entfernt", + "securityKeyRemoveError": "Fehler beim Entfernen des Sicherheitsschlüssels", + "securityKeyLoadError": "Fehler beim Laden der Sicherheitsschlüssel", + "securityKeyLogin": "Mit dem Sicherheitsschlüssel fortfahren", + "securityKeyAuthError": "Fehler bei der Authentifizierung mit Sicherheitsschlüssel", + "securityKeyRecommendation": "Erwägen Sie die Registrierung eines weiteren Sicherheitsschlüssels auf einem anderen Gerät, um sicherzustellen, dass Sie sich nicht aus Ihrem Konto aussperren.", + "registering": "Registrierung...", + "securityKeyPrompt": "Bitte bestätigen Sie Ihre Identität mit Ihrem Sicherheitsschlüssel. Stellen Sie sicher, dass Ihr Sicherheitsschlüssel verbunden und einsatzbereit ist.", + "securityKeyBrowserNotSupported": "Ihr Browser unterstützt Sicherheitsschlüssel nicht. Bitte verwenden Sie einen modernen Browser wie Chrome, Firefox oder Safari.", + "securityKeyPermissionDenied": "Bitte erlauben Sie den Zugriff auf Ihren Sicherheitsschlüssel, um sich weiter anzumelden.", + "securityKeyRemovedTooQuickly": "Lassen Sie Ihren Sicherheitsschlüssel verbunden, bis der Anmeldeprozess abgeschlossen ist.", + "securityKeyNotSupported": "Ihr Sicherheitsschlüssel ist möglicherweise nicht kompatibel. Bitte versuchen Sie einen anderen Sicherheitsschlüssel.", + "securityKeyUnknownError": "Es gab ein Problem mit Ihrem Sicherheitsschlüssel. Bitte versuchen Sie es erneut.", + "twoFactorRequired": "Zur Registrierung eines Sicherheitsschlüssels ist eine Zwei-Faktor-Authentifizierung erforderlich.", + "twoFactor": "Zwei-Faktor-Authentifizierung", + "adminEnabled2FaOnYourAccount": "Ihr Administrator hat die Zwei-Faktor-Authentifizierung für {email} aktiviert. Bitte schließen Sie den Einrichtungsprozess ab, um fortzufahren.", + "continueToApplication": "Weiter zur Anwendung", + "securityKeyAdd": "Sicherheitsschlüssel hinzufügen", + "securityKeyRegisterTitle": "Neuen Sicherheitsschlüssel registrieren", + "securityKeyRegisterDescription": "Verbinden Sie Ihren Sicherheitsschlüssel und geben Sie einen Namen ein, um ihn zu identifizieren", + "securityKeyTwoFactorRequired": "Zwei-Faktor-Authentifizierung erforderlich", + "securityKeyTwoFactorDescription": "Bitte geben Sie Ihren Zwei-Faktor-Authentifizierungscode ein, um den Sicherheitsschlüssel zu registrieren", + "securityKeyTwoFactorRemoveDescription": "Bitte geben Sie Ihren Zwei-Faktor-Authentifizierungscode ein, um den Sicherheitsschlüssel zu entfernen", + "securityKeyTwoFactorCode": "Zwei-Faktor-Code", + "securityKeyRemoveTitle": "Sicherheitsschlüssel entfernen", + "securityKeyRemoveDescription": "Geben Sie Ihr Passwort ein, um den Sicherheitsschlüssel \"{name}\" zu entfernen", + "securityKeyNoKeysRegistered": "Keine Sicherheitsschlüssel registriert", + "securityKeyNoKeysDescription": "Fügen Sie einen Sicherheitsschlüssel hinzu, um die Sicherheit Ihres Kontos zu erhöhen", + "createDomainRequired": "Domain ist erforderlich", + "createDomainAddDnsRecords": "DNS-Einträge hinzufügen", + "createDomainAddDnsRecordsDescription": "Fügen Sie die folgenden DNS-Einträge zu Ihrem Domain-Provider hinzu, um die Einrichtung abzuschließen.", + "createDomainNsRecords": "NS-Einträge", + "createDomainRecord": "Eintrag", + "createDomainType": "Typ:", + "createDomainName": "Name:", + "createDomainValue": "Wert:", + "createDomainCnameRecords": "CNAME-Einträge", + "createDomainARecords": "A-Aufzeichnungen", + "createDomainRecordNumber": "Eintrag {number}", + "createDomainTxtRecords": "TXT-Einträge", + "createDomainSaveTheseRecords": "Diese Einträge speichern", + "createDomainSaveTheseRecordsDescription": "Achten Sie darauf, diese DNS-Einträge zu speichern, da Sie sie nicht erneut sehen werden.", + "createDomainDnsPropagation": "DNS-Verbreitung", + "createDomainDnsPropagationDescription": "Es kann einige Zeit dauern, bis DNS-Änderungen im Internet verbreitet werden. Dies kann je nach Ihrem DNS-Provider und den TTL-Einstellungen von einigen Minuten bis zu 48 Stunden dauern.", + "resourcePortRequired": "Portnummer ist für nicht-HTTP-Ressourcen erforderlich", + "resourcePortNotAllowed": "Portnummer sollte für HTTP-Ressourcen nicht gesetzt werden", + "signUpTerms": { + "IAgreeToThe": "Ich stimme den", + "termsOfService": "Nutzungsbedingungen zu", + "and": "und", + "privacyPolicy": "Datenschutzrichtlinie" + }, + "siteRequired": "Standort ist erforderlich.", + "olmTunnel": "Olm Tunnel", + "olmTunnelDescription": "Nutzen Sie Olm für die Kundenverbindung", + "errorCreatingClient": "Fehler beim Erstellen des Clients", + "clientDefaultsNotFound": "Kundenvorgaben nicht gefunden", + "createClient": "Client erstellen", + "createClientDescription": "Erstellen Sie einen neuen Client für die Verbindung zu Ihren Standorten.", + "seeAllClients": "Alle Clients anzeigen", + "clientInformation": "Kundeninformationen", + "clientNamePlaceholder": "Kundenname", + "address": "Adresse", + "subnetPlaceholder": "Subnetz", + "addressDescription": "Die Adresse, die dieser Client für die Verbindung verwenden wird.", + "selectSites": "Standorte auswählen", + "sitesDescription": "Der Client wird zu den ausgewählten Standorten eine Verbindung haben.", + "clientInstallOlm": "Olm installieren", + "clientInstallOlmDescription": "Olm auf Ihrem System zum Laufen bringen", + "clientOlmCredentials": "Olm-Zugangsdaten", + "clientOlmCredentialsDescription": "So authentifiziert sich Olm beim Server", + "olmEndpoint": "Olm-Endpunkt", + "olmId": "Olm-ID", + "olmSecretKey": "Olm-Geheimschlüssel", + "clientCredentialsSave": "Speichern Sie Ihre Zugangsdaten", + "clientCredentialsSaveDescription": "Sie können dies nur einmal sehen. Kopieren Sie es an einen sicheren Ort.", + "generalSettingsDescription": "Konfigurieren Sie die allgemeinen Einstellungen für diesen Client", + "clientUpdated": "Client aktualisiert", + "clientUpdatedDescription": "Der Client wurde aktualisiert.", + "clientUpdateFailed": "Fehler beim Aktualisieren des Clients", + "clientUpdateError": "Beim Aktualisieren des Clients ist ein Fehler aufgetreten.", + "sitesFetchFailed": "Fehler beim Abrufen von Standorten", + "sitesFetchError": "Beim Abrufen von Standorten ist ein Fehler aufgetreten.", + "olmErrorFetchReleases": "Beim Abrufen von Olm-Veröffentlichungen ist ein Fehler aufgetreten.", + "olmErrorFetchLatest": "Beim Abrufen der neuesten Olm-Veröffentlichung ist ein Fehler aufgetreten.", + "remoteSubnets": "Remote-Subnetze", + "enterCidrRange": "Geben Sie den CIDR-Bereich ein", + "remoteSubnetsDescription": "Fügen Sie CIDR-Bereiche hinzu, die über Clients von dieser Site aus remote zugänglich sind. Verwenden Sie ein Format wie 10.0.0.0/24. Dies gilt NUR für die VPN-Client-Konnektivität.", + "resourceEnableProxy": "Öffentlichen Proxy aktivieren", + "resourceEnableProxyDescription": "Ermöglichen Sie öffentliches Proxieren zu dieser Ressource. Dies ermöglicht den Zugriff auf die Ressource von außerhalb des Netzwerks durch die Cloud über einen offenen Port. Erfordert Traefik-Config.", + "externalProxyEnabled": "Externer Proxy aktiviert", + "addNewTarget": "Neues Ziel hinzufügen", + "targetsList": "Ziel-Liste", + "targetErrorDuplicateTargetFound": "Doppeltes Ziel gefunden", + "httpMethod": "HTTP-Methode", + "selectHttpMethod": "HTTP-Methode auswählen", + "domainPickerSubdomainLabel": "Subdomain", + "domainPickerBaseDomainLabel": "Basisdomäne", + "domainPickerSearchDomains": "Domains suchen...", + "domainPickerNoDomainsFound": "Keine Domains gefunden", + "domainPickerLoadingDomains": "Domains werden geladen...", + "domainPickerSelectBaseDomain": "Basisdomäne auswählen...", + "domainPickerNotAvailableForCname": "Für CNAME-Domains nicht verfügbar", + "domainPickerEnterSubdomainOrLeaveBlank": "Geben Sie eine Subdomain ein oder lassen Sie das Feld leer, um die Basisdomäne zu verwenden.", + "domainPickerEnterSubdomainToSearch": "Geben Sie eine Subdomain ein, um verfügbare freie Domains zu suchen und auszuwählen.", + "domainPickerFreeDomains": "Freie Domains", + "domainPickerSearchForAvailableDomains": "Verfügbare Domains suchen", + "resourceDomain": "Domain", + "resourceEditDomain": "Domain bearbeiten", + "siteName": "Site-Name", + "proxyPort": "Port", + "resourcesTableProxyResources": "Proxy-Ressourcen", + "resourcesTableClientResources": "Client-Ressourcen", + "resourcesTableNoProxyResourcesFound": "Keine Proxy-Ressourcen gefunden.", + "resourcesTableNoInternalResourcesFound": "Keine internen Ressourcen gefunden.", + "resourcesTableDestination": "Ziel", + "resourcesTableTheseResourcesForUseWith": "Diese Ressourcen sind zur Verwendung mit", + "resourcesTableClients": "Kunden", + "resourcesTableAndOnlyAccessibleInternally": "und sind nur intern zugänglich, wenn mit einem Client verbunden.", + "editInternalResourceDialogEditClientResource": "Client-Ressource bearbeiten", + "editInternalResourceDialogUpdateResourceProperties": "Aktualisieren Sie die Ressourceneigenschaften und die Zielkonfiguration für {resourceName}.", + "editInternalResourceDialogResourceProperties": "Ressourceneigenschaften", + "editInternalResourceDialogName": "Name", + "editInternalResourceDialogProtocol": "Protokoll", + "editInternalResourceDialogSitePort": "Site-Port", + "editInternalResourceDialogTargetConfiguration": "Zielkonfiguration", + "editInternalResourceDialogDestinationIP": "Ziel-IP", + "editInternalResourceDialogDestinationPort": "Ziel-Port", + "editInternalResourceDialogCancel": "Abbrechen", + "editInternalResourceDialogSaveResource": "Ressource speichern", + "editInternalResourceDialogSuccess": "Erfolg", + "editInternalResourceDialogInternalResourceUpdatedSuccessfully": "Interne Ressource erfolgreich aktualisiert", + "editInternalResourceDialogError": "Fehler", + "editInternalResourceDialogFailedToUpdateInternalResource": "Interne Ressource konnte nicht aktualisiert werden", + "editInternalResourceDialogNameRequired": "Name ist erforderlich", + "editInternalResourceDialogNameMaxLength": "Der Name darf nicht länger als 255 Zeichen sein", + "editInternalResourceDialogProxyPortMin": "Proxy-Port muss mindestens 1 sein", + "editInternalResourceDialogProxyPortMax": "Proxy-Port muss kleiner als 65536 sein", + "editInternalResourceDialogInvalidIPAddressFormat": "Ungültiges IP-Adressformat", + "editInternalResourceDialogDestinationPortMin": "Ziel-Port muss mindestens 1 sein", + "editInternalResourceDialogDestinationPortMax": "Ziel-Port muss kleiner als 65536 sein", + "createInternalResourceDialogNoSitesAvailable": "Keine Sites verfügbar", + "createInternalResourceDialogNoSitesAvailableDescription": "Sie müssen mindestens eine Newt-Site mit einem konfigurierten Subnetz haben, um interne Ressourcen zu erstellen.", + "createInternalResourceDialogClose": "Schließen", + "createInternalResourceDialogCreateClientResource": "Ressource erstellen", + "createInternalResourceDialogCreateClientResourceDescription": "Erstellen Sie eine neue Ressource, die für Clients zugänglich ist, die mit der ausgewählten Site verbunden sind.", + "createInternalResourceDialogResourceProperties": "Ressourceneigenschaften", + "createInternalResourceDialogName": "Name", + "createInternalResourceDialogSite": "Standort", + "createInternalResourceDialogSelectSite": "Standort auswählen...", + "createInternalResourceDialogSearchSites": "Sites durchsuchen...", + "createInternalResourceDialogNoSitesFound": "Keine Standorte gefunden.", + "createInternalResourceDialogProtocol": "Protokoll", + "createInternalResourceDialogTcp": "TCP", + "createInternalResourceDialogUdp": "UDP", + "createInternalResourceDialogSitePort": "Site-Port", + "createInternalResourceDialogSitePortDescription": "Verwenden Sie diesen Port, um bei Verbindung mit einem Client auf die Ressource an der Site zuzugreifen.", + "createInternalResourceDialogTargetConfiguration": "Zielkonfiguration", + "createInternalResourceDialogDestinationIP": "Ziel-IP", + "createInternalResourceDialogDestinationIPDescription": "Die IP-Adresse der Ressource im Netzwerkstandort der Site.", + "createInternalResourceDialogDestinationPort": "Ziel-Port", + "createInternalResourceDialogDestinationPortDescription": "Der Port auf der Ziel-IP, unter dem die Ressource zugänglich ist.", + "createInternalResourceDialogCancel": "Abbrechen", + "createInternalResourceDialogCreateResource": "Ressource erstellen", + "createInternalResourceDialogSuccess": "Erfolg", + "createInternalResourceDialogInternalResourceCreatedSuccessfully": "Interne Ressource erfolgreich erstellt", + "createInternalResourceDialogError": "Fehler", + "createInternalResourceDialogFailedToCreateInternalResource": "Interne Ressource konnte nicht erstellt werden", + "createInternalResourceDialogNameRequired": "Name ist erforderlich", + "createInternalResourceDialogNameMaxLength": "Der Name darf nicht länger als 255 Zeichen sein", + "createInternalResourceDialogPleaseSelectSite": "Bitte wählen Sie eine Site aus", + "createInternalResourceDialogProxyPortMin": "Proxy-Port muss mindestens 1 sein", + "createInternalResourceDialogProxyPortMax": "Proxy-Port muss kleiner als 65536 sein", + "createInternalResourceDialogInvalidIPAddressFormat": "Ungültiges IP-Adressformat", + "createInternalResourceDialogDestinationPortMin": "Ziel-Port muss mindestens 1 sein", + "createInternalResourceDialogDestinationPortMax": "Ziel-Port muss kleiner als 65536 sein", + "siteConfiguration": "Konfiguration", + "siteAcceptClientConnections": "Clientverbindungen akzeptieren", + "siteAcceptClientConnectionsDescription": "Erlauben Sie anderen Geräten, über diese Newt-Instanz mit Clients als Gateway zu verbinden.", + "siteAddress": "Site-Adresse", + "siteAddressDescription": "Geben Sie die IP-Adresse des Hosts an, mit dem sich die Clients verbinden sollen. Dies ist die interne Adresse der Site im Pangolin-Netzwerk, die von Clients angesprochen werden muss. Muss innerhalb des Unternehmens-Subnetzes liegen.", + "autoLoginExternalIdp": "Automatische Anmeldung mit externem IDP", + "autoLoginExternalIdpDescription": "Leiten Sie den Benutzer sofort zur Authentifizierung an den externen IDP weiter.", + "selectIdp": "IDP auswählen", + "selectIdpPlaceholder": "Wählen Sie einen IDP...", + "selectIdpRequired": "Bitte wählen Sie einen IDP aus, wenn automatische Anmeldung aktiviert ist.", + "autoLoginTitle": "Weiterleitung", + "autoLoginDescription": "Sie werden zum externen Identitätsanbieter zur Authentifizierung weitergeleitet.", + "autoLoginProcessing": "Authentifizierung vorbereiten...", + "autoLoginRedirecting": "Weiterleitung zur Anmeldung...", + "autoLoginError": "Fehler bei der automatischen Anmeldung", + "autoLoginErrorNoRedirectUrl": "Keine Weiterleitungs-URL vom Identitätsanbieter erhalten.", + "autoLoginErrorGeneratingUrl": "Fehler beim Generieren der Authentifizierungs-URL.", + "managedSelfHosted": { + "title": "Verwaltetes Selbsthosted", + "description": "Zuverlässiger und wartungsarmer Pangolin Server mit zusätzlichen Glocken und Pfeifen", + "introTitle": "Verwalteter selbstgehosteter Pangolin", + "introDescription": "ist eine Deployment-Option, die für Personen konzipiert wurde, die Einfachheit und zusätzliche Zuverlässigkeit wünschen, während sie ihre Daten privat und selbstgehostet halten.", + "introDetail": "Mit dieser Option haben Sie immer noch Ihren eigenen Pangolin-Knoten – Ihre Tunnel, SSL-Terminierung und Traffic bleiben auf Ihrem Server. Der Unterschied besteht darin, dass Verwaltung und Überwachung über unser Cloud-Dashboard abgewickelt werden, das eine Reihe von Vorteilen freischaltet:", + "benefitSimplerOperations": { + "title": "Einfachere Operationen", + "description": "Sie brauchen keinen eigenen Mail-Server auszuführen oder komplexe Warnungen einzurichten. Sie erhalten Gesundheitschecks und Ausfallwarnungen aus dem Box." + }, + "benefitAutomaticUpdates": { + "title": "Automatische Updates", + "description": "Das Cloud-Dashboard entwickelt sich schnell, so dass Sie neue Funktionen und Fehlerbehebungen erhalten, ohne jedes Mal neue Container manuell ziehen zu müssen." + }, + "benefitLessMaintenance": { + "title": "Weniger Wartung", + "description": "Keine Datenbankmigrationen, Sicherungen oder zusätzliche Infrastruktur zum Verwalten. Wir kümmern uns um das in der Cloud." + }, + "benefitCloudFailover": { + "title": "Cloud-Ausfall", + "description": "Wenn Ihr Knoten runtergeht, können Ihre Tunnel vorübergehend an unsere Cloud-Punkte scheitern, bis Sie ihn wieder online bringen." + }, + "benefitHighAvailability": { + "title": "Hohe Verfügbarkeit (PoPs)", + "description": "Sie können auch mehrere Knoten an Ihr Konto anhängen, um Redundanz und bessere Leistung zu erzielen." + }, + "benefitFutureEnhancements": { + "title": "Zukünftige Verbesserungen", + "description": "Wir planen weitere Analyse-, Alarm- und Management-Tools hinzuzufügen, um Ihren Einsatz noch robuster zu machen." + }, + "docsAlert": { + "text": "Erfahren Sie mehr über die Managed Self-Hosted Option in unserer", + "documentation": "dokumentation" + }, + "convertButton": "Diesen Knoten in Managed Self-Hosted umwandeln" + }, + "internationaldomaindetected": "Internationale Domain erkannt", + "willbestoredas": "Wird gespeichert als:" +} diff --git a/messages/en-US.json b/messages/en-US.json new file mode 100644 index 00000000..d238f73c --- /dev/null +++ b/messages/en-US.json @@ -0,0 +1,1500 @@ +{ + "setupCreate": "Create your organization, site, and resources", + "setupNewOrg": "New Organization", + "setupCreateOrg": "Create Organization", + "setupCreateResources": "Create Resources", + "setupOrgName": "Organization Name", + "orgDisplayName": "This is the display name of your organization.", + "orgId": "Organization ID", + "setupIdentifierMessage": "This is the unique identifier for your organization. This is separate from the display name.", + "setupErrorIdentifier": "Organization ID is already taken. Please choose a different one.", + "componentsErrorNoMemberCreate": "You are not currently a member of any organizations. Create an organization to get started.", + "componentsErrorNoMember": "You are not currently a member of any organizations.", + "welcome": "Welcome!", + "welcomeTo": "Welcome to", + "componentsCreateOrg": "Create an Organization", + "componentsMember": "You're a member of {count, plural, =0 {no organization} one {one organization} other {# organizations}}.", + "componentsInvalidKey": "Invalid or expired license keys detected. Follow license terms to continue using all features.", + "dismiss": "Dismiss", + "componentsLicenseViolation": "License Violation: This server is using {usedSites} sites which exceeds its licensed limit of {maxSites} sites. Follow license terms to continue using all features.", + "componentsSupporterMessage": "Thank you for supporting Pangolin as a {tier}!", + "inviteErrorNotValid": "We're sorry, but it looks like the invite you're trying to access has not been accepted or is no longer valid.", + "inviteErrorUser": "We're sorry, but it looks like the invite you're trying to access is not for this user.", + "inviteLoginUser": "Please make sure you're logged in as the correct user.", + "inviteErrorNoUser": "We're sorry, but it looks like the invite you're trying to access is not for a user that exists.", + "inviteCreateUser": "Please create an account first.", + "goHome": "Go Home", + "inviteLogInOtherUser": "Log In as a Different User", + "createAnAccount": "Create an Account", + "inviteNotAccepted": "Invite Not Accepted", + "authCreateAccount": "Create an account to get started", + "authNoAccount": "Don't have an account?", + "email": "Email", + "password": "Password", + "confirmPassword": "Confirm Password", + "createAccount": "Create Account", + "viewSettings": "View settings", + "delete": "Delete", + "name": "Name", + "online": "Online", + "offline": "Offline", + "site": "Site", + "dataIn": "Data In", + "dataOut": "Data Out", + "connectionType": "Connection Type", + "tunnelType": "Tunnel Type", + "local": "Local", + "edit": "Edit", + "siteConfirmDelete": "Confirm Delete Site", + "siteDelete": "Delete Site", + "siteMessageRemove": "Once removed, the site will no longer be accessible. All resources and targets associated with the site will also be removed.", + "siteMessageConfirm": "To confirm, please type the name of the site below.", + "siteQuestionRemove": "Are you sure you want to remove the site {selectedSite} from the organization?", + "siteManageSites": "Manage Sites", + "siteDescription": "Allow connectivity to your network through secure tunnels", + "siteCreate": "Create Site", + "siteCreateDescription2": "Follow the steps below to create and connect a new site", + "siteCreateDescription": "Create a new site to start connecting your resources", + "close": "Close", + "siteErrorCreate": "Error creating site", + "siteErrorCreateKeyPair": "Key pair or site defaults not found", + "siteErrorCreateDefaults": "Site defaults not found", + "method": "Method", + "siteMethodDescription": "This is how you will expose connections.", + "siteLearnNewt": "Learn how to install Newt on your system", + "siteSeeConfigOnce": "You will only be able to see the configuration once.", + "siteLoadWGConfig": "Loading WireGuard configuration...", + "siteDocker": "Expand for Docker Deployment Details", + "toggle": "Toggle", + "dockerCompose": "Docker Compose", + "dockerRun": "Docker Run", + "siteLearnLocal": "Local sites do not tunnel, learn more", + "siteConfirmCopy": "I have copied the config", + "searchSitesProgress": "Search sites...", + "siteAdd": "Add Site", + "siteInstallNewt": "Install Newt", + "siteInstallNewtDescription": "Get Newt running on your system", + "WgConfiguration": "WireGuard Configuration", + "WgConfigurationDescription": "Use the following configuration to connect to your network", + "operatingSystem": "Operating System", + "commands": "Commands", + "recommended": "Recommended", + "siteNewtDescription": "For the best user experience, use Newt. It uses WireGuard under the hood and allows you to address your private resources by their LAN address on your private network from within the Pangolin dashboard.", + "siteRunsInDocker": "Runs in Docker", + "siteRunsInShell": "Runs in shell on macOS, Linux, and Windows", + "siteErrorDelete": "Error deleting site", + "siteErrorUpdate": "Failed to update site", + "siteErrorUpdateDescription": "An error occurred while updating the site.", + "siteUpdated": "Site updated", + "siteUpdatedDescription": "The site has been updated.", + "siteGeneralDescription": "Configure the general settings for this site", + "siteSettingDescription": "Configure the settings on your site", + "siteSetting": "{siteName} Settings", + "siteNewtTunnel": "Newt Tunnel (Recommended)", + "siteNewtTunnelDescription": "Easiest way to create an entrypoint into your network. No extra setup.", + "siteWg": "Basic WireGuard", + "siteWgDescription": "Use any WireGuard client to establish a tunnel. Manual NAT setup required.", + "siteWgDescriptionSaas": "Use any WireGuard client to establish a tunnel. Manual NAT setup required. ONLY WORKS ON SELF HOSTED NODES", + "siteLocalDescription": "Local resources only. No tunneling.", + "siteLocalDescriptionSaas": "Local resources only. No tunneling. ONLY WORKS ON SELF HOSTED NODES", + "siteSeeAll": "See All Sites", + "siteTunnelDescription": "Determine how you want to connect to your site", + "siteNewtCredentials": "Newt Credentials", + "siteNewtCredentialsDescription": "This is how Newt will authenticate with the server", + "siteCredentialsSave": "Save Your Credentials", + "siteCredentialsSaveDescription": "You will only be able to see this once. Make sure to copy it to a secure place.", + "siteInfo": "Site Information", + "status": "Status", + "shareTitle": "Manage Share Links", + "shareDescription": "Create shareable links to grant temporary or permanent access to your resources", + "shareSearch": "Search share links...", + "shareCreate": "Create Share Link", + "shareErrorDelete": "Failed to delete link", + "shareErrorDeleteMessage": "An error occurred deleting link", + "shareDeleted": "Link deleted", + "shareDeletedDescription": "The link has been deleted", + "shareTokenDescription": "Your access token can be passed in two ways: as a query parameter or in the request headers. These must be passed from the client on every request for authenticated access.", + "accessToken": "Access Token", + "usageExamples": "Usage Examples", + "tokenId": "Token ID", + "requestHeades": "Request Headers", + "queryParameter": "Query Parameter", + "importantNote": "Important Note", + "shareImportantDescription": "For security reasons, using headers is recommended over query parameters when possible, as query parameters may be logged in server logs or browser history.", + "token": "Token", + "shareTokenSecurety": "Keep your access token secure. Do not share it in publicly accessible areas or client-side code.", + "shareErrorFetchResource": "Failed to fetch resources", + "shareErrorFetchResourceDescription": "An error occurred while fetching the resources", + "shareErrorCreate": "Failed to create share link", + "shareErrorCreateDescription": "An error occurred while creating the share link", + "shareCreateDescription": "Anyone with this link can access the resource", + "shareTitleOptional": "Title (optional)", + "expireIn": "Expire In", + "neverExpire": "Never expire", + "shareExpireDescription": "Expiration time is how long the link will be usable and provide access to the resource. After this time, the link will no longer work, and users who used this link will lose access to the resource.", + "shareSeeOnce": "You will only be able to see this linkonce. Make sure to copy it.", + "shareAccessHint": "Anyone with this link can access the resource. Share it with care.", + "shareTokenUsage": "See Access Token Usage", + "createLink": "Create Link", + "resourcesNotFound": "No resources found", + "resourceSearch": "Search resources", + "openMenu": "Open menu", + "resource": "Resource", + "title": "Title", + "created": "Created", + "expires": "Expires", + "never": "Never", + "shareErrorSelectResource": "Please select a resource", + "resourceTitle": "Manage Resources", + "resourceDescription": "Create secure proxies to your private applications", + "resourcesSearch": "Search resources...", + "resourceAdd": "Add Resource", + "resourceErrorDelte": "Error deleting resource", + "authentication": "Authentication", + "protected": "Protected", + "notProtected": "Not Protected", + "resourceMessageRemove": "Once removed, the resource will no longer be accessible. All targets associated with the resource will also be removed.", + "resourceMessageConfirm": "To confirm, please type the name of the resource below.", + "resourceQuestionRemove": "Are you sure you want to remove the resource {selectedResource} from the organization?", + "resourceHTTP": "HTTPS Resource", + "resourceHTTPDescription": "Proxy requests to your app over HTTPS using a subdomain or base domain.", + "resourceRaw": "Raw TCP/UDP Resource", + "resourceRawDescription": "Proxy requests to your app over TCP/UDP using a port number.", + "resourceCreate": "Create Resource", + "resourceCreateDescription": "Follow the steps below to create a new resource", + "resourceSeeAll": "See All Resources", + "resourceInfo": "Resource Information", + "resourceNameDescription": "This is the display name for the resource.", + "siteSelect": "Select site", + "siteSearch": "Search site", + "siteNotFound": "No site found.", + "siteSelectionDescription": "This site will provide connectivity to the target.", + "resourceType": "Resource Type", + "resourceTypeDescription": "Determine how you want to access your resource", + "resourceHTTPSSettings": "HTTPS Settings", + "resourceHTTPSSettingsDescription": "Configure how your resource will be accessed over HTTPS", + "domainType": "Domain Type", + "subdomain": "Subdomain", + "baseDomain": "Base Domain", + "subdomnainDescription": "The subdomain where your resource will be accessible.", + "resourceRawSettings": "TCP/UDP Settings", + "resourceRawSettingsDescription": "Configure how your resource will be accessed over TCP/UDP", + "protocol": "Protocol", + "protocolSelect": "Select a protocol", + "resourcePortNumber": "Port Number", + "resourcePortNumberDescription": "The external port number to proxy requests.", + "cancel": "Cancel", + "resourceConfig": "Configuration Snippets", + "resourceConfigDescription": "Copy and paste these configuration snippets to set up your TCP/UDP resource", + "resourceAddEntrypoints": "Traefik: Add Entrypoints", + "resourceExposePorts": "Gerbil: Expose Ports in Docker Compose", + "resourceLearnRaw": "Learn how to configure TCP/UDP resources", + "resourceBack": "Back to Resources", + "resourceGoTo": "Go to Resource", + "resourceDelete": "Delete Resource", + "resourceDeleteConfirm": "Confirm Delete Resource", + "visibility": "Visibility", + "enabled": "Enabled", + "disabled": "Disabled", + "general": "General", + "generalSettings": "General Settings", + "proxy": "Proxy", + "internal": "Internal", + "rules": "Rules", + "resourceSettingDescription": "Configure the settings on your resource", + "resourceSetting": "{resourceName} Settings", + "alwaysAllow": "Always Allow", + "alwaysDeny": "Always Deny", + "passToAuth": "Pass to Auth", + "orgSettingsDescription": "Configure your organization's general settings", + "orgGeneralSettings": "Organization Settings", + "orgGeneralSettingsDescription": "Manage your organization details and configuration", + "saveGeneralSettings": "Save General Settings", + "saveSettings": "Save Settings", + "orgDangerZone": "Danger Zone", + "orgDangerZoneDescription": "Once you delete this org, there is no going back. Please be certain.", + "orgDelete": "Delete Organization", + "orgDeleteConfirm": "Confirm Delete Organization", + "orgMessageRemove": "This action is irreversible and will delete all associated data.", + "orgMessageConfirm": "To confirm, please type the name of the organization below.", + "orgQuestionRemove": "Are you sure you want to remove the organization {selectedOrg}?", + "orgUpdated": "Organization updated", + "orgUpdatedDescription": "The organization has been updated.", + "orgErrorUpdate": "Failed to update organization", + "orgErrorUpdateMessage": "An error occurred while updating the organization.", + "orgErrorFetch": "Failed to fetch organizations", + "orgErrorFetchMessage": "An error occurred while listing your organizations", + "orgErrorDelete": "Failed to delete organization", + "orgErrorDeleteMessage": "An error occurred while deleting the organization.", + "orgDeleted": "Organization deleted", + "orgDeletedMessage": "The organization and its data has been deleted.", + "orgMissing": "Organization ID Missing", + "orgMissingMessage": "Unable to regenerate invitation without an organization ID.", + "accessUsersManage": "Manage Users", + "accessUsersDescription": "Invite users and add them to roles to manage access to your organization", + "accessUsersSearch": "Search users...", + "accessUserCreate": "Create User", + "accessUserRemove": "Remove User", + "username": "Username", + "identityProvider": "Identity Provider", + "role": "Role", + "nameRequired": "Name is required", + "accessRolesManage": "Manage Roles", + "accessRolesDescription": "Configure roles to manage access to your organization", + "accessRolesSearch": "Search roles...", + "accessRolesAdd": "Add Role", + "accessRoleDelete": "Delete Role", + "description": "Description", + "inviteTitle": "Open Invitations", + "inviteDescription": "Manage your invitations to other users", + "inviteSearch": "Search invitations...", + "minutes": "Minutes", + "hours": "Hours", + "days": "Days", + "weeks": "Weeks", + "months": "Months", + "years": "Years", + "day": "{count, plural, one {# day} other {# days}}", + "apiKeysTitle": "API Key Information", + "apiKeysConfirmCopy2": "You must confirm that you have copied the API key.", + "apiKeysErrorCreate": "Error creating API key", + "apiKeysErrorSetPermission": "Error setting permissions", + "apiKeysCreate": "Generate API Key", + "apiKeysCreateDescription": "Generate a new API key for your organization", + "apiKeysGeneralSettings": "Permissions", + "apiKeysGeneralSettingsDescription": "Determine what this API key can do", + "apiKeysList": "Your API Key", + "apiKeysSave": "Save Your API Key", + "apiKeysSaveDescription": "You will only be able to see this once. Make sure to copy it to a secure place.", + "apiKeysInfo": "Your API key is:", + "apiKeysConfirmCopy": "I have copied the API key", + "generate": "Generate", + "done": "Done", + "apiKeysSeeAll": "See All API Keys", + "apiKeysPermissionsErrorLoadingActions": "Error loading API key actions", + "apiKeysPermissionsErrorUpdate": "Error setting permissions", + "apiKeysPermissionsUpdated": "Permissions updated", + "apiKeysPermissionsUpdatedDescription": "The permissions have been updated.", + "apiKeysPermissionsGeneralSettings": "Permissions", + "apiKeysPermissionsGeneralSettingsDescription": "Determine what this API key can do", + "apiKeysPermissionsSave": "Save Permissions", + "apiKeysPermissionsTitle": "Permissions", + "apiKeys": "API Keys", + "searchApiKeys": "Search API keys...", + "apiKeysAdd": "Generate API Key", + "apiKeysErrorDelete": "Error deleting API key", + "apiKeysErrorDeleteMessage": "Error deleting API key", + "apiKeysQuestionRemove": "Are you sure you want to remove the API key {selectedApiKey} from the organization?", + "apiKeysMessageRemove": "Once removed, the API key will no longer be able to be used.", + "apiKeysMessageConfirm": "To confirm, please type the name of the API key below.", + "apiKeysDeleteConfirm": "Confirm Delete API Key", + "apiKeysDelete": "Delete API Key", + "apiKeysManage": "Manage API Keys", + "apiKeysDescription": "API keys are used to authenticate with the integration API", + "apiKeysSettings": "{apiKeyName} Settings", + "userTitle": "Manage All Users", + "userDescription": "View and manage all users in the system", + "userAbount": "About User Management", + "userAbountDescription": "This table displays all root user objects in the system. Each user may belong to multiple organizations. Removing a user from an organization does not delete their root user object - they will remain in the system. To completely remove a user from the system, you must delete their root user object using the delete action in this table.", + "userServer": "Server Users", + "userSearch": "Search server users...", + "userErrorDelete": "Error deleting user", + "userDeleteConfirm": "Confirm Delete User", + "userDeleteServer": "Delete User from Server", + "userMessageRemove": "The user will be removed from all organizations and be completely removed from the server.", + "userMessageConfirm": "To confirm, please type the name of the user below.", + "userQuestionRemove": "Are you sure you want to permanently delete {selectedUser} from the server?", + "licenseKey": "License Key", + "valid": "Valid", + "numberOfSites": "Number of Sites", + "licenseKeySearch": "Search license keys...", + "licenseKeyAdd": "Add License Key", + "type": "Type", + "licenseKeyRequired": "License key is required", + "licenseTermsAgree": "You must agree to the license terms", + "licenseErrorKeyLoad": "Failed to load license keys", + "licenseErrorKeyLoadDescription": "An error occurred loading license keys.", + "licenseErrorKeyDelete": "Failed to delete license key", + "licenseErrorKeyDeleteDescription": "An error occurred deleting license key.", + "licenseKeyDeleted": "License key deleted", + "licenseKeyDeletedDescription": "The license key has been deleted.", + "licenseErrorKeyActivate": "Failed to activate license key", + "licenseErrorKeyActivateDescription": "An error occurred while activating the license key.", + "licenseAbout": "About Licensing", + "communityEdition": "Community Edition", + "licenseAboutDescription": "This is for business and enterprise users who are using Pangolin in a commercial environment. If you are using Pangolin for personal use, you can ignore this section.", + "licenseKeyActivated": "License key activated", + "licenseKeyActivatedDescription": "The license key has been successfully activated.", + "licenseErrorKeyRecheck": "Failed to recheck license keys", + "licenseErrorKeyRecheckDescription": "An error occurred rechecking license keys.", + "licenseErrorKeyRechecked": "License keys rechecked", + "licenseErrorKeyRecheckedDescription": "All license keys have been rechecked", + "licenseActivateKey": "Activate License Key", + "licenseActivateKeyDescription": "Enter a license key to activate it.", + "licenseActivate": "Activate License", + "licenseAgreement": "By checking this box, you confirm that you have read and agree to the license terms corresponding to the tier associated with your license key.", + "fossorialLicense": "View Fossorial Commercial License & Subscription Terms", + "licenseMessageRemove": "This will remove the license key and all associated permissions granted by it.", + "licenseMessageConfirm": "To confirm, please type the license key below.", + "licenseQuestionRemove": "Are you sure you want to delete the license key {selectedKey} ?", + "licenseKeyDelete": "Delete License Key", + "licenseKeyDeleteConfirm": "Confirm Delete License Key", + "licenseTitle": "Manage License Status", + "licenseTitleDescription": "View and manage license keys in the system", + "licenseHost": "Host License", + "licenseHostDescription": "Manage the main license key for the host.", + "licensedNot": "Not Licensed", + "hostId": "Host ID", + "licenseReckeckAll": "Recheck All Keys", + "licenseSiteUsage": "Sites Usage", + "licenseSiteUsageDecsription": "View the number of sites using this license.", + "licenseNoSiteLimit": "There is no limit on the number of sites using an unlicensed host.", + "licensePurchase": "Purchase License", + "licensePurchaseSites": "Purchase Additional Sites", + "licenseSitesUsedMax": "{usedSites} of {maxSites} sites used", + "licenseSitesUsed": "{count, plural, =0 {# sites} one {# site} other {# sites}} in system.", + "licensePurchaseDescription": "Choose how many sites you want to {selectedMode, select, license {purchase a license for. You can always add more sites later.} other {add to your existing license.}}", + "licenseFee": "License fee", + "licensePriceSite": "Price per site", + "total": "Total", + "licenseContinuePayment": "Continue to Payment", + "pricingPage": "pricing page", + "pricingPortal": "See Purchase Portal", + "licensePricingPage": "For the most up-to-date pricing and discounts, please visit the ", + "invite": "Invitations", + "inviteRegenerate": "Regenerate Invitation", + "inviteRegenerateDescription": "Revoke previous invitation and create a new one", + "inviteRemove": "Remove Invitation", + "inviteRemoveError": "Failed to remove invitation", + "inviteRemoveErrorDescription": "An error occurred while removing the invitation.", + "inviteRemoved": "Invitation removed", + "inviteRemovedDescription": "The invitation for {email} has been removed.", + "inviteQuestionRemove": "Are you sure you want to remove the invitation {email}?", + "inviteMessageRemove": "Once removed, this invitation will no longer be valid. You can always re-invite the user later.", + "inviteMessageConfirm": "To confirm, please type the email address of the invitation below.", + "inviteQuestionRegenerate": "Are you sure you want to regenerate the invitation for {email}? This will revoke the previous invitation.", + "inviteRemoveConfirm": "Confirm Remove Invitation", + "inviteRegenerated": "Invitation Regenerated", + "inviteSent": "A new invitation has been sent to {email}.", + "inviteSentEmail": "Send email notification to the user", + "inviteGenerate": "A new invitation has been generated for {email}.", + "inviteDuplicateError": "Duplicate Invite", + "inviteDuplicateErrorDescription": "An invitation for this user already exists.", + "inviteRateLimitError": "Rate Limit Exceeded", + "inviteRateLimitErrorDescription": "You have exceeded the limit of 3 regenerations per hour. Please try again later.", + "inviteRegenerateError": "Failed to Regenerate Invitation", + "inviteRegenerateErrorDescription": "An error occurred while regenerating the invitation.", + "inviteValidityPeriod": "Validity Period", + "inviteValidityPeriodSelect": "Select validity period", + "inviteRegenerateMessage": "The invitation has been regenerated. The user must access the link below to accept the invitation.", + "inviteRegenerateButton": "Regenerate", + "expiresAt": "Expires At", + "accessRoleUnknown": "Unknown Role", + "placeholder": "Placeholder", + "userErrorOrgRemove": "Failed to remove user", + "userErrorOrgRemoveDescription": "An error occurred while removing the user.", + "userOrgRemoved": "User removed", + "userOrgRemovedDescription": "The user {email} has been removed from the organization.", + "userQuestionOrgRemove": "Are you sure you want to remove {email} from the organization?", + "userMessageOrgRemove": "Once removed, this user will no longer have access to the organization. You can always re-invite them later, but they will need to accept the invitation again.", + "userMessageOrgConfirm": "To confirm, please type the name of the of the user below.", + "userRemoveOrgConfirm": "Confirm Remove User", + "userRemoveOrg": "Remove User from Organization", + "users": "Users", + "accessRoleMember": "Member", + "accessRoleOwner": "Owner", + "userConfirmed": "Confirmed", + "idpNameInternal": "Internal", + "emailInvalid": "Invalid email address", + "inviteValidityDuration": "Please select a duration", + "accessRoleSelectPlease": "Please select a role", + "usernameRequired": "Username is required", + "idpSelectPlease": "Please select an identity provider", + "idpGenericOidc": "Generic OAuth2/OIDC provider.", + "accessRoleErrorFetch": "Failed to fetch roles", + "accessRoleErrorFetchDescription": "An error occurred while fetching the roles", + "idpErrorFetch": "Failed to fetch identity providers", + "idpErrorFetchDescription": "An error occurred while fetching identity providers", + "userErrorExists": "User Already Exists", + "userErrorExistsDescription": "This user is already a member of the organization.", + "inviteError": "Failed to invite user", + "inviteErrorDescription": "An error occurred while inviting the user", + "userInvited": "User invited", + "userInvitedDescription": "The user has been successfully invited.", + "userErrorCreate": "Failed to create user", + "userErrorCreateDescription": "An error occurred while creating the user", + "userCreated": "User created", + "userCreatedDescription": "The user has been successfully created.", + "userTypeInternal": "Internal User", + "userTypeInternalDescription": "Invite a user to join your organization directly.", + "userTypeExternal": "External User", + "userTypeExternalDescription": "Create a user with an external identity provider.", + "accessUserCreateDescription": "Follow the steps below to create a new user", + "userSeeAll": "See All Users", + "userTypeTitle": "User Type", + "userTypeDescription": "Determine how you want to create the user", + "userSettings": "User Information", + "userSettingsDescription": "Enter the details for the new user", + "inviteEmailSent": "Send invite email to user", + "inviteValid": "Valid For", + "selectDuration": "Select duration", + "accessRoleSelect": "Select role", + "inviteEmailSentDescription": "An email has been sent to the user with the access link below. They must access the link to accept the invitation.", + "inviteSentDescription": "The user has been invited. They must access the link below to accept the invitation.", + "inviteExpiresIn": "The invite will expire in {days, plural, one {# day} other {# days}}.", + "idpTitle": "Identity Provider", + "idpSelect": "Select the identity provider for the external user", + "idpNotConfigured": "No identity providers are configured. Please configure an identity provider before creating external users.", + "usernameUniq": "This must match the unique username that exists in the selected identity provider.", + "emailOptional": "Email (Optional)", + "nameOptional": "Name (Optional)", + "accessControls": "Access Controls", + "userDescription2": "Manage the settings on this user", + "accessRoleErrorAdd": "Failed to add user to role", + "accessRoleErrorAddDescription": "An error occurred while adding user to the role.", + "userSaved": "User saved", + "userSavedDescription": "The user has been updated.", + "accessControlsDescription": "Manage what this user can access and do in the organization", + "accessControlsSubmit": "Save Access Controls", + "roles": "Roles", + "accessUsersRoles": "Manage Users & Roles", + "accessUsersRolesDescription": "Invite users and add them to roles to manage access to your organization", + "key": "Key", + "createdAt": "Created At", + "proxyErrorInvalidHeader": "Invalid custom Host Header value. Use domain name format, or save empty to unset custom Host Header.", + "proxyErrorTls": "Invalid TLS Server Name. Use domain name format, or save empty to remove the TLS Server Name.", + "proxyEnableSSL": "Enable SSL (https)", + "targetErrorFetch": "Failed to fetch targets", + "targetErrorFetchDescription": "An error occurred while fetching targets", + "siteErrorFetch": "Failed to fetch resource", + "siteErrorFetchDescription": "An error occurred while fetching resource", + "targetErrorDuplicate": "Duplicate target", + "targetErrorDuplicateDescription": "A target with these settings already exists", + "targetWireGuardErrorInvalidIp": "Invalid target IP", + "targetWireGuardErrorInvalidIpDescription": "Target IP must be within the site subnet", + "targetsUpdated": "Targets updated", + "targetsUpdatedDescription": "Targets and settings updated successfully", + "targetsErrorUpdate": "Failed to update targets", + "targetsErrorUpdateDescription": "An error occurred while updating targets", + "targetTlsUpdate": "TLS settings updated", + "targetTlsUpdateDescription": "Your TLS settings have been updated successfully", + "targetErrorTlsUpdate": "Failed to update TLS settings", + "targetErrorTlsUpdateDescription": "An error occurred while updating TLS settings", + "proxyUpdated": "Proxy settings updated", + "proxyUpdatedDescription": "Your proxy settings have been updated successfully", + "proxyErrorUpdate": "Failed to update proxy settings", + "proxyErrorUpdateDescription": "An error occurred while updating proxy settings", + "targetAddr": "IP / Hostname", + "targetPort": "Port", + "targetProtocol": "Protocol", + "targetTlsSettings": "Secure Connection Configuration", + "targetTlsSettingsDescription": "Configure SSL/TLS settings for your resource", + "targetTlsSettingsAdvanced": "Advanced TLS Settings", + "targetTlsSni": "TLS Server Name (SNI)", + "targetTlsSniDescription": "The TLS Server Name to use for SNI. Leave empty to use the default.", + "targetTlsSubmit": "Save Settings", + "targets": "Targets Configuration", + "targetsDescription": "Set up targets to route traffic to your backend services", + "targetStickySessions": "Enable Sticky Sessions", + "targetStickySessionsDescription": "Keep connections on the same backend target for their entire session.", + "methodSelect": "Select method", + "targetSubmit": "Add Target", + "targetNoOne": "No targets. Add a target using the form.", + "targetNoOneDescription": "Adding more than one target above will enable load balancing.", + "targetsSubmit": "Save Targets", + "proxyAdditional": "Additional Proxy Settings", + "proxyAdditionalDescription": "Configure how your resource handles proxy settings", + "proxyCustomHeader": "Custom Host Header", + "proxyCustomHeaderDescription": "The host header to set when proxying requests. Leave empty to use the default.", + "proxyAdditionalSubmit": "Save Proxy Settings", + "subnetMaskErrorInvalid": "Invalid subnet mask. Must be between 0 and 32.", + "ipAddressErrorInvalidFormat": "Invalid IP address format", + "ipAddressErrorInvalidOctet": "Invalid IP address octet", + "path": "Path", + "ipAddressRange": "IP Range", + "rulesErrorFetch": "Failed to fetch rules", + "rulesErrorFetchDescription": "An error occurred while fetching rules", + "rulesErrorDuplicate": "Duplicate rule", + "rulesErrorDuplicateDescription": "A rule with these settings already exists", + "rulesErrorInvalidIpAddressRange": "Invalid CIDR", + "rulesErrorInvalidIpAddressRangeDescription": "Please enter a valid CIDR value", + "rulesErrorInvalidUrl": "Invalid URL path", + "rulesErrorInvalidUrlDescription": "Please enter a valid URL path value", + "rulesErrorInvalidIpAddress": "Invalid IP", + "rulesErrorInvalidIpAddressDescription": "Please enter a valid IP address", + "rulesErrorUpdate": "Failed to update rules", + "rulesErrorUpdateDescription": "An error occurred while updating rules", + "rulesUpdated": "Enable Rules", + "rulesUpdatedDescription": "Rule evaluation has been updated", + "rulesMatchIpAddressRangeDescription": "Enter an address in CIDR format (e.g., 103.21.244.0/22)", + "rulesMatchIpAddress": "Enter an IP address (e.g., 103.21.244.12)", + "rulesMatchUrl": "Enter a URL path or pattern (e.g., /api/v1/todos or /api/v1/*)", + "rulesErrorInvalidPriority": "Invalid Priority", + "rulesErrorInvalidPriorityDescription": "Please enter a valid priority", + "rulesErrorDuplicatePriority": "Duplicate Priorities", + "rulesErrorDuplicatePriorityDescription": "Please enter unique priorities", + "ruleUpdated": "Rules updated", + "ruleUpdatedDescription": "Rules updated successfully", + "ruleErrorUpdate": "Operation failed", + "ruleErrorUpdateDescription": "An error occurred during the save operation", + "rulesPriority": "Priority", + "rulesAction": "Action", + "rulesMatchType": "Match Type", + "value": "Value", + "rulesAbout": "About Rules", + "rulesAboutDescription": "Rules allow you to control access to your resource based on a set of criteria. You can create rules to allow or deny access based on IP address or URL path.", + "rulesActions": "Actions", + "rulesActionAlwaysAllow": "Always Allow: Bypass all authentication methods", + "rulesActionAlwaysDeny": "Always Deny: Block all requests; no authentication can be attempted", + "rulesActionPassToAuth": "Pass to Auth: Allow authentication methods to be attempted", + "rulesMatchCriteria": "Matching Criteria", + "rulesMatchCriteriaIpAddress": "Match a specific IP address", + "rulesMatchCriteriaIpAddressRange": "Match a range of IP addresses in CIDR notation", + "rulesMatchCriteriaUrl": "Match a URL path or pattern", + "rulesEnable": "Enable Rules", + "rulesEnableDescription": "Enable or disable rule evaluation for this resource", + "rulesResource": "Resource Rules Configuration", + "rulesResourceDescription": "Configure rules to control access to your resource", + "ruleSubmit": "Add Rule", + "rulesNoOne": "No rules. Add a rule using the form.", + "rulesOrder": "Rules are evaluated by priority in ascending order.", + "rulesSubmit": "Save Rules", + "resourceErrorCreate": "Error creating resource", + "resourceErrorCreateDescription": "An error occurred when creating the resource", + "resourceErrorCreateMessage": "Error creating resource:", + "resourceErrorCreateMessageDescription": "An unexpected error occurred", + "sitesErrorFetch": "Error fetching sites", + "sitesErrorFetchDescription": "An error occurred when fetching the sites", + "domainsErrorFetch": "Error fetching domains", + "domainsErrorFetchDescription": "An error occurred when fetching the domains", + "none": "None", + "unknown": "Unknown", + "resources": "Resources", + "resourcesDescription": "Resources are proxies to applications running on your private network. Create a resource for any HTTP/HTTPS or raw TCP/UDP service on your private network. Each resource must be connected to a site to enable private, secure connectivity through an encrypted WireGuard tunnel.", + "resourcesWireGuardConnect": "Secure connectivity with WireGuard encryption", + "resourcesMultipleAuthenticationMethods": "Configure multiple authentication methods", + "resourcesUsersRolesAccess": "User and role-based access control", + "resourcesErrorUpdate": "Failed to toggle resource", + "resourcesErrorUpdateDescription": "An error occurred while updating the resource", + "access": "Access", + "shareLink": "{resource} Share Link", + "resourceSelect": "Select resource", + "shareLinks": "Share Links", + "share": "Shareable Links", + "shareDescription2": "Create shareable links to your resources. Links provide temporary or unlimited access to your resource. You can configure the expiration duration of the link when you create one.", + "shareEasyCreate": "Easy to create and share", + "shareConfigurableExpirationDuration": "Configurable expiration duration", + "shareSecureAndRevocable": "Secure and revocable", + "nameMin": "Name must be at least {len} characters.", + "nameMax": "Name must not be longer than {len} characters.", + "sitesConfirmCopy": "Please confirm that you have copied the config.", + "unknownCommand": "Unknown command", + "newtErrorFetchReleases": "Failed to fetch release info: {err}", + "newtErrorFetchLatest": "Error fetching latest release: {err}", + "newtEndpoint": "Newt Endpoint", + "newtId": "Newt ID", + "newtSecretKey": "Newt Secret Key", + "architecture": "Architecture", + "sites": "Sites", + "siteWgAnyClients": "Use any WireGuard client to connect. You will have to address your internal resources using the peer IP.", + "siteWgCompatibleAllClients": "Compatible with all WireGuard clients", + "siteWgManualConfigurationRequired": "Manual configuration required", + "userErrorNotAdminOrOwner": "User is not an admin or owner", + "pangolinSettings": "Settings - Pangolin", + "accessRoleYour": "Your {count, plural, =1 {role} other {roles}}:", + "accessRoleSelect2": "Select a role", + "accessUserSelect": "Select a user", + "otpEmailEnter": "Enter an email", + "otpEmailEnterDescription": "Press enter to add an email after typing it in the input field.", + "otpEmailErrorInvalid": "Invalid email address. Wildcard (*) must be the entire local part.", + "otpEmailSmtpRequired": "SMTP Required", + "otpEmailSmtpRequiredDescription": "SMTP must be enabled on the server to use one-time password authentication.", + "otpEmailTitle": "One-time Passwords", + "otpEmailTitleDescription": "Require email-based authentication for resource access", + "otpEmailWhitelist": "Email Whitelist", + "otpEmailWhitelistList": "Whitelisted Emails", + "otpEmailWhitelistListDescription": "Only users with these email addresses will be able to access this resource. They will be prompted to enter a one-time password sent to their email. Wildcards (*@example.com) can be used to allow any email address from a domain.", + "otpEmailWhitelistSave": "Save Whitelist", + "passwordAdd": "Add Password", + "passwordRemove": "Remove Password", + "pincodeAdd": "Add PIN Code", + "pincodeRemove": "Remove PIN Code", + "resourceAuthMethods": "Authentication Methods", + "resourceAuthMethodsDescriptions": "Allow access to the resource via additional auth methods", + "resourceAuthSettingsSave": "Saved successfully", + "resourceAuthSettingsSaveDescription": "Authentication settings have been saved", + "resourceErrorAuthFetch": "Failed to fetch data", + "resourceErrorAuthFetchDescription": "An error occurred while fetching the data", + "resourceErrorPasswordRemove": "Error removing resource password", + "resourceErrorPasswordRemoveDescription": "An error occurred while removing the resource password", + "resourceErrorPasswordSetup": "Error setting resource password", + "resourceErrorPasswordSetupDescription": "An error occurred while setting the resource password", + "resourceErrorPincodeRemove": "Error removing resource pincode", + "resourceErrorPincodeRemoveDescription": "An error occurred while removing the resource pincode", + "resourceErrorPincodeSetup": "Error setting resource PIN code", + "resourceErrorPincodeSetupDescription": "An error occurred while setting the resource PIN code", + "resourceErrorUsersRolesSave": "Failed to set roles", + "resourceErrorUsersRolesSaveDescription": "An error occurred while setting the roles", + "resourceErrorWhitelistSave": "Failed to save whitelist", + "resourceErrorWhitelistSaveDescription": "An error occurred while saving the whitelist", + "resourcePasswordSubmit": "Enable Password Protection", + "resourcePasswordProtection": "Password Protection {status}", + "resourcePasswordRemove": "Resource password removed", + "resourcePasswordRemoveDescription": "The resource password has been removed successfully", + "resourcePasswordSetup": "Resource password set", + "resourcePasswordSetupDescription": "The resource password has been set successfully", + "resourcePasswordSetupTitle": "Set Password", + "resourcePasswordSetupTitleDescription": "Set a password to protect this resource", + "resourcePincode": "PIN Code", + "resourcePincodeSubmit": "Enable PIN Code Protection", + "resourcePincodeProtection": "PIN Code Protection {status}", + "resourcePincodeRemove": "Resource pincode removed", + "resourcePincodeRemoveDescription": "The resource password has been removed successfully", + "resourcePincodeSetup": "Resource PIN code set", + "resourcePincodeSetupDescription": "The resource pincode has been set successfully", + "resourcePincodeSetupTitle": "Set Pincode", + "resourcePincodeSetupTitleDescription": "Set a pincode to protect this resource", + "resourceRoleDescription": "Admins can always access this resource.", + "resourceUsersRoles": "Users & Roles", + "resourceUsersRolesDescription": "Configure which users and roles can visit this resource", + "resourceUsersRolesSubmit": "Save Users & Roles", + "resourceWhitelistSave": "Saved successfully", + "resourceWhitelistSaveDescription": "Whitelist settings have been saved", + "ssoUse": "Use Platform SSO", + "ssoUseDescription": "Existing users will only have to log in once for all resources that have this enabled.", + "proxyErrorInvalidPort": "Invalid port number", + "subdomainErrorInvalid": "Invalid subdomain", + "domainErrorFetch": "Error fetching domains", + "domainErrorFetchDescription": "An error occurred when fetching the domains", + "resourceErrorUpdate": "Failed to update resource", + "resourceErrorUpdateDescription": "An error occurred while updating the resource", + "resourceUpdated": "Resource updated", + "resourceUpdatedDescription": "The resource has been updated successfully", + "resourceErrorTransfer": "Failed to transfer resource", + "resourceErrorTransferDescription": "An error occurred while transferring the resource", + "resourceTransferred": "Resource transferred", + "resourceTransferredDescription": "The resource has been transferred successfully", + "resourceErrorToggle": "Failed to toggle resource", + "resourceErrorToggleDescription": "An error occurred while updating the resource", + "resourceVisibilityTitle": "Visibility", + "resourceVisibilityTitleDescription": "Completely enable or disable resource visibility", + "resourceGeneral": "General Settings", + "resourceGeneralDescription": "Configure the general settings for this resource", + "resourceEnable": "Enable Resource", + "resourceTransfer": "Transfer Resource", + "resourceTransferDescription": "Transfer this resource to a different site", + "resourceTransferSubmit": "Transfer Resource", + "siteDestination": "Destination Site", + "searchSites": "Search sites", + "accessRoleCreate": "Create Role", + "accessRoleCreateDescription": "Create a new role to group users and manage their permissions.", + "accessRoleCreateSubmit": "Create Role", + "accessRoleCreated": "Role created", + "accessRoleCreatedDescription": "The role has been successfully created.", + "accessRoleErrorCreate": "Failed to create role", + "accessRoleErrorCreateDescription": "An error occurred while creating the role.", + "accessRoleErrorNewRequired": "New role is required", + "accessRoleErrorRemove": "Failed to remove role", + "accessRoleErrorRemoveDescription": "An error occurred while removing the role.", + "accessRoleName": "Role Name", + "accessRoleQuestionRemove": "You're about to delete the {name} role. You cannot undo this action.", + "accessRoleRemove": "Remove Role", + "accessRoleRemoveDescription": "Remove a role from the organization", + "accessRoleRemoveSubmit": "Remove Role", + "accessRoleRemoved": "Role removed", + "accessRoleRemovedDescription": "The role has been successfully removed.", + "accessRoleRequiredRemove": "Before deleting this role, please select a new role to transfer existing members to.", + "manage": "Manage", + "sitesNotFound": "No sites found.", + "pangolinServerAdmin": "Server Admin - Pangolin", + "licenseTierProfessional": "Professional License", + "licenseTierEnterprise": "Enterprise License", + "licenseTierCommercial": "Commercial License", + "licensed": "Licensed", + "yes": "Yes", + "no": "No", + "sitesAdditional": "Additional Sites", + "licenseKeys": "License Keys", + "sitestCountDecrease": "Decrease site count", + "sitestCountIncrease": "Increase site count", + "idpManage": "Manage Identity Providers", + "idpManageDescription": "View and manage identity providers in the system", + "idpDeletedDescription": "Identity provider deleted successfully", + "idpOidc": "OAuth2/OIDC", + "idpQuestionRemove": "Are you sure you want to permanently delete the identity provider {name}?", + "idpMessageRemove": "This will remove the identity provider and all associated configurations. Users who authenticate through this provider will no longer be able to log in.", + "idpMessageConfirm": "To confirm, please type the name of the identity provider below.", + "idpConfirmDelete": "Confirm Delete Identity Provider", + "idpDelete": "Delete Identity Provider", + "idp": "Identity Providers", + "idpSearch": "Search identity providers...", + "idpAdd": "Add Identity Provider", + "idpClientIdRequired": "Client ID is required.", + "idpClientSecretRequired": "Client Secret is required.", + "idpErrorAuthUrlInvalid": "Auth URL must be a valid URL.", + "idpErrorTokenUrlInvalid": "Token URL must be a valid URL.", + "idpPathRequired": "Identifier Path is required.", + "idpScopeRequired": "Scopes are required.", + "idpOidcDescription": "Configure an OpenID Connect identity provider", + "idpCreatedDescription": "Identity provider created successfully", + "idpCreate": "Create Identity Provider", + "idpCreateDescription": "Configure a new identity provider for user authentication", + "idpSeeAll": "See All Identity Providers", + "idpSettingsDescription": "Configure the basic information for your identity provider", + "idpDisplayName": "A display name for this identity provider", + "idpAutoProvisionUsers": "Auto Provision Users", + "idpAutoProvisionUsersDescription": "When enabled, users will be automatically created in the system upon first login with the ability to map users to roles and organizations.", + "licenseBadge": "Professional", + "idpType": "Provider Type", + "idpTypeDescription": "Select the type of identity provider you want to configure", + "idpOidcConfigure": "OAuth2/OIDC Configuration", + "idpOidcConfigureDescription": "Configure the OAuth2/OIDC provider endpoints and credentials", + "idpClientId": "Client ID", + "idpClientIdDescription": "The OAuth2 client ID from your identity provider", + "idpClientSecret": "Client Secret", + "idpClientSecretDescription": "The OAuth2 client secret from your identity provider", + "idpAuthUrl": "Authorization URL", + "idpAuthUrlDescription": "The OAuth2 authorization endpoint URL", + "idpTokenUrl": "Token URL", + "idpTokenUrlDescription": "The OAuth2 token endpoint URL", + "idpOidcConfigureAlert": "Important Information", + "idpOidcConfigureAlertDescription": "After creating the identity provider, you will need to configure the callback URL in your identity provider's settings. The callback URL will be provided after successful creation.", + "idpToken": "Token Configuration", + "idpTokenDescription": "Configure how to extract user information from the ID token", + "idpJmespathAbout": "About JMESPath", + "idpJmespathAboutDescription": "The paths below use JMESPath syntax to extract values from the ID token.", + "idpJmespathAboutDescriptionLink": "Learn more about JMESPath", + "idpJmespathLabel": "Identifier Path", + "idpJmespathLabelDescription": "The path to the user identifier in the ID token", + "idpJmespathEmailPathOptional": "Email Path (Optional)", + "idpJmespathEmailPathOptionalDescription": "The path to the user's email in the ID token", + "idpJmespathNamePathOptional": "Name Path (Optional)", + "idpJmespathNamePathOptionalDescription": "The path to the user's name in the ID token", + "idpOidcConfigureScopes": "Scopes", + "idpOidcConfigureScopesDescription": "Space-separated list of OAuth2 scopes to request", + "idpSubmit": "Create Identity Provider", + "orgPolicies": "Organization Policies", + "idpSettings": "{idpName} Settings", + "idpCreateSettingsDescription": "Configure the settings for your identity provider", + "roleMapping": "Role Mapping", + "orgMapping": "Organization Mapping", + "orgPoliciesSearch": "Search organization policies...", + "orgPoliciesAdd": "Add Organization Policy", + "orgRequired": "Organization is required", + "error": "Error", + "success": "Success", + "orgPolicyAddedDescription": "Policy added successfully", + "orgPolicyUpdatedDescription": "Policy updated successfully", + "orgPolicyDeletedDescription": "Policy deleted successfully", + "defaultMappingsUpdatedDescription": "Default mappings updated successfully", + "orgPoliciesAbout": "About Organization Policies", + "orgPoliciesAboutDescription": "Organization policies are used to control access to organizations based on the user's ID token. You can specify JMESPath expressions to extract role and organization information from the ID token.", + "orgPoliciesAboutDescriptionLink": "See documentation, for more information.", + "defaultMappingsOptional": "Default Mappings (Optional)", + "defaultMappingsOptionalDescription": "The default mappings are used when when there is not an organization policy defined for an organization. You can specify the default role and organization mappings to fall back to here.", + "defaultMappingsRole": "Default Role Mapping", + "defaultMappingsRoleDescription": "The result of this expression must return the role name as defined in the organization as a string.", + "defaultMappingsOrg": "Default Organization Mapping", + "defaultMappingsOrgDescription": "This expression must return the org ID or true for the user to be allowed to access the organization.", + "defaultMappingsSubmit": "Save Default Mappings", + "orgPoliciesEdit": "Edit Organization Policy", + "org": "Organization", + "orgSelect": "Select organization", + "orgSearch": "Search org", + "orgNotFound": "No org found.", + "roleMappingPathOptional": "Role Mapping Path (Optional)", + "orgMappingPathOptional": "Organization Mapping Path (Optional)", + "orgPolicyUpdate": "Update Policy", + "orgPolicyAdd": "Add Policy", + "orgPolicyConfig": "Configure access for an organization", + "idpUpdatedDescription": "Identity provider updated successfully", + "redirectUrl": "Redirect URL", + "redirectUrlAbout": "About Redirect URL", + "redirectUrlAboutDescription": "This is the URL to which users will be redirected after authentication. You need to configure this URL in your identity provider settings.", + "pangolinAuth": "Auth - Pangolin", + "verificationCodeLengthRequirements": "Your verification code must be 8 characters.", + "errorOccurred": "An error occurred", + "emailErrorVerify": "Failed to verify email:", + "emailVerified": "Email successfully verified! Redirecting you...", + "verificationCodeErrorResend": "Failed to resend verification code:", + "verificationCodeResend": "Verification code resent", + "verificationCodeResendDescription": "We've resent a verification code to your email address. Please check your inbox.", + "emailVerify": "Verify Email", + "emailVerifyDescription": "Enter the verification code sent to your email address.", + "verificationCode": "Verification Code", + "verificationCodeEmailSent": "We sent a verification code to your email address.", + "submit": "Submit", + "emailVerifyResendProgress": "Resending...", + "emailVerifyResend": "Didn't receive a code? Click here to resend", + "passwordNotMatch": "Passwords do not match", + "signupError": "An error occurred while signing up", + "pangolinLogoAlt": "Pangolin Logo", + "inviteAlready": "Looks like you've been invited!", + "inviteAlreadyDescription": "To accept the invite, you must log in or create an account.", + "signupQuestion": "Already have an account?", + "login": "Log in", + "resourceNotFound": "Resource Not Found", + "resourceNotFoundDescription": "The resource you're trying to access does not exist.", + "pincodeRequirementsLength": "PIN must be exactly 6 digits", + "pincodeRequirementsChars": "PIN must only contain numbers", + "passwordRequirementsLength": "Password must be at least 1 character long", + "passwordRequirementsTitle": "Password requirements:", + "passwordRequirementLength": "At least 8 characters long", + "passwordRequirementUppercase": "At least one uppercase letter", + "passwordRequirementLowercase": "At least one lowercase letter", + "passwordRequirementNumber": "At least one number", + "passwordRequirementSpecial": "At least one special character", + "passwordRequirementsMet": "✓ Password meets all requirements", + "passwordStrength": "Password strength", + "passwordStrengthWeak": "Weak", + "passwordStrengthMedium": "Medium", + "passwordStrengthStrong": "Strong", + "passwordRequirements": "Requirements:", + "passwordRequirementLengthText": "8+ characters", + "passwordRequirementUppercaseText": "Uppercase letter (A-Z)", + "passwordRequirementLowercaseText": "Lowercase letter (a-z)", + "passwordRequirementNumberText": "Number (0-9)", + "passwordRequirementSpecialText": "Special character (!@#$%...)", + "passwordsDoNotMatch": "Passwords do not match", + "otpEmailRequirementsLength": "OTP must be at least 1 character long", + "otpEmailSent": "OTP Sent", + "otpEmailSentDescription": "An OTP has been sent to your email", + "otpEmailErrorAuthenticate": "Failed to authenticate with email", + "pincodeErrorAuthenticate": "Failed to authenticate with pincode", + "passwordErrorAuthenticate": "Failed to authenticate with password", + "poweredBy": "Powered by", + "authenticationRequired": "Authentication Required", + "authenticationMethodChoose": "Choose your preferred method to access {name}", + "authenticationRequest": "You must authenticate to access {name}", + "user": "User", + "pincodeInput": "6-digit PIN Code", + "pincodeSubmit": "Log in with PIN", + "passwordSubmit": "Log In with Password", + "otpEmailDescription": "A one-time code will be sent to this email.", + "otpEmailSend": "Send One-time Code", + "otpEmail": "One-Time Password (OTP)", + "otpEmailSubmit": "Submit OTP", + "backToEmail": "Back to Email", + "noSupportKey": "Server is running without a supporter key. Consider supporting the project!", + "accessDenied": "Access Denied", + "accessDeniedDescription": "You're not allowed to access this resource. If this is a mistake, please contact the administrator.", + "accessTokenError": "Error checking access token", + "accessGranted": "Access Granted", + "accessUrlInvalid": "Access URL Invalid", + "accessGrantedDescription": "You have been granted access to this resource. Redirecting you...", + "accessUrlInvalidDescription": "This shared access URL is invalid. Please contact the resource owner for a new URL.", + "tokenInvalid": "Invalid token", + "pincodeInvalid": "Invalid code", + "passwordErrorRequestReset": "Failed to request reset:", + "passwordErrorReset": "Failed to reset password:", + "passwordResetSuccess": "Password reset successfully! Back to log in...", + "passwordReset": "Reset Password", + "passwordResetDescription": "Follow the steps to reset your password", + "passwordResetSent": "We'll send a password reset code to this email address.", + "passwordResetCode": "Reset Code", + "passwordResetCodeDescription": "Check your email for the reset code.", + "passwordNew": "New Password", + "passwordNewConfirm": "Confirm New Password", + "pincodeAuth": "Authenticator Code", + "pincodeSubmit2": "Submit Code", + "passwordResetSubmit": "Request Reset", + "passwordBack": "Back to Password", + "loginBack": "Go back to log in", + "signup": "Sign up", + "loginStart": "Log in to get started", + "idpOidcTokenValidating": "Validating OIDC token", + "idpOidcTokenResponse": "Validate OIDC token response", + "idpErrorOidcTokenValidating": "Error validating OIDC token", + "idpConnectingTo": "Connecting to {name}", + "idpConnectingToDescription": "Validating your identity", + "idpConnectingToProcess": "Connecting...", + "idpConnectingToFinished": "Connected", + "idpErrorConnectingTo": "There was a problem connecting to {name}. Please contact your administrator.", + "idpErrorNotFound": "IdP not found", + "inviteInvalid": "Invalid Invite", + "inviteInvalidDescription": "The invite link is invalid.", + "inviteErrorWrongUser": "Invite is not for this user", + "inviteErrorUserNotExists": "User does not exist. Please create an account first.", + "inviteErrorLoginRequired": "You must be logged in to accept an invite", + "inviteErrorExpired": "The invite may have expired", + "inviteErrorRevoked": "The invite might have been revoked", + "inviteErrorTypo": "There could be a typo in the invite link", + "pangolinSetup": "Setup - Pangolin", + "orgNameRequired": "Organization name is required", + "orgIdRequired": "Organization ID is required", + "orgErrorCreate": "An error occurred while creating org", + "pageNotFound": "Page Not Found", + "pageNotFoundDescription": "Oops! The page you're looking for doesn't exist.", + "overview": "Overview", + "home": "Home", + "accessControl": "Access Control", + "settings": "Settings", + "usersAll": "All Users", + "license": "License", + "pangolinDashboard": "Dashboard - Pangolin", + "noResults": "No results found.", + "terabytes": "{count} TB", + "gigabytes": "{count} GB", + "megabytes": "{count} MB", + "tagsEntered": "Entered Tags", + "tagsEnteredDescription": "These are the tags you`ve entered.", + "tagsWarnCannotBeLessThanZero": "maxTags and minTags cannot be less than 0", + "tagsWarnNotAllowedAutocompleteOptions": "Tag not allowed as per autocomplete options", + "tagsWarnInvalid": "Invalid tag as per validateTag", + "tagWarnTooShort": "Tag {tagText} is too short", + "tagWarnTooLong": "Tag {tagText} is too long", + "tagsWarnReachedMaxNumber": "Reached the maximum number of tags allowed", + "tagWarnDuplicate": "Duplicate tag {tagText} not added", + "supportKeyInvalid": "Invalid Key", + "supportKeyInvalidDescription": "Your supporter key is invalid.", + "supportKeyValid": "Valid Key", + "supportKeyValidDescription": "Your supporter key has been validated. Thank you for your support!", + "supportKeyErrorValidationDescription": "Failed to validate supporter key.", + "supportKey": "Support Development and Adopt a Pangolin!", + "supportKeyDescription": "Purchase a supporter key to help us continue developing Pangolin for the community. Your contribution allows us to commit more time to maintain and add new features to the application for everyone. We will never use this to paywall features. This is separate from any Commercial Edition.", + "supportKeyPet": "You will also get to adopt and meet your very own pet Pangolin!", + "supportKeyPurchase": "Payments are processed via GitHub. Afterward, you can retrieve your key on", + "supportKeyPurchaseLink": "our website", + "supportKeyPurchase2": "and redeem it here.", + "supportKeyLearnMore": "Learn more.", + "supportKeyOptions": "Please select the option that best suits you.", + "supportKetOptionFull": "Full Supporter", + "forWholeServer": "For the whole server", + "lifetimePurchase": "Lifetime purchase", + "supporterStatus": "Supporter status", + "buy": "Buy", + "supportKeyOptionLimited": "Limited Supporter", + "forFiveUsers": "For 5 or less users", + "supportKeyRedeem": "Redeem Supporter Key", + "supportKeyHideSevenDays": "Hide for 7 days", + "supportKeyEnter": "Enter Supporter Key", + "supportKeyEnterDescription": "Meet your very own pet Pangolin!", + "githubUsername": "GitHub Username", + "supportKeyInput": "Supporter Key", + "supportKeyBuy": "Buy Supporter Key", + "logoutError": "Error logging out", + "signingAs": "Signed in as", + "serverAdmin": "Server Admin", + "managedSelfhosted": "Managed Self-Hosted", + "otpEnable": "Enable Two-factor", + "otpDisable": "Disable Two-factor", + "logout": "Log Out", + "licenseTierProfessionalRequired": "Professional Edition Required", + "licenseTierProfessionalRequiredDescription": "This feature is only available in the Professional Edition.", + "actionGetOrg": "Get Organization", + "actionUpdateOrg": "Update Organization", + "actionUpdateUser": "Update User", + "actionGetUser": "Get User", + "actionGetOrgUser": "Get Organization User", + "actionListOrgDomains": "List Organization Domains", + "actionCreateSite": "Create Site", + "actionDeleteSite": "Delete Site", + "actionGetSite": "Get Site", + "actionListSites": "List Sites", + "setupToken": "Setup Token", + "setupTokenDescription": "Enter the setup token from the server console.", + "setupTokenRequired": "Setup token is required", + "actionUpdateSite": "Update Site", + "actionListSiteRoles": "List Allowed Site Roles", + "actionCreateResource": "Create Resource", + "actionDeleteResource": "Delete Resource", + "actionGetResource": "Get Resource", + "actionListResource": "List Resources", + "actionUpdateResource": "Update Resource", + "actionListResourceUsers": "List Resource Users", + "actionSetResourceUsers": "Set Resource Users", + "actionSetAllowedResourceRoles": "Set Allowed Resource Roles", + "actionListAllowedResourceRoles": "List Allowed Resource Roles", + "actionSetResourcePassword": "Set Resource Password", + "actionSetResourcePincode": "Set Resource Pincode", + "actionSetResourceEmailWhitelist": "Set Resource Email Whitelist", + "actionGetResourceEmailWhitelist": "Get Resource Email Whitelist", + "actionCreateTarget": "Create Target", + "actionDeleteTarget": "Delete Target", + "actionGetTarget": "Get Target", + "actionListTargets": "List Targets", + "actionUpdateTarget": "Update Target", + "actionCreateRole": "Create Role", + "actionDeleteRole": "Delete Role", + "actionGetRole": "Get Role", + "actionListRole": "List Roles", + "actionUpdateRole": "Update Role", + "actionListAllowedRoleResources": "List Allowed Role Resources", + "actionInviteUser": "Invite User", + "actionRemoveUser": "Remove User", + "actionListUsers": "List Users", + "actionAddUserRole": "Add User Role", + "actionGenerateAccessToken": "Generate Access Token", + "actionDeleteAccessToken": "Delete Access Token", + "actionListAccessTokens": "List Access Tokens", + "actionCreateResourceRule": "Create Resource Rule", + "actionDeleteResourceRule": "Delete Resource Rule", + "actionListResourceRules": "List Resource Rules", + "actionUpdateResourceRule": "Update Resource Rule", + "actionListOrgs": "List Organizations", + "actionCheckOrgId": "Check ID", + "actionCreateOrg": "Create Organization", + "actionDeleteOrg": "Delete Organization", + "actionListApiKeys": "List API Keys", + "actionListApiKeyActions": "List API Key Actions", + "actionSetApiKeyActions": "Set API Key Allowed Actions", + "actionCreateApiKey": "Create API Key", + "actionDeleteApiKey": "Delete API Key", + "actionCreateIdp": "Create IDP", + "actionUpdateIdp": "Update IDP", + "actionDeleteIdp": "Delete IDP", + "actionListIdps": "List IDP", + "actionGetIdp": "Get IDP", + "actionCreateIdpOrg": "Create IDP Org Policy", + "actionDeleteIdpOrg": "Delete IDP Org Policy", + "actionListIdpOrgs": "List IDP Orgs", + "actionUpdateIdpOrg": "Update IDP Org", + "actionCreateClient": "Create Client", + "actionDeleteClient": "Delete Client", + "actionUpdateClient": "Update Client", + "actionListClients": "List Clients", + "actionGetClient": "Get Client", + "actionCreateSiteResource": "Create Site Resource", + "actionDeleteSiteResource": "Delete Site Resource", + "actionGetSiteResource": "Get Site Resource", + "actionListSiteResources": "List Site Resources", + "actionUpdateSiteResource": "Update Site Resource", + "actionListInvitations": "List Invitations", + "noneSelected": "None selected", + "orgNotFound2": "No organizations found.", + "searchProgress": "Search...", + "create": "Create", + "orgs": "Organizations", + "loginError": "An error occurred while logging in", + "passwordForgot": "Forgot your password?", + "otpAuth": "Two-Factor Authentication", + "otpAuthDescription": "Enter the code from your authenticator app or one of your single-use backup codes.", + "otpAuthSubmit": "Submit Code", + "idpContinue": "Or continue with", + "otpAuthBack": "Back to Log In", + "navbar": "Navigation Menu", + "navbarDescription": "Main navigation menu for the application", + "navbarDocsLink": "Documentation", + "commercialEdition": "Commercial Edition", + "otpErrorEnable": "Unable to enable 2FA", + "otpErrorEnableDescription": "An error occurred while enabling 2FA", + "otpSetupCheckCode": "Please enter a 6-digit code", + "otpSetupCheckCodeRetry": "Invalid code. Please try again.", + "otpSetup": "Enable Two-factor Authentication", + "otpSetupDescription": "Secure your account with an extra layer of protection", + "otpSetupScanQr": "Scan this QR code with your authenticator app or enter the secret key manually:", + "otpSetupSecretCode": "Authenticator Code", + "otpSetupSuccess": "Two-Factor Authentication Enabled", + "otpSetupSuccessStoreBackupCodes": "Your account is now more secure. Don't forget to save your backup codes.", + "otpErrorDisable": "Unable to disable 2FA", + "otpErrorDisableDescription": "An error occurred while disabling 2FA", + "otpRemove": "Disable Two-factor Authentication", + "otpRemoveDescription": "Disable two-factor authentication for your account", + "otpRemoveSuccess": "Two-Factor Authentication Disabled", + "otpRemoveSuccessMessage": "Two-factor authentication has been disabled for your account. You can enable it again at any time.", + "otpRemoveSubmit": "Disable 2FA", + "paginator": "Page {current} of {last}", + "paginatorToFirst": "Go to first page", + "paginatorToPrevious": "Go to previous page", + "paginatorToNext": "Go to next page", + "paginatorToLast": "Go to last page", + "copyText": "Copy text", + "copyTextFailed": "Failed to copy text: ", + "copyTextClipboard": "Copy to clipboard", + "inviteErrorInvalidConfirmation": "Invalid confirmation", + "passwordRequired": "Password is required", + "allowAll": "Allow All", + "permissionsAllowAll": "Allow All Permissions", + "githubUsernameRequired": "GitHub username is required", + "supportKeyRequired": "Supporter key is required", + "passwordRequirementsChars": "Password must be at least 8 characters", + "language": "Language", + "verificationCodeRequired": "Code is required", + "userErrorNoUpdate": "No user to update", + "siteErrorNoUpdate": "No site to update", + "resourceErrorNoUpdate": "No resource to update", + "authErrorNoUpdate": "No auth info to update", + "orgErrorNoUpdate": "No org to update", + "orgErrorNoProvided": "No org provided", + "apiKeysErrorNoUpdate": "No API key to update", + "sidebarOverview": "Overview", + "sidebarHome": "Home", + "sidebarSites": "Sites", + "sidebarResources": "Resources", + "sidebarAccessControl": "Access Control", + "sidebarUsers": "Users", + "sidebarInvitations": "Invitations", + "sidebarRoles": "Roles", + "sidebarShareableLinks": "Shareable Links", + "sidebarApiKeys": "API Keys", + "sidebarSettings": "Settings", + "sidebarAllUsers": "All Users", + "sidebarIdentityProviders": "Identity Providers", + "sidebarLicense": "License", + "sidebarClients": "Clients (Beta)", + "sidebarDomains": "Domains", + "enableDockerSocket": "Enable Docker Socket", + "enableDockerSocketDescription": "Enable Docker Socket discovery for populating container information. Socket path must be provided to Newt.", + "enableDockerSocketLink": "Learn More", + "viewDockerContainers": "View Docker Containers", + "containersIn": "Containers in {siteName}", + "selectContainerDescription": "Select any container to use as a hostname for this target. Click a port to use a port.", + "containerName": "Name", + "containerImage": "Image", + "containerState": "State", + "containerNetworks": "Networks", + "containerHostnameIp": "Hostname/IP", + "containerLabels": "Labels", + "containerLabelsCount": "{count, plural, one {# label} other {# labels}}", + "containerLabelsTitle": "Container Labels", + "containerLabelEmpty": "", + "containerPorts": "Ports", + "containerPortsMore": "+{count} more", + "containerActions": "Actions", + "select": "Select", + "noContainersMatchingFilters": "No containers found matching the current filters.", + "showContainersWithoutPorts": "Show containers without ports", + "showStoppedContainers": "Show stopped containers", + "noContainersFound": "No containers found. Make sure Docker containers are running.", + "searchContainersPlaceholder": "Search across {count} containers...", + "searchResultsCount": "{count, plural, one {# result} other {# results}}", + "filters": "Filters", + "filterOptions": "Filter Options", + "filterPorts": "Ports", + "filterStopped": "Stopped", + "clearAllFilters": "Clear all filters", + "columns": "Columns", + "toggleColumns": "Toggle Columns", + "refreshContainersList": "Refresh containers list", + "searching": "Searching...", + "noContainersFoundMatching": "No containers found matching \"{filter}\".", + "light": "light", + "dark": "dark", + "system": "system", + "theme": "Theme", + "subnetRequired": "Subnet is required", + "initialSetupTitle": "Initial Server Setup", + "initialSetupDescription": "Create the intial server admin account. Only one server admin can exist. You can always change these credentials later.", + "createAdminAccount": "Create Admin Account", + "setupErrorCreateAdmin": "An error occurred while creating the server admin account.", + "certificateStatus": "Certificate Status", + "loading": "Loading", + "restart": "Restart", + "domains": "Domains", + "domainsDescription": "Manage domains for your organization", + "domainsSearch": "Search domains...", + "domainAdd": "Add Domain", + "domainAddDescription": "Register a new domain with your organization", + "domainCreate": "Create Domain", + "domainCreatedDescription": "Domain created successfully", + "domainDeletedDescription": "Domain deleted successfully", + "domainQuestionRemove": "Are you sure you want to remove the domain {domain} from your account?", + "domainMessageRemove": "Once removed, the domain will no longer be associated with your account.", + "domainMessageConfirm": "To confirm, please type the domain name below.", + "domainConfirmDelete": "Confirm Delete Domain", + "domainDelete": "Delete Domain", + "domain": "Domain", + "selectDomainTypeNsName": "Domain Delegation (NS)", + "selectDomainTypeNsDescription": "This domain and all its subdomains. Use this when you want to control an entire domain zone.", + "selectDomainTypeCnameName": "Single Domain (CNAME)", + "selectDomainTypeCnameDescription": "Just this specific domain. Use this for individual subdomains or specific domain entries.", + "selectDomainTypeWildcardName": "Wildcard Domain", + "selectDomainTypeWildcardDescription": "This domain and its subdomains.", + "domainDelegation": "Single Domain", + "selectType": "Select a type", + "actions": "Actions", + "refresh": "Refresh", + "refreshError": "Failed to refresh data", + "verified": "Verified", + "pending": "Pending", + "sidebarBilling": "Billing", + "billing": "Billing", + "orgBillingDescription": "Manage your billing information and subscriptions", + "github": "GitHub", + "pangolinHosted": "Pangolin Hosted", + "fossorial": "Fossorial", + "completeAccountSetup": "Complete Account Setup", + "completeAccountSetupDescription": "Set your password to get started", + "accountSetupSent": "We'll send an account setup code to this email address.", + "accountSetupCode": "Setup Code", + "accountSetupCodeDescription": "Check your email for the setup code.", + "passwordCreate": "Create Password", + "passwordCreateConfirm": "Confirm Password", + "accountSetupSubmit": "Send Setup Code", + "completeSetup": "Complete Setup", + "accountSetupSuccess": "Account setup completed! Welcome to Pangolin!", + "documentation": "Documentation", + "saveAllSettings": "Save All Settings", + "settingsUpdated": "Settings updated", + "settingsUpdatedDescription": "All settings have been updated successfully", + "settingsErrorUpdate": "Failed to update settings", + "settingsErrorUpdateDescription": "An error occurred while updating settings", + "sidebarCollapse": "Collapse", + "sidebarExpand": "Expand", + "newtUpdateAvailable": "Update Available", + "newtUpdateAvailableInfo": "A new version of Newt is available. Please update to the latest version for the best experience.", + "domainPickerEnterDomain": "Domain", + "domainPickerPlaceholder": "myapp.example.com, api.v1.mydomain.com, or just myapp", + "domainPickerDescription": "Enter the full domain of the resource to see available options.", + "domainPickerDescriptionSaas": "Enter a full domain, subdomain, or just a name to see available options", + "domainPickerTabAll": "All", + "domainPickerTabOrganization": "Organization", + "domainPickerTabProvided": "Provided", + "domainPickerSortAsc": "A-Z", + "domainPickerSortDesc": "Z-A", + "domainPickerCheckingAvailability": "Checking availability...", + "domainPickerNoMatchingDomains": "No matching domains found. Try a different domain or check your organization's domain settings.", + "domainPickerOrganizationDomains": "Organization Domains", + "domainPickerProvidedDomains": "Provided Domains", + "domainPickerSubdomain": "Subdomain: {subdomain}", + "domainPickerNamespace": "Namespace: {namespace}", + "domainPickerShowMore": "Show More", + "domainNotFound": "Domain Not Found", + "domainNotFoundDescription": "This resource is disabled because the domain no longer exists our system. Please set a new domain for this resource.", + "failed": "Failed", + "createNewOrgDescription": "Create a new organization", + "organization": "Organization", + "port": "Port", + "securityKeyManage": "Manage Security Keys", + "securityKeyDescription": "Add or remove security keys for passwordless authentication", + "securityKeyRegister": "Register New Security Key", + "securityKeyList": "Your Security Keys", + "securityKeyNone": "No security keys registered yet", + "securityKeyNameRequired": "Name is required", + "securityKeyRemove": "Remove", + "securityKeyLastUsed": "Last used: {date}", + "securityKeyNameLabel": "Security Key Name", + "securityKeyRegisterSuccess": "Security key registered successfully", + "securityKeyRegisterError": "Failed to register security key", + "securityKeyRemoveSuccess": "Security key removed successfully", + "securityKeyRemoveError": "Failed to remove security key", + "securityKeyLoadError": "Failed to load security keys", + "securityKeyLogin": "Continue with security key", + "securityKeyAuthError": "Failed to authenticate with security key", + "securityKeyRecommendation": "Register a backup security key on another device to ensure you always have access to your account.", + "registering": "Registering...", + "securityKeyPrompt": "Please verify your identity using your security key. Make sure your security key is connected and ready.", + "securityKeyBrowserNotSupported": "Your browser doesn't support security keys. Please use a modern browser like Chrome, Firefox, or Safari.", + "securityKeyPermissionDenied": "Please allow access to your security key to continue signing in.", + "securityKeyRemovedTooQuickly": "Please keep your security key connected until the sign-in process completes.", + "securityKeyNotSupported": "Your security key may not be compatible. Please try a different security key.", + "securityKeyUnknownError": "There was a problem using your security key. Please try again.", + "twoFactorRequired": "Two-factor authentication is required to register a security key.", + "twoFactor": "Two-Factor Authentication", + "adminEnabled2FaOnYourAccount": "Your administrator has enabled two-factor authentication for {email}. Please complete the setup process to continue.", + "continueToApplication": "Continue to Application", + "securityKeyAdd": "Add Security Key", + "securityKeyRegisterTitle": "Register New Security Key", + "securityKeyRegisterDescription": "Connect your security key and enter a name to identify it", + "securityKeyTwoFactorRequired": "Two-Factor Authentication Required", + "securityKeyTwoFactorDescription": "Please enter your two-factor authentication code to register the security key", + "securityKeyTwoFactorRemoveDescription": "Please enter your two-factor authentication code to remove the security key", + "securityKeyTwoFactorCode": "Two-Factor Code", + "securityKeyRemoveTitle": "Remove Security Key", + "securityKeyRemoveDescription": "Enter your password to remove the security key \"{name}\"", + "securityKeyNoKeysRegistered": "No security keys registered", + "securityKeyNoKeysDescription": "Add a security key to enhance your account security", + "createDomainRequired": "Domain is required", + "createDomainAddDnsRecords": "Add DNS Records", + "createDomainAddDnsRecordsDescription": "Add the following DNS records to your domain provider to complete the setup.", + "createDomainNsRecords": "NS Records", + "createDomainRecord": "Record", + "createDomainType": "Type:", + "createDomainName": "Name:", + "createDomainValue": "Value:", + "createDomainCnameRecords": "CNAME Records", + "createDomainARecords": "A Records", + "createDomainRecordNumber": "Record {number}", + "createDomainTxtRecords": "TXT Records", + "createDomainSaveTheseRecords": "Save These Records", + "createDomainSaveTheseRecordsDescription": "Make sure to save these DNS records as you will not see them again.", + "createDomainDnsPropagation": "DNS Propagation", + "createDomainDnsPropagationDescription": "DNS changes may take some time to propagate across the internet. This can take anywhere from a few minutes to 48 hours, depending on your DNS provider and TTL settings.", + "resourcePortRequired": "Port number is required for non-HTTP resources", + "resourcePortNotAllowed": "Port number should not be set for HTTP resources", + "signUpTerms": { + "IAgreeToThe": "I agree to the", + "termsOfService": "terms of service", + "and": "and", + "privacyPolicy": "privacy policy" + }, + "siteRequired": "Site is required.", + "olmTunnel": "Olm Tunnel", + "olmTunnelDescription": "Use Olm for client connectivity", + "errorCreatingClient": "Error creating client", + "clientDefaultsNotFound": "Client defaults not found", + "createClient": "Create Client", + "createClientDescription": "Create a new client for connecting to your sites", + "seeAllClients": "See All Clients", + "clientInformation": "Client Information", + "clientNamePlaceholder": "Client name", + "address": "Address", + "subnetPlaceholder": "Subnet", + "addressDescription": "The address that this client will use for connectivity", + "selectSites": "Select sites", + "sitesDescription": "The client will have connectivity to the selected sites", + "clientInstallOlm": "Install Olm", + "clientInstallOlmDescription": "Get Olm running on your system", + "clientOlmCredentials": "Olm Credentials", + "clientOlmCredentialsDescription": "This is how Olm will authenticate with the server", + "olmEndpoint": "Olm Endpoint", + "olmId": "Olm ID", + "olmSecretKey": "Olm Secret Key", + "clientCredentialsSave": "Save Your Credentials", + "clientCredentialsSaveDescription": "You will only be able to see this once. Make sure to copy it to a secure place.", + "generalSettingsDescription": "Configure the general settings for this client", + "clientUpdated": "Client updated", + "clientUpdatedDescription": "The client has been updated.", + "clientUpdateFailed": "Failed to update client", + "clientUpdateError": "An error occurred while updating the client.", + "sitesFetchFailed": "Failed to fetch sites", + "sitesFetchError": "An error occurred while fetching sites.", + "olmErrorFetchReleases": "An error occurred while fetching Olm releases.", + "olmErrorFetchLatest": "An error occurred while fetching the latest Olm release.", + "remoteSubnets": "Remote Subnets", + "enterCidrRange": "Enter CIDR range", + "remoteSubnetsDescription": "Add CIDR ranges that can be accessed from this site remotely using clients. Use format like 10.0.0.0/24. This ONLY applies to VPN client connectivity.", + "resourceEnableProxy": "Enable Public Proxy", + "resourceEnableProxyDescription": "Enable public proxying to this resource. This allows access to the resource from outside the network through the cloud on an open port. Requires Traefik config.", + "externalProxyEnabled": "External Proxy Enabled", + "addNewTarget": "Add New Target", + "targetsList": "Targets List", + "targetErrorDuplicateTargetFound": "Duplicate target found", + "httpMethod": "HTTP Method", + "selectHttpMethod": "Select HTTP method", + "domainPickerSubdomainLabel": "Subdomain", + "domainPickerBaseDomainLabel": "Base Domain", + "domainPickerSearchDomains": "Search domains...", + "domainPickerNoDomainsFound": "No domains found", + "domainPickerLoadingDomains": "Loading domains...", + "domainPickerSelectBaseDomain": "Select base domain...", + "domainPickerNotAvailableForCname": "Not available for CNAME domains", + "domainPickerEnterSubdomainOrLeaveBlank": "Enter subdomain or leave blank to use base domain.", + "domainPickerEnterSubdomainToSearch": "Enter a subdomain to search and select from available free domains.", + "domainPickerFreeDomains": "Free Domains", + "domainPickerSearchForAvailableDomains": "Search for available domains", + "resourceDomain": "Domain", + "resourceEditDomain": "Edit Domain", + "siteName": "Site Name", + "proxyPort": "Port", + "resourcesTableProxyResources": "Proxy Resources", + "resourcesTableClientResources": "Client Resources", + "resourcesTableNoProxyResourcesFound": "No proxy resources found.", + "resourcesTableNoInternalResourcesFound": "No internal resources found.", + "resourcesTableDestination": "Destination", + "resourcesTableTheseResourcesForUseWith": "These resources are for use with", + "resourcesTableClients": "Clients", + "resourcesTableAndOnlyAccessibleInternally": "and are only accessible internally when connected with a client.", + "editInternalResourceDialogEditClientResource": "Edit Client Resource", + "editInternalResourceDialogUpdateResourceProperties": "Update the resource properties and target configuration for {resourceName}.", + "editInternalResourceDialogResourceProperties": "Resource Properties", + "editInternalResourceDialogName": "Name", + "editInternalResourceDialogProtocol": "Protocol", + "editInternalResourceDialogSitePort": "Site Port", + "editInternalResourceDialogTargetConfiguration": "Target Configuration", + "editInternalResourceDialogDestinationIP": "Destination IP", + "editInternalResourceDialogDestinationPort": "Destination Port", + "editInternalResourceDialogCancel": "Cancel", + "editInternalResourceDialogSaveResource": "Save Resource", + "editInternalResourceDialogSuccess": "Success", + "editInternalResourceDialogInternalResourceUpdatedSuccessfully": "Internal resource updated successfully", + "editInternalResourceDialogError": "Error", + "editInternalResourceDialogFailedToUpdateInternalResource": "Failed to update internal resource", + "editInternalResourceDialogNameRequired": "Name is required", + "editInternalResourceDialogNameMaxLength": "Name must be less than 255 characters", + "editInternalResourceDialogProxyPortMin": "Proxy port must be at least 1", + "editInternalResourceDialogProxyPortMax": "Proxy port must be less than 65536", + "editInternalResourceDialogInvalidIPAddressFormat": "Invalid IP address format", + "editInternalResourceDialogDestinationPortMin": "Destination port must be at least 1", + "editInternalResourceDialogDestinationPortMax": "Destination port must be less than 65536", + "createInternalResourceDialogNoSitesAvailable": "No Sites Available", + "createInternalResourceDialogNoSitesAvailableDescription": "You need to have at least one Newt site with a subnet configured to create internal resources.", + "createInternalResourceDialogClose": "Close", + "createInternalResourceDialogCreateClientResource": "Create Client Resource", + "createInternalResourceDialogCreateClientResourceDescription": "Create a new resource that will be accessible to clients connected to the selected site.", + "createInternalResourceDialogResourceProperties": "Resource Properties", + "createInternalResourceDialogName": "Name", + "createInternalResourceDialogSite": "Site", + "createInternalResourceDialogSelectSite": "Select site...", + "createInternalResourceDialogSearchSites": "Search sites...", + "createInternalResourceDialogNoSitesFound": "No sites found.", + "createInternalResourceDialogProtocol": "Protocol", + "createInternalResourceDialogTcp": "TCP", + "createInternalResourceDialogUdp": "UDP", + "createInternalResourceDialogSitePort": "Site Port", + "createInternalResourceDialogSitePortDescription": "Use this port to access the resource on the site when connected with a client.", + "createInternalResourceDialogTargetConfiguration": "Target Configuration", + "createInternalResourceDialogDestinationIP": "Destination IP", + "createInternalResourceDialogDestinationIPDescription": "The IP address of the resource on the site's network.", + "createInternalResourceDialogDestinationPort": "Destination Port", + "createInternalResourceDialogDestinationPortDescription": "The port on the destination IP where the resource is accessible.", + "createInternalResourceDialogCancel": "Cancel", + "createInternalResourceDialogCreateResource": "Create Resource", + "createInternalResourceDialogSuccess": "Success", + "createInternalResourceDialogInternalResourceCreatedSuccessfully": "Internal resource created successfully", + "createInternalResourceDialogError": "Error", + "createInternalResourceDialogFailedToCreateInternalResource": "Failed to create internal resource", + "createInternalResourceDialogNameRequired": "Name is required", + "createInternalResourceDialogNameMaxLength": "Name must be less than 255 characters", + "createInternalResourceDialogPleaseSelectSite": "Please select a site", + "createInternalResourceDialogProxyPortMin": "Proxy port must be at least 1", + "createInternalResourceDialogProxyPortMax": "Proxy port must be less than 65536", + "createInternalResourceDialogInvalidIPAddressFormat": "Invalid IP address format", + "createInternalResourceDialogDestinationPortMin": "Destination port must be at least 1", + "createInternalResourceDialogDestinationPortMax": "Destination port must be less than 65536", + "siteConfiguration": "Configuration", + "siteAcceptClientConnections": "Accept Client Connections", + "siteAcceptClientConnectionsDescription": "Allow other devices to connect through this Newt instance as a gateway using clients.", + "siteAddress": "Site Address", + "siteAddressDescription": "Specify the IP address of the host for clients to connect to. This is the internal address of the site in the Pangolin network for clients to address. Must fall within the Org subnet.", + "autoLoginExternalIdp": "Auto Login with External IDP", + "autoLoginExternalIdpDescription": "Immediately redirect the user to the external IDP for authentication.", + "selectIdp": "Select IDP", + "selectIdpPlaceholder": "Choose an IDP...", + "selectIdpRequired": "Please select an IDP when auto login is enabled.", + "autoLoginTitle": "Redirecting", + "autoLoginDescription": "Redirecting you to the external identity provider for authentication.", + "autoLoginProcessing": "Preparing authentication...", + "autoLoginRedirecting": "Redirecting to login...", + "autoLoginError": "Auto Login Error", + "autoLoginErrorNoRedirectUrl": "No redirect URL received from the identity provider.", + "autoLoginErrorGeneratingUrl": "Failed to generate authentication URL.", + "managedSelfHosted": { + "title": "Managed Self-Hosted", + "description": "More reliable and low-maintenance self-hosted Pangolin server with extra bells and whistles", + "introTitle": "Managed Self-Hosted Pangolin", + "introDescription": "is a deployment option designed for people who want simplicity and extra reliability while still keeping their data private and self-hosted.", + "introDetail": "With this option, you still run your own Pangolin node — your tunnels, SSL termination, and traffic all stay on your server. The difference is that management and monitoring are handled through our cloud dashboard, which unlocks a number of benefits:", + "benefitSimplerOperations": { + "title": "Simpler operations", + "description": "No need to run your own mail server or set up complex alerting. You'll get health checks and downtime alerts out of the box." + }, + "benefitAutomaticUpdates": { + "title": "Automatic updates", + "description": "The cloud dashboard evolves quickly, so you get new features and bug fixes without having to manually pull new containers every time." + }, + "benefitLessMaintenance": { + "title": "Less maintenance", + "description": "No database migrations, backups, or extra infrastructure to manage. We handle that in the cloud." + }, + "benefitCloudFailover": { + "title": "Cloud failover", + "description": "If your node goes down, your tunnels can temporarily fail over to our cloud points of presence until you bring it back online." + }, + "benefitHighAvailability": { + "title": "High availability (PoPs)", + "description": "You can also attach multiple nodes to your account for redundancy and better performance." + }, + "benefitFutureEnhancements": { + "title": "Future enhancements", + "description": "We're planning to add more analytics, alerting, and management tools to make your deployment even more robust." + }, + "docsAlert": { + "text": "Learn more about the Managed Self-Hosted option in our", + "documentation": "documentation" + }, + "convertButton": "Convert This Node to Managed Self-Hosted" + }, + "internationaldomaindetected": "International Domain Detected", + "willbestoredas": "Will be stored as:" +} diff --git a/messages/es-ES.json b/messages/es-ES.json new file mode 100644 index 00000000..fe8c52d1 --- /dev/null +++ b/messages/es-ES.json @@ -0,0 +1,1500 @@ +{ + "setupCreate": "Crea tu organización, sitio y recursos", + "setupNewOrg": "Nueva organización", + "setupCreateOrg": "Crear organización", + "setupCreateResources": "Crear Recursos", + "setupOrgName": "Nombre de la organización", + "orgDisplayName": "Este es el nombre mostrado de su organización.", + "orgId": "ID de la organización", + "setupIdentifierMessage": "Este es el identificador único para su organización. Esto es independiente del nombre de la pantalla.", + "setupErrorIdentifier": "El ID de la organización ya está en uso. Por favor, elija uno diferente.", + "componentsErrorNoMemberCreate": "Actualmente no eres miembro de ninguna organización. Crea una organización para empezar.", + "componentsErrorNoMember": "Actualmente no eres miembro de ninguna organización.", + "welcome": "Bienvenido a Pangolin", + "welcomeTo": "Bienvenido a", + "componentsCreateOrg": "Crear una organización", + "componentsMember": "Eres un miembro de {count, plural, =0 {ninguna organización} one {una organización} other {# organizaciones}}.", + "componentsInvalidKey": "Se han detectado claves de licencia inválidas o caducadas. Siga los términos de licencia para seguir usando todas las características.", + "dismiss": "Descartar", + "componentsLicenseViolation": "Violación de la Licencia: Este servidor está usando sitios {usedSites} que exceden su límite de licencias de sitios {maxSites} . Siga los términos de licencia para seguir usando todas las características.", + "componentsSupporterMessage": "¡Gracias por apoyar a Pangolin como {tier}!", + "inviteErrorNotValid": "Lo sentimos, pero parece que la invitación a la que intentas acceder no ha sido aceptada o ya no es válida.", + "inviteErrorUser": "Lo sentimos, pero parece que la invitación a la que intentas acceder no es para este usuario.", + "inviteLoginUser": "Por favor, asegúrese de que ha iniciado sesión como el usuario correcto.", + "inviteErrorNoUser": "Lo sentimos, pero parece que la invitación a la que intentas acceder no es para un usuario que existe.", + "inviteCreateUser": "Por favor, cree una cuenta primero.", + "goHome": "Ir a casa", + "inviteLogInOtherUser": "Iniciar sesión como un usuario diferente", + "createAnAccount": "Crear una cuenta", + "inviteNotAccepted": "Invitación no aceptada", + "authCreateAccount": "Crear una cuenta para empezar", + "authNoAccount": "¿No tienes una cuenta?", + "email": "E-mail", + "password": "Contraseña", + "confirmPassword": "Confirmar contraseña", + "createAccount": "Crear cuenta", + "viewSettings": "Ver ajustes", + "delete": "Eliminar", + "name": "Nombre", + "online": "En línea", + "offline": "Desconectado", + "site": "Sitio", + "dataIn": "Datos en", + "dataOut": "Datos Fuentes", + "connectionType": "Tipo de conexión", + "tunnelType": "Tipo de túnel", + "local": "Local", + "edit": "Editar", + "siteConfirmDelete": "Confirmar Borrar Sitio", + "siteDelete": "Eliminar sitio", + "siteMessageRemove": "Una vez eliminado, el sitio ya no será accesible. Todos los recursos y objetivos asociados con el sitio también serán eliminados.", + "siteMessageConfirm": "Para confirmar, por favor escriba el nombre del sitio a continuación.", + "siteQuestionRemove": "¿Está seguro de que desea eliminar el sitio {selectedSite} de la organización?", + "siteManageSites": "Administrar Sitios", + "siteDescription": "Permitir conectividad a tu red a través de túneles seguros", + "siteCreate": "Crear sitio", + "siteCreateDescription2": "Siga los pasos siguientes para crear y conectar un nuevo sitio", + "siteCreateDescription": "Crear un nuevo sitio para comenzar a conectar sus recursos", + "close": "Cerrar", + "siteErrorCreate": "Error al crear el sitio", + "siteErrorCreateKeyPair": "Por defecto no se encuentra el par de claves o el sitio", + "siteErrorCreateDefaults": "Sitio por defecto no encontrado", + "method": "Método", + "siteMethodDescription": "Así es como se expondrán las conexiones.", + "siteLearnNewt": "Aprende cómo instalar Newt en tu sistema", + "siteSeeConfigOnce": "Sólo podrá ver la configuración una vez.", + "siteLoadWGConfig": "Cargando configuración de WireGuard...", + "siteDocker": "Expandir para detalles de despliegue de Docker", + "toggle": "Cambiar", + "dockerCompose": "Componer Docker", + "dockerRun": "Docker Run", + "siteLearnLocal": "Los sitios locales no tienen túnel, aprender más", + "siteConfirmCopy": "He copiado la configuración", + "searchSitesProgress": "Buscar sitios...", + "siteAdd": "Añadir sitio", + "siteInstallNewt": "Instalar Newt", + "siteInstallNewtDescription": "Recibe Newt corriendo en tu sistema", + "WgConfiguration": "Configuración de Wirex Guard", + "WgConfigurationDescription": "Utilice la siguiente configuración para conectarse a su red", + "operatingSystem": "Sistema operativo", + "commands": "Comandos", + "recommended": "Recomendado", + "siteNewtDescription": "Para la mejor experiencia de usuario, utilice Newt. Utiliza Wirex Guard bajo la capa y te permite dirigirte a tus recursos privados mediante su dirección LAN en tu red privada desde el panel de control de Pangolin.", + "siteRunsInDocker": "Ejecutar en Docker", + "siteRunsInShell": "Ejecuta en el shell en macOS, Linux y Windows", + "siteErrorDelete": "Error al eliminar el sitio", + "siteErrorUpdate": "Error al actualizar el sitio", + "siteErrorUpdateDescription": "Se ha producido un error al actualizar el sitio.", + "siteUpdated": "Sitio actualizado", + "siteUpdatedDescription": "El sitio ha sido actualizado.", + "siteGeneralDescription": "Configurar la configuración general de este sitio", + "siteSettingDescription": "Configurar la configuración de su sitio", + "siteSetting": "Ajustes {siteName}", + "siteNewtTunnel": "Túnel Nuevo (Recomendado)", + "siteNewtTunnelDescription": "La forma más fácil de crear un punto de entrada en tu red. Sin configuración adicional.", + "siteWg": "Wirex Guardia Básica", + "siteWgDescription": "Utilice cualquier cliente Wirex Guard para establecer un túnel. Se requiere una configuración manual de NAT.", + "siteWgDescriptionSaas": "Utilice cualquier cliente de WireGuard para establecer un túnel. Se requiere configuración manual de NAT. SOLO FUNCIONA EN NODOS AUTOGESTIONADOS", + "siteLocalDescription": "Solo recursos locales. Sin túneles.", + "siteLocalDescriptionSaas": "Solo recursos locales. Sin túneles. SOLO FUNCIONA EN NODOS AUTOGESTIONADOS", + "siteSeeAll": "Ver todos los sitios", + "siteTunnelDescription": "Determina cómo quieres conectarte a tu sitio", + "siteNewtCredentials": "Credenciales nuevas", + "siteNewtCredentialsDescription": "Así es como Newt se autentificará con el servidor", + "siteCredentialsSave": "Guarda tus credenciales", + "siteCredentialsSaveDescription": "Sólo podrás verlo una vez. Asegúrate de copiarlo a un lugar seguro.", + "siteInfo": "Información del sitio", + "status": "Estado", + "shareTitle": "Administrar Enlaces de Compartir", + "shareDescription": "Crear enlaces compartidos para conceder acceso temporal o permanente a tus recursos", + "shareSearch": "Buscar enlaces compartidos...", + "shareCreate": "Crear enlace Compartir", + "shareErrorDelete": "Error al eliminar el enlace", + "shareErrorDeleteMessage": "Se ha producido un error al eliminar el enlace", + "shareDeleted": "Enlace eliminado", + "shareDeletedDescription": "El enlace ha sido eliminado", + "shareTokenDescription": "Su token de acceso puede ser pasado de dos maneras: como parámetro de consulta o en las cabeceras de solicitud. Estos deben ser pasados del cliente en cada solicitud de acceso autenticado.", + "accessToken": "Token de acceso", + "usageExamples": "Ejemplos de uso", + "tokenId": "ID de token", + "requestHeades": "Solicitar cabeceras", + "queryParameter": "Parámetro de consulta", + "importantNote": "Nota Importante", + "shareImportantDescription": "Por razones de seguridad, el uso de cabeceras se recomienda sobre parámetros de consulta cuando sea posible, ya que los parámetros de consulta pueden ser registrados en los registros del servidor o en el historial del navegador.", + "token": "Token", + "shareTokenSecurety": "Mantenga su token de acceso seguro. No lo comparta en áreas de acceso público o código del lado del cliente.", + "shareErrorFetchResource": "No se pudo obtener recursos", + "shareErrorFetchResourceDescription": "Se ha producido un error al recuperar los recursos", + "shareErrorCreate": "Error al crear el enlace compartir", + "shareErrorCreateDescription": "Se ha producido un error al crear el enlace compartido", + "shareCreateDescription": "Cualquiera con este enlace puede acceder al recurso", + "shareTitleOptional": "Título (opcional)", + "expireIn": "Caduca en", + "neverExpire": "Nunca expirar", + "shareExpireDescription": "El tiempo de caducidad es cuánto tiempo el enlace será utilizable y proporcionará acceso al recurso. Después de este tiempo, el enlace ya no funcionará, y los usuarios que usaron este enlace perderán el acceso al recurso.", + "shareSeeOnce": "Sólo podrá ver este enlace una vez. Asegúrese de copiarlo.", + "shareAccessHint": "Cualquiera con este enlace puede acceder al recurso. Compártelo con cuidado.", + "shareTokenUsage": "Ver Uso de Token de Acceso", + "createLink": "Crear enlace", + "resourcesNotFound": "No se encontraron recursos", + "resourceSearch": "Buscar recursos", + "openMenu": "Abrir menú", + "resource": "Recurso", + "title": "Título", + "created": "Creado", + "expires": "Caduca", + "never": "Nunca", + "shareErrorSelectResource": "Por favor, seleccione un recurso", + "resourceTitle": "Administrar recursos", + "resourceDescription": "Crea proxies seguros para tus aplicaciones privadas", + "resourcesSearch": "Buscar recursos...", + "resourceAdd": "Añadir Recurso", + "resourceErrorDelte": "Error al eliminar el recurso", + "authentication": "Autenticación", + "protected": "Protegido", + "notProtected": "No protegido", + "resourceMessageRemove": "Una vez eliminado, el recurso ya no será accesible. Todos los objetivos asociados con el recurso también serán eliminados.", + "resourceMessageConfirm": "Para confirmar, por favor escriba el nombre del recurso a continuación.", + "resourceQuestionRemove": "¿Está seguro de que desea eliminar el recurso {selectedResource} de la organización?", + "resourceHTTP": "HTTPS Recurso", + "resourceHTTPDescription": "Solicitudes de proxy a tu aplicación sobre HTTPS usando un subdominio o dominio base.", + "resourceRaw": "Recurso TCP/UDP sin procesar", + "resourceRawDescription": "Solicitudes de proxy a tu aplicación a través de TCP/UDP usando un número de puerto.", + "resourceCreate": "Crear Recurso", + "resourceCreateDescription": "Siga los siguientes pasos para crear un nuevo recurso", + "resourceSeeAll": "Ver todos los recursos", + "resourceInfo": "Información del recurso", + "resourceNameDescription": "Este es el nombre para mostrar el recurso.", + "siteSelect": "Seleccionar sitio", + "siteSearch": "Buscar sitio", + "siteNotFound": "Sitio no encontrado.", + "siteSelectionDescription": "Este sitio proporcionará conectividad al objetivo.", + "resourceType": "Tipo de recurso", + "resourceTypeDescription": "Determina cómo quieres acceder a tu recurso", + "resourceHTTPSSettings": "Configuración HTTPS", + "resourceHTTPSSettingsDescription": "Configurar cómo se accederá a tu recurso a través de HTTPS", + "domainType": "Tipo de dominio", + "subdomain": "Subdominio", + "baseDomain": "Dominio base", + "subdomnainDescription": "El subdominio al que su recurso será accesible.", + "resourceRawSettings": "Configuración TCP/UDP", + "resourceRawSettingsDescription": "Configurar cómo se accederá a su recurso a través de TCP/UDP", + "protocol": "Protocolo", + "protocolSelect": "Seleccionar un protocolo", + "resourcePortNumber": "Número de puerto", + "resourcePortNumberDescription": "El número de puerto externo a las solicitudes de proxy.", + "cancel": "Cancelar", + "resourceConfig": "Fragmentos de configuración", + "resourceConfigDescription": "Copia y pega estos fragmentos de configuración para configurar tu recurso TCP/UDP", + "resourceAddEntrypoints": "Traefik: Añadir puntos de entrada", + "resourceExposePorts": "Gerbil: Exponer puertos en Docker Compose", + "resourceLearnRaw": "Aprende cómo configurar los recursos TCP/UDP", + "resourceBack": "Volver a Recursos", + "resourceGoTo": "Ir a Recurso", + "resourceDelete": "Eliminar Recurso", + "resourceDeleteConfirm": "Confirmar Borrar Recurso", + "visibility": "Visibilidad", + "enabled": "Activado", + "disabled": "Deshabilitado", + "general": "General", + "generalSettings": "Configuración General", + "proxy": "Proxy", + "internal": "Interno", + "rules": "Reglas", + "resourceSettingDescription": "Configure la configuración de su recurso", + "resourceSetting": "Ajustes {resourceName}", + "alwaysAllow": "Permitir siempre", + "alwaysDeny": "Denegar siempre", + "passToAuth": "Pasar a Autenticación", + "orgSettingsDescription": "Configurar la configuración general de su organización", + "orgGeneralSettings": "Configuración de la organización", + "orgGeneralSettingsDescription": "Administra los detalles y la configuración de tu organización", + "saveGeneralSettings": "Guardar ajustes generales", + "saveSettings": "Guardar ajustes", + "orgDangerZone": "Zona de peligro", + "orgDangerZoneDescription": "Una vez que elimines este órgano, no hay vuelta atrás. Por favor, asegúrate de ello.", + "orgDelete": "Eliminar organización", + "orgDeleteConfirm": "Confirmar eliminación de organización", + "orgMessageRemove": "Esta acción es irreversible y eliminará todos los datos asociados.", + "orgMessageConfirm": "Para confirmar, por favor escriba el nombre de la organización a continuación.", + "orgQuestionRemove": "¿Está seguro que desea eliminar la organización {selectedOrg}?", + "orgUpdated": "Organización actualizada", + "orgUpdatedDescription": "La organización ha sido actualizada.", + "orgErrorUpdate": "Error al actualizar la organización", + "orgErrorUpdateMessage": "Se ha producido un error al actualizar la organización.", + "orgErrorFetch": "Error al recuperar organizaciones", + "orgErrorFetchMessage": "Se ha producido un error al listar sus organizaciones", + "orgErrorDelete": "Error al eliminar la organización", + "orgErrorDeleteMessage": "Se ha producido un error al eliminar la organización.", + "orgDeleted": "Organización eliminada", + "orgDeletedMessage": "La organización y sus datos han sido eliminados.", + "orgMissing": "Falta el ID de la organización", + "orgMissingMessage": "No se puede regenerar la invitación sin el ID de la organización.", + "accessUsersManage": "Administrar usuarios", + "accessUsersDescription": "Invitar usuarios y añadirlos a roles para administrar el acceso a su organización", + "accessUsersSearch": "Buscar usuarios...", + "accessUserCreate": "Crear usuario", + "accessUserRemove": "Eliminar usuario", + "username": "Usuario", + "identityProvider": "Proveedor de identidad", + "role": "Rol", + "nameRequired": "Se requiere nombre", + "accessRolesManage": "Administrar roles", + "accessRolesDescription": "Configurar roles para administrar el acceso a su organización", + "accessRolesSearch": "Buscar roles...", + "accessRolesAdd": "Añadir rol", + "accessRoleDelete": "Eliminar rol", + "description": "Descripción", + "inviteTitle": "Invitaciones abiertas", + "inviteDescription": "Administra tus invitaciones a otros usuarios", + "inviteSearch": "Buscar invitaciones...", + "minutes": "Minutos", + "hours": "Horas", + "days": "Días", + "weeks": "Semanas", + "months": "Meses", + "years": "Años", + "day": "{count, plural, one {# día} other {# días}}", + "apiKeysTitle": "Información de Clave API", + "apiKeysConfirmCopy2": "Debes confirmar que has copiado la clave API.", + "apiKeysErrorCreate": "Error al crear la clave API", + "apiKeysErrorSetPermission": "Error al establecer permisos", + "apiKeysCreate": "Generar clave API", + "apiKeysCreateDescription": "Generar una nueva clave API para su organización", + "apiKeysGeneralSettings": "Permisos", + "apiKeysGeneralSettingsDescription": "Determinar qué puede hacer esta clave API", + "apiKeysList": "Tu clave API", + "apiKeysSave": "Guarda tu clave API", + "apiKeysSaveDescription": "Sólo podrás verlo una vez. Asegúrate de copiarlo a un lugar seguro.", + "apiKeysInfo": "Tu clave API es:", + "apiKeysConfirmCopy": "He copiado la clave API", + "generate": "Generar", + "done": "Hecho", + "apiKeysSeeAll": "Ver todas las claves API", + "apiKeysPermissionsErrorLoadingActions": "Error al cargar las acciones clave API", + "apiKeysPermissionsErrorUpdate": "Error al establecer permisos", + "apiKeysPermissionsUpdated": "Permisos actualizados", + "apiKeysPermissionsUpdatedDescription": "Los permisos han sido actualizados.", + "apiKeysPermissionsGeneralSettings": "Permisos", + "apiKeysPermissionsGeneralSettingsDescription": "Determinar qué puede hacer esta clave API", + "apiKeysPermissionsSave": "Guardar permisos", + "apiKeysPermissionsTitle": "Permisos", + "apiKeys": "Claves API", + "searchApiKeys": "Buscar claves API...", + "apiKeysAdd": "Generar clave API", + "apiKeysErrorDelete": "Error al eliminar la clave API", + "apiKeysErrorDeleteMessage": "Error al eliminar la clave API", + "apiKeysQuestionRemove": "¿Está seguro de que desea eliminar la clave de API {selectedApiKey} de la organización?", + "apiKeysMessageRemove": "Una vez eliminada, la clave API ya no podrá ser utilizada.", + "apiKeysMessageConfirm": "Para confirmar, por favor escriba el nombre de la clave API a continuación.", + "apiKeysDeleteConfirm": "Confirmar Borrar Clave API", + "apiKeysDelete": "Borrar Clave API", + "apiKeysManage": "Administrar claves API", + "apiKeysDescription": "Las claves API se utilizan para autenticar con la API de integración", + "apiKeysSettings": "Ajustes {apiKeyName}", + "userTitle": "Administrar todos los usuarios", + "userDescription": "Ver y administrar todos los usuarios en el sistema", + "userAbount": "Acerca de Gestión de Usuarios", + "userAbountDescription": "Esta tabla muestra todos los objetos de usuario root en el sistema. Cada usuario puede pertenecer a varias organizaciones. Eliminar un usuario de una organización no elimina su objeto de usuario root - permanecerán en el sistema. Para eliminar completamente un usuario del sistema, debe eliminar su objeto de usuario root usando la acción de borrar en esta tabla.", + "userServer": "Usuarios del servidor", + "userSearch": "Buscar usuarios del servidor...", + "userErrorDelete": "Error al eliminar el usuario", + "userDeleteConfirm": "Confirmar Borrar Usuario", + "userDeleteServer": "Eliminar usuario del servidor", + "userMessageRemove": "El usuario será eliminado de todas las organizaciones y será eliminado completamente del servidor.", + "userMessageConfirm": "Para confirmar, por favor escriba el nombre del usuario a continuación.", + "userQuestionRemove": "¿Está seguro que desea eliminar permanentemente {selectedUser} del servidor?", + "licenseKey": "Clave de licencia", + "valid": "Válido", + "numberOfSites": "Número de sitios", + "licenseKeySearch": "Buscar claves de licencia...", + "licenseKeyAdd": "Añadir clave de licencia", + "type": "Tipo", + "licenseKeyRequired": "La clave de licencia es necesaria", + "licenseTermsAgree": "Debe aceptar los términos de la licencia", + "licenseErrorKeyLoad": "Error al cargar las claves de licencia", + "licenseErrorKeyLoadDescription": "Se ha producido un error al cargar las claves de licencia.", + "licenseErrorKeyDelete": "Error al eliminar la clave de licencia", + "licenseErrorKeyDeleteDescription": "Se ha producido un error al eliminar la clave de licencia.", + "licenseKeyDeleted": "Clave de licencia eliminada", + "licenseKeyDeletedDescription": "La clave de licencia ha sido eliminada.", + "licenseErrorKeyActivate": "Error al activar la clave de licencia", + "licenseErrorKeyActivateDescription": "Se ha producido un error al activar la clave de licencia.", + "licenseAbout": "Acerca de la licencia", + "communityEdition": "Edición comunitaria", + "licenseAboutDescription": "Esto es para usuarios empresariales y empresariales que utilizan Pangolin en un entorno comercial. Si estás usando Pangolin para uso personal, puedes ignorar esta sección.", + "licenseKeyActivated": "Clave de licencia activada", + "licenseKeyActivatedDescription": "La clave de licencia se ha activado correctamente.", + "licenseErrorKeyRecheck": "Error al revisar las claves de licencia", + "licenseErrorKeyRecheckDescription": "Se ha producido un error al revisar las claves de licencia.", + "licenseErrorKeyRechecked": "Claves de licencia remarcadas", + "licenseErrorKeyRecheckedDescription": "Todas las claves de licencia han sido revisadas", + "licenseActivateKey": "Activar clave de licencia", + "licenseActivateKeyDescription": "Introduzca una clave de licencia para activarla.", + "licenseActivate": "Activar licencia", + "licenseAgreement": "Al marcar esta casilla, confirma que ha leído y aceptado los términos de licencia correspondientes al nivel asociado con su clave de licencia.", + "fossorialLicense": "Ver Términos de suscripción y licencia comercial", + "licenseMessageRemove": "Esto eliminará la clave de licencia y todos los permisos asociados otorgados por ella.", + "licenseMessageConfirm": "Para confirmar, por favor escriba la clave de licencia a continuación.", + "licenseQuestionRemove": "¿Está seguro que desea eliminar la clave de licencia {selectedKey}?", + "licenseKeyDelete": "Eliminar clave de licencia", + "licenseKeyDeleteConfirm": "Confirmar eliminar clave de licencia", + "licenseTitle": "Administrar estado de licencia", + "licenseTitleDescription": "Ver y administrar claves de licencia en el sistema", + "licenseHost": "Licencia de host", + "licenseHostDescription": "Administrar la clave de licencia principal para el host.", + "licensedNot": "Sin licencia", + "hostId": "ID del Host", + "licenseReckeckAll": "Revisar todas las claves", + "licenseSiteUsage": "Uso de Sitios", + "licenseSiteUsageDecsription": "Ver el número de sitios que utilizan esta licencia.", + "licenseNoSiteLimit": "No hay límite en el número de sitios que utilizan un host sin licencia.", + "licensePurchase": "Comprar Licencia", + "licensePurchaseSites": "Comprar sitios adicionales", + "licenseSitesUsedMax": "{usedSites} de {maxSites} sitios usados", + "licenseSitesUsed": "{count, plural, =0 {# sitios} one {# sitio} other {# sitios}} en el sistema.", + "licensePurchaseDescription": "Elige cuántos sitios quieres {selectedMode, select, license {compra una licencia para. Siempre puedes añadir más sitios más tarde.} other {añadir a tu licencia existente.}}", + "licenseFee": "Tarifa de licencia", + "licensePriceSite": "Precio por sitio", + "total": "Total", + "licenseContinuePayment": "Continuar con el pago", + "pricingPage": "página de precios", + "pricingPortal": "Ver Portal de Compra", + "licensePricingPage": "Para obtener los precios y descuentos más actualizados, por favor visite el ", + "invite": "Invitaciones", + "inviteRegenerate": "Regenerar invitación", + "inviteRegenerateDescription": "Revocar invitación anterior y crear una nueva", + "inviteRemove": "Eliminar invitación", + "inviteRemoveError": "Error al eliminar la invitación", + "inviteRemoveErrorDescription": "Ocurrió un error mientras se eliminaba la invitación.", + "inviteRemoved": "Invitación eliminada", + "inviteRemovedDescription": "La invitación para {email} ha sido eliminada.", + "inviteQuestionRemove": "¿Está seguro de que desea eliminar la invitación {email}?", + "inviteMessageRemove": "Una vez eliminada, esta invitación ya no será válida. Siempre puede volver a invitar al usuario más tarde.", + "inviteMessageConfirm": "Para confirmar, por favor escriba la dirección de correo electrónico de la invitación a continuación.", + "inviteQuestionRegenerate": "¿Estás seguro de que quieres regenerar la invitación para {email}? Esto revocará la invitación anterior.", + "inviteRemoveConfirm": "Confirmar eliminación de invitación", + "inviteRegenerated": "Invitación Regenerada", + "inviteSent": "Se ha enviado una nueva invitación a {email}.", + "inviteSentEmail": "Enviar notificación por correo electrónico al usuario", + "inviteGenerate": "Se ha generado una nueva invitación para {email}.", + "inviteDuplicateError": "Invitación duplicada", + "inviteDuplicateErrorDescription": "Ya existe una invitación para este usuario.", + "inviteRateLimitError": "Límite de tasa excedido", + "inviteRateLimitErrorDescription": "Has superado el límite de 3 regeneraciones por hora. Inténtalo de nuevo más tarde.", + "inviteRegenerateError": "No se pudo regenerar la invitación", + "inviteRegenerateErrorDescription": "Se ha producido un error al regenerar la invitación.", + "inviteValidityPeriod": "Periodo de validez", + "inviteValidityPeriodSelect": "Seleccionar período de validez", + "inviteRegenerateMessage": "La invitación ha sido regenerada. El usuario debe acceder al enlace de abajo para aceptar la invitación.", + "inviteRegenerateButton": "Regenerar", + "expiresAt": "Caduca el", + "accessRoleUnknown": "Rol desconocido", + "placeholder": "Marcador de posición", + "userErrorOrgRemove": "Error al eliminar el usuario", + "userErrorOrgRemoveDescription": "Ocurrió un error mientras se eliminaba el usuario.", + "userOrgRemoved": "Usuario eliminado", + "userOrgRemovedDescription": "El usuario {email} ha sido eliminado de la organización.", + "userQuestionOrgRemove": "¿Estás seguro de que quieres eliminar {email} de la organización?", + "userMessageOrgRemove": "Una vez eliminado, este usuario ya no tendrá acceso a la organización. Siempre puede volver a invitarlos más tarde, pero tendrán que aceptar la invitación de nuevo.", + "userMessageOrgConfirm": "Para confirmar, por favor escriba el nombre del usuario a continuación.", + "userRemoveOrgConfirm": "Confirmar eliminar usuario", + "userRemoveOrg": "Eliminar usuario de la organización", + "users": "Usuarios", + "accessRoleMember": "Miembro", + "accessRoleOwner": "Propietario", + "userConfirmed": "Confirmada", + "idpNameInternal": "Interno", + "emailInvalid": "Dirección de correo inválida", + "inviteValidityDuration": "Por favor, seleccione una duración", + "accessRoleSelectPlease": "Por favor, seleccione un rol", + "usernameRequired": "Nombre de usuario requerido", + "idpSelectPlease": "Por favor, seleccione un proveedor de identidad", + "idpGenericOidc": "Proveedor OAuth2/OIDC genérico.", + "accessRoleErrorFetch": "Error al recuperar roles", + "accessRoleErrorFetchDescription": "Se ha producido un error al recuperar los roles", + "idpErrorFetch": "Error al recuperar proveedores de identidad", + "idpErrorFetchDescription": "Se ha producido un error al recuperar proveedores de identidad", + "userErrorExists": "El usuario ya existe", + "userErrorExistsDescription": "Este usuario ya es miembro de la organización.", + "inviteError": "Error al invitar al usuario", + "inviteErrorDescription": "Ocurrió un error mientras se invitaba al usuario", + "userInvited": "Usuario invitado", + "userInvitedDescription": "El usuario ha sido invitado con éxito.", + "userErrorCreate": "Error al crear el usuario", + "userErrorCreateDescription": "Se ha producido un error al crear el usuario", + "userCreated": "Usuario creado", + "userCreatedDescription": "El usuario se ha creado correctamente.", + "userTypeInternal": "Usuario interno", + "userTypeInternalDescription": "Invita a un usuario a unirse a tu organización directamente.", + "userTypeExternal": "Usuario externo", + "userTypeExternalDescription": "Crear un usuario con un proveedor de identidad externo.", + "accessUserCreateDescription": "Siga los pasos siguientes para crear un nuevo usuario", + "userSeeAll": "Ver todos los usuarios", + "userTypeTitle": "Tipo de usuario", + "userTypeDescription": "Determina cómo quieres crear el usuario", + "userSettings": "Información del usuario", + "userSettingsDescription": "Introduzca los detalles del nuevo usuario", + "inviteEmailSent": "Enviar correo de invitación al usuario", + "inviteValid": "Válido para", + "selectDuration": "Seleccionar duración", + "accessRoleSelect": "Seleccionar rol", + "inviteEmailSentDescription": "Se ha enviado un correo electrónico al usuario con el siguiente enlace de acceso. Debe acceder al enlace para aceptar la invitación.", + "inviteSentDescription": "El usuario ha sido invitado. Debe acceder al enlace de abajo para aceptar la invitación.", + "inviteExpiresIn": "La invitación expirará en {days, plural, one {# día} other {# días}}.", + "idpTitle": "Proveedor de identidad", + "idpSelect": "Seleccione el proveedor de identidad para el usuario externo", + "idpNotConfigured": "No hay proveedores de identidad configurados. Por favor, configure un proveedor de identidad antes de crear usuarios externos.", + "usernameUniq": "Esto debe coincidir con el nombre de usuario único que existe en el proveedor de identidad seleccionado.", + "emailOptional": "Email (opcional)", + "nameOptional": "Nombre (opcional)", + "accessControls": "Controles de acceso", + "userDescription2": "Administrar la configuración de este usuario", + "accessRoleErrorAdd": "No se pudo agregar el usuario al rol", + "accessRoleErrorAddDescription": "Ocurrió un error mientras se añadía el usuario al rol.", + "userSaved": "Usuario guardado", + "userSavedDescription": "El usuario ha sido actualizado.", + "accessControlsDescription": "Administrar lo que este usuario puede acceder y hacer en la organización", + "accessControlsSubmit": "Guardar controles de acceso", + "roles": "Roles", + "accessUsersRoles": "Administrar usuarios y roles", + "accessUsersRolesDescription": "Invitar usuarios y añadirlos a roles para administrar el acceso a su organización", + "key": "Clave", + "createdAt": "Creado el", + "proxyErrorInvalidHeader": "Valor de cabecera de host personalizado no válido. Utilice el formato de nombre de dominio, o guarde en blanco para desestablecer cabecera de host personalizada.", + "proxyErrorTls": "Nombre de servidor TLS inválido. Utilice el formato de nombre de dominio o guarde en blanco para eliminar el nombre de servidor TLS.", + "proxyEnableSSL": "Habilitar SSL (https)", + "targetErrorFetch": "Error al recuperar los objetivos", + "targetErrorFetchDescription": "Se ha producido un error al recuperar los objetivos", + "siteErrorFetch": "No se pudo obtener el recurso", + "siteErrorFetchDescription": "Se ha producido un error al recuperar el recurso", + "targetErrorDuplicate": "Objetivo duplicado", + "targetErrorDuplicateDescription": "Ya existe un objetivo con estos ajustes", + "targetWireGuardErrorInvalidIp": "IP de destino no válida", + "targetWireGuardErrorInvalidIpDescription": "La IP de destino debe estar dentro de la subred del sitio", + "targetsUpdated": "Objetivos actualizados", + "targetsUpdatedDescription": "Objetivos y ajustes actualizados correctamente", + "targetsErrorUpdate": "Error al actualizar los objetivos", + "targetsErrorUpdateDescription": "Se ha producido un error al actualizar los objetivos", + "targetTlsUpdate": "Ajustes TLS actualizados", + "targetTlsUpdateDescription": "La configuración de TLS se ha actualizado correctamente", + "targetErrorTlsUpdate": "Error al actualizar los ajustes de TLS", + "targetErrorTlsUpdateDescription": "Ocurrió un error mientras se actualizaban los ajustes de TLS", + "proxyUpdated": "Configuración del proxy actualizada", + "proxyUpdatedDescription": "La configuración del proxy se ha actualizado correctamente", + "proxyErrorUpdate": "Error al actualizar la configuración del proxy", + "proxyErrorUpdateDescription": "Se ha producido un error al actualizar la configuración del proxy", + "targetAddr": "IP / Nombre del host", + "targetPort": "Puerto", + "targetProtocol": "Protocolo", + "targetTlsSettings": "Configuración de conexión segura", + "targetTlsSettingsDescription": "Configurar ajustes SSL/TLS para su recurso", + "targetTlsSettingsAdvanced": "Ajustes avanzados de TLS", + "targetTlsSni": "Nombre del servidor TLS (SNI)", + "targetTlsSniDescription": "El nombre del servidor TLS a usar para SNI. Deje en blanco para usar el valor predeterminado.", + "targetTlsSubmit": "Guardar ajustes", + "targets": "Configuración de objetivos", + "targetsDescription": "Configurar objetivos para enrutar tráfico a sus servicios", + "targetStickySessions": "Activar Sesiones Pegadas", + "targetStickySessionsDescription": "Mantener conexiones en el mismo objetivo de backend para toda su sesión.", + "methodSelect": "Seleccionar método", + "targetSubmit": "Añadir destino", + "targetNoOne": "No hay objetivos. Agregue un objetivo usando el formulario.", + "targetNoOneDescription": "Si se añade más de un objetivo anterior se activará el balance de carga.", + "targetsSubmit": "Guardar objetivos", + "proxyAdditional": "Ajustes adicionales del proxy", + "proxyAdditionalDescription": "Configura cómo tu recurso maneja la configuración del proxy", + "proxyCustomHeader": "Cabecera de host personalizada", + "proxyCustomHeaderDescription": "La cabecera del host a establecer cuando se realizan peticiones de reemplazo. Deje en blanco para usar el valor predeterminado.", + "proxyAdditionalSubmit": "Guardar ajustes de proxy", + "subnetMaskErrorInvalid": "Máscara de subred inválida. Debe estar entre 0 y 32.", + "ipAddressErrorInvalidFormat": "Formato de dirección IP inválido", + "ipAddressErrorInvalidOctet": "Octet de dirección IP no válido", + "path": "Ruta", + "ipAddressRange": "Rango IP", + "rulesErrorFetch": "Error al obtener las reglas", + "rulesErrorFetchDescription": "Se ha producido un error al recuperar las reglas", + "rulesErrorDuplicate": "Duplicar regla", + "rulesErrorDuplicateDescription": "Ya existe una regla con estos ajustes", + "rulesErrorInvalidIpAddressRange": "CIDR inválido", + "rulesErrorInvalidIpAddressRangeDescription": "Por favor, introduzca un valor CIDR válido", + "rulesErrorInvalidUrl": "Ruta URL inválida", + "rulesErrorInvalidUrlDescription": "Por favor, introduzca un valor de ruta de URL válido", + "rulesErrorInvalidIpAddress": "IP inválida", + "rulesErrorInvalidIpAddressDescription": "Por favor, introduzca una dirección IP válida", + "rulesErrorUpdate": "Error al actualizar las reglas", + "rulesErrorUpdateDescription": "Se ha producido un error al actualizar las reglas", + "rulesUpdated": "Activar Reglas", + "rulesUpdatedDescription": "La evaluación de la regla ha sido actualizada", + "rulesMatchIpAddressRangeDescription": "Introduzca una dirección en formato CIDR (por ejemplo, 103.21.244.0/22)", + "rulesMatchIpAddress": "Introduzca una dirección IP (por ejemplo, 103.21.244.12)", + "rulesMatchUrl": "Introduzca una ruta URL o patrón (por ej., /api/v1/todos o /api/v1/*)", + "rulesErrorInvalidPriority": "Prioridad inválida", + "rulesErrorInvalidPriorityDescription": "Por favor, introduzca una prioridad válida", + "rulesErrorDuplicatePriority": "Prioridades duplicadas", + "rulesErrorDuplicatePriorityDescription": "Por favor, introduzca prioridades únicas", + "ruleUpdated": "Reglas actualizadas", + "ruleUpdatedDescription": "Reglas actualizadas correctamente", + "ruleErrorUpdate": "Operación fallida", + "ruleErrorUpdateDescription": "Se ha producido un error durante la operación de guardado", + "rulesPriority": "Prioridad", + "rulesAction": "Accin", + "rulesMatchType": "Tipo de partida", + "value": "Valor", + "rulesAbout": "Sobre Reglas", + "rulesAboutDescription": "Las reglas le permiten controlar el acceso a su recurso basado en un conjunto de criterios. Puede crear reglas para permitir o denegar el acceso basándose en la dirección IP o ruta de la URL.", + "rulesActions": "Acciones", + "rulesActionAlwaysAllow": "Permitir siempre: pasar todos los métodos de autenticación", + "rulesActionAlwaysDeny": "Denegar siempre: Bloquear todas las peticiones; no se puede intentar autenticación", + "rulesActionPassToAuth": "Pasar a Autenticación: Permitir que se intenten los métodos de autenticación", + "rulesMatchCriteria": "Criterios coincidentes", + "rulesMatchCriteriaIpAddress": "Coincidir con una dirección IP específica", + "rulesMatchCriteriaIpAddressRange": "Coincide con un rango de direcciones IP en notación CIDR", + "rulesMatchCriteriaUrl": "Coincidir con una ruta de URL o patrón", + "rulesEnable": "Activar Reglas", + "rulesEnableDescription": "Activar o desactivar la evaluación de reglas para este recurso", + "rulesResource": "Configuración de reglas de recursos", + "rulesResourceDescription": "Configurar reglas para controlar el acceso a su recurso", + "ruleSubmit": "Añadir Regla", + "rulesNoOne": "No hay reglas. Agregue una regla usando el formulario.", + "rulesOrder": "Las reglas son evaluadas por prioridad en orden ascendente.", + "rulesSubmit": "Guardar Reglas", + "resourceErrorCreate": "Error al crear recurso", + "resourceErrorCreateDescription": "Se ha producido un error al crear el recurso", + "resourceErrorCreateMessage": "Error al crear el recurso:", + "resourceErrorCreateMessageDescription": "Se ha producido un error inesperado", + "sitesErrorFetch": "Error obteniendo sitios", + "sitesErrorFetchDescription": "Se ha producido un error al recuperar los sitios", + "domainsErrorFetch": "Error obteniendo dominios", + "domainsErrorFetchDescription": "Se ha producido un error al recuperar los dominios", + "none": "Ninguna", + "unknown": "Desconocido", + "resources": "Recursos", + "resourcesDescription": "Los recursos son proxies para aplicaciones que se ejecutan en su red privada. Cree un recurso para cualquier servicio HTTP/HTTPS o TCP/UDP crudo en su red privada. Cada recurso debe estar conectado a un sitio para permitir una conectividad privada y segura a través de un túnel encriptado de WireGuard.", + "resourcesWireGuardConnect": "Conectividad segura con cifrado de Wirex Guard", + "resourcesMultipleAuthenticationMethods": "Configurar múltiples métodos de autenticación", + "resourcesUsersRolesAccess": "Control de acceso basado en usuarios y roles", + "resourcesErrorUpdate": "Error al cambiar el recurso", + "resourcesErrorUpdateDescription": "Se ha producido un error al actualizar el recurso", + "access": "Acceder", + "shareLink": "{resource} Compartir Enlace", + "resourceSelect": "Seleccionar recurso", + "shareLinks": "Compartir enlaces", + "share": "Enlaces compartibles", + "shareDescription2": "Crea enlaces compartidos con tus recursos. Los enlaces proporcionan acceso temporal o ilimitado a tu recurso. Puede configurar la duración de caducidad del enlace cuando cree uno.", + "shareEasyCreate": "Fácil de crear y compartir", + "shareConfigurableExpirationDuration": "Duración de caducidad configurable", + "shareSecureAndRevocable": "Seguro y revocable", + "nameMin": "El nombre debe tener al menos caracteres {len}.", + "nameMax": "El nombre no debe tener más de {len} caracteres.", + "sitesConfirmCopy": "Por favor, confirme que ha copiado la configuración.", + "unknownCommand": "Comando desconocido", + "newtErrorFetchReleases": "No se pudo obtener la información del lanzamiento: {err}", + "newtErrorFetchLatest": "Error obteniendo la última versión: {err}", + "newtEndpoint": "Punto final de Newt", + "newtId": "ID de Newt", + "newtSecretKey": "Clave secreta de Newt", + "architecture": "Arquitectura", + "sites": "Sitios", + "siteWgAnyClients": "Usa cualquier cliente de Wirex para conectarte. Tendrás que dirigirte a tus recursos internos usando la IP de compañeros.", + "siteWgCompatibleAllClients": "Compatible con todos los clientes de Wirex Guard", + "siteWgManualConfigurationRequired": "Configuración manual requerida", + "userErrorNotAdminOrOwner": "El usuario no es un administrador o propietario", + "pangolinSettings": "Ajustes - Pangolin", + "accessRoleYour": "Tu rol:", + "accessRoleSelect2": "Seleccione un rol", + "accessUserSelect": "Seleccione un usuario", + "otpEmailEnter": "Escribe un email", + "otpEmailEnterDescription": "Pulse Enter para añadir un correo electrónico después de teclearlo en el campo de entrada.", + "otpEmailErrorInvalid": "Dirección de correo electrónico no válida. El comodín (*) debe ser la parte local completa.", + "otpEmailSmtpRequired": "SMTP Requerido", + "otpEmailSmtpRequiredDescription": "SMTP debe estar habilitado en el servidor para usar autenticación de contraseña de una sola vez.", + "otpEmailTitle": "Contraseñas de una sola vez", + "otpEmailTitleDescription": "Requiere autenticación por correo electrónico para acceso a recursos", + "otpEmailWhitelist": "Lista blanca de correo", + "otpEmailWhitelistList": "Correos en la lista blanca", + "otpEmailWhitelistListDescription": "Sólo los usuarios con estas direcciones de correo electrónico podrán acceder a este recurso. Se les pedirá que introduzcan una contraseña de una sola vez enviada a su correo electrónico. Los comodines (*@ejemplo.com) pueden utilizarse para permitir cualquier dirección de correo electrónico de un dominio.", + "otpEmailWhitelistSave": "Guardar lista blanca", + "passwordAdd": "Añadir contraseña", + "passwordRemove": "Eliminar contraseña", + "pincodeAdd": "Añadir código PIN", + "pincodeRemove": "Eliminar código PIN", + "resourceAuthMethods": "Métodos de autenticación", + "resourceAuthMethodsDescriptions": "Permitir el acceso al recurso a través de métodos de autenticación adicionales", + "resourceAuthSettingsSave": "Guardado correctamente", + "resourceAuthSettingsSaveDescription": "Se han guardado los ajustes de autenticación", + "resourceErrorAuthFetch": "Error al recuperar datos", + "resourceErrorAuthFetchDescription": "Se ha producido un error al recuperar los datos", + "resourceErrorPasswordRemove": "Error al eliminar la contraseña del recurso", + "resourceErrorPasswordRemoveDescription": "Se ha producido un error al eliminar la contraseña del recurso", + "resourceErrorPasswordSetup": "Error al establecer la contraseña del recurso", + "resourceErrorPasswordSetupDescription": "Se ha producido un error al establecer la contraseña del recurso", + "resourceErrorPincodeRemove": "Error al eliminar el código pin del recurso", + "resourceErrorPincodeRemoveDescription": "Ocurrió un error mientras se eliminaba el código pin del recurso", + "resourceErrorPincodeSetup": "Error al establecer el código PIN del recurso", + "resourceErrorPincodeSetupDescription": "Se ha producido un error al establecer el código PIN del recurso", + "resourceErrorUsersRolesSave": "Error al establecer roles", + "resourceErrorUsersRolesSaveDescription": "Se ha producido un error al establecer los roles", + "resourceErrorWhitelistSave": "Error al guardar la lista blanca", + "resourceErrorWhitelistSaveDescription": "Ocurrió un error mientras se guardaba la lista blanca", + "resourcePasswordSubmit": "Activar la protección de contraseña", + "resourcePasswordProtection": "Protección de contraseña {status}", + "resourcePasswordRemove": "Contraseña de recurso eliminada", + "resourcePasswordRemoveDescription": "La contraseña del recurso se ha eliminado correctamente", + "resourcePasswordSetup": "Contraseña de recurso establecida", + "resourcePasswordSetupDescription": "La contraseña del recurso se ha establecido correctamente", + "resourcePasswordSetupTitle": "Establecer contraseña", + "resourcePasswordSetupTitleDescription": "Establecer una contraseña para proteger este recurso", + "resourcePincode": "Código PIN", + "resourcePincodeSubmit": "Activar protección de código PIN", + "resourcePincodeProtection": "Protección del código PIN {status}", + "resourcePincodeRemove": "Código del recurso eliminado", + "resourcePincodeRemoveDescription": "La contraseña del recurso se ha eliminado correctamente", + "resourcePincodeSetup": "Código PIN del recurso establecido", + "resourcePincodeSetupDescription": "El código del recurso se ha establecido correctamente", + "resourcePincodeSetupTitle": "Definir Pincode", + "resourcePincodeSetupTitleDescription": "Establecer un pincode para proteger este recurso", + "resourceRoleDescription": "Los administradores siempre pueden acceder a este recurso.", + "resourceUsersRoles": "Usuarios y roles", + "resourceUsersRolesDescription": "Configurar qué usuarios y roles pueden visitar este recurso", + "resourceUsersRolesSubmit": "Guardar usuarios y roles", + "resourceWhitelistSave": "Guardado correctamente", + "resourceWhitelistSaveDescription": "Se han guardado los ajustes de la lista blanca", + "ssoUse": "Usar Plataforma SSO", + "ssoUseDescription": "Los usuarios existentes sólo tendrán que iniciar sesión una vez para todos los recursos que tengan esto habilitado.", + "proxyErrorInvalidPort": "Número de puerto inválido", + "subdomainErrorInvalid": "Subdominio inválido", + "domainErrorFetch": "Error obteniendo dominios", + "domainErrorFetchDescription": "Se ha producido un error al recuperar los dominios", + "resourceErrorUpdate": "Error al actualizar el recurso", + "resourceErrorUpdateDescription": "Se ha producido un error al actualizar el recurso", + "resourceUpdated": "Recurso actualizado", + "resourceUpdatedDescription": "El recurso se ha actualizado correctamente", + "resourceErrorTransfer": "Error al transferir el recurso", + "resourceErrorTransferDescription": "Se ha producido un error al transferir el recurso", + "resourceTransferred": "Recurso transferido", + "resourceTransferredDescription": "El recurso ha sido transferido con éxito", + "resourceErrorToggle": "Error al cambiar el recurso", + "resourceErrorToggleDescription": "Se ha producido un error al actualizar el recurso", + "resourceVisibilityTitle": "Visibilidad", + "resourceVisibilityTitleDescription": "Activar o desactivar completamente la visibilidad de los recursos", + "resourceGeneral": "Configuración General", + "resourceGeneralDescription": "Configurar la configuración general de este recurso", + "resourceEnable": "Activar recurso", + "resourceTransfer": "Transferir recursos", + "resourceTransferDescription": "Transferir este recurso a un sitio diferente", + "resourceTransferSubmit": "Transferir recursos", + "siteDestination": "Sitio de destino", + "searchSites": "Buscar sitios", + "accessRoleCreate": "Crear rol", + "accessRoleCreateDescription": "Crear un nuevo rol para agrupar usuarios y administrar sus permisos.", + "accessRoleCreateSubmit": "Crear rol", + "accessRoleCreated": "Rol creado", + "accessRoleCreatedDescription": "El rol se ha creado correctamente.", + "accessRoleErrorCreate": "Error al crear el rol", + "accessRoleErrorCreateDescription": "Se ha producido un error al crear el rol.", + "accessRoleErrorNewRequired": "Se requiere un nuevo rol", + "accessRoleErrorRemove": "Error al eliminar el rol", + "accessRoleErrorRemoveDescription": "Ocurrió un error mientras se eliminaba el rol.", + "accessRoleName": "Nombre del Rol", + "accessRoleQuestionRemove": "Estás a punto de eliminar el rol {name} . No puedes deshacer esta acción.", + "accessRoleRemove": "Quitar rol", + "accessRoleRemoveDescription": "Eliminar un rol de la organización", + "accessRoleRemoveSubmit": "Quitar rol", + "accessRoleRemoved": "Rol eliminado", + "accessRoleRemovedDescription": "El rol se ha eliminado correctamente.", + "accessRoleRequiredRemove": "Antes de eliminar este rol, seleccione un nuevo rol al que transferir miembros existentes.", + "manage": "Gestionar", + "sitesNotFound": "Sitios no encontrados.", + "pangolinServerAdmin": "Admin Servidor - Pangolin", + "licenseTierProfessional": "Licencia profesional", + "licenseTierEnterprise": "Licencia Enterprise", + "licenseTierCommercial": "Licencia comercial", + "licensed": "Licenciado", + "yes": "Sí", + "no": "Nu", + "sitesAdditional": "Sitios adicionales", + "licenseKeys": "Claves de licencia", + "sitestCountDecrease": "Reducir el número de sitios", + "sitestCountIncrease": "Aumentar el número de sitios", + "idpManage": "Administrar proveedores de identidad", + "idpManageDescription": "Ver y administrar proveedores de identidad en el sistema", + "idpDeletedDescription": "Proveedor de identidad eliminado correctamente", + "idpOidc": "OAuth2/OIDC", + "idpQuestionRemove": "¿Está seguro que desea eliminar permanentemente el proveedor de identidad {name}?", + "idpMessageRemove": "Esto eliminará el proveedor de identidad y todas las configuraciones asociadas. Los usuarios que se autentifiquen a través de este proveedor ya no podrán iniciar sesión.", + "idpMessageConfirm": "Para confirmar, por favor escriba el nombre del proveedor de identidad a continuación.", + "idpConfirmDelete": "Confirmar eliminar proveedor de identidad", + "idpDelete": "Eliminar proveedor de identidad", + "idp": "Proveedores de identidad", + "idpSearch": "Buscar proveedores de identidad...", + "idpAdd": "Añadir proveedor de identidad", + "idpClientIdRequired": "Se requiere ID de cliente.", + "idpClientSecretRequired": "El secreto del cliente es obligatorio.", + "idpErrorAuthUrlInvalid": "La URL de autenticación debe ser una URL válida.", + "idpErrorTokenUrlInvalid": "La URL del token debe ser una URL válida.", + "idpPathRequired": "La ruta identificadora es requerida.", + "idpScopeRequired": "Se requiere alcance.", + "idpOidcDescription": "Configurar un proveedor de identidad OpenID Connect", + "idpCreatedDescription": "Proveedor de identidad creado correctamente", + "idpCreate": "Crear proveedor de identidad", + "idpCreateDescription": "Configurar un nuevo proveedor de identidad para la autenticación de usuario", + "idpSeeAll": "Ver todos los proveedores de identidad", + "idpSettingsDescription": "Configure la información básica para su proveedor de identidad", + "idpDisplayName": "Un nombre mostrado para este proveedor de identidad", + "idpAutoProvisionUsers": "Auto-Provisión de Usuarios", + "idpAutoProvisionUsersDescription": "Cuando está habilitado, los usuarios serán creados automáticamente en el sistema al iniciar sesión con la capacidad de asignar a los usuarios a roles y organizaciones.", + "licenseBadge": "Profesional", + "idpType": "Tipo de proveedor", + "idpTypeDescription": "Seleccione el tipo de proveedor de identidad que desea configurar", + "idpOidcConfigure": "Configuración OAuth2/OIDC", + "idpOidcConfigureDescription": "Configurar los puntos finales y credenciales del proveedor OAuth2/OIDC", + "idpClientId": "ID de cliente", + "idpClientIdDescription": "El ID del cliente OAuth2 de su proveedor de identidad", + "idpClientSecret": "Cliente secreto", + "idpClientSecretDescription": "El secreto del cliente OAuth2 de su proveedor de identidad", + "idpAuthUrl": "URL de autorización", + "idpAuthUrlDescription": "La URL final de autorización de OAuth2", + "idpTokenUrl": "URL del token", + "idpTokenUrlDescription": "La URL del endpoint del token OAuth2", + "idpOidcConfigureAlert": "Información importante", + "idpOidcConfigureAlertDescription": "Después de crear el proveedor de identidad, necesitará configurar la URL de callback en la configuración de su proveedor de identidad. La URL de devolución de llamada se proporcionará después de la creación exitosa.", + "idpToken": "Configuración del token", + "idpTokenDescription": "Configurar cómo extraer la información del usuario del token de ID", + "idpJmespathAbout": "Acerca de JMESPath", + "idpJmespathAboutDescription": "Las siguientes rutas utilizan la sintaxis JMESPath para extraer valores del token ID.", + "idpJmespathAboutDescriptionLink": "Más información sobre JMESPath", + "idpJmespathLabel": "Ruta del identificador", + "idpJmespathLabelDescription": "La ruta al identificador de usuario en el token de ID", + "idpJmespathEmailPathOptional": "Ruta de correo (opcional)", + "idpJmespathEmailPathOptionalDescription": "La ruta al correo electrónico del usuario en el token de ID", + "idpJmespathNamePathOptional": "Ruta del nombre (opcional)", + "idpJmespathNamePathOptionalDescription": "La ruta al nombre del usuario en el token de ID", + "idpOidcConfigureScopes": "Ámbitos", + "idpOidcConfigureScopesDescription": "Lista separada por espacios de los ámbitos OAuth2 a solicitar", + "idpSubmit": "Crear proveedor de identidad", + "orgPolicies": "Políticas de organización", + "idpSettings": "Ajustes {idpName}", + "idpCreateSettingsDescription": "Configurar la configuración de su proveedor de identidad", + "roleMapping": "Mapeo de Rol", + "orgMapping": "Mapeo de organización", + "orgPoliciesSearch": "Buscar políticas de organización...", + "orgPoliciesAdd": "Añadir Política de Organización", + "orgRequired": "La organización es obligatoria", + "error": "Error", + "success": "Éxito", + "orgPolicyAddedDescription": "Política añadida correctamente", + "orgPolicyUpdatedDescription": "Política actualizada correctamente", + "orgPolicyDeletedDescription": "Política eliminada correctamente", + "defaultMappingsUpdatedDescription": "Mapeos por defecto actualizados correctamente", + "orgPoliciesAbout": "Acerca de políticas de organización", + "orgPoliciesAboutDescription": "Las políticas de la organización se utilizan para controlar el acceso a las organizaciones basándose en el token de identificación del usuario. Puede especificar expresiones JMESPath para extraer información de rol y organización del token de identificación.", + "orgPoliciesAboutDescriptionLink": "Vea la documentación, para más información.", + "defaultMappingsOptional": "Mapeo por defecto (opcional)", + "defaultMappingsOptionalDescription": "Los mapeos por defecto se utilizan cuando no hay una política de organización definida para una organización. Puede especificar las asignaciones predeterminadas de rol y organización a las que volver aquí.", + "defaultMappingsRole": "Mapeo de Rol por defecto", + "defaultMappingsRoleDescription": "El resultado de esta expresión debe devolver el nombre del rol tal y como se define en la organización como una cadena.", + "defaultMappingsOrg": "Mapeo de organización por defecto", + "defaultMappingsOrgDescription": "Esta expresión debe devolver el ID de org o verdadero para que el usuario pueda acceder a la organización.", + "defaultMappingsSubmit": "Guardar asignaciones por defecto", + "orgPoliciesEdit": "Editar Política de Organización", + "org": "Organización", + "orgSelect": "Seleccionar organización", + "orgSearch": "Buscar org", + "orgNotFound": "No se encontró org.", + "roleMappingPathOptional": "Ruta de Mapeo de Rol (opcional)", + "orgMappingPathOptional": "Ruta de mapeo de organización (opcional)", + "orgPolicyUpdate": "Actualizar política", + "orgPolicyAdd": "Añadir Política", + "orgPolicyConfig": "Configurar acceso para una organización", + "idpUpdatedDescription": "Proveedor de identidad actualizado correctamente", + "redirectUrl": "URL de redirección", + "redirectUrlAbout": "Acerca de la URL de redirección", + "redirectUrlAboutDescription": "Esta es la URL a la que los usuarios serán redireccionados después de la autenticación. Necesitas configurar esta URL en la configuración de tu proveedor de identidad.", + "pangolinAuth": "Auth - Pangolin", + "verificationCodeLengthRequirements": "Tu código de verificación debe tener 8 caracteres.", + "errorOccurred": "Se ha producido un error", + "emailErrorVerify": "No se pudo verificar el email:", + "emailVerified": "¡Correo electrónico verificado con éxito! Redirigiendo...", + "verificationCodeErrorResend": "Error al reenviar el código de verificación:", + "verificationCodeResend": "Código de verificación reenviado", + "verificationCodeResendDescription": "Hemos reenviado un código de verificación a tu dirección de correo electrónico. Por favor, comprueba tu bandeja de entrada.", + "emailVerify": "Verificar Email", + "emailVerifyDescription": "Introduzca el código de verificación enviado a su dirección de correo electrónico.", + "verificationCode": "Código de verificación", + "verificationCodeEmailSent": "Hemos enviado un código de verificación a tu dirección de correo electrónico.", + "submit": "Enviar", + "emailVerifyResendProgress": "Reenviando...", + "emailVerifyResend": "¿No has recibido un código? Haz clic aquí para reenviar", + "passwordNotMatch": "Las contraseñas no coinciden", + "signupError": "Se ha producido un error al registrarse", + "pangolinLogoAlt": "Logo de Pangolin", + "inviteAlready": "¡Parece que has sido invitado!", + "inviteAlreadyDescription": "Para aceptar la invitación, debes iniciar sesión o crear una cuenta.", + "signupQuestion": "¿Ya tienes una cuenta?", + "login": "Iniciar sesión", + "resourceNotFound": "Recurso no encontrado", + "resourceNotFoundDescription": "El recurso al que intentas acceder no existe.", + "pincodeRequirementsLength": "El PIN debe tener exactamente 6 dígitos", + "pincodeRequirementsChars": "El PIN sólo debe contener números", + "passwordRequirementsLength": "La contraseña debe tener al menos 1 carácter", + "passwordRequirementsTitle": "Requisitos de la contraseña:", + "passwordRequirementLength": "Al menos 8 caracteres de largo", + "passwordRequirementUppercase": "Al menos una letra mayúscula", + "passwordRequirementLowercase": "Al menos una letra minúscula", + "passwordRequirementNumber": "Al menos un número", + "passwordRequirementSpecial": "Al menos un carácter especial", + "passwordRequirementsMet": "✓ La contraseña cumple con todos los requisitos", + "passwordStrength": "Seguridad de la contraseña", + "passwordStrengthWeak": "Débil", + "passwordStrengthMedium": "Media", + "passwordStrengthStrong": "Fuerte", + "passwordRequirements": "Requisitos:", + "passwordRequirementLengthText": "8+ caracteres", + "passwordRequirementUppercaseText": "Letra mayúscula (A-Z)", + "passwordRequirementLowercaseText": "Letra minúscula (a-z)", + "passwordRequirementNumberText": "Número (0-9)", + "passwordRequirementSpecialText": "Caracter especial (!@#$%...)", + "passwordsDoNotMatch": "Las contraseñas no coinciden", + "otpEmailRequirementsLength": "OTP debe tener al menos 1 carácter", + "otpEmailSent": "OTP enviado", + "otpEmailSentDescription": "Un OTP ha sido enviado a tu correo electrónico", + "otpEmailErrorAuthenticate": "Error al autenticar con el correo electrónico", + "pincodeErrorAuthenticate": "Error al autenticar con pincode", + "passwordErrorAuthenticate": "Error al autenticar con contraseña", + "poweredBy": "Desarrollado por", + "authenticationRequired": "Autenticación requerida", + "authenticationMethodChoose": "Elige tu método preferido para acceder a {name}", + "authenticationRequest": "Debes autenticarte para acceder a {name}", + "user": "Usuario", + "pincodeInput": "Código PIN de 6 dígitos", + "pincodeSubmit": "Iniciar sesión con PIN", + "passwordSubmit": "Iniciar sesión con contraseña", + "otpEmailDescription": "Se enviará un código único a este correo electrónico.", + "otpEmailSend": "Enviar código de una sola vez", + "otpEmail": "Contraseña de una sola vez (OTP)", + "otpEmailSubmit": "Enviar OTP", + "backToEmail": "Volver al Email", + "noSupportKey": "El servidor se está ejecutando sin una clave de soporte. ¡Considere apoyar el proyecto!", + "accessDenied": "Acceso denegado", + "accessDeniedDescription": "No tienes permiso para acceder a este recurso. Si esto es un error, por favor contacta con el administrador.", + "accessTokenError": "Error comprobando el token de acceso", + "accessGranted": "Acceso concedido", + "accessUrlInvalid": "URL de acceso inválida", + "accessGrantedDescription": "Se te ha concedido acceso a este recurso. Redirigiendo...", + "accessUrlInvalidDescription": "Esta URL de acceso compartido no es válida. Por favor, póngase en contacto con el propietario del recurso para una nueva URL.", + "tokenInvalid": "Token inválido", + "pincodeInvalid": "Código inválido", + "passwordErrorRequestReset": "Error al solicitar reinicio:", + "passwordErrorReset": "Error al restablecer la contraseña:", + "passwordResetSuccess": "¡Contraseña restablecida! Volver para iniciar sesión...", + "passwordReset": "Restablecer contraseña", + "passwordResetDescription": "Siga los pasos para restablecer su contraseña", + "passwordResetSent": "Enviaremos un código para restablecer la contraseña a esta dirección de correo electrónico.", + "passwordResetCode": "Código de restablecimiento", + "passwordResetCodeDescription": "Revisa tu correo electrónico para ver el código de restablecimiento.", + "passwordNew": "Nueva contraseña", + "passwordNewConfirm": "Confirmar nueva contraseña", + "pincodeAuth": "Código de autenticación", + "pincodeSubmit2": "Enviar código", + "passwordResetSubmit": "Reiniciar Solicitud", + "passwordBack": "Volver a la contraseña", + "loginBack": "Volver a iniciar sesión", + "signup": "Regístrate", + "loginStart": "Inicia sesión para empezar", + "idpOidcTokenValidating": "Validando token OIDC", + "idpOidcTokenResponse": "Validar respuesta de token OIDC", + "idpErrorOidcTokenValidating": "Error al validar token OIDC", + "idpConnectingTo": "Conectando a {name}", + "idpConnectingToDescription": "Validando tu identidad", + "idpConnectingToProcess": "Conectando...", + "idpConnectingToFinished": "Conectado", + "idpErrorConnectingTo": "Hubo un problema al conectar con {name}. Por favor, póngase en contacto con su administrador.", + "idpErrorNotFound": "IdP no encontrado", + "inviteInvalid": "Invitación inválida", + "inviteInvalidDescription": "El enlace de invitación no es válido.", + "inviteErrorWrongUser": "La invitación no es para este usuario", + "inviteErrorUserNotExists": "El usuario no existe. Por favor, cree una cuenta primero.", + "inviteErrorLoginRequired": "Debes estar conectado para aceptar una invitación", + "inviteErrorExpired": "La invitación puede haber caducado", + "inviteErrorRevoked": "La invitación podría haber sido revocada", + "inviteErrorTypo": "Puede haber un error en el enlace de invitación", + "pangolinSetup": "Configuración - Pangolin", + "orgNameRequired": "El nombre de la organización es obligatorio", + "orgIdRequired": "El ID de la organización es obligatorio", + "orgErrorCreate": "Se ha producido un error al crear el org", + "pageNotFound": "Página no encontrada", + "pageNotFoundDescription": "¡Vaya! La página que estás buscando no existe.", + "overview": "Resumen", + "home": "Inicio", + "accessControl": "Control de acceso", + "settings": "Ajustes", + "usersAll": "Todos los usuarios", + "license": "Licencia", + "pangolinDashboard": "Tablero - Pangolin", + "noResults": "No se han encontrado resultados.", + "terabytes": "TB {count}", + "gigabytes": "{count} GB", + "megabytes": "{count} MB", + "tagsEntered": "Etiquetas introducidas", + "tagsEnteredDescription": "Estas son las etiquetas que has introducido.", + "tagsWarnCannotBeLessThanZero": "maxTags y minTags no pueden ser menores que 0", + "tagsWarnNotAllowedAutocompleteOptions": "Etiqueta no permitida como opciones de autocompletado", + "tagsWarnInvalid": "Etiqueta no válida según validateTag", + "tagWarnTooShort": "La etiqueta {tagText} es demasiado corta", + "tagWarnTooLong": "La etiqueta {tagText} es demasiado larga", + "tagsWarnReachedMaxNumber": "Alcanzado el número máximo de etiquetas permitidas", + "tagWarnDuplicate": "Etiqueta {tagText} duplicada no añadida", + "supportKeyInvalid": "Clave inválida", + "supportKeyInvalidDescription": "Tu clave de seguidor no es válida.", + "supportKeyValid": "Clave válida", + "supportKeyValidDescription": "Su clave de seguidor ha sido validada. ¡Gracias por su apoyo!", + "supportKeyErrorValidationDescription": "Error al validar la clave de seguidor.", + "supportKey": "¡Apoya el Desarrollo y Adopte un Pangolin!", + "supportKeyDescription": "Compra una clave de seguidor para ayudarnos a seguir desarrollando Pangolin para la comunidad. Su contribución nos permite comprometer más tiempo para mantener y añadir nuevas características a la aplicación para todos. Nunca usaremos esto para las características de paywall. Esto está separado de cualquier Edición Comercial.", + "supportKeyPet": "También podrás adoptar y conocer a tu propio Pangolin mascota.", + "supportKeyPurchase": "Los pagos se procesan a través de GitHub. Después, puede recuperar su clave en", + "supportKeyPurchaseLink": "nuestro sitio web", + "supportKeyPurchase2": "y canjéelo aquí.", + "supportKeyLearnMore": "Más información.", + "supportKeyOptions": "Por favor, seleccione la opción que más le convenga.", + "supportKetOptionFull": "Asistente completo", + "forWholeServer": "Para todo el servidor", + "lifetimePurchase": "Compra de por vida", + "supporterStatus": "Estado del soporte", + "buy": "Comprar", + "supportKeyOptionLimited": "Apoyador limitado", + "forFiveUsers": "Para 5 o menos usuarios", + "supportKeyRedeem": "Canjear Clave de Apoyo", + "supportKeyHideSevenDays": "Ocultar durante 7 días", + "supportKeyEnter": "Introduzca Clave de Soporter", + "supportKeyEnterDescription": "Conoce a tu propia mascota Pangolin!", + "githubUsername": "Nombre de usuario de GitHub", + "supportKeyInput": "Clave de apoyo", + "supportKeyBuy": "Comprar Clave de Apoyo", + "logoutError": "Error al cerrar sesión", + "signingAs": "Conectado como", + "serverAdmin": "Admin Servidor", + "managedSelfhosted": "Autogestionado", + "otpEnable": "Activar doble factor", + "otpDisable": "Desactivar doble factor", + "logout": "Cerrar sesión", + "licenseTierProfessionalRequired": "Edición Profesional requerida", + "licenseTierProfessionalRequiredDescription": "Esta característica sólo está disponible en la Edición Profesional.", + "actionGetOrg": "Obtener organización", + "actionUpdateOrg": "Actualizar organización", + "actionUpdateUser": "Actualizar usuario", + "actionGetUser": "Obtener usuario", + "actionGetOrgUser": "Obtener usuario de la organización", + "actionListOrgDomains": "Listar dominios de la organización", + "actionCreateSite": "Crear sitio", + "actionDeleteSite": "Eliminar sitio", + "actionGetSite": "Obtener sitio", + "actionListSites": "Listar sitios", + "setupToken": "Configuración de token", + "setupTokenDescription": "Ingrese el token de configuración desde la consola del servidor.", + "setupTokenRequired": "Se requiere el token de configuración", + "actionUpdateSite": "Actualizar sitio", + "actionListSiteRoles": "Lista de roles permitidos del sitio", + "actionCreateResource": "Crear Recurso", + "actionDeleteResource": "Eliminar Recurso", + "actionGetResource": "Obtener recursos", + "actionListResource": "Listar recursos", + "actionUpdateResource": "Actualizar Recurso", + "actionListResourceUsers": "Listar usuarios de recursos", + "actionSetResourceUsers": "Establecer usuarios de recursos", + "actionSetAllowedResourceRoles": "Establecer roles de recursos permitidos", + "actionListAllowedResourceRoles": "Lista de roles de recursos permitidos", + "actionSetResourcePassword": "Establecer contraseña de recurso", + "actionSetResourcePincode": "Establecer Pincode del recurso", + "actionSetResourceEmailWhitelist": "Establecer lista blanca de correo de recursos", + "actionGetResourceEmailWhitelist": "Obtener correo electrónico de recursos", + "actionCreateTarget": "Crear destino", + "actionDeleteTarget": "Eliminar destino", + "actionGetTarget": "Obtener objetivo", + "actionListTargets": "Lista de objetivos", + "actionUpdateTarget": "Actualizar destino", + "actionCreateRole": "Crear rol", + "actionDeleteRole": "Eliminar rol", + "actionGetRole": "Obtener rol", + "actionListRole": "Lista de roles", + "actionUpdateRole": "Actualizar rol", + "actionListAllowedRoleResources": "Lista de recursos de rol permitidos", + "actionInviteUser": "Invitar usuario", + "actionRemoveUser": "Eliminar usuario", + "actionListUsers": "Listar usuarios", + "actionAddUserRole": "Añadir rol de usuario", + "actionGenerateAccessToken": "Generar token de acceso", + "actionDeleteAccessToken": "Eliminar token de acceso", + "actionListAccessTokens": "Lista de Tokens de Acceso", + "actionCreateResourceRule": "Crear Regla de Recursos", + "actionDeleteResourceRule": "Eliminar Regla de Recurso", + "actionListResourceRules": "Lista de Reglas de Recursos", + "actionUpdateResourceRule": "Actualizar regla de recursos", + "actionListOrgs": "Listar organizaciones", + "actionCheckOrgId": "Comprobar ID", + "actionCreateOrg": "Crear organización", + "actionDeleteOrg": "Eliminar organización", + "actionListApiKeys": "Lista de claves API", + "actionListApiKeyActions": "Listar acciones clave API", + "actionSetApiKeyActions": "Establecer acciones de clave API permitidas", + "actionCreateApiKey": "Crear Clave API", + "actionDeleteApiKey": "Borrar Clave API", + "actionCreateIdp": "Crear IDP", + "actionUpdateIdp": "Actualizar IDP", + "actionDeleteIdp": "Eliminar IDP", + "actionListIdps": "Listar IDP", + "actionGetIdp": "Obtener IDP", + "actionCreateIdpOrg": "Crear política de IDP Org", + "actionDeleteIdpOrg": "Eliminar política de IDP Org", + "actionListIdpOrgs": "Listar Orgs IDP", + "actionUpdateIdpOrg": "Actualizar IDP Org", + "actionCreateClient": "Crear cliente", + "actionDeleteClient": "Eliminar cliente", + "actionUpdateClient": "Actualizar cliente", + "actionListClients": "Listar clientes", + "actionGetClient": "Obtener cliente", + "actionCreateSiteResource": "Crear Recurso del Sitio", + "actionDeleteSiteResource": "Eliminar recurso del sitio", + "actionGetSiteResource": "Obtener recurso del sitio", + "actionListSiteResources": "Listar recursos del sitio", + "actionUpdateSiteResource": "Actualizar recurso del sitio", + "actionListInvitations": "Listar invitaciones", + "noneSelected": "Ninguno seleccionado", + "orgNotFound2": "No se encontraron organizaciones.", + "searchProgress": "Buscar...", + "create": "Crear", + "orgs": "Organizaciones", + "loginError": "Se ha producido un error al iniciar sesión", + "passwordForgot": "¿Olvidaste tu contraseña?", + "otpAuth": "Autenticación de dos factores", + "otpAuthDescription": "Introduzca el código de su aplicación de autenticación o uno de sus códigos de copia de seguridad de un solo uso.", + "otpAuthSubmit": "Enviar código", + "idpContinue": "O continuar con", + "otpAuthBack": "Volver a iniciar sesión", + "navbar": "Menú de navegación", + "navbarDescription": "Menú de navegación principal para la aplicación", + "navbarDocsLink": "Documentación", + "commercialEdition": "Edición Comercial", + "otpErrorEnable": "No se puede habilitar 2FA", + "otpErrorEnableDescription": "Se ha producido un error al habilitar 2FA", + "otpSetupCheckCode": "Por favor, introduzca un código de 6 dígitos", + "otpSetupCheckCodeRetry": "Código no válido. Vuelve a intentarlo.", + "otpSetup": "Habilitar autenticación de doble factor", + "otpSetupDescription": "Asegure su cuenta con una capa extra de protección", + "otpSetupScanQr": "Escanea este código QR con tu aplicación de autenticación o introduce la clave secreta manualmente:", + "otpSetupSecretCode": "Código de autenticación", + "otpSetupSuccess": "Autenticación de dos factores habilitada", + "otpSetupSuccessStoreBackupCodes": "Tu cuenta ahora es más segura. No olvides guardar tus códigos de respaldo.", + "otpErrorDisable": "No se puede desactivar 2FA", + "otpErrorDisableDescription": "Se ha producido un error al desactivar 2FA", + "otpRemove": "Desactivar autenticación de doble factor", + "otpRemoveDescription": "Desactivar autenticación de doble factor para su cuenta", + "otpRemoveSuccess": "Autenticación de dos factores desactivada", + "otpRemoveSuccessMessage": "La autenticación de doble factor ha sido deshabilitada para su cuenta. Puede activarla de nuevo en cualquier momento.", + "otpRemoveSubmit": "Desactivar 2FA", + "paginator": "Página {current} de {last}", + "paginatorToFirst": "Ir a la primera página", + "paginatorToPrevious": "Ir a la página anterior", + "paginatorToNext": "Ir a la página siguiente", + "paginatorToLast": "Ir a la última página", + "copyText": "Copiar texto", + "copyTextFailed": "Error al copiar texto: ", + "copyTextClipboard": "Copiar al portapapeles", + "inviteErrorInvalidConfirmation": "Confirmación no válida", + "passwordRequired": "Se requiere contraseña", + "allowAll": "Permitir todo", + "permissionsAllowAll": "Permitir todos los permisos", + "githubUsernameRequired": "Se requiere el nombre de usuario de GitHub", + "supportKeyRequired": "Clave de apoyo es requerida", + "passwordRequirementsChars": "La contraseña debe tener al menos 8 caracteres", + "language": "Idioma", + "verificationCodeRequired": "El código es requerido", + "userErrorNoUpdate": "Ningún usuario para actualizar", + "siteErrorNoUpdate": "No hay sitio para actualizar", + "resourceErrorNoUpdate": "Ningún recurso para actualizar", + "authErrorNoUpdate": "No hay información de autenticación para actualizar", + "orgErrorNoUpdate": "No hay org para actualizar", + "orgErrorNoProvided": "No hay org proporcionado", + "apiKeysErrorNoUpdate": "Ninguna clave API para actualizar", + "sidebarOverview": "Resumen", + "sidebarHome": "Inicio", + "sidebarSites": "Sitios", + "sidebarResources": "Recursos", + "sidebarAccessControl": "Control de acceso", + "sidebarUsers": "Usuarios", + "sidebarInvitations": "Invitaciones", + "sidebarRoles": "Roles", + "sidebarShareableLinks": "Enlaces compartibles", + "sidebarApiKeys": "Claves API", + "sidebarSettings": "Ajustes", + "sidebarAllUsers": "Todos los usuarios", + "sidebarIdentityProviders": "Proveedores de identidad", + "sidebarLicense": "Licencia", + "sidebarClients": "Clientes (Beta)", + "sidebarDomains": "Dominios", + "enableDockerSocket": "Habilitar conector Docker", + "enableDockerSocketDescription": "Habilitar el descubrimiento de Docker Socket para completar la información del contenedor. La ruta del socket debe proporcionarse a Newt.", + "enableDockerSocketLink": "Saber más", + "viewDockerContainers": "Ver contenedores Docker", + "containersIn": "Contenedores en {siteName}", + "selectContainerDescription": "Seleccione cualquier contenedor para usar como nombre de host para este objetivo. Haga clic en un puerto para usar un puerto.", + "containerName": "Nombre", + "containerImage": "Imagen", + "containerState": "Estado", + "containerNetworks": "Redes", + "containerHostnameIp": "Nombre del host/IP", + "containerLabels": "Etiquetas", + "containerLabelsCount": "{count, plural, one {# etiqueta} other {# etiquetas}}", + "containerLabelsTitle": "Etiquetas de contenedor", + "containerLabelEmpty": "", + "containerPorts": "Puertos", + "containerPortsMore": "+{count} más", + "containerActions": "Acciones", + "select": "Seleccionar", + "noContainersMatchingFilters": "No se encontraron contenedores que coincidan con los filtros actuales.", + "showContainersWithoutPorts": "Mostrar contenedores sin puertos", + "showStoppedContainers": "Mostrar contenedores parados", + "noContainersFound": "No se han encontrado contenedores. Asegúrate de que los contenedores Docker se estén ejecutando.", + "searchContainersPlaceholder": "Buscar a través de contenedores {count}...", + "searchResultsCount": "{count, plural, one {# resultado} other {# resultados}}", + "filters": "Filtros", + "filterOptions": "Opciones de filtro", + "filterPorts": "Puertos", + "filterStopped": "Detenido", + "clearAllFilters": "Borrar todos los filtros", + "columns": "Columnas", + "toggleColumns": "Cambiar Columnas", + "refreshContainersList": "Actualizar lista de contenedores", + "searching": "Buscando...", + "noContainersFoundMatching": "No se han encontrado contenedores que coincidan con \"{filter}\".", + "light": "claro", + "dark": "oscuro", + "system": "sistema", + "theme": "Tema", + "subnetRequired": "Se requiere subred", + "initialSetupTitle": "Configuración inicial del servidor", + "initialSetupDescription": "Cree la cuenta de administrador del servidor inicial. Solo puede existir un administrador del servidor. Siempre puede cambiar estas credenciales más tarde.", + "createAdminAccount": "Crear cuenta de administrador", + "setupErrorCreateAdmin": "Se produjo un error al crear la cuenta de administrador del servidor.", + "certificateStatus": "Estado del certificado", + "loading": "Cargando", + "restart": "Reiniciar", + "domains": "Dominios", + "domainsDescription": "Administrar dominios de tu organización", + "domainsSearch": "Buscar dominios...", + "domainAdd": "Agregar dominio", + "domainAddDescription": "Registrar un nuevo dominio con tu organización", + "domainCreate": "Crear dominio", + "domainCreatedDescription": "Dominio creado con éxito", + "domainDeletedDescription": "Dominio eliminado exitosamente", + "domainQuestionRemove": "¿Está seguro de que desea eliminar el dominio {domain} de su cuenta?", + "domainMessageRemove": "Una vez eliminado, el dominio ya no estará asociado con su cuenta.", + "domainMessageConfirm": "Para confirmar, por favor escriba el nombre del dominio abajo.", + "domainConfirmDelete": "Confirmar eliminación del dominio", + "domainDelete": "Eliminar dominio", + "domain": "Dominio", + "selectDomainTypeNsName": "Delegación de dominio (NS)", + "selectDomainTypeNsDescription": "Este dominio y todos sus subdominios. Usa esto cuando quieras controlar una zona de dominio completa.", + "selectDomainTypeCnameName": "Dominio único (CNAME)", + "selectDomainTypeCnameDescription": "Solo este dominio específico. Úsalo para subdominios individuales o entradas específicas de dominio.", + "selectDomainTypeWildcardName": "Dominio comodín", + "selectDomainTypeWildcardDescription": "Este dominio y sus subdominios.", + "domainDelegation": "Dominio único", + "selectType": "Selecciona un tipo", + "actions": "Acciones", + "refresh": "Actualizar", + "refreshError": "Error al actualizar datos", + "verified": "Verificado", + "pending": "Pendiente", + "sidebarBilling": "Facturación", + "billing": "Facturación", + "orgBillingDescription": "Gestiona tu información de facturación y suscripciones", + "github": "GitHub", + "pangolinHosted": "Pangolin Hosted", + "fossorial": "Fossorial", + "completeAccountSetup": "Completar configuración de cuenta", + "completeAccountSetupDescription": "Establece tu contraseña para comenzar", + "accountSetupSent": "Enviaremos un código de configuración de cuenta a esta dirección de correo electrónico.", + "accountSetupCode": "Código de configuración", + "accountSetupCodeDescription": "Revisa tu correo para el código de configuración.", + "passwordCreate": "Crear contraseña", + "passwordCreateConfirm": "Confirmar contraseña", + "accountSetupSubmit": "Enviar código de configuración", + "completeSetup": "Completar configuración", + "accountSetupSuccess": "¡Configuración de cuenta completada! ¡Bienvenido a Pangolin!", + "documentation": "Documentación", + "saveAllSettings": "Guardar todos los ajustes", + "settingsUpdated": "Ajustes actualizados", + "settingsUpdatedDescription": "Todos los ajustes han sido actualizados exitosamente", + "settingsErrorUpdate": "Error al actualizar ajustes", + "settingsErrorUpdateDescription": "Ocurrió un error al actualizar ajustes", + "sidebarCollapse": "Colapsar", + "sidebarExpand": "Expandir", + "newtUpdateAvailable": "Nueva actualización disponible", + "newtUpdateAvailableInfo": "Hay una nueva versión de Newt disponible. Actualice a la última versión para la mejor experiencia.", + "domainPickerEnterDomain": "Dominio", + "domainPickerPlaceholder": "myapp.example.com, api.v1.miDominio.com, o solo myapp", + "domainPickerDescription": "Ingresa el dominio completo del recurso para ver las opciones disponibles.", + "domainPickerDescriptionSaas": "Ingresa un dominio completo, subdominio o simplemente un nombre para ver las opciones disponibles", + "domainPickerTabAll": "Todo", + "domainPickerTabOrganization": "Organización", + "domainPickerTabProvided": "Proporcionado", + "domainPickerSortAsc": "A-Z", + "domainPickerSortDesc": "Z-A", + "domainPickerCheckingAvailability": "Comprobando disponibilidad...", + "domainPickerNoMatchingDomains": "No se encontraron dominios que coincidan. Intente con un dominio diferente o verifique la configuración de dominios de su organización.", + "domainPickerOrganizationDomains": "Dominios de la organización", + "domainPickerProvidedDomains": "Dominios proporcionados", + "domainPickerSubdomain": "Subdominio: {subdomain}", + "domainPickerNamespace": "Espacio de nombres: {namespace}", + "domainPickerShowMore": "Mostrar más", + "domainNotFound": "Dominio no encontrado", + "domainNotFoundDescription": "Este recurso está deshabilitado porque el dominio ya no existe en nuestro sistema. Por favor, establece un nuevo dominio para este recurso.", + "failed": "Fallido", + "createNewOrgDescription": "Crear una nueva organización", + "organization": "Organización", + "port": "Puerto", + "securityKeyManage": "Gestionar llaves de seguridad", + "securityKeyDescription": "Agregar o eliminar llaves de seguridad para autenticación sin contraseña", + "securityKeyRegister": "Registrar nueva llave de seguridad", + "securityKeyList": "Tus llaves de seguridad", + "securityKeyNone": "No hay llaves de seguridad registradas", + "securityKeyNameRequired": "El nombre es requerido", + "securityKeyRemove": "Eliminar", + "securityKeyLastUsed": "Último uso: {date}", + "securityKeyNameLabel": "Nombre", + "securityKeyRegisterSuccess": "Llave de seguridad registrada exitosamente", + "securityKeyRegisterError": "Error al registrar la llave de seguridad", + "securityKeyRemoveSuccess": "Llave de seguridad eliminada exitosamente", + "securityKeyRemoveError": "Error al eliminar la llave de seguridad", + "securityKeyLoadError": "Error al cargar las llaves de seguridad", + "securityKeyLogin": "Continuar con clave de seguridad", + "securityKeyAuthError": "Error al autenticar con llave de seguridad", + "securityKeyRecommendation": "Considere registrar otra llave de seguridad en un dispositivo diferente para asegurarse de no quedar bloqueado de su cuenta.", + "registering": "Registrando...", + "securityKeyPrompt": "Por favor, verifica tu identidad usando tu llave de seguridad. Asegúrate de que tu llave de seguridad esté conectada y lista.", + "securityKeyBrowserNotSupported": "Tu navegador no admite llaves de seguridad. Por favor, usa un navegador moderno como Chrome, Firefox o Safari.", + "securityKeyPermissionDenied": "Por favor, permite el acceso a tu llave de seguridad para continuar iniciando sesión.", + "securityKeyRemovedTooQuickly": "Por favor, mantén tu llave de seguridad conectada hasta que el proceso de inicio de sesión se complete.", + "securityKeyNotSupported": "Tu llave de seguridad puede no ser compatible. Por favor, prueba con una llave de seguridad diferente.", + "securityKeyUnknownError": "Hubo un problema al usar tu llave de seguridad. Por favor, inténtalo de nuevo.", + "twoFactorRequired": "Se requiere autenticación de dos factores para registrar una llave de seguridad.", + "twoFactor": "Autenticación de dos factores", + "adminEnabled2FaOnYourAccount": "Su administrador ha habilitado la autenticación de dos factores para {email}. Por favor, complete el proceso de configuración para continuar.", + "continueToApplication": "Continuar a la aplicación", + "securityKeyAdd": "Agregar llave de seguridad", + "securityKeyRegisterTitle": "Registrar nueva llave de seguridad", + "securityKeyRegisterDescription": "Conecta tu llave de seguridad y escribe un nombre para identificarla", + "securityKeyTwoFactorRequired": "Se requiere autenticación de dos factores", + "securityKeyTwoFactorDescription": "Por favor, ingresa tu código de autenticación de dos factores para registrar la llave de seguridad", + "securityKeyTwoFactorRemoveDescription": "Por favor, ingresa tu código de autenticación de dos factores para eliminar la llave de seguridad", + "securityKeyTwoFactorCode": "Código de autenticación de dos factores", + "securityKeyRemoveTitle": "Eliminar llave de seguridad", + "securityKeyRemoveDescription": "Ingresa tu contraseña para eliminar la llave de seguridad \"{name}\"", + "securityKeyNoKeysRegistered": "No hay llaves de seguridad registradas", + "securityKeyNoKeysDescription": "Agrega una llave de seguridad para mejorar la seguridad de tu cuenta", + "createDomainRequired": "Se requiere dominio", + "createDomainAddDnsRecords": "Agregar registros DNS", + "createDomainAddDnsRecordsDescription": "Agrega los siguientes registros DNS a tu proveedor de dominios para completar la configuración.", + "createDomainNsRecords": "Registros NS", + "createDomainRecord": "Registro", + "createDomainType": "Tipo:", + "createDomainName": "Nombre:", + "createDomainValue": "Valor:", + "createDomainCnameRecords": "Registros CNAME", + "createDomainARecords": "Registros A", + "createDomainRecordNumber": "Registro {number}", + "createDomainTxtRecords": "Registros TXT", + "createDomainSaveTheseRecords": "Guardar estos registros", + "createDomainSaveTheseRecordsDescription": "Asegúrate de guardar estos registros DNS ya que no los verás de nuevo.", + "createDomainDnsPropagation": "Propagación DNS", + "createDomainDnsPropagationDescription": "Los cambios de DNS pueden tardar un tiempo en propagarse a través de internet. Esto puede tardar desde unos pocos minutos hasta 48 horas, dependiendo de tu proveedor de DNS y la configuración de TTL.", + "resourcePortRequired": "Se requiere número de puerto para recursos no HTTP", + "resourcePortNotAllowed": "El número de puerto no debe establecerse para recursos HTTP", + "signUpTerms": { + "IAgreeToThe": "Estoy de acuerdo con los", + "termsOfService": "términos del servicio", + "and": "y", + "privacyPolicy": "política de privacidad" + }, + "siteRequired": "El sitio es requerido.", + "olmTunnel": "Túnel Olm", + "olmTunnelDescription": "Usar Olm para la conectividad del cliente", + "errorCreatingClient": "Error al crear el cliente", + "clientDefaultsNotFound": "Configuración predeterminada del cliente no encontrada", + "createClient": "Crear cliente", + "createClientDescription": "Crear un cliente nuevo para conectar a sus sitios", + "seeAllClients": "Ver todos los clientes", + "clientInformation": "Información del cliente", + "clientNamePlaceholder": "Nombre del cliente", + "address": "Dirección", + "subnetPlaceholder": "Subred", + "addressDescription": "La dirección que este cliente utilizará para la conectividad", + "selectSites": "Seleccionar sitios", + "sitesDescription": "El cliente tendrá conectividad con los sitios seleccionados", + "clientInstallOlm": "Instalar Olm", + "clientInstallOlmDescription": "Obtén Olm funcionando en tu sistema", + "clientOlmCredentials": "Credenciales Olm", + "clientOlmCredentialsDescription": "Así es como Olm se autentificará con el servidor", + "olmEndpoint": "Punto final Olm", + "olmId": "ID de Olm", + "olmSecretKey": "Clave secreta de Olm", + "clientCredentialsSave": "Guarda tus credenciales", + "clientCredentialsSaveDescription": "Sólo podrás verlo una vez. Asegúrate de copiarlo a un lugar seguro.", + "generalSettingsDescription": "Configura la configuración general para este cliente", + "clientUpdated": "Cliente actualizado", + "clientUpdatedDescription": "El cliente ha sido actualizado.", + "clientUpdateFailed": "Error al actualizar el cliente", + "clientUpdateError": "Se ha producido un error al actualizar el cliente.", + "sitesFetchFailed": "Error al obtener los sitios", + "sitesFetchError": "Se ha producido un error al recuperar los sitios.", + "olmErrorFetchReleases": "Se ha producido un error al recuperar las versiones de Olm.", + "olmErrorFetchLatest": "Se ha producido un error al recuperar la última versión de Olm.", + "remoteSubnets": "Subredes remotas", + "enterCidrRange": "Ingresa el rango CIDR", + "remoteSubnetsDescription": "Agregue rangos CIDR que se puedan acceder desde este sitio de forma remota usando clientes. Utilice el formato como 10.0.0.0/24. Esto SOLO se aplica a la conectividad del cliente VPN.", + "resourceEnableProxy": "Habilitar proxy público", + "resourceEnableProxyDescription": "Habilite el proxy público para este recurso. Esto permite el acceso al recurso desde fuera de la red a través de la nube en un puerto abierto. Requiere configuración de Traefik.", + "externalProxyEnabled": "Proxy externo habilitado", + "addNewTarget": "Agregar nuevo destino", + "targetsList": "Lista de destinos", + "targetErrorDuplicateTargetFound": "Se encontró un destino duplicado", + "httpMethod": "Método HTTP", + "selectHttpMethod": "Seleccionar método HTTP", + "domainPickerSubdomainLabel": "Subdominio", + "domainPickerBaseDomainLabel": "Dominio base", + "domainPickerSearchDomains": "Buscar dominios...", + "domainPickerNoDomainsFound": "No se encontraron dominios", + "domainPickerLoadingDomains": "Cargando dominios...", + "domainPickerSelectBaseDomain": "Seleccionar dominio base...", + "domainPickerNotAvailableForCname": "No disponible para dominios CNAME", + "domainPickerEnterSubdomainOrLeaveBlank": "Ingrese subdominio o deje en blanco para usar dominio base.", + "domainPickerEnterSubdomainToSearch": "Ingrese un subdominio para buscar y seleccionar entre dominios gratuitos disponibles.", + "domainPickerFreeDomains": "Dominios gratuitos", + "domainPickerSearchForAvailableDomains": "Buscar dominios disponibles", + "resourceDomain": "Dominio", + "resourceEditDomain": "Editar dominio", + "siteName": "Nombre del sitio", + "proxyPort": "Puerto", + "resourcesTableProxyResources": "Recursos de proxy", + "resourcesTableClientResources": "Recursos del cliente", + "resourcesTableNoProxyResourcesFound": "No se encontraron recursos de proxy.", + "resourcesTableNoInternalResourcesFound": "No se encontraron recursos internos.", + "resourcesTableDestination": "Destino", + "resourcesTableTheseResourcesForUseWith": "Estos recursos son para uso con", + "resourcesTableClients": "Clientes", + "resourcesTableAndOnlyAccessibleInternally": "y solo son accesibles internamente cuando se conectan con un cliente.", + "editInternalResourceDialogEditClientResource": "Editar recurso del cliente", + "editInternalResourceDialogUpdateResourceProperties": "Actualizar las propiedades del recurso y la configuración del objetivo para {resourceName}.", + "editInternalResourceDialogResourceProperties": "Propiedades del recurso", + "editInternalResourceDialogName": "Nombre", + "editInternalResourceDialogProtocol": "Protocolo", + "editInternalResourceDialogSitePort": "Puerto del sitio", + "editInternalResourceDialogTargetConfiguration": "Configuración de objetivos", + "editInternalResourceDialogDestinationIP": "IP de destino", + "editInternalResourceDialogDestinationPort": "Puerto de destino", + "editInternalResourceDialogCancel": "Cancelar", + "editInternalResourceDialogSaveResource": "Guardar recurso", + "editInternalResourceDialogSuccess": "Éxito", + "editInternalResourceDialogInternalResourceUpdatedSuccessfully": "Recurso interno actualizado con éxito", + "editInternalResourceDialogError": "Error", + "editInternalResourceDialogFailedToUpdateInternalResource": "Error al actualizar el recurso interno", + "editInternalResourceDialogNameRequired": "El nombre es requerido", + "editInternalResourceDialogNameMaxLength": "El nombre no debe tener más de 255 caracteres", + "editInternalResourceDialogProxyPortMin": "El puerto del proxy debe ser al menos 1", + "editInternalResourceDialogProxyPortMax": "El puerto del proxy debe ser menor de 65536", + "editInternalResourceDialogInvalidIPAddressFormat": "Formato de dirección IP inválido", + "editInternalResourceDialogDestinationPortMin": "El puerto de destino debe ser al menos 1", + "editInternalResourceDialogDestinationPortMax": "El puerto de destino debe ser menor de 65536", + "createInternalResourceDialogNoSitesAvailable": "No hay sitios disponibles", + "createInternalResourceDialogNoSitesAvailableDescription": "Necesita tener al menos un sitio de Newt con una subred configurada para crear recursos internos.", + "createInternalResourceDialogClose": "Cerrar", + "createInternalResourceDialogCreateClientResource": "Crear recurso del cliente", + "createInternalResourceDialogCreateClientResourceDescription": "Crear un nuevo recurso que será accesible para los clientes conectados al sitio seleccionado.", + "createInternalResourceDialogResourceProperties": "Propiedades del recurso", + "createInternalResourceDialogName": "Nombre", + "createInternalResourceDialogSite": "Sitio", + "createInternalResourceDialogSelectSite": "Seleccionar sitio...", + "createInternalResourceDialogSearchSites": "Buscar sitios...", + "createInternalResourceDialogNoSitesFound": "Sitios no encontrados.", + "createInternalResourceDialogProtocol": "Protocolo", + "createInternalResourceDialogTcp": "TCP", + "createInternalResourceDialogUdp": "UDP", + "createInternalResourceDialogSitePort": "Puerto del sitio", + "createInternalResourceDialogSitePortDescription": "Use este puerto para acceder al recurso en el sitio cuando se conecta con un cliente.", + "createInternalResourceDialogTargetConfiguration": "Configuración de objetivos", + "createInternalResourceDialogDestinationIP": "IP de destino", + "createInternalResourceDialogDestinationIPDescription": "La dirección IP del recurso en la red del sitio.", + "createInternalResourceDialogDestinationPort": "Puerto de destino", + "createInternalResourceDialogDestinationPortDescription": "El puerto en la IP de destino donde el recurso es accesible.", + "createInternalResourceDialogCancel": "Cancelar", + "createInternalResourceDialogCreateResource": "Crear recurso", + "createInternalResourceDialogSuccess": "Éxito", + "createInternalResourceDialogInternalResourceCreatedSuccessfully": "Recurso interno creado con éxito", + "createInternalResourceDialogError": "Error", + "createInternalResourceDialogFailedToCreateInternalResource": "Error al crear recurso interno", + "createInternalResourceDialogNameRequired": "El nombre es requerido", + "createInternalResourceDialogNameMaxLength": "El nombre debe ser menor de 255 caracteres", + "createInternalResourceDialogPleaseSelectSite": "Por favor seleccione un sitio", + "createInternalResourceDialogProxyPortMin": "El puerto del proxy debe ser al menos 1", + "createInternalResourceDialogProxyPortMax": "El puerto del proxy debe ser menor de 65536", + "createInternalResourceDialogInvalidIPAddressFormat": "Formato de dirección IP inválido", + "createInternalResourceDialogDestinationPortMin": "El puerto de destino debe ser al menos 1", + "createInternalResourceDialogDestinationPortMax": "El puerto de destino debe ser menor de 65536", + "siteConfiguration": "Configuración", + "siteAcceptClientConnections": "Aceptar conexiones de clientes", + "siteAcceptClientConnectionsDescription": "Permitir que otros dispositivos se conecten a través de esta instancia Newt como una puerta de enlace utilizando clientes.", + "siteAddress": "Dirección del sitio", + "siteAddressDescription": "Especifique la dirección IP del host que los clientes deben usar para conectarse. Esta es la dirección interna del sitio en la red de Pangolín para que los clientes dirijan. Debe estar dentro de la subred de la organización.", + "autoLoginExternalIdp": "Inicio de sesión automático con IDP externo", + "autoLoginExternalIdpDescription": "Redirigir inmediatamente al usuario al IDP externo para autenticación.", + "selectIdp": "Seleccionar IDP", + "selectIdpPlaceholder": "Elegir un IDP...", + "selectIdpRequired": "Por favor seleccione un IDP cuando el inicio de sesión automático esté habilitado.", + "autoLoginTitle": "Redirigiendo", + "autoLoginDescription": "Te estamos redirigiendo al proveedor de identidad externo para autenticación.", + "autoLoginProcessing": "Preparando autenticación...", + "autoLoginRedirecting": "Redirigiendo al inicio de sesión...", + "autoLoginError": "Error de inicio de sesión automático", + "autoLoginErrorNoRedirectUrl": "No se recibió URL de redirección del proveedor de identidad.", + "autoLoginErrorGeneratingUrl": "Error al generar URL de autenticación.", + "managedSelfHosted": { + "title": "Autogestionado", + "description": "Servidor Pangolin autoalojado más fiable y de bajo mantenimiento con campanas y silbidos extra", + "introTitle": "Pangolin autogestionado", + "introDescription": "es una opción de despliegue diseñada para personas que quieren simplicidad y fiabilidad extra mientras mantienen sus datos privados y autoalojados.", + "introDetail": "Con esta opción, todavía ejecuta su propio nodo Pangolin, sus túneles, terminación SSL y tráfico permanecen en su servidor. La diferencia es que la gestión y el control se gestionan a través de nuestro panel de control en la nube, que desbloquea una serie de ventajas:", + "benefitSimplerOperations": { + "title": "Operaciones simples", + "description": "No necesitas ejecutar tu propio servidor de correo o configurar alertas complejas. Recibirás cheques de salud y alertas de tiempo de inactividad." + }, + "benefitAutomaticUpdates": { + "title": "Actualizaciones automáticas", + "description": "El tablero de la nube evolucionará rápidamente, por lo que obtendrá nuevas características y correcciones de errores sin tener que extraer manualmente nuevos contenedores cada vez." + }, + "benefitLessMaintenance": { + "title": "Menos mantenimiento", + "description": "No hay migraciones de base de datos, copias de seguridad o infraestructura extra para administrar. Lo manejamos en la nube." + }, + "benefitCloudFailover": { + "title": "Fallo en la nube", + "description": "Si tu nodo cae, tus túneles pueden fallar temporalmente a nuestros puntos de presencia en la nube hasta que lo vuelvas a conectar." + }, + "benefitHighAvailability": { + "title": "Alta disponibilidad (PoPs)", + "description": "También puede adjuntar múltiples nodos a su cuenta para redundancia y mejor rendimiento." + }, + "benefitFutureEnhancements": { + "title": "Mejoras futuras", + "description": "Estamos planeando añadir más herramientas analíticas, alertas y de administración para hacer su despliegue aún más robusto." + }, + "docsAlert": { + "text": "Aprenda más acerca de la opción de autoalojamiento administrado en nuestra", + "documentation": "documentación" + }, + "convertButton": "Convierte este nodo a autoalojado administrado" + }, + "internationaldomaindetected": "Dominio Internacional detectado", + "willbestoredas": "Se almacenará como:" +} diff --git a/messages/fr-FR.json b/messages/fr-FR.json new file mode 100644 index 00000000..7f51a9c8 --- /dev/null +++ b/messages/fr-FR.json @@ -0,0 +1,1500 @@ +{ + "setupCreate": "Créez votre organisation, votre site et vos ressources", + "setupNewOrg": "Nouvelle organisation", + "setupCreateOrg": "Créer une organisation", + "setupCreateResources": "Créer des ressources", + "setupOrgName": "Nom de l'organisation", + "orgDisplayName": "Ceci est le nom d'affichage de votre organisation.", + "orgId": "ID de l'organisation", + "setupIdentifierMessage": "Ceci est l'identifiant unique pour votre organisation. Il est séparé du nom affiché.", + "setupErrorIdentifier": "L'ID de l'organisation est déjà pris. Veuillez en choisir un autre.", + "componentsErrorNoMemberCreate": "Vous n'êtes actuellement membre d'aucune organisation. Créez une organisation pour commencer.", + "componentsErrorNoMember": "Vous n'êtes actuellement membre d'aucune organisation.", + "welcome": "Bienvenue à Pangolin", + "welcomeTo": "Bienvenue chez", + "componentsCreateOrg": "Créer une organisation", + "componentsMember": "Vous êtes membre de {count, plural, =0 {aucune organisation} one {une organisation} other {# organisations}}.", + "componentsInvalidKey": "Clés de licence invalides ou expirées détectées. Suivez les conditions de licence pour continuer à utiliser toutes les fonctionnalités.", + "dismiss": "Refuser", + "componentsLicenseViolation": "Violation de licence : Ce serveur utilise des sites {usedSites} qui dépassent la limite autorisée des sites {maxSites} . Suivez les conditions de licence pour continuer à utiliser toutes les fonctionnalités.", + "componentsSupporterMessage": "Merci de soutenir Pangolin en tant que {tier}!", + "inviteErrorNotValid": "Nous sommes désolés, mais il semble que l'invitation que vous essayez d'accéder n'ait pas été acceptée ou n'est plus valide.", + "inviteErrorUser": "Nous sommes désolés, mais il semble que l'invitation que vous essayez d'accéder ne soit pas pour cet utilisateur.", + "inviteLoginUser": "Assurez-vous que vous êtes bien connecté en tant qu'utilisateur correct.", + "inviteErrorNoUser": "Nous sommes désolés, mais il semble que l'invitation que vous essayez d'accéder ne soit pas pour un utilisateur qui existe.", + "inviteCreateUser": "Veuillez d'abord créer un compte.", + "goHome": "Retour à la maison", + "inviteLogInOtherUser": "Se connecter en tant qu'utilisateur différent", + "createAnAccount": "Créer un compte", + "inviteNotAccepted": "Invitation non acceptée", + "authCreateAccount": "Créez un compte pour commencer", + "authNoAccount": "Vous n'avez pas de compte ?", + "email": "Courriel", + "password": "Mot de passe", + "confirmPassword": "Confirmer le mot de passe", + "createAccount": "Créer un compte", + "viewSettings": "Afficher les paramètres", + "delete": "Supprimez", + "name": "Nom", + "online": "En ligne", + "offline": "Hors ligne", + "site": "Site", + "dataIn": "Données dans", + "dataOut": "Données épuisées", + "connectionType": "Type de connexion", + "tunnelType": "Type de tunnel", + "local": "Locale", + "edit": "Editer", + "siteConfirmDelete": "Confirmer la suppression du site", + "siteDelete": "Supprimer le site", + "siteMessageRemove": "Une fois supprimé, le site ne sera plus accessible. Toutes les ressources et cibles associées au site seront également supprimées.", + "siteMessageConfirm": "Pour confirmer, veuillez saisir le nom du site ci-dessous.", + "siteQuestionRemove": "Êtes-vous sûr de vouloir supprimer le site {selectedSite} de l'organisation ?", + "siteManageSites": "Gérer les sites", + "siteDescription": "Autoriser la connectivité à votre réseau via des tunnels sécurisés", + "siteCreate": "Créer un site", + "siteCreateDescription2": "Suivez les étapes ci-dessous pour créer et connecter un nouveau site", + "siteCreateDescription": "Créez un nouveau site pour commencer à connecter vos ressources", + "close": "Fermer", + "siteErrorCreate": "Erreur lors de la création du site", + "siteErrorCreateKeyPair": "Paire de clés ou site par défaut introuvable", + "siteErrorCreateDefaults": "Les valeurs par défaut du site sont introuvables", + "method": "Méthode", + "siteMethodDescription": "C'est ainsi que vous exposerez les connexions.", + "siteLearnNewt": "Apprenez à installer Newt sur votre système", + "siteSeeConfigOnce": "Vous ne pourrez voir la configuration qu'une seule fois.", + "siteLoadWGConfig": "Chargement de la configuration WireGuard...", + "siteDocker": "Développer les détails du déploiement Docker", + "toggle": "Activer/désactiver", + "dockerCompose": "Composition Docker", + "dockerRun": "Exécution Docker", + "siteLearnLocal": "Les sites locaux ne tunnel, en savoir plus", + "siteConfirmCopy": "J'ai copié la configuration", + "searchSitesProgress": "Rechercher des sites...", + "siteAdd": "Ajouter un site", + "siteInstallNewt": "Installer Newt", + "siteInstallNewtDescription": "Faites fonctionner Newt sur votre système", + "WgConfiguration": "Configuration WireGuard", + "WgConfigurationDescription": "Utilisez la configuration suivante pour vous connecter à votre réseau", + "operatingSystem": "Système d'exploitation", + "commands": "Commandes", + "recommended": "Recommandé", + "siteNewtDescription": "Pour une meilleure expérience d'utilisateur, utilisez Newt. Il utilise WireGuard sous le capot et vous permet d'adresser vos ressources privées par leur adresse LAN sur votre réseau privé à partir du tableau de bord Pangolin.", + "siteRunsInDocker": "Exécute dans Docker", + "siteRunsInShell": "Exécute en shell sur macOS, Linux et Windows", + "siteErrorDelete": "Erreur lors de la suppression du site", + "siteErrorUpdate": "Impossible de mettre à jour le site", + "siteErrorUpdateDescription": "Une erreur s'est produite lors de la mise à jour du site.", + "siteUpdated": "Site mis à jour", + "siteUpdatedDescription": "Le site a été mis à jour.", + "siteGeneralDescription": "Configurer les paramètres généraux de ce site", + "siteSettingDescription": "Configurer les paramètres de votre site", + "siteSetting": "Réglages {siteName}", + "siteNewtTunnel": "Tunnel Newt (Recommandé)", + "siteNewtTunnelDescription": "La façon la plus simple de créer un point d'entrée dans votre réseau. Pas de configuration supplémentaire.", + "siteWg": "WireGuard basique", + "siteWgDescription": "Utilisez n'importe quel client WireGuard pour établir un tunnel. Configuration NAT manuelle requise.", + "siteWgDescriptionSaas": "Utilisez n'importe quel client WireGuard pour établir un tunnel. Configuration NAT manuelle requise. FONCTIONNE UNIQUEMENT SUR DES NŒUDS AUTONOMES", + "siteLocalDescription": "Ressources locales seulement. Pas de tunneling.", + "siteLocalDescriptionSaas": "Ressources locales uniquement. Pas de tunneling. FONCTIONNE UNIQUEMENT SUR DES NŒUDS AUTONOMES", + "siteSeeAll": "Voir tous les sites", + "siteTunnelDescription": "Déterminez comment vous voulez vous connecter à votre site", + "siteNewtCredentials": "Identifiants Newt", + "siteNewtCredentialsDescription": "C'est ainsi que Newt s'authentifiera avec le serveur", + "siteCredentialsSave": "Enregistrez vos identifiants", + "siteCredentialsSaveDescription": "Vous ne pourrez voir cela qu'une seule fois. Assurez-vous de le copier dans un endroit sécurisé.", + "siteInfo": "Informations sur le site", + "status": "Statut", + "shareTitle": "Gérer les liens de partage", + "shareDescription": "Créez des liens partageables pour accorder un accès temporaire ou permanent à vos ressources", + "shareSearch": "Rechercher des liens de partage...", + "shareCreate": "Créer un lien de partage", + "shareErrorDelete": "Impossible de supprimer le lien", + "shareErrorDeleteMessage": "Une erreur s'est produite lors de la suppression du lien", + "shareDeleted": "Lien supprimé", + "shareDeletedDescription": "Le lien a été supprimé", + "shareTokenDescription": "Votre jeton d'accès peut être passé de deux façons : en tant que paramètre de requête ou dans les en-têtes de la requête. Elles doivent être transmises par le client à chaque demande d'accès authentifié.", + "accessToken": "Jeton d'accès", + "usageExamples": "Exemples d'utilisation", + "tokenId": "ID du jeton", + "requestHeades": "En-têtes de la requête", + "queryParameter": "Paramètre de requête", + "importantNote": "Note importante", + "shareImportantDescription": "Pour des raisons de sécurité, l'utilisation des en-têtes est recommandée par rapport aux paramètres de la requête, dans la mesure du possible, car les paramètres de requête peuvent être enregistrés dans les journaux du serveur ou dans l'historique du navigateur.", + "token": "Jeton", + "shareTokenSecurety": "Gardez votre jeton d'accès sécurisé. Ne le partagez pas dans des zones accessibles au public ou dans du code côté client.", + "shareErrorFetchResource": "Impossible de récupérer les ressources", + "shareErrorFetchResourceDescription": "Une erreur est survenue lors de la récupération des ressources", + "shareErrorCreate": "Impossible de créer le lien de partage", + "shareErrorCreateDescription": "Une erreur s'est produite lors de la création du lien de partage", + "shareCreateDescription": "N'importe qui avec ce lien peut accéder à la ressource", + "shareTitleOptional": "Titre (facultatif)", + "expireIn": "Expire dans", + "neverExpire": "N'expire jamais", + "shareExpireDescription": "Le temps d'expiration est combien de temps le lien sera utilisable et fournira un accès à la ressource. Après cette période, le lien ne fonctionnera plus et les utilisateurs qui ont utilisé ce lien perdront l'accès à la ressource.", + "shareSeeOnce": "Vous ne pourrez voir ce lien. Assurez-vous de le copier.", + "shareAccessHint": "N'importe qui avec ce lien peut accéder à la ressource. Partagez-le avec soin.", + "shareTokenUsage": "Voir Utilisation du jeton d'accès", + "createLink": "Créer un lien", + "resourcesNotFound": "Aucune ressource trouvée", + "resourceSearch": "Rechercher des ressources", + "openMenu": "Ouvrir le menu", + "resource": "Ressource", + "title": "Titre de la page", + "created": "Créé", + "expires": "Expire", + "never": "Jamais", + "shareErrorSelectResource": "Veuillez sélectionner une ressource", + "resourceTitle": "Gérer les ressources", + "resourceDescription": "Créez des proxy sécurisés pour vos applications privées", + "resourcesSearch": "Rechercher des ressources...", + "resourceAdd": "Ajouter une ressource", + "resourceErrorDelte": "Erreur de suppression de la ressource", + "authentication": "Authentification", + "protected": "Protégé", + "notProtected": "Non Protégé", + "resourceMessageRemove": "Une fois supprimée, la ressource ne sera plus accessible. Toutes les cibles associées à la ressource seront également supprimées.", + "resourceMessageConfirm": "Pour confirmer, veuillez saisir le nom de la ressource ci-dessous.", + "resourceQuestionRemove": "Êtes-vous sûr de vouloir supprimer la ressource {selectedResource} de l'organisation ?", + "resourceHTTP": "Ressource HTTPS", + "resourceHTTPDescription": "Requêtes de proxy à votre application via HTTPS en utilisant un sous-domaine ou un domaine de base.", + "resourceRaw": "Ressource TCP/UDP brute", + "resourceRawDescription": "Demandes de proxy à votre application via TCP/UDP en utilisant un numéro de port.", + "resourceCreate": "Créer une ressource", + "resourceCreateDescription": "Suivez les étapes ci-dessous pour créer une nouvelle ressource", + "resourceSeeAll": "Voir toutes les ressources", + "resourceInfo": "Informations sur la ressource", + "resourceNameDescription": "Ceci est le nom d'affichage de la ressource.", + "siteSelect": "Sélectionner un site", + "siteSearch": "Chercher un site", + "siteNotFound": "Aucun site trouvé.", + "siteSelectionDescription": "Ce site fournira la connectivité à la cible.", + "resourceType": "Type de ressource", + "resourceTypeDescription": "Déterminer comment vous voulez accéder à votre ressource", + "resourceHTTPSSettings": "Paramètres HTTPS", + "resourceHTTPSSettingsDescription": "Configurer comment votre ressource sera accédée via HTTPS", + "domainType": "Type de domaine", + "subdomain": "Sous-domaine", + "baseDomain": "Domaine de base", + "subdomnainDescription": "Le sous-domaine où votre ressource sera accessible.", + "resourceRawSettings": "Paramètres TCP/UDP", + "resourceRawSettingsDescription": "Configurer comment votre ressource sera accédée via TCP/UDP", + "protocol": "Protocole", + "protocolSelect": "Sélectionner un protocole", + "resourcePortNumber": "Numéro de port", + "resourcePortNumberDescription": "Le numéro de port externe pour les requêtes de proxy.", + "cancel": "Abandonner", + "resourceConfig": "Snippets de configuration", + "resourceConfigDescription": "Copiez et collez ces modules de configuration pour configurer votre ressource TCP/UDP", + "resourceAddEntrypoints": "Traefik: Ajouter des points d'entrée", + "resourceExposePorts": "Gerbil: Exposer des ports dans Docker Compose", + "resourceLearnRaw": "Apprenez à configurer les ressources TCP/UDP", + "resourceBack": "Retour aux ressources", + "resourceGoTo": "Aller à la ressource", + "resourceDelete": "Supprimer la ressource", + "resourceDeleteConfirm": "Confirmer la suppression de la ressource", + "visibility": "Visibilité", + "enabled": "Activé", + "disabled": "Désactivé", + "general": "Généraux", + "generalSettings": "Paramètres généraux", + "proxy": "Proxy", + "internal": "Interne", + "rules": "Règles", + "resourceSettingDescription": "Configurer les paramètres de votre ressource", + "resourceSetting": "Réglages {resourceName}", + "alwaysAllow": "Toujours autoriser", + "alwaysDeny": "Toujours refuser", + "passToAuth": "Paser à l'authentification", + "orgSettingsDescription": "Configurer les paramètres généraux de votre organisation", + "orgGeneralSettings": "Paramètres de l'organisation", + "orgGeneralSettingsDescription": "Gérer les détails et la configuration de votre organisation", + "saveGeneralSettings": "Enregistrer les paramètres généraux", + "saveSettings": "Enregistrer les paramètres", + "orgDangerZone": "Zone de danger", + "orgDangerZoneDescription": "Une fois que vous supprimez cette organisation, il n'y a pas de retour en arrière. Soyez certain.", + "orgDelete": "Supprimer l'organisation", + "orgDeleteConfirm": "Confirmer la suppression de l'organisation", + "orgMessageRemove": "Cette action est irréversible et supprimera toutes les données associées.", + "orgMessageConfirm": "Pour confirmer, veuillez saisir le nom de l'organisation ci-dessous.", + "orgQuestionRemove": "Êtes-vous sûr de vouloir supprimer l'organisation {selectedOrg}?", + "orgUpdated": "Organisation mise à jour", + "orgUpdatedDescription": "L'organisation a été mise à jour.", + "orgErrorUpdate": "Échec de la mise à jour de l'organisation", + "orgErrorUpdateMessage": "Une erreur s'est produite lors de la mise à jour de l'organisation.", + "orgErrorFetch": "Impossible de récupérer les organisations", + "orgErrorFetchMessage": "Une erreur s'est produite lors de la liste de vos organisations", + "orgErrorDelete": "Échec de la suppression de l'organisation", + "orgErrorDeleteMessage": "Une erreur s'est produite lors de la suppression de l'organisation.", + "orgDeleted": "Organisation supprimée", + "orgDeletedMessage": "L'organisation et ses données ont été supprimées.", + "orgMissing": "ID d'organisation manquant", + "orgMissingMessage": "Impossible de régénérer l'invitation sans un ID d'organisation.", + "accessUsersManage": "Gérer les utilisateurs", + "accessUsersDescription": "Invitez des utilisateurs et ajoutez-les aux rôles pour gérer l'accès à votre organisation", + "accessUsersSearch": "Rechercher des utilisateurs...", + "accessUserCreate": "Créer un utilisateur", + "accessUserRemove": "Supprimer l'utilisateur", + "username": "Nom d'utilisateur", + "identityProvider": "Fournisseur d'identité", + "role": "Rôle", + "nameRequired": "Le nom est requis", + "accessRolesManage": "Gérer les rôles", + "accessRolesDescription": "Configurer les rôles pour gérer l'accès à votre organisation", + "accessRolesSearch": "Rechercher des rôles...", + "accessRolesAdd": "Ajouter un rôle", + "accessRoleDelete": "Supprimer le rôle", + "description": "Libellé", + "inviteTitle": "Invitations ouvertes", + "inviteDescription": "Gérer vos invitations à d'autres utilisateurs", + "inviteSearch": "Rechercher des invitations...", + "minutes": "Minutes", + "hours": "Heures", + "days": "Jours", + "weeks": "Semaines", + "months": "Mois", + "years": "Années", + "day": "{count, plural, one {# jour} other {# jours}}", + "apiKeysTitle": "Informations sur la clé API", + "apiKeysConfirmCopy2": "Vous devez confirmer que vous avez copié la clé API.", + "apiKeysErrorCreate": "Erreur lors de la création de la clé API", + "apiKeysErrorSetPermission": "Erreur lors de la définition des permissions", + "apiKeysCreate": "Générer une clé API", + "apiKeysCreateDescription": "Générer une nouvelle clé API pour votre organisation", + "apiKeysGeneralSettings": "Permissions", + "apiKeysGeneralSettingsDescription": "Déterminez ce que cette clé API peut faire", + "apiKeysList": "Votre clé API", + "apiKeysSave": "Enregistrer votre clé API", + "apiKeysSaveDescription": "Vous ne pourrez voir cela qu'une seule fois. Assurez-vous de la copier dans un endroit sécurisé.", + "apiKeysInfo": "Votre clé API est :", + "apiKeysConfirmCopy": "J'ai copié la clé API", + "generate": "Générer", + "done": "Terminé", + "apiKeysSeeAll": "Voir toutes les clés API", + "apiKeysPermissionsErrorLoadingActions": "Erreur lors du chargement des actions de la clé API", + "apiKeysPermissionsErrorUpdate": "Erreur lors de la définition des permissions", + "apiKeysPermissionsUpdated": "Permissions mises à jour", + "apiKeysPermissionsUpdatedDescription": "Les permissions ont été mises à jour.", + "apiKeysPermissionsGeneralSettings": "Permissions", + "apiKeysPermissionsGeneralSettingsDescription": "Déterminez ce que cette clé API peut faire", + "apiKeysPermissionsSave": "Enregistrer les permissions", + "apiKeysPermissionsTitle": "Permissions", + "apiKeys": "Clés API", + "searchApiKeys": "Rechercher des clés API...", + "apiKeysAdd": "Générer une clé API", + "apiKeysErrorDelete": "Erreur lors de la suppression de la clé API", + "apiKeysErrorDeleteMessage": "Erreur lors de la suppression de la clé API", + "apiKeysQuestionRemove": "Êtes-vous sûr de vouloir supprimer la clé API {selectedApiKey} de l'organisation ?", + "apiKeysMessageRemove": "Une fois supprimée, la clé API ne pourra plus être utilisée.", + "apiKeysMessageConfirm": "Pour confirmer, veuillez saisir le nom de la clé API ci-dessous.", + "apiKeysDeleteConfirm": "Confirmer la suppression de la clé API", + "apiKeysDelete": "Supprimer la clé API", + "apiKeysManage": "Gérer les clés API", + "apiKeysDescription": "Les clés API sont utilisées pour s'authentifier avec l'API d'intégration", + "apiKeysSettings": "Paramètres de {apiKeyName}", + "userTitle": "Gérer tous les utilisateurs", + "userDescription": "Voir et gérer tous les utilisateurs du système", + "userAbount": "À propos de la gestion des utilisateurs", + "userAbountDescription": "Cette table affiche tous les objets utilisateur root du système. Chaque utilisateur peut appartenir à plusieurs organisations. La suppression d'un utilisateur d'une organisation ne supprime pas son objet utilisateur root - il restera dans le système. Pour supprimer complètement un utilisateur du système, vous devez supprimer son objet utilisateur root en utilisant l'action de suppression dans cette table.", + "userServer": "Utilisateurs du serveur", + "userSearch": "Rechercher des utilisateurs du serveur...", + "userErrorDelete": "Erreur lors de la suppression de l'utilisateur", + "userDeleteConfirm": "Confirmer la suppression de l'utilisateur", + "userDeleteServer": "Supprimer l'utilisateur du serveur", + "userMessageRemove": "L'utilisateur sera retiré de toutes les organisations et sera complètement retiré du serveur.", + "userMessageConfirm": "Pour confirmer, veuillez saisir le nom de l'utilisateur ci-dessous.", + "userQuestionRemove": "Êtes-vous sûr de vouloir supprimer définitivement {selectedUser} du serveur?", + "licenseKey": "Clé de licence", + "valid": "Valide", + "numberOfSites": "Nombre de sites", + "licenseKeySearch": "Rechercher des clés de licence...", + "licenseKeyAdd": "Ajouter une clé de licence", + "type": "Type de texte", + "licenseKeyRequired": "La clé de licence est requise", + "licenseTermsAgree": "Vous devez accepter les conditions de licence", + "licenseErrorKeyLoad": "Impossible de charger les clés de licence", + "licenseErrorKeyLoadDescription": "Une erreur s'est produite lors du chargement des clés de licence.", + "licenseErrorKeyDelete": "Échec de la suppression de la clé de licence", + "licenseErrorKeyDeleteDescription": "Une erreur s'est produite lors de la suppression de la clé de licence.", + "licenseKeyDeleted": "Clé de licence supprimée", + "licenseKeyDeletedDescription": "La clé de licence a été supprimée.", + "licenseErrorKeyActivate": "Échec de l'activation de la clé de licence", + "licenseErrorKeyActivateDescription": "Une erreur s'est produite lors de l'activation de la clé de licence.", + "licenseAbout": "À propos de la licence", + "communityEdition": "Edition Communautaire", + "licenseAboutDescription": "Ceci est destiné aux entreprises qui utilisent Pangolin dans un environnement commercial. Si vous utilisez Pangolin pour un usage personnel, vous pouvez ignorer cette section.", + "licenseKeyActivated": "Clé de licence activée", + "licenseKeyActivatedDescription": "La clé de licence a été activée avec succès.", + "licenseErrorKeyRecheck": "Impossible de revérifier les clés de licence", + "licenseErrorKeyRecheckDescription": "Une erreur s'est produite lors de la revérification des clés de licence.", + "licenseErrorKeyRechecked": "Clés de licence revérifiées", + "licenseErrorKeyRecheckedDescription": "Toutes les clés de licence ont été revérifiées", + "licenseActivateKey": "Activer la clé de licence", + "licenseActivateKeyDescription": "Entrez une clé de licence pour l'activer.", + "licenseActivate": "Activer la licence", + "licenseAgreement": "En cochant cette case, vous confirmez avoir lu et accepté les conditions de licence correspondant au niveau associé à votre clé de licence.", + "fossorialLicense": "Voir les conditions de licence commerciale et d'abonnement Fossorial", + "licenseMessageRemove": "Cela supprimera la clé de licence et toutes les autorisations qui lui sont associées.", + "licenseMessageConfirm": "Pour confirmer, veuillez saisir la clé de licence ci-dessous.", + "licenseQuestionRemove": "Êtes-vous sûr de vouloir supprimer la clé de licence {selectedKey}?", + "licenseKeyDelete": "Supprimer la clé de licence", + "licenseKeyDeleteConfirm": "Confirmer la suppression de la clé de licence", + "licenseTitle": "Gérer le statut de la licence", + "licenseTitleDescription": "Voir et gérer les clés de licence dans le système", + "licenseHost": "Licence Hôte", + "licenseHostDescription": "Gérer la clé de licence principale de l'hôte.", + "licensedNot": "Non licencié", + "hostId": "ID de l'hôte", + "licenseReckeckAll": "Revérifier toutes les clés", + "licenseSiteUsage": "Utilisation des sites", + "licenseSiteUsageDecsription": "Voir le nombre de sites utilisant cette licence.", + "licenseNoSiteLimit": "Il n'y a pas de limite sur le nombre de sites utilisant un hôte non autorisé.", + "licensePurchase": "Acheter une licence", + "licensePurchaseSites": "Acheter des sites supplémentaires", + "licenseSitesUsedMax": "{usedSites} des sites {maxSites} utilisés", + "licenseSitesUsed": "{count, plural, =0 {# sites} one {# site} other {# sites}} dans le système.", + "licensePurchaseDescription": "Choisissez le nombre de sites que vous voulez {selectedMode, select, license {achetez une licence. Vous pouvez toujours ajouter plus de sites plus tard.} other {ajouter à votre licence existante.}}", + "licenseFee": "Frais de licence", + "licensePriceSite": "Prix par site", + "total": "Total", + "licenseContinuePayment": "Continuer vers le paiement", + "pricingPage": "page de tarification", + "pricingPortal": "Voir le portail d'achat", + "licensePricingPage": "Pour les prix et les remises les plus récentes, veuillez visiter le ", + "invite": "Invitations", + "inviteRegenerate": "Régénérer l'invitation", + "inviteRegenerateDescription": "Révoquer l'invitation précédente et en créer une nouvelle", + "inviteRemove": "Supprimer l'invitation", + "inviteRemoveError": "Échec de la suppression de l'invitation", + "inviteRemoveErrorDescription": "Une erreur s'est produite lors de la suppression de l'invitation.", + "inviteRemoved": "Invitation supprimée", + "inviteRemovedDescription": "L'invitation pour {email} a été supprimée.", + "inviteQuestionRemove": "Êtes-vous sûr de vouloir supprimer l'invitation {email}?", + "inviteMessageRemove": "Une fois supprimée, cette invitation ne sera plus valide. Vous pourrez toujours réinviter l'utilisateur plus tard.", + "inviteMessageConfirm": "Pour confirmer, veuillez saisir l'adresse e-mail de l'invitation ci-dessous.", + "inviteQuestionRegenerate": "Êtes-vous sûr de vouloir régénérer l'invitation {email}? Cela révoquera l'invitation précédente.", + "inviteRemoveConfirm": "Confirmer la suppression de l'invitation", + "inviteRegenerated": "Invitation régénérée", + "inviteSent": "Une nouvelle invitation a été envoyée à {email}.", + "inviteSentEmail": "Envoyer une notification par e-mail à l'utilisateur", + "inviteGenerate": "Une nouvelle invitation a été générée pour {email}.", + "inviteDuplicateError": "Invitation en double", + "inviteDuplicateErrorDescription": "Une invitation pour cet utilisateur existe déjà.", + "inviteRateLimitError": "Limite de taux dépassée", + "inviteRateLimitErrorDescription": "Vous avez dépassé la limite de 3 régénérations par heure. Veuillez réessayer plus tard.", + "inviteRegenerateError": "Échec de la régénération de l'invitation", + "inviteRegenerateErrorDescription": "Une erreur s'est produite lors de la régénération de l'invitation.", + "inviteValidityPeriod": "Période de validité", + "inviteValidityPeriodSelect": "Sélectionner la période de validité", + "inviteRegenerateMessage": "L'invitation a été régénérée. L'utilisateur doit accéder au lien ci-dessous pour accepter l'invitation.", + "inviteRegenerateButton": "Régénérer", + "expiresAt": "Expire le", + "accessRoleUnknown": "Rôle inconnu", + "placeholder": "Espace réservé", + "userErrorOrgRemove": "Échec de la suppression de l'utilisateur", + "userErrorOrgRemoveDescription": "Une erreur s'est produite lors de la suppression de l'utilisateur.", + "userOrgRemoved": "Utilisateur supprimé", + "userOrgRemovedDescription": "L'utilisateur {email} a été retiré de l'organisation.", + "userQuestionOrgRemove": "Êtes-vous sûr de vouloir retirer {email} de l'organisation ?", + "userMessageOrgRemove": "Une fois retiré, cet utilisateur n'aura plus accès à l'organisation. Vous pouvez toujours le réinviter plus tard, mais il devra accepter l'invitation à nouveau.", + "userMessageOrgConfirm": "Pour confirmer, veuillez saisir le nom de l'utilisateur ci-dessous.", + "userRemoveOrgConfirm": "Confirmer la suppression de l'utilisateur", + "userRemoveOrg": "Retirer l'utilisateur de l'organisation", + "users": "Utilisateurs", + "accessRoleMember": "Membre", + "accessRoleOwner": "Propriétaire", + "userConfirmed": "Confirmé", + "idpNameInternal": "Interne", + "emailInvalid": "Adresse e-mail invalide", + "inviteValidityDuration": "Veuillez sélectionner une durée", + "accessRoleSelectPlease": "Veuillez sélectionner un rôle", + "usernameRequired": "Le nom d'utilisateur est requis", + "idpSelectPlease": "Veuillez sélectionner un fournisseur d'identité", + "idpGenericOidc": "Fournisseur OAuth2/OIDC générique.", + "accessRoleErrorFetch": "Échec de la récupération des rôles", + "accessRoleErrorFetchDescription": "Une erreur s'est produite lors de la récupération des rôles", + "idpErrorFetch": "Échec de la récupération des fournisseurs d'identité", + "idpErrorFetchDescription": "Une erreur s'est produite lors de la récupération des fournisseurs d'identité", + "userErrorExists": "L'utilisateur existe déjà", + "userErrorExistsDescription": "Cet utilisateur est déjà membre de l'organisation.", + "inviteError": "Échec de l'invitation de l'utilisateur", + "inviteErrorDescription": "Une erreur s'est produite lors de l'invitation de l'utilisateur", + "userInvited": "Utilisateur invité", + "userInvitedDescription": "L'utilisateur a été invité avec succès.", + "userErrorCreate": "Échec de la création de l'utilisateur", + "userErrorCreateDescription": "Une erreur s'est produite lors de la création de l'utilisateur", + "userCreated": "Utilisateur créé", + "userCreatedDescription": "L'utilisateur a été créé avec succès.", + "userTypeInternal": "Utilisateur interne", + "userTypeInternalDescription": "Inviter un utilisateur à rejoindre votre organisation directement.", + "userTypeExternal": "Utilisateur externe", + "userTypeExternalDescription": "Créer un utilisateur avec un fournisseur d'identité externe.", + "accessUserCreateDescription": "Suivez les étapes ci-dessous pour créer un nouvel utilisateur", + "userSeeAll": "Voir tous les utilisateurs", + "userTypeTitle": "Type d'utilisateur", + "userTypeDescription": "Déterminez comment vous voulez créer l'utilisateur", + "userSettings": "Informations utilisateur", + "userSettingsDescription": "Entrez les détails du nouvel utilisateur", + "inviteEmailSent": "Envoyer un e-mail d'invitation à l'utilisateur", + "inviteValid": "Valide pour", + "selectDuration": "Sélectionner la durée", + "accessRoleSelect": "Sélectionner un rôle", + "inviteEmailSentDescription": "Un e-mail a été envoyé à l'utilisateur avec le lien d'accès ci-dessous. Ils doivent accéder au lien pour accepter l'invitation.", + "inviteSentDescription": "L'utilisateur a été invité. Ils doivent accéder au lien ci-dessous pour accepter l'invitation.", + "inviteExpiresIn": "L'invitation expirera dans {days, plural, one {# jour} other {# jours}}.", + "idpTitle": "Informations générales", + "idpSelect": "Sélectionnez le fournisseur d'identité pour l'utilisateur externe", + "idpNotConfigured": "Aucun fournisseur d'identité n'est configuré. Veuillez configurer un fournisseur d'identité avant de créer des utilisateurs externes.", + "usernameUniq": "Ceci doit correspondre au nom d'utilisateur unique qui existe dans le fournisseur d'identité sélectionné.", + "emailOptional": "E-mail (Optionnel)", + "nameOptional": "Nom (Optionnel)", + "accessControls": "Contrôles d'accès", + "userDescription2": "Gérer les paramètres de cet utilisateur", + "accessRoleErrorAdd": "Échec de l'ajout de l'utilisateur au rôle", + "accessRoleErrorAddDescription": "Une erreur s'est produite lors de l'ajout de l'utilisateur au rôle.", + "userSaved": "Utilisateur enregistré", + "userSavedDescription": "L'utilisateur a été mis à jour.", + "accessControlsDescription": "Gérer ce que cet utilisateur peut accéder et faire dans l'organisation", + "accessControlsSubmit": "Enregistrer les contrôles d'accès", + "roles": "Rôles", + "accessUsersRoles": "Gérer les utilisateurs et les rôles", + "accessUsersRolesDescription": "Invitez des utilisateurs et ajoutez-les aux rôles pour gérer l'accès à votre organisation", + "key": "Clé", + "createdAt": "Créé le", + "proxyErrorInvalidHeader": "Valeur d'en-tête Host personnalisée invalide. Utilisez le format de nom de domaine, ou laissez vide pour désactiver l'en-tête Host personnalisé.", + "proxyErrorTls": "Nom de serveur TLS invalide. Utilisez le format de nom de domaine, ou laissez vide pour supprimer le nom de serveur TLS.", + "proxyEnableSSL": "Activer SSL (https)", + "targetErrorFetch": "Échec de la récupération des cibles", + "targetErrorFetchDescription": "Une erreur s'est produite lors de la récupération des cibles", + "siteErrorFetch": "Échec de la récupération de la ressource", + "siteErrorFetchDescription": "Une erreur s'est produite lors de la récupération de la ressource", + "targetErrorDuplicate": "Cible en double", + "targetErrorDuplicateDescription": "Une cible avec ces paramètres existe déjà", + "targetWireGuardErrorInvalidIp": "IP cible invalide", + "targetWireGuardErrorInvalidIpDescription": "L'IP cible doit être dans le sous-réseau du site", + "targetsUpdated": "Cibles mises à jour", + "targetsUpdatedDescription": "Cibles et paramètres mis à jour avec succès", + "targetsErrorUpdate": "Échec de la mise à jour des cibles", + "targetsErrorUpdateDescription": "Une erreur s'est produite lors de la mise à jour des cibles", + "targetTlsUpdate": "Paramètres TLS mis à jour", + "targetTlsUpdateDescription": "Vos paramètres TLS ont été mis à jour avec succès", + "targetErrorTlsUpdate": "Échec de la mise à jour des paramètres TLS", + "targetErrorTlsUpdateDescription": "Une erreur s'est produite lors de la mise à jour des paramètres TLS", + "proxyUpdated": "Paramètres du proxy mis à jour", + "proxyUpdatedDescription": "Vos paramètres de proxy ont été mis à jour avec succès", + "proxyErrorUpdate": "Échec de la mise à jour des paramètres du proxy", + "proxyErrorUpdateDescription": "Une erreur s'est produite lors de la mise à jour des paramètres du proxy", + "targetAddr": "IP / Nom d'hôte", + "targetPort": "Port", + "targetProtocol": "Protocole", + "targetTlsSettings": "Configuration sécurisée de connexion", + "targetTlsSettingsDescription": "Configurer les paramètres SSL/TLS pour votre ressource", + "targetTlsSettingsAdvanced": "Paramètres TLS avancés", + "targetTlsSni": "Nom de serveur TLS (SNI)", + "targetTlsSniDescription": "Le nom de serveur TLS à utiliser pour SNI. Laissez vide pour utiliser la valeur par défaut.", + "targetTlsSubmit": "Enregistrer les paramètres", + "targets": "Configuration des cibles", + "targetsDescription": "Configurez les cibles pour router le trafic vers vos services.", + "targetStickySessions": "Activer les sessions persistantes", + "targetStickySessionsDescription": "Maintenir les connexions sur la même cible backend pendant toute leur session.", + "methodSelect": "Sélectionner la méthode", + "targetSubmit": "Ajouter une cible", + "targetNoOne": "Aucune cible. Ajoutez une cible en utilisant le formulaire.", + "targetNoOneDescription": "L'ajout de plus d'une cible ci-dessus activera l'équilibrage de charge.", + "targetsSubmit": "Enregistrer les cibles", + "proxyAdditional": "Paramètres de proxy supplémentaires", + "proxyAdditionalDescription": "Configurer la façon dont votre ressource gère les paramètres de proxy", + "proxyCustomHeader": "En-tête Host personnalisé", + "proxyCustomHeaderDescription": "L'en-tête host à définir lors du proxy des requêtes. Laissez vide pour utiliser la valeur par défaut.", + "proxyAdditionalSubmit": "Enregistrer les paramètres de proxy", + "subnetMaskErrorInvalid": "Masque de sous-réseau invalide. Doit être entre 0 et 32.", + "ipAddressErrorInvalidFormat": "Format d'adresse IP invalide", + "ipAddressErrorInvalidOctet": "Octet d'adresse IP invalide", + "path": "Chemin", + "ipAddressRange": "Plage IP", + "rulesErrorFetch": "Échec de la récupération des règles", + "rulesErrorFetchDescription": "Une erreur s'est produite lors de la récupération des règles", + "rulesErrorDuplicate": "Règle en double", + "rulesErrorDuplicateDescription": "Une règle avec ces paramètres existe déjà", + "rulesErrorInvalidIpAddressRange": "CIDR invalide", + "rulesErrorInvalidIpAddressRangeDescription": "Veuillez entrer une valeur CIDR valide", + "rulesErrorInvalidUrl": "Chemin URL invalide", + "rulesErrorInvalidUrlDescription": "Veuillez entrer un chemin URL valide", + "rulesErrorInvalidIpAddress": "IP invalide", + "rulesErrorInvalidIpAddressDescription": "Veuillez entrer une adresse IP valide", + "rulesErrorUpdate": "Échec de la mise à jour des règles", + "rulesErrorUpdateDescription": "Une erreur s'est produite lors de la mise à jour des règles", + "rulesUpdated": "Activer les règles", + "rulesUpdatedDescription": "L'évaluation des règles a été mise à jour", + "rulesMatchIpAddressRangeDescription": "Entrez une adresse au format CIDR (ex: 103.21.244.0/22)", + "rulesMatchIpAddress": "Entrez une adresse IP (ex: 103.21.244.12)", + "rulesMatchUrl": "Entrez un chemin URL ou un motif (ex: /api/v1/todos ou /api/v1/*)", + "rulesErrorInvalidPriority": "Priorité invalide", + "rulesErrorInvalidPriorityDescription": "Veuillez entrer une priorité valide", + "rulesErrorDuplicatePriority": "Priorités en double", + "rulesErrorDuplicatePriorityDescription": "Veuillez entrer des priorités uniques", + "ruleUpdated": "Règles mises à jour", + "ruleUpdatedDescription": "Règles mises à jour avec succès", + "ruleErrorUpdate": "L'opération a échoué", + "ruleErrorUpdateDescription": "Une erreur s'est produite lors de l'enregistrement", + "rulesPriority": "Priorité", + "rulesAction": "Action", + "rulesMatchType": "Type de correspondance", + "value": "Valeur", + "rulesAbout": "À propos des règles", + "rulesAboutDescription": "Les règles vous permettent de contrôler l'accès à votre ressource en fonction d'un ensemble de critères. Vous pouvez créer des règles pour autoriser ou refuser l'accès basé sur l'adresse IP ou le chemin URL.", + "rulesActions": "Actions", + "rulesActionAlwaysAllow": "Toujours autoriser : Contourner toutes les méthodes d'authentification", + "rulesActionAlwaysDeny": "Toujours refuser : Bloquer toutes les requêtes ; aucune authentification ne peut être tentée", + "rulesActionPassToAuth": "Passer à l'authentification : Autoriser les méthodes d'authentification à être tentées", + "rulesMatchCriteria": "Critères de correspondance", + "rulesMatchCriteriaIpAddress": "Correspondre à une adresse IP spécifique", + "rulesMatchCriteriaIpAddressRange": "Correspondre à une plage d'adresses IP en notation CIDR", + "rulesMatchCriteriaUrl": "Correspondre à un chemin URL ou un motif", + "rulesEnable": "Activer les règles", + "rulesEnableDescription": "Activer ou désactiver l'évaluation des règles pour cette ressource", + "rulesResource": "Configuration des règles de ressource", + "rulesResourceDescription": "Configurer les règles pour contrôler l'accès à votre ressource", + "ruleSubmit": "Ajouter une règle", + "rulesNoOne": "Aucune règle. Ajoutez une règle en utilisant le formulaire.", + "rulesOrder": "Les règles sont évaluées par priorité dans l'ordre croissant.", + "rulesSubmit": "Enregistrer les règles", + "resourceErrorCreate": "Erreur lors de la création de la ressource", + "resourceErrorCreateDescription": "Une erreur s'est produite lors de la création de la ressource", + "resourceErrorCreateMessage": "Erreur lors de la création de la ressource :", + "resourceErrorCreateMessageDescription": "Une erreur inattendue s'est produite", + "sitesErrorFetch": "Erreur lors de la récupération des sites", + "sitesErrorFetchDescription": "Une erreur s'est produite lors de la récupération des sites", + "domainsErrorFetch": "Erreur lors de la récupération des domaines", + "domainsErrorFetchDescription": "Une erreur s'est produite lors de la récupération des domaines", + "none": "Aucun", + "unknown": "Inconnu", + "resources": "Ressources", + "resourcesDescription": "Les ressources sont des proxys vers des applications exécutées sur votre réseau privé. Créez une ressource pour tout service HTTP/HTTPS ou TCP/UDP brut sur votre réseau privé. Chaque ressource doit être connectée à un site pour permettre une connectivité privée et sécurisée via un tunnel WireGuard chiffré.", + "resourcesWireGuardConnect": "Connectivité sécurisée avec chiffrement WireGuard", + "resourcesMultipleAuthenticationMethods": "Configurer plusieurs méthodes d'authentification", + "resourcesUsersRolesAccess": "Contrôle d'accès basé sur les utilisateurs et les rôles", + "resourcesErrorUpdate": "Échec de la bascule de la ressource", + "resourcesErrorUpdateDescription": "Une erreur s'est produite lors de la mise à jour de la ressource", + "access": "Accès", + "shareLink": "Lien de partage {resource}", + "resourceSelect": "Sélectionner une ressource", + "shareLinks": "Liens de partage", + "share": "Liens partageables", + "shareDescription2": "Créez des liens partageables vers vos ressources. Les liens fournissent un accès temporaire ou illimité à votre ressource. Vous pouvez configurer la durée d'expiration du lien lors de sa création.", + "shareEasyCreate": "Facile à créer et à partager", + "shareConfigurableExpirationDuration": "Durée d'expiration configurable", + "shareSecureAndRevocable": "Sécurisé et révocable", + "nameMin": "Le nom doit comporter au moins {len} caractères.", + "nameMax": "Le nom ne doit pas dépasser {len} caractères.", + "sitesConfirmCopy": "Veuillez confirmer que vous avez copié la configuration.", + "unknownCommand": "Commande inconnue", + "newtErrorFetchReleases": "Échec de la récupération des informations de version : {err}", + "newtErrorFetchLatest": "Erreur lors de la récupération de la dernière version : {err}", + "newtEndpoint": "Point de terminaison Newt", + "newtId": "ID Newt", + "newtSecretKey": "Clé secrète Newt", + "architecture": "Architecture", + "sites": "Espaces", + "siteWgAnyClients": "Utilisez n'importe quel client WireGuard pour vous connecter. Vous devrez adresser vos ressources internes en utilisant l'IP du pair.", + "siteWgCompatibleAllClients": "Compatible avec tous les clients WireGuard", + "siteWgManualConfigurationRequired": "Configuration manuelle requise", + "userErrorNotAdminOrOwner": "L'utilisateur n'est pas un administrateur ou un propriétaire", + "pangolinSettings": "Paramètres - Pangolin", + "accessRoleYour": "Votre rôle :", + "accessRoleSelect2": "Sélectionner un rôle", + "accessUserSelect": "Sélectionner un utilisateur", + "otpEmailEnter": "Entrer un e-mail", + "otpEmailEnterDescription": "Appuyez sur Entrée pour ajouter un e-mail après l'avoir saisi dans le champ.", + "otpEmailErrorInvalid": "Adresse e-mail invalide. Le caractère générique (*) doit être la partie locale entière.", + "otpEmailSmtpRequired": "SMTP requis", + "otpEmailSmtpRequiredDescription": "Le SMTP doit être activé sur le serveur pour utiliser l'authentification par mot de passe à usage unique.", + "otpEmailTitle": "Mots de passe à usage unique", + "otpEmailTitleDescription": "Exiger une authentification par e-mail pour l'accès aux ressources", + "otpEmailWhitelist": "Liste blanche des e-mails", + "otpEmailWhitelistList": "E-mails sur liste blanche", + "otpEmailWhitelistListDescription": "Seuls les utilisateurs avec ces adresses e-mail pourront accéder à cette ressource. Ils devront saisir un mot de passe à usage unique envoyé à leur e-mail. Les caractères génériques (*@example.com) peuvent être utilisés pour autoriser n'importe quelle adresse e-mail d'un domaine.", + "otpEmailWhitelistSave": "Enregistrer la liste blanche", + "passwordAdd": "Ajouter un mot de passe", + "passwordRemove": "Supprimer le mot de passe", + "pincodeAdd": "Ajouter un code PIN", + "pincodeRemove": "Supprimer le code PIN", + "resourceAuthMethods": "Méthodes d'authentification", + "resourceAuthMethodsDescriptions": "Permettre l'accès à la ressource via des méthodes d'authentification supplémentaires", + "resourceAuthSettingsSave": "Enregistré avec succès", + "resourceAuthSettingsSaveDescription": "Les paramètres d'authentification ont été enregistrés", + "resourceErrorAuthFetch": "Échec de la récupération des données", + "resourceErrorAuthFetchDescription": "Une erreur s'est produite lors de la récupération des données", + "resourceErrorPasswordRemove": "Erreur lors de la suppression du mot de passe de la ressource", + "resourceErrorPasswordRemoveDescription": "Une erreur s'est produite lors de la suppression du mot de passe de la ressource", + "resourceErrorPasswordSetup": "Erreur lors de la configuration du mot de passe de la ressource", + "resourceErrorPasswordSetupDescription": "Une erreur s'est produite lors de la configuration du mot de passe de la ressource", + "resourceErrorPincodeRemove": "Erreur lors de la suppression du code PIN de la ressource", + "resourceErrorPincodeRemoveDescription": "Une erreur s'est produite lors de la suppression du code PIN de la ressource", + "resourceErrorPincodeSetup": "Erreur lors de la configuration du code PIN de la ressource", + "resourceErrorPincodeSetupDescription": "Une erreur s'est produite lors de la configuration du code PIN de la ressource", + "resourceErrorUsersRolesSave": "Échec de la définition des rôles", + "resourceErrorUsersRolesSaveDescription": "Une erreur s'est produite lors de la définition des rôles", + "resourceErrorWhitelistSave": "Échec de l'enregistrement de la liste blanche", + "resourceErrorWhitelistSaveDescription": "Une erreur s'est produite lors de l'enregistrement de la liste blanche", + "resourcePasswordSubmit": "Activer la protection par mot de passe", + "resourcePasswordProtection": "Protection par mot de passe {status}", + "resourcePasswordRemove": "Mot de passe de la ressource supprimé", + "resourcePasswordRemoveDescription": "Le mot de passe de la ressource a été supprimé avec succès", + "resourcePasswordSetup": "Mot de passe de la ressource défini", + "resourcePasswordSetupDescription": "Le mot de passe de la ressource a été défini avec succès", + "resourcePasswordSetupTitle": "Définir le mot de passe", + "resourcePasswordSetupTitleDescription": "Définir un mot de passe pour protéger cette ressource", + "resourcePincode": "Code PIN", + "resourcePincodeSubmit": "Activer la protection par code PIN", + "resourcePincodeProtection": "Protection par code PIN {status}", + "resourcePincodeRemove": "Code PIN de la ressource supprimé", + "resourcePincodeRemoveDescription": "Le code PIN de la ressource a été supprimé avec succès", + "resourcePincodeSetup": "Code PIN de la ressource défini", + "resourcePincodeSetupDescription": "Le code PIN de la ressource a été défini avec succès", + "resourcePincodeSetupTitle": "Définir le code PIN", + "resourcePincodeSetupTitleDescription": "Définir un code PIN pour protéger cette ressource", + "resourceRoleDescription": "Les administrateurs peuvent toujours accéder à cette ressource.", + "resourceUsersRoles": "Utilisateurs et rôles", + "resourceUsersRolesDescription": "Configurer quels utilisateurs et rôles peuvent visiter cette ressource", + "resourceUsersRolesSubmit": "Enregistrer les utilisateurs et les rôles", + "resourceWhitelistSave": "Enregistré avec succès", + "resourceWhitelistSaveDescription": "Les paramètres de la liste blanche ont été enregistrés", + "ssoUse": "Utiliser la SSO de la plateforme", + "ssoUseDescription": "Les utilisateurs existants n'auront à se connecter qu'une seule fois pour toutes les ressources qui ont cette option activée.", + "proxyErrorInvalidPort": "Numéro de port invalide", + "subdomainErrorInvalid": "Sous-domaine invalide", + "domainErrorFetch": "Erreur lors de la récupération des domaines", + "domainErrorFetchDescription": "Une erreur s'est produite lors de la récupération des domaines", + "resourceErrorUpdate": "Échec de la mise à jour de la ressource", + "resourceErrorUpdateDescription": "Une erreur s'est produite lors de la mise à jour de la ressource", + "resourceUpdated": "Ressource mise à jour", + "resourceUpdatedDescription": "La ressource a été mise à jour avec succès", + "resourceErrorTransfer": "Échec du transfert de la ressource", + "resourceErrorTransferDescription": "Une erreur s'est produite lors du transfert de la ressource", + "resourceTransferred": "Ressource transférée", + "resourceTransferredDescription": "La ressource a été transférée avec succès", + "resourceErrorToggle": "Échec de la modification de l'état de la ressource", + "resourceErrorToggleDescription": "Une erreur s'est produite lors de la mise à jour de la ressource", + "resourceVisibilityTitle": "Visibilité", + "resourceVisibilityTitleDescription": "Activer ou désactiver complètement la visibilité de la ressource", + "resourceGeneral": "Paramètres généraux", + "resourceGeneralDescription": "Configurer les paramètres généraux de cette ressource", + "resourceEnable": "Activer la ressource", + "resourceTransfer": "Transférer la ressource", + "resourceTransferDescription": "Transférer cette ressource vers un autre site", + "resourceTransferSubmit": "Transférer la ressource", + "siteDestination": "Site de destination", + "searchSites": "Rechercher des sites", + "accessRoleCreate": "Créer un rôle", + "accessRoleCreateDescription": "Créer un nouveau rôle pour regrouper les utilisateurs et gérer leurs permissions.", + "accessRoleCreateSubmit": "Créer un rôle", + "accessRoleCreated": "Rôle créé", + "accessRoleCreatedDescription": "Le rôle a été créé avec succès.", + "accessRoleErrorCreate": "Échec de la création du rôle", + "accessRoleErrorCreateDescription": "Une erreur s'est produite lors de la création du rôle.", + "accessRoleErrorNewRequired": "Un nouveau rôle est requis", + "accessRoleErrorRemove": "Échec de la suppression du rôle", + "accessRoleErrorRemoveDescription": "Une erreur s'est produite lors de la suppression du rôle.", + "accessRoleName": "Nom du rôle", + "accessRoleQuestionRemove": "Vous êtes sur le point de supprimer le rôle {name}. Cette action est irréversible.", + "accessRoleRemove": "Supprimer le rôle", + "accessRoleRemoveDescription": "Retirer un rôle de l'organisation", + "accessRoleRemoveSubmit": "Supprimer le rôle", + "accessRoleRemoved": "Rôle supprimé", + "accessRoleRemovedDescription": "Le rôle a été supprimé avec succès.", + "accessRoleRequiredRemove": "Avant de supprimer ce rôle, veuillez sélectionner un nouveau rôle pour transférer les membres existants.", + "manage": "Gérer", + "sitesNotFound": "Aucun site trouvé.", + "pangolinServerAdmin": "Admin Serveur - Pangolin", + "licenseTierProfessional": "Licence Professionnelle", + "licenseTierEnterprise": "Licence Entreprise", + "licenseTierCommercial": "Licence commerciale", + "licensed": "Sous licence", + "yes": "Oui", + "no": "Non", + "sitesAdditional": "Sites supplémentaires", + "licenseKeys": "Clés de licence", + "sitestCountDecrease": "Diminuer le nombre de sites", + "sitestCountIncrease": "Augmenter le nombre de sites", + "idpManage": "Gérer les fournisseurs d'identité", + "idpManageDescription": "Voir et gérer les fournisseurs d'identité dans le système", + "idpDeletedDescription": "Fournisseur d'identité supprimé avec succès", + "idpOidc": "OAuth2/OIDC", + "idpQuestionRemove": "Êtes-vous sûr de vouloir supprimer définitivement le fournisseur d'identité {name}?", + "idpMessageRemove": "Cela supprimera le fournisseur d'identité et toutes les configurations associées. Les utilisateurs qui s'authentifient via ce fournisseur ne pourront plus se connecter.", + "idpMessageConfirm": "Pour confirmer, veuillez saisir le nom du fournisseur d'identité ci-dessous.", + "idpConfirmDelete": "Confirmer la suppression du fournisseur d'identité", + "idpDelete": "Supprimer le fournisseur d'identité", + "idp": "Fournisseurs d'identité", + "idpSearch": "Rechercher des fournisseurs d'identité...", + "idpAdd": "Ajouter un fournisseur d'identité", + "idpClientIdRequired": "L'ID client est requis.", + "idpClientSecretRequired": "Le secret client est requis.", + "idpErrorAuthUrlInvalid": "L'URL d'authentification doit être une URL valide.", + "idpErrorTokenUrlInvalid": "L'URL du jeton doit être une URL valide.", + "idpPathRequired": "Le chemin d'identification est requis.", + "idpScopeRequired": "Les portées sont requises.", + "idpOidcDescription": "Configurer un fournisseur d'identité OpenID Connect", + "idpCreatedDescription": "Fournisseur d'identité créé avec succès", + "idpCreate": "Créer un fournisseur d'identité", + "idpCreateDescription": "Configurer un nouveau fournisseur d'identité pour l'authentification des utilisateurs", + "idpSeeAll": "Voir tous les fournisseurs d'identité", + "idpSettingsDescription": "Configurer les informations de base de votre fournisseur d'identité", + "idpDisplayName": "Un nom d'affichage pour ce fournisseur d'identité", + "idpAutoProvisionUsers": "Approvisionnement automatique des utilisateurs", + "idpAutoProvisionUsersDescription": "Lorsque cette option est activée, les utilisateurs seront automatiquement créés dans le système lors de leur première connexion avec la possibilité de mapper les utilisateurs aux rôles et aux organisations.", + "licenseBadge": "Professionnel", + "idpType": "Type de fournisseur", + "idpTypeDescription": "Sélectionnez le type de fournisseur d'identité que vous souhaitez configurer", + "idpOidcConfigure": "Configuration OAuth2/OIDC", + "idpOidcConfigureDescription": "Configurer les points de terminaison et les identifiants du fournisseur OAuth2/OIDC", + "idpClientId": "ID Client", + "idpClientIdDescription": "L'ID client OAuth2 de votre fournisseur d'identité", + "idpClientSecret": "Secret Client", + "idpClientSecretDescription": "Le secret client OAuth2 de votre fournisseur d'identité", + "idpAuthUrl": "URL d'autorisation", + "idpAuthUrlDescription": "L'URL du point de terminaison d'autorisation OAuth2", + "idpTokenUrl": "URL du jeton", + "idpTokenUrlDescription": "L'URL du point de terminaison du jeton OAuth2", + "idpOidcConfigureAlert": "Information importante", + "idpOidcConfigureAlertDescription": "Après avoir créé le fournisseur d'identité, vous devrez configurer l'URL de rappel dans les paramètres de votre fournisseur d'identité. L'URL de rappel sera fournie après la création réussie.", + "idpToken": "Configuration du jeton", + "idpTokenDescription": "Configurer comment extraire les informations utilisateur du jeton ID", + "idpJmespathAbout": "À propos de JMESPath", + "idpJmespathAboutDescription": "Les chemins ci-dessous utilisent la syntaxe JMESPath pour extraire des valeurs du jeton ID.", + "idpJmespathAboutDescriptionLink": "En savoir plus sur JMESPath", + "idpJmespathLabel": "Chemin d'identification", + "idpJmespathLabelDescription": "Le JMESPath vers l'identifiant de l'utilisateur dans le jeton ID", + "idpJmespathEmailPathOptional": "Chemin de l'email (Optionnel)", + "idpJmespathEmailPathOptionalDescription": "Le JMESPath vers l'email de l'utilisateur dans le jeton ID", + "idpJmespathNamePathOptional": "Chemin du nom (Optionnel)", + "idpJmespathNamePathOptionalDescription": "Le JMESPath vers le nom de l'utilisateur dans le jeton ID", + "idpOidcConfigureScopes": "Portées", + "idpOidcConfigureScopesDescription": "Liste des portées OAuth2 à demander, séparées par des espaces", + "idpSubmit": "Créer le fournisseur d'identité", + "orgPolicies": "Politiques d'organisation", + "idpSettings": "Paramètres de {idpName}", + "idpCreateSettingsDescription": "Configurer les paramètres de votre fournisseur d'identité", + "roleMapping": "Mappage des rôles", + "orgMapping": "Mappage d'organisation", + "orgPoliciesSearch": "Rechercher des politiques d'organisation...", + "orgPoliciesAdd": "Ajouter une politique d'organisation", + "orgRequired": "L'organisation est requise", + "error": "Erreur", + "success": "Succès", + "orgPolicyAddedDescription": "Politique ajoutée avec succès", + "orgPolicyUpdatedDescription": "Politique mise à jour avec succès", + "orgPolicyDeletedDescription": "Politique supprimée avec succès", + "defaultMappingsUpdatedDescription": "Mappages par défaut mis à jour avec succès", + "orgPoliciesAbout": "À propos des politiques d'organisation", + "orgPoliciesAboutDescription": "Les politiques d'organisation sont utilisées pour contrôler l'accès aux organisations en fonction du jeton ID de l'utilisateur. Vous pouvez spécifier des expressions JMESPath pour extraire les informations de rôle et d'organisation du jeton ID. Pour plus d'informations, voir", + "orgPoliciesAboutDescriptionLink": "la documentation", + "defaultMappingsOptional": "Mappages par défaut (Optionnel)", + "defaultMappingsOptionalDescription": "Les mappages par défaut sont utilisés lorsqu'il n'y a pas de politique d'organisation définie pour une organisation. Vous pouvez spécifier ici les mappages de rôle et d'organisation par défaut à utiliser.", + "defaultMappingsRole": "Mappage de rôle par défaut", + "defaultMappingsRoleDescription": "JMESPath pour extraire les informations de rôle du jeton ID. Le résultat de cette expression doit renvoyer le nom du rôle tel que défini dans l'organisation sous forme de chaîne.", + "defaultMappingsOrg": "Mappage d'organisation par défaut", + "defaultMappingsOrgDescription": "JMESPath pour extraire les informations d'organisation du jeton ID. Cette expression doit renvoyer l'ID de l'organisation ou true pour que l'utilisateur soit autorisé à accéder à l'organisation.", + "defaultMappingsSubmit": "Enregistrer les mappages par défaut", + "orgPoliciesEdit": "Modifier la politique d'organisation", + "org": "Organisation", + "orgSelect": "Sélectionner une organisation", + "orgSearch": "Rechercher une organisation", + "orgNotFound": "Aucune organisation trouvée.", + "roleMappingPathOptional": "Chemin de mappage des rôles (Optionnel)", + "orgMappingPathOptional": "Chemin de mappage d'organisation (Optionnel)", + "orgPolicyUpdate": "Mettre à jour la politique", + "orgPolicyAdd": "Ajouter une politique", + "orgPolicyConfig": "Configurer l'accès pour une organisation", + "idpUpdatedDescription": "Fournisseur d'identité mis à jour avec succès", + "redirectUrl": "URL de redirection", + "redirectUrlAbout": "À propos de l'URL de redirection", + "redirectUrlAboutDescription": "C'est l'URL vers laquelle les utilisateurs seront redirigés après l'authentification. Vous devez configurer cette URL dans les paramètres de votre fournisseur d'identité.", + "pangolinAuth": "Auth - Pangolin", + "verificationCodeLengthRequirements": "Votre code de vérification doit comporter 8 caractères.", + "errorOccurred": "Une erreur s'est produite", + "emailErrorVerify": "Échec de la vérification de l'e-mail :", + "emailVerified": "E-mail vérifié avec succès ! Redirection...", + "verificationCodeErrorResend": "Échec du renvoi du code de vérification :", + "verificationCodeResend": "Code de vérification renvoyé", + "verificationCodeResendDescription": "Nous avons renvoyé un code de vérification à votre adresse e-mail. Veuillez vérifier votre boîte de réception.", + "emailVerify": "Vérifier l'e-mail", + "emailVerifyDescription": "Entrez le code de vérification envoyé à votre adresse e-mail.", + "verificationCode": "Code de vérification", + "verificationCodeEmailSent": "Nous avons envoyé un code de vérification à votre adresse e-mail.", + "submit": "Soumettre", + "emailVerifyResendProgress": "Renvoi en cours...", + "emailVerifyResend": "Vous n'avez pas reçu de code ? Cliquez ici pour renvoyer", + "passwordNotMatch": "Les mots de passe ne correspondent pas", + "signupError": "Une erreur s'est produite lors de l'inscription", + "pangolinLogoAlt": "Logo Pangolin", + "inviteAlready": "On dirait que vous avez été invité !", + "inviteAlreadyDescription": "Pour accepter l'invitation, vous devez vous connecter ou créer un compte.", + "signupQuestion": "Vous avez déjà un compte ?", + "login": "Se connecter", + "resourceNotFound": "Ressource introuvable", + "resourceNotFoundDescription": "La ressource que vous essayez d'accéder n'existe pas.", + "pincodeRequirementsLength": "Le code PIN doit comporter exactement 6 chiffres", + "pincodeRequirementsChars": "Le code PIN ne doit contenir que des chiffres", + "passwordRequirementsLength": "Le mot de passe doit comporter au moins 1 caractère", + "passwordRequirementsTitle": "Exigences relatives au mot de passe :", + "passwordRequirementLength": "Au moins 8 caractères", + "passwordRequirementUppercase": "Au moins une lettre majuscule", + "passwordRequirementLowercase": "Au moins une lettre minuscule", + "passwordRequirementNumber": "Au moins un chiffre", + "passwordRequirementSpecial": "Au moins un caractère spécial", + "passwordRequirementsMet": "✓ Le mot de passe répond à toutes les exigences", + "passwordStrength": "Solidité du mot de passe", + "passwordStrengthWeak": "Faible", + "passwordStrengthMedium": "Moyen", + "passwordStrengthStrong": "Fort", + "passwordRequirements": "Exigences :", + "passwordRequirementLengthText": "8+ caractères", + "passwordRequirementUppercaseText": "Lettre majuscule (A-Z)", + "passwordRequirementLowercaseText": "Lettre minuscule (a-z)", + "passwordRequirementNumberText": "Nombre (0-9)", + "passwordRequirementSpecialText": "Caractère spécial (!@#$%...)", + "passwordsDoNotMatch": "Les mots de passe ne correspondent pas", + "otpEmailRequirementsLength": "L'OTP doit comporter au moins 1 caractère", + "otpEmailSent": "OTP envoyé", + "otpEmailSentDescription": "Un OTP a été envoyé à votre e-mail", + "otpEmailErrorAuthenticate": "Échec de l'authentification par e-mail", + "pincodeErrorAuthenticate": "Échec de l'authentification avec le code PIN", + "passwordErrorAuthenticate": "Échec de l'authentification avec le mot de passe", + "poweredBy": "Propulsé par", + "authenticationRequired": "Authentification requise", + "authenticationMethodChoose": "Choisissez votre méthode préférée pour accéder à {name}", + "authenticationRequest": "Vous devez vous authentifier pour accéder à {name}", + "user": "Utilisateur", + "pincodeInput": "Code PIN à 6 chiffres", + "pincodeSubmit": "Se connecter avec le PIN", + "passwordSubmit": "Se connecter avec le mot de passe", + "otpEmailDescription": "Un code à usage unique sera envoyé à cet e-mail.", + "otpEmailSend": "Envoyer le code à usage unique", + "otpEmail": "Mot de passe à usage unique (OTP)", + "otpEmailSubmit": "Soumettre l'OTP", + "backToEmail": "Retour à l'e-mail", + "noSupportKey": "Le serveur fonctionne sans clé de supporteur. Pensez à soutenir le projet !", + "accessDenied": "Accès refusé", + "accessDeniedDescription": "Vous n'êtes pas autorisé à accéder à cette ressource. Si c'est une erreur, veuillez contacter l'administrateur.", + "accessTokenError": "Erreur lors de la vérification du jeton d'accès", + "accessGranted": "Accès accordé", + "accessUrlInvalid": "URL d'accès invalide", + "accessGrantedDescription": "L'accès à cette ressource vous a été accordé. Redirection...", + "accessUrlInvalidDescription": "Cette URL d'accès partagé n'est pas valide. Veuillez contacter le propriétaire de la ressource pour obtenir une nouvelle URL.", + "tokenInvalid": "Jeton invalide", + "pincodeInvalid": "Code invalide", + "passwordErrorRequestReset": "Échec de la demande de réinitialisation :", + "passwordErrorReset": "Échec de la réinitialisation du mot de passe :", + "passwordResetSuccess": "Mot de passe réinitialisé avec succès ! Retour à la connexion...", + "passwordReset": "Réinitialiser le mot de passe", + "passwordResetDescription": "Suivez les étapes pour réinitialiser votre mot de passe", + "passwordResetSent": "Nous allons envoyer un code de réinitialisation à cette adresse e-mail.", + "passwordResetCode": "Code de réinitialisation", + "passwordResetCodeDescription": "Vérifiez votre e-mail pour le code de réinitialisation.", + "passwordNew": "Nouveau mot de passe", + "passwordNewConfirm": "Confirmer le nouveau mot de passe", + "pincodeAuth": "Code d'authentification", + "pincodeSubmit2": "Soumettre le code", + "passwordResetSubmit": "Demander la réinitialisation", + "passwordBack": "Retour au mot de passe", + "loginBack": "Retour à la connexion", + "signup": "S'inscrire", + "loginStart": "Connectez-vous pour commencer", + "idpOidcTokenValidating": "Validation du jeton OIDC", + "idpOidcTokenResponse": "Valider la réponse du jeton OIDC", + "idpErrorOidcTokenValidating": "Erreur lors de la validation du jeton OIDC", + "idpConnectingTo": "Connexion à {name}", + "idpConnectingToDescription": "Validation de votre identité", + "idpConnectingToProcess": "Connexion...", + "idpConnectingToFinished": "Connecté", + "idpErrorConnectingTo": "Un problème est survenu lors de la connexion à {name}. Veuillez contacter votre administrateur.", + "idpErrorNotFound": "IdP introuvable", + "inviteInvalid": "Invitation invalide", + "inviteInvalidDescription": "Le lien d'invitation n'est pas valide.", + "inviteErrorWrongUser": "L'invitation n'est pas pour cet utilisateur", + "inviteErrorUserNotExists": "L'utilisateur n'existe pas. Veuillez d'abord créer un compte.", + "inviteErrorLoginRequired": "Vous devez être connecté pour accepter une invitation", + "inviteErrorExpired": "L'invitation a peut-être expiré", + "inviteErrorRevoked": "L'invitation a peut-être été révoquée", + "inviteErrorTypo": "Il pourrait y avoir une erreur de frappe dans le lien d'invitation", + "pangolinSetup": "Configuration - Pangolin", + "orgNameRequired": "Le nom de l'organisation est requis", + "orgIdRequired": "L'ID de l'organisation est requis", + "orgErrorCreate": "Une erreur s'est produite lors de la création de l'organisation", + "pageNotFound": "Page non trouvée", + "pageNotFoundDescription": "Oups! La page que vous recherchez n'existe pas.", + "overview": "Vue d'ensemble", + "home": "Accueil", + "accessControl": "Contrôle d'accès", + "settings": "Paramètres", + "usersAll": "Tous les utilisateurs", + "license": "Licence", + "pangolinDashboard": "Tableau de bord - Pangolin", + "noResults": "Aucun résultat trouvé.", + "terabytes": "{count} To", + "gigabytes": "{count} Go", + "megabytes": "{count} Mo", + "tagsEntered": "Tags saisis", + "tagsEnteredDescription": "Ce sont les tags que vous avez saisis.", + "tagsWarnCannotBeLessThanZero": "maxTags et minTags ne peuvent pas être inférieurs à 0", + "tagsWarnNotAllowedAutocompleteOptions": "Tag non autorisé selon les options d'autocomplétion", + "tagsWarnInvalid": "Tag invalide selon validateTag", + "tagWarnTooShort": "Le tag {tagText} est trop court", + "tagWarnTooLong": "Le tag {tagText} est trop long", + "tagsWarnReachedMaxNumber": "Nombre maximum de tags autorisés atteint", + "tagWarnDuplicate": "Tag en double {tagText} non ajouté", + "supportKeyInvalid": "Clé invalide", + "supportKeyInvalidDescription": "Votre clé de support est invalide.", + "supportKeyValid": "Clé valide", + "supportKeyValidDescription": "Votre clé de support a été validée. Merci pour votre soutien !", + "supportKeyErrorValidationDescription": "Échec de la validation de la clé de support.", + "supportKey": "Soutenez le développement et adoptez un Pangolin !", + "supportKeyDescription": "Achetez une clé de support pour nous aider à continuer le développement de Pangolin pour la communauté. Votre contribution nous permet de consacrer plus de temps à maintenir et ajouter de nouvelles fonctionnalités à l'application pour tous. Nous n'utiliserons jamais cela pour verrouiller des fonctionnalités. Ceci est distinct de toute Édition Commerciale.", + "supportKeyPet": "Vous pourrez aussi adopter et rencontrer votre propre Pangolin de compagnie !", + "supportKeyPurchase": "Les paiements sont traités via GitHub. Ensuite, vous pourrez récupérer votre clé sur", + "supportKeyPurchaseLink": "notre site web", + "supportKeyPurchase2": "et l'utiliser ici.", + "supportKeyLearnMore": "En savoir plus.", + "supportKeyOptions": "Veuillez sélectionner l'option qui vous convient le mieux.", + "supportKetOptionFull": "Support complet", + "forWholeServer": "Pour tout le serveur", + "lifetimePurchase": "Achat à vie", + "supporterStatus": "Statut de supporter", + "buy": "Acheter", + "supportKeyOptionLimited": "Support limité", + "forFiveUsers": "Pour 5 utilisateurs ou moins", + "supportKeyRedeem": "Utiliser une clé de support", + "supportKeyHideSevenDays": "Masquer pendant 7 jours", + "supportKeyEnter": "Saisir la clé de support", + "supportKeyEnterDescription": "Rencontrez votre propre Pangolin de compagnie !", + "githubUsername": "Nom d'utilisateur GitHub", + "supportKeyInput": "Clé de support", + "supportKeyBuy": "Acheter une clé de support", + "logoutError": "Erreur lors de la déconnexion", + "signingAs": "Connecté en tant que", + "serverAdmin": "Admin Serveur", + "managedSelfhosted": "Gestion autonome", + "otpEnable": "Activer l'authentification à deux facteurs", + "otpDisable": "Désactiver l'authentification à deux facteurs", + "logout": "Déconnexion", + "licenseTierProfessionalRequired": "Édition Professionnelle Requise", + "licenseTierProfessionalRequiredDescription": "Cette fonctionnalité n'est disponible que dans l'Édition Professionnelle.", + "actionGetOrg": "Obtenir l'organisation", + "actionUpdateOrg": "Mettre à jour l'organisation", + "actionUpdateUser": "Mettre à jour l'utilisateur", + "actionGetUser": "Obtenir l'utilisateur", + "actionGetOrgUser": "Obtenir l'utilisateur de l'organisation", + "actionListOrgDomains": "Lister les domaines de l'organisation", + "actionCreateSite": "Créer un site", + "actionDeleteSite": "Supprimer un site", + "actionGetSite": "Obtenir un site", + "actionListSites": "Lister les sites", + "setupToken": "Jeton de configuration", + "setupTokenDescription": "Entrez le jeton de configuration depuis la console du serveur.", + "setupTokenRequired": "Le jeton de configuration est requis.", + "actionUpdateSite": "Mettre à jour un site", + "actionListSiteRoles": "Lister les rôles autorisés du site", + "actionCreateResource": "Créer une ressource", + "actionDeleteResource": "Supprimer une ressource", + "actionGetResource": "Obtenir une ressource", + "actionListResource": "Lister les ressources", + "actionUpdateResource": "Mettre à jour une ressource", + "actionListResourceUsers": "Lister les utilisateurs de la ressource", + "actionSetResourceUsers": "Définir les utilisateurs de la ressource", + "actionSetAllowedResourceRoles": "Définir les rôles autorisés de la ressource", + "actionListAllowedResourceRoles": "Lister les rôles autorisés de la ressource", + "actionSetResourcePassword": "Définir le mot de passe de la ressource", + "actionSetResourcePincode": "Définir le code PIN de la ressource", + "actionSetResourceEmailWhitelist": "Définir la liste blanche des emails de la ressource", + "actionGetResourceEmailWhitelist": "Obtenir la liste blanche des emails de la ressource", + "actionCreateTarget": "Créer une cible", + "actionDeleteTarget": "Supprimer une cible", + "actionGetTarget": "Obtenir une cible", + "actionListTargets": "Lister les cibles", + "actionUpdateTarget": "Mettre à jour une cible", + "actionCreateRole": "Créer un rôle", + "actionDeleteRole": "Supprimer un rôle", + "actionGetRole": "Obtenir un rôle", + "actionListRole": "Lister les rôles", + "actionUpdateRole": "Mettre à jour un rôle", + "actionListAllowedRoleResources": "Lister les ressources autorisées du rôle", + "actionInviteUser": "Inviter un utilisateur", + "actionRemoveUser": "Supprimer un utilisateur", + "actionListUsers": "Lister les utilisateurs", + "actionAddUserRole": "Ajouter un rôle utilisateur", + "actionGenerateAccessToken": "Générer un jeton d'accès", + "actionDeleteAccessToken": "Supprimer un jeton d'accès", + "actionListAccessTokens": "Lister les jetons d'accès", + "actionCreateResourceRule": "Créer une règle de ressource", + "actionDeleteResourceRule": "Supprimer une règle de ressource", + "actionListResourceRules": "Lister les règles de ressource", + "actionUpdateResourceRule": "Mettre à jour une règle de ressource", + "actionListOrgs": "Lister les organisations", + "actionCheckOrgId": "Vérifier l'ID", + "actionCreateOrg": "Créer une organisation", + "actionDeleteOrg": "Supprimer une organisation", + "actionListApiKeys": "Lister les clés API", + "actionListApiKeyActions": "Lister les actions des clés API", + "actionSetApiKeyActions": "Définir les actions autorisées des clés API", + "actionCreateApiKey": "Créer une clé API", + "actionDeleteApiKey": "Supprimer une clé API", + "actionCreateIdp": "Créer un IDP", + "actionUpdateIdp": "Mettre à jour un IDP", + "actionDeleteIdp": "Supprimer un IDP", + "actionListIdps": "Lister les IDP", + "actionGetIdp": "Obtenir un IDP", + "actionCreateIdpOrg": "Créer une politique d'organisation IDP", + "actionDeleteIdpOrg": "Supprimer une politique d'organisation IDP", + "actionListIdpOrgs": "Lister les organisations IDP", + "actionUpdateIdpOrg": "Mettre à jour une organisation IDP", + "actionCreateClient": "Créer un client", + "actionDeleteClient": "Supprimer le client", + "actionUpdateClient": "Mettre à jour le client", + "actionListClients": "Liste des clients", + "actionGetClient": "Obtenir le client", + "actionCreateSiteResource": "Créer une ressource de site", + "actionDeleteSiteResource": "Supprimer une ressource de site", + "actionGetSiteResource": "Obtenir une ressource de site", + "actionListSiteResources": "Lister les ressources de site", + "actionUpdateSiteResource": "Mettre à jour une ressource de site", + "actionListInvitations": "Lister les invitations", + "noneSelected": "Aucune sélection", + "orgNotFound2": "Aucune organisation trouvée.", + "searchProgress": "Rechercher...", + "create": "Créer", + "orgs": "Organisations", + "loginError": "Une erreur s'est produite lors de la connexion", + "passwordForgot": "Mot de passe oublié ?", + "otpAuth": "Authentification à deux facteurs", + "otpAuthDescription": "Entrez le code de votre application d'authentification ou l'un de vos codes de secours à usage unique.", + "otpAuthSubmit": "Soumettre le code", + "idpContinue": "Ou continuer avec", + "otpAuthBack": "Retour à la connexion", + "navbar": "Menu de navigation", + "navbarDescription": "Menu de navigation principal de l'application", + "navbarDocsLink": "Documentation", + "commercialEdition": "Édition Commerciale", + "otpErrorEnable": "Impossible d'activer l'A2F", + "otpErrorEnableDescription": "Une erreur s'est produite lors de l'activation de l'A2F", + "otpSetupCheckCode": "Veuillez entrer un code à 6 chiffres", + "otpSetupCheckCodeRetry": "Code invalide. Veuillez réessayer.", + "otpSetup": "Activer l'authentification à deux facteurs", + "otpSetupDescription": "Sécurisez votre compte avec une couche de protection supplémentaire", + "otpSetupScanQr": "Scannez ce code QR avec votre application d'authentification ou entrez la clé secrète manuellement :", + "otpSetupSecretCode": "Code d'authentification", + "otpSetupSuccess": "Authentification à deux facteurs activée", + "otpSetupSuccessStoreBackupCodes": "Votre compte est maintenant plus sécurisé. N'oubliez pas de sauvegarder vos codes de secours.", + "otpErrorDisable": "Impossible de désactiver l'A2F", + "otpErrorDisableDescription": "Une erreur s'est produite lors de la désactivation de l'A2F", + "otpRemove": "Désactiver l'authentification à deux facteurs", + "otpRemoveDescription": "Désactiver l'authentification à deux facteurs pour votre compte", + "otpRemoveSuccess": "Authentification à deux facteurs désactivée", + "otpRemoveSuccessMessage": "L'authentification à deux facteurs a été désactivée pour votre compte. Vous pouvez la réactiver à tout moment.", + "otpRemoveSubmit": "Désactiver l'A2F", + "paginator": "Page {current} sur {last}", + "paginatorToFirst": "Aller à la première page", + "paginatorToPrevious": "Aller à la page précédente", + "paginatorToNext": "Aller à la page suivante", + "paginatorToLast": "Aller à la dernière page", + "copyText": "Copier le texte", + "copyTextFailed": "Échec de la copie du texte : ", + "copyTextClipboard": "Copier dans le presse-papiers", + "inviteErrorInvalidConfirmation": "Confirmation invalide", + "passwordRequired": "Le mot de passe est requis", + "allowAll": "Tout autoriser", + "permissionsAllowAll": "Autoriser toutes les autorisations", + "githubUsernameRequired": "Le nom d'utilisateur GitHub est requis", + "supportKeyRequired": "La clé de supporter est requise", + "passwordRequirementsChars": "Le mot de passe doit comporter au moins 8 caractères", + "language": "Langue", + "verificationCodeRequired": "Le code est requis", + "userErrorNoUpdate": "Pas d'utilisateur à mettre à jour", + "siteErrorNoUpdate": "Pas de site à mettre à jour", + "resourceErrorNoUpdate": "Pas de ressource à mettre à jour", + "authErrorNoUpdate": "Pas d'informations d'authentification à mettre à jour", + "orgErrorNoUpdate": "Pas d'organisation à mettre à jour", + "orgErrorNoProvided": "Aucune organisation fournie", + "apiKeysErrorNoUpdate": "Pas de clé API à mettre à jour", + "sidebarOverview": "Aperçu", + "sidebarHome": "Domicile", + "sidebarSites": "Espaces", + "sidebarResources": "Ressource", + "sidebarAccessControl": "Contrôle d'accès", + "sidebarUsers": "Utilisateurs", + "sidebarInvitations": "Invitations", + "sidebarRoles": "Rôles", + "sidebarShareableLinks": "Liens partagables", + "sidebarApiKeys": "Clés API", + "sidebarSettings": "Réglages", + "sidebarAllUsers": "Tous les utilisateurs", + "sidebarIdentityProviders": "Fournisseurs d'identité", + "sidebarLicense": "Licence", + "sidebarClients": "Clients (Bêta)", + "sidebarDomains": "Domaines", + "enableDockerSocket": "Activer Docker Socket", + "enableDockerSocketDescription": "Activer la découverte Docker Socket pour remplir les informations du conteneur. Le chemin du socket doit être fourni à Newt.", + "enableDockerSocketLink": "En savoir plus", + "viewDockerContainers": "Voir les conteneurs Docker", + "containersIn": "Conteneurs en {siteName}", + "selectContainerDescription": "Sélectionnez n'importe quel conteneur à utiliser comme nom d'hôte pour cette cible. Cliquez sur un port pour utiliser un port.", + "containerName": "Nom", + "containerImage": "Image", + "containerState": "État", + "containerNetworks": "Réseaux", + "containerHostnameIp": "Nom d'hôte/IP", + "containerLabels": "Étiquettes", + "containerLabelsCount": "{count, plural, one {# étiquette} other {# étiquettes}}", + "containerLabelsTitle": "Étiquettes de conteneur", + "containerLabelEmpty": "", + "containerPorts": "Ports", + "containerPortsMore": "+{count} de plus", + "containerActions": "Actions", + "select": "Sélectionner", + "noContainersMatchingFilters": "Aucun conteneur ne correspond aux filtres actuels.", + "showContainersWithoutPorts": "Afficher les conteneurs sans ports", + "showStoppedContainers": "Afficher les conteneurs arrêtés", + "noContainersFound": "Aucun conteneur trouvé. Assurez-vous que les conteneurs Docker sont en cours d'exécution.", + "searchContainersPlaceholder": "Rechercher dans les conteneurs {count}...", + "searchResultsCount": "{count, plural, one {# résultat} other {# résultats}}", + "filters": "Filtres", + "filterOptions": "Options de filtre", + "filterPorts": "Ports", + "filterStopped": "Arrêté", + "clearAllFilters": "Effacer tous les filtres", + "columns": "Colonnes", + "toggleColumns": "Activer/désactiver les colonnes", + "refreshContainersList": "Rafraîchir la liste des conteneurs", + "searching": "Recherche en cours...", + "noContainersFoundMatching": "Aucun conteneur correspondant à \"{filter}\".", + "light": "clair", + "dark": "sombre", + "system": "système", + "theme": "Thème", + "subnetRequired": "Le sous-réseau est requis", + "initialSetupTitle": "Configuration initiale du serveur", + "initialSetupDescription": "Créer le compte administrateur du serveur initial. Un seul administrateur serveur peut exister. Vous pouvez toujours changer ces informations d'identification plus tard.", + "createAdminAccount": "Créer un compte administrateur", + "setupErrorCreateAdmin": "Une erreur s'est produite lors de la création du compte administrateur du serveur.", + "certificateStatus": "Statut du certificat", + "loading": "Chargement", + "restart": "Redémarrer", + "domains": "Domaines", + "domainsDescription": "Gérer les domaines de votre organisation", + "domainsSearch": "Rechercher des domaines...", + "domainAdd": "Ajouter un domaine", + "domainAddDescription": "Enregistrez un nouveau domaine avec votre organisation", + "domainCreate": "Créer un domaine", + "domainCreatedDescription": "Domaine créé avec succès", + "domainDeletedDescription": "Domaine supprimé avec succès", + "domainQuestionRemove": "Êtes-vous sûr de vouloir supprimer le domaine {domain} de votre compte ?", + "domainMessageRemove": "Une fois supprimé, le domaine ne sera plus associé à votre compte.", + "domainMessageConfirm": "Pour confirmer, veuillez taper le nom du domaine ci-dessous.", + "domainConfirmDelete": "Confirmer la suppression du domaine", + "domainDelete": "Supprimer le domaine", + "domain": "Domaine", + "selectDomainTypeNsName": "Délégation de domaine (NS)", + "selectDomainTypeNsDescription": "Ce domaine et tous ses sous-domaines. Utilisez cela lorsque vous souhaitez contrôler une zone de domaine entière.", + "selectDomainTypeCnameName": "Domaine unique (CNAME)", + "selectDomainTypeCnameDescription": "Juste ce domaine spécifique. Utilisez ce paramètre pour des sous-domaines individuels ou des entrées de domaine spécifiques.", + "selectDomainTypeWildcardName": "Domaine Générique", + "selectDomainTypeWildcardDescription": "Ce domaine et ses sous-domaines.", + "domainDelegation": "Domaine Unique", + "selectType": "Sélectionnez un type", + "actions": "Actions", + "refresh": "Actualiser", + "refreshError": "Échec de l'actualisation des données", + "verified": "Vérifié", + "pending": "En attente", + "sidebarBilling": "Facturation", + "billing": "Facturation", + "orgBillingDescription": "Gérez vos informations de facturation et vos abonnements", + "github": "GitHub", + "pangolinHosted": "Pangolin Hébergement", + "fossorial": "Fossorial", + "completeAccountSetup": "Complétez la configuration du compte", + "completeAccountSetupDescription": "Définissez votre mot de passe pour commencer", + "accountSetupSent": "Nous enverrons un code de configuration de compte à cette adresse e-mail.", + "accountSetupCode": "Code de configuration", + "accountSetupCodeDescription": "Vérifiez votre e-mail pour le code de configuration.", + "passwordCreate": "Créer un mot de passe", + "passwordCreateConfirm": "Confirmer le mot de passe", + "accountSetupSubmit": "Envoyer le code de configuration", + "completeSetup": "Configuration complète", + "accountSetupSuccess": "Configuration du compte terminée! Bienvenue chez Pangolin !", + "documentation": "Documentation", + "saveAllSettings": "Enregistrer tous les paramètres", + "settingsUpdated": "Paramètres mis à jour", + "settingsUpdatedDescription": "Tous les paramètres ont été mis à jour avec succès", + "settingsErrorUpdate": "Échec de la mise à jour des paramètres", + "settingsErrorUpdateDescription": "Une erreur s'est produite lors de la mise à jour des paramètres", + "sidebarCollapse": "Réduire", + "sidebarExpand": "Développer", + "newtUpdateAvailable": "Mise à jour disponible", + "newtUpdateAvailableInfo": "Une nouvelle version de Newt est disponible. Veuillez mettre à jour vers la dernière version pour une meilleure expérience.", + "domainPickerEnterDomain": "Domaine", + "domainPickerPlaceholder": "myapp.example.com, api.v1.mydomain.com, ou simplement myapp", + "domainPickerDescription": "Entrez le domaine complet de la ressource pour voir les options disponibles.", + "domainPickerDescriptionSaas": "Entrez un domaine complet, un sous-domaine ou juste un nom pour voir les options disponibles", + "domainPickerTabAll": "Tous", + "domainPickerTabOrganization": "Organisation", + "domainPickerTabProvided": "Fournis", + "domainPickerSortAsc": "A-Z", + "domainPickerSortDesc": "Z-A", + "domainPickerCheckingAvailability": "Vérification de la disponibilité...", + "domainPickerNoMatchingDomains": "Aucun domaine correspondant trouvé. Essayez un autre domaine ou vérifiez les paramètres de domaine de votre organisation.", + "domainPickerOrganizationDomains": "Domaines de l'organisation", + "domainPickerProvidedDomains": "Domaines fournis", + "domainPickerSubdomain": "Sous-domaine : {subdomain}", + "domainPickerNamespace": "Espace de noms : {namespace}", + "domainPickerShowMore": "Afficher plus", + "domainNotFound": "Domaine introuvable", + "domainNotFoundDescription": "Cette ressource est désactivée car le domaine n'existe plus dans notre système. Veuillez définir un nouveau domaine pour cette ressource.", + "failed": "Échec", + "createNewOrgDescription": "Créer une nouvelle organisation", + "organization": "Organisation", + "port": "Port", + "securityKeyManage": "Gérer les clés de sécurité", + "securityKeyDescription": "Ajouter ou supprimer des clés de sécurité pour l'authentification sans mot de passe", + "securityKeyRegister": "Enregistrer une nouvelle clé de sécurité", + "securityKeyList": "Vos clés de sécurité", + "securityKeyNone": "Aucune clé de sécurité enregistrée", + "securityKeyNameRequired": "Le nom est requis", + "securityKeyRemove": "Supprimer", + "securityKeyLastUsed": "Dernière utilisation : {date}", + "securityKeyNameLabel": "Nom", + "securityKeyRegisterSuccess": "Clé de sécurité enregistrée avec succès", + "securityKeyRegisterError": "Échec de l'enregistrement de la clé de sécurité", + "securityKeyRemoveSuccess": "Clé de sécurité supprimée avec succès", + "securityKeyRemoveError": "Échec de la suppression de la clé de sécurité", + "securityKeyLoadError": "Échec du chargement des clés de sécurité", + "securityKeyLogin": "Continuer avec une clé de sécurité", + "securityKeyAuthError": "Échec de l'authentification avec la clé de sécurité", + "securityKeyRecommendation": "Envisagez d'enregistrer une autre clé de sécurité sur un appareil différent pour vous assurer de ne pas être bloqué de votre compte.", + "registering": "Enregistrement...", + "securityKeyPrompt": "Veuillez vérifier votre identité à l'aide de votre clé de sécurité. Assurez-vous que votre clé de sécurité est connectée et prête.", + "securityKeyBrowserNotSupported": "Votre navigateur ne prend pas en charge les clés de sécurité. Veuillez utiliser un navigateur moderne comme Chrome, Firefox ou Safari.", + "securityKeyPermissionDenied": "Veuillez autoriser l'accès à votre clé de sécurité pour continuer la connexion.", + "securityKeyRemovedTooQuickly": "Veuillez garder votre clé de sécurité connectée jusqu'à ce que le processus de connexion soit terminé.", + "securityKeyNotSupported": "Votre clé de sécurité peut ne pas être compatible. Veuillez essayer une clé de sécurité différente.", + "securityKeyUnknownError": "Un problème est survenu avec votre clé de sécurité. Veuillez réessayer.", + "twoFactorRequired": "L'authentification à deux facteurs est requise pour enregistrer une clé de sécurité.", + "twoFactor": "Authentification à deux facteurs", + "adminEnabled2FaOnYourAccount": "Votre administrateur a activé l'authentification à deux facteurs pour {email}. Veuillez terminer le processus d'installation pour continuer.", + "continueToApplication": "Continuer vers l'application", + "securityKeyAdd": "Ajouter une clé de sécurité", + "securityKeyRegisterTitle": "Enregistrer une nouvelle clé de sécurité", + "securityKeyRegisterDescription": "Connectez votre clé de sécurité et saisissez un nom pour l'identifier", + "securityKeyTwoFactorRequired": "Authentification à deux facteurs requise", + "securityKeyTwoFactorDescription": "Veuillez entrer votre code d'authentification à deux facteurs pour enregistrer la clé de sécurité", + "securityKeyTwoFactorRemoveDescription": "Veuillez entrer votre code d'authentification à deux facteurs pour supprimer la clé de sécurité", + "securityKeyTwoFactorCode": "Code à deux facteurs", + "securityKeyRemoveTitle": "Supprimer la clé de sécurité", + "securityKeyRemoveDescription": "Saisissez votre mot de passe pour supprimer la clé de sécurité \"{name}\"", + "securityKeyNoKeysRegistered": "Aucune clé de sécurité enregistrée", + "securityKeyNoKeysDescription": "Ajoutez une clé de sécurité pour améliorer la sécurité de votre compte", + "createDomainRequired": "Le domaine est requis", + "createDomainAddDnsRecords": "Ajouter des enregistrements DNS", + "createDomainAddDnsRecordsDescription": "Ajouter les enregistrements DNS suivants à votre fournisseur de domaine pour compléter la configuration.", + "createDomainNsRecords": "Enregistrements NS", + "createDomainRecord": "Enregistrement", + "createDomainType": "Type :", + "createDomainName": "Nom :", + "createDomainValue": "Valeur :", + "createDomainCnameRecords": "Enregistrements CNAME", + "createDomainARecords": "Enregistrements A", + "createDomainRecordNumber": "Enregistrement {number}", + "createDomainTxtRecords": "Enregistrements TXT", + "createDomainSaveTheseRecords": "Enregistrez ces enregistrements", + "createDomainSaveTheseRecordsDescription": "Assurez-vous de sauvegarder ces enregistrements DNS car vous ne les reverrez pas.", + "createDomainDnsPropagation": "Propagation DNS", + "createDomainDnsPropagationDescription": "Les modifications DNS peuvent mettre du temps à se propager sur internet. Cela peut prendre de quelques minutes à 48 heures selon votre fournisseur DNS et les réglages TTL.", + "resourcePortRequired": "Le numéro de port est requis pour les ressources non-HTTP", + "resourcePortNotAllowed": "Le numéro de port ne doit pas être défini pour les ressources HTTP", + "signUpTerms": { + "IAgreeToThe": "Je suis d'accord avec", + "termsOfService": "les conditions d'utilisation", + "and": "et", + "privacyPolicy": "la politique de confidentialité" + }, + "siteRequired": "Le site est requis.", + "olmTunnel": "Tunnel Olm", + "olmTunnelDescription": "Utilisez Olm pour la connectivité client", + "errorCreatingClient": "Erreur lors de la création du client", + "clientDefaultsNotFound": "Les paramètres par défaut du client sont introuvables", + "createClient": "Créer un client", + "createClientDescription": "Créez un nouveau client pour vous connecter à vos sites", + "seeAllClients": "Voir tous les clients", + "clientInformation": "Informations client", + "clientNamePlaceholder": "Nom du client", + "address": "Adresse", + "subnetPlaceholder": "Sous-réseau", + "addressDescription": "L'adresse que ce client utilisera pour la connectivité", + "selectSites": "Sélectionner des sites", + "sitesDescription": "Le client aura une connectivité vers les sites sélectionnés", + "clientInstallOlm": "Installer Olm", + "clientInstallOlmDescription": "Faites fonctionner Olm sur votre système", + "clientOlmCredentials": "Identifiants Olm", + "clientOlmCredentialsDescription": "C'est ainsi qu'Olm s'authentifiera auprès du serveur", + "olmEndpoint": "Point de terminaison Olm", + "olmId": "ID Olm", + "olmSecretKey": "Clé secrète Olm", + "clientCredentialsSave": "Enregistrez vos identifiants", + "clientCredentialsSaveDescription": "Vous ne pourrez voir cela qu'une seule fois. Assurez-vous de la copier dans un endroit sécurisé.", + "generalSettingsDescription": "Configurez les paramètres généraux pour ce client", + "clientUpdated": "Client mis à jour", + "clientUpdatedDescription": "Le client a été mis à jour.", + "clientUpdateFailed": "Échec de la mise à jour du client", + "clientUpdateError": "Une erreur s'est produite lors de la mise à jour du client.", + "sitesFetchFailed": "Échec de la récupération des sites", + "sitesFetchError": "Une erreur s'est produite lors de la récupération des sites.", + "olmErrorFetchReleases": "Une erreur s'est produite lors de la récupération des versions d'Olm.", + "olmErrorFetchLatest": "Une erreur s'est produite lors de la récupération de la dernière version d'Olm.", + "remoteSubnets": "Sous-réseaux distants", + "enterCidrRange": "Entrez la plage CIDR", + "remoteSubnetsDescription": "Ajoutez des plages CIDR accessibles à distance depuis ce site à l'aide de clients. Utilisez le format comme 10.0.0.0/24. Cela s'applique UNIQUEMENT à la connectivité des clients VPN.", + "resourceEnableProxy": "Activer le proxy public", + "resourceEnableProxyDescription": "Activez le proxy public vers cette ressource. Cela permet d'accéder à la ressource depuis l'extérieur du réseau via le cloud sur un port ouvert. Nécessite la configuration de Traefik.", + "externalProxyEnabled": "Proxy externe activé", + "addNewTarget": "Ajouter une nouvelle cible", + "targetsList": "Liste des cibles", + "targetErrorDuplicateTargetFound": "Cible en double trouvée", + "httpMethod": "Méthode HTTP", + "selectHttpMethod": "Sélectionnez la méthode HTTP", + "domainPickerSubdomainLabel": "Sous-domaine", + "domainPickerBaseDomainLabel": "Domaine de base", + "domainPickerSearchDomains": "Rechercher des domaines...", + "domainPickerNoDomainsFound": "Aucun domaine trouvé", + "domainPickerLoadingDomains": "Chargement des domaines...", + "domainPickerSelectBaseDomain": "Sélectionnez le domaine de base...", + "domainPickerNotAvailableForCname": "Non disponible pour les domaines CNAME", + "domainPickerEnterSubdomainOrLeaveBlank": "Entrez un sous-domaine ou laissez vide pour utiliser le domaine de base.", + "domainPickerEnterSubdomainToSearch": "Entrez un sous-domaine pour rechercher et sélectionner parmi les domaines gratuits disponibles.", + "domainPickerFreeDomains": "Domaines gratuits", + "domainPickerSearchForAvailableDomains": "Rechercher des domaines disponibles", + "resourceDomain": "Domaine", + "resourceEditDomain": "Modifier le domaine", + "siteName": "Nom du site", + "proxyPort": "Port", + "resourcesTableProxyResources": "Ressources proxy", + "resourcesTableClientResources": "Ressources client", + "resourcesTableNoProxyResourcesFound": "Aucune ressource proxy trouvée.", + "resourcesTableNoInternalResourcesFound": "Aucune ressource interne trouvée.", + "resourcesTableDestination": "Destination", + "resourcesTableTheseResourcesForUseWith": "Ces ressources sont à utiliser avec", + "resourcesTableClients": "Clients", + "resourcesTableAndOnlyAccessibleInternally": "et sont uniquement accessibles en interne lorsqu'elles sont connectées avec un client.", + "editInternalResourceDialogEditClientResource": "Modifier la ressource client", + "editInternalResourceDialogUpdateResourceProperties": "Mettez à jour les propriétés de la ressource et la configuration de la cible pour {resourceName}.", + "editInternalResourceDialogResourceProperties": "Propriétés de la ressource", + "editInternalResourceDialogName": "Nom", + "editInternalResourceDialogProtocol": "Protocole", + "editInternalResourceDialogSitePort": "Port du site", + "editInternalResourceDialogTargetConfiguration": "Configuration de la cible", + "editInternalResourceDialogDestinationIP": "IP de destination", + "editInternalResourceDialogDestinationPort": "Port de destination", + "editInternalResourceDialogCancel": "Abandonner", + "editInternalResourceDialogSaveResource": "Enregistrer la ressource", + "editInternalResourceDialogSuccess": "Succès", + "editInternalResourceDialogInternalResourceUpdatedSuccessfully": "Ressource interne mise à jour avec succès", + "editInternalResourceDialogError": "Erreur", + "editInternalResourceDialogFailedToUpdateInternalResource": "Échec de la mise à jour de la ressource interne", + "editInternalResourceDialogNameRequired": "Le nom est requis", + "editInternalResourceDialogNameMaxLength": "Le nom doit être inférieur à 255 caractères", + "editInternalResourceDialogProxyPortMin": "Le port proxy doit être d'au moins 1", + "editInternalResourceDialogProxyPortMax": "Le port proxy doit être inférieur à 65536", + "editInternalResourceDialogInvalidIPAddressFormat": "Format d'adresse IP invalide", + "editInternalResourceDialogDestinationPortMin": "Le port de destination doit être d'au moins 1", + "editInternalResourceDialogDestinationPortMax": "Le port de destination doit être inférieur à 65536", + "createInternalResourceDialogNoSitesAvailable": "Aucun site disponible", + "createInternalResourceDialogNoSitesAvailableDescription": "Vous devez avoir au moins un site Newt avec un sous-réseau configuré pour créer des ressources internes.", + "createInternalResourceDialogClose": "Fermer", + "createInternalResourceDialogCreateClientResource": "Créer une ressource client", + "createInternalResourceDialogCreateClientResourceDescription": "Créez une ressource accessible aux clients connectés au site sélectionné.", + "createInternalResourceDialogResourceProperties": "Propriétés de la ressource", + "createInternalResourceDialogName": "Nom", + "createInternalResourceDialogSite": "Site", + "createInternalResourceDialogSelectSite": "Sélectionner un site...", + "createInternalResourceDialogSearchSites": "Rechercher des sites...", + "createInternalResourceDialogNoSitesFound": "Aucun site trouvé.", + "createInternalResourceDialogProtocol": "Protocole", + "createInternalResourceDialogTcp": "TCP", + "createInternalResourceDialogUdp": "UDP", + "createInternalResourceDialogSitePort": "Port du site", + "createInternalResourceDialogSitePortDescription": "Utilisez ce port pour accéder à la ressource sur le site lors de la connexion avec un client.", + "createInternalResourceDialogTargetConfiguration": "Configuration de la cible", + "createInternalResourceDialogDestinationIP": "IP de destination", + "createInternalResourceDialogDestinationIPDescription": "L'adresse IP de la ressource sur le réseau du site.", + "createInternalResourceDialogDestinationPort": "Port de destination", + "createInternalResourceDialogDestinationPortDescription": "Le port sur l'IP de destination où la ressource est accessible.", + "createInternalResourceDialogCancel": "Abandonner", + "createInternalResourceDialogCreateResource": "Créer une ressource", + "createInternalResourceDialogSuccess": "Succès", + "createInternalResourceDialogInternalResourceCreatedSuccessfully": "Ressource interne créée avec succès", + "createInternalResourceDialogError": "Erreur", + "createInternalResourceDialogFailedToCreateInternalResource": "Échec de la création de la ressource interne", + "createInternalResourceDialogNameRequired": "Le nom est requis", + "createInternalResourceDialogNameMaxLength": "Le nom doit être inférieur à 255 caractères", + "createInternalResourceDialogPleaseSelectSite": "Veuillez sélectionner un site", + "createInternalResourceDialogProxyPortMin": "Le port proxy doit être d'au moins 1", + "createInternalResourceDialogProxyPortMax": "Le port proxy doit être inférieur à 65536", + "createInternalResourceDialogInvalidIPAddressFormat": "Format d'adresse IP invalide", + "createInternalResourceDialogDestinationPortMin": "Le port de destination doit être d'au moins 1", + "createInternalResourceDialogDestinationPortMax": "Le port de destination doit être inférieur à 65536", + "siteConfiguration": "Configuration", + "siteAcceptClientConnections": "Accepter les connexions client", + "siteAcceptClientConnectionsDescription": "Permet à d'autres appareils de se connecter via cette instance de Newt en tant que passerelle utilisant des clients.", + "siteAddress": "Adresse du site", + "siteAddressDescription": "Spécifiez l'adresse IP de l'hôte pour que les clients puissent s'y connecter. C'est l'adresse interne du site dans le réseau Pangolin pour que les clients puissent s'adresser. Doit être dans le sous-réseau de l'organisation.", + "autoLoginExternalIdp": "Connexion automatique avec IDP externe", + "autoLoginExternalIdpDescription": "Rediriger immédiatement l'utilisateur vers l'IDP externe pour l'authentification.", + "selectIdp": "Sélectionner l'IDP", + "selectIdpPlaceholder": "Choisissez un IDP...", + "selectIdpRequired": "Veuillez sélectionner un IDP lorsque la connexion automatique est activée.", + "autoLoginTitle": "Redirection", + "autoLoginDescription": "Redirection vers le fournisseur d'identité externe pour l'authentification.", + "autoLoginProcessing": "Préparation de l'authentification...", + "autoLoginRedirecting": "Redirection vers la connexion...", + "autoLoginError": "Erreur de connexion automatique", + "autoLoginErrorNoRedirectUrl": "Aucune URL de redirection reçue du fournisseur d'identité.", + "autoLoginErrorGeneratingUrl": "Échec de la génération de l'URL d'authentification.", + "managedSelfHosted": { + "title": "Gestion autonome", + "description": "Serveur Pangolin auto-hébergé avec des cloches et des sifflets supplémentaires", + "introTitle": "Pangolin auto-hébergé géré", + "introDescription": "est une option de déploiement conçue pour les personnes qui veulent de la simplicité et de la fiabilité tout en gardant leurs données privées et auto-hébergées.", + "introDetail": "Avec cette option, vous exécutez toujours votre propre nœud Pangolin — vos tunnels, la terminaison SSL et le trafic restent sur votre serveur. La différence est que la gestion et la surveillance sont gérées via notre tableau de bord du cloud, qui déverrouille un certain nombre d'avantages :", + "benefitSimplerOperations": { + "title": "Opérations plus simples", + "description": "Pas besoin de faire tourner votre propre serveur de messagerie ou de configurer des alertes complexes. Vous obtiendrez des contrôles de santé et des alertes de temps d'arrêt par la suite." + }, + "benefitAutomaticUpdates": { + "title": "Mises à jour automatiques", + "description": "Le tableau de bord du cloud évolue rapidement, de sorte que vous obtenez de nouvelles fonctionnalités et des corrections de bugs sans avoir à extraire manuellement de nouveaux conteneurs à chaque fois." + }, + "benefitLessMaintenance": { + "title": "Moins de maintenance", + "description": "Aucune migration de base de données, sauvegarde ou infrastructure supplémentaire à gérer. Nous gérons cela dans le cloud." + }, + "benefitCloudFailover": { + "title": "Basculement du Cloud", + "description": "Si votre nœud descend, vos tunnels peuvent temporairement échouer jusqu'à ce que vous le rapatriez en ligne." + }, + "benefitHighAvailability": { + "title": "Haute disponibilité (PoPs)", + "description": "Vous pouvez également attacher plusieurs nœuds à votre compte pour une redondance et de meilleures performances." + }, + "benefitFutureEnhancements": { + "title": "Améliorations futures", + "description": "Nous prévoyons d'ajouter plus d'outils d'analyse, d'alerte et de gestion pour rendre votre déploiement encore plus robuste." + }, + "docsAlert": { + "text": "En savoir plus sur l'option Auto-Hébergement géré dans notre", + "documentation": "documentation" + }, + "convertButton": "Convertir ce noeud en auto-hébergé géré" + }, + "internationaldomaindetected": "Domaine international détecté", + "willbestoredas": "Sera stocké comme :" +} diff --git a/messages/it-IT.json b/messages/it-IT.json new file mode 100644 index 00000000..9b935609 --- /dev/null +++ b/messages/it-IT.json @@ -0,0 +1,1500 @@ +{ + "setupCreate": "Crea la tua organizzazione, sito e risorse", + "setupNewOrg": "Nuova Organizzazione", + "setupCreateOrg": "Crea Organizzazione", + "setupCreateResources": "Crea Risorse", + "setupOrgName": "Nome Dell'Organizzazione", + "orgDisplayName": "Questo è il nome visualizzato della tua organizzazione.", + "orgId": "Id Organizzazione", + "setupIdentifierMessage": "Questo è l' identificatore univoco della tua organizzazione. Questo è separato dal nome del display.", + "setupErrorIdentifier": "L'ID dell'organizzazione è già utilizzato. Si prega di sceglierne uno diverso.", + "componentsErrorNoMemberCreate": "Al momento non sei un membro di nessuna organizzazione. Crea un'organizzazione per iniziare.", + "componentsErrorNoMember": "Attualmente non sei membro di nessuna organizzazione.", + "welcome": "Benvenuti a Pangolin", + "welcomeTo": "Benvenuto a", + "componentsCreateOrg": "Crea un'organizzazione", + "componentsMember": "Sei un membro di {count, plural, =0 {nessuna organizzazione} one {un'organizzazione} other {# organizzazioni}}.", + "componentsInvalidKey": "Rilevata chiave di licenza non valida o scaduta. Segui i termini di licenza per continuare a utilizzare tutte le funzionalità.", + "dismiss": "Ignora", + "componentsLicenseViolation": "Violazione della licenza: Questo server sta usando i siti {usedSites} che superano il suo limite concesso in licenza per i siti {maxSites} . Segui i termini di licenza per continuare a usare tutte le funzionalità.", + "componentsSupporterMessage": "Grazie per aver supportato Pangolin come {tier}!", + "inviteErrorNotValid": "Siamo spiacenti, ma sembra che l'invito che stai cercando di accedere non sia stato accettato o non sia più valido.", + "inviteErrorUser": "Siamo spiacenti, ma sembra che l'invito che stai cercando di accedere non sia per questo utente.", + "inviteLoginUser": "Assicurati di aver effettuato l'accesso come utente corretto.", + "inviteErrorNoUser": "Siamo spiacenti, ma sembra che l'invito che stai cercando di accedere non sia per un utente che esiste.", + "inviteCreateUser": "Si prega di creare un account prima.", + "goHome": "Vai A Home", + "inviteLogInOtherUser": "Accedi come utente diverso", + "createAnAccount": "Crea un account", + "inviteNotAccepted": "Invito Non Accettato", + "authCreateAccount": "Crea un account per iniziare", + "authNoAccount": "Non hai un account?", + "email": "Email", + "password": "Password", + "confirmPassword": "Conferma Password", + "createAccount": "Crea Account", + "viewSettings": "Visualizza impostazioni", + "delete": "Elimina", + "name": "Nome", + "online": "Online", + "offline": "Offline", + "site": "Sito", + "dataIn": "Dati In", + "dataOut": "Dati Fuori", + "connectionType": "Tipo Di Connessione", + "tunnelType": "Tipo Di Tunnel", + "local": "Locale", + "edit": "Modifica", + "siteConfirmDelete": "Conferma Eliminazione Sito", + "siteDelete": "Elimina Sito", + "siteMessageRemove": "Una volta rimosso, il sito non sarà più accessibile. Anche tutte le risorse e gli obiettivi associati al sito saranno rimossi.", + "siteMessageConfirm": "Per confermare, digita il nome del sito qui sotto.", + "siteQuestionRemove": "Sei sicuro di voler rimuovere il sito {selectedSite} dall'organizzazione?", + "siteManageSites": "Gestisci Siti", + "siteDescription": "Consenti la connettività alla rete attraverso tunnel sicuri", + "siteCreate": "Crea Sito", + "siteCreateDescription2": "Segui i passaggi qui sotto per creare e collegare un nuovo sito", + "siteCreateDescription": "Crea un nuovo sito per iniziare a connettere le tue risorse", + "close": "Chiudi", + "siteErrorCreate": "Errore nella creazione del sito", + "siteErrorCreateKeyPair": "Coppia di chiavi o valori predefiniti del sito non trovati", + "siteErrorCreateDefaults": "Predefiniti del sito non trovati", + "method": "Metodo", + "siteMethodDescription": "Questo è il modo in cui esporrete le connessioni.", + "siteLearnNewt": "Scopri come installare Newt sul tuo sistema", + "siteSeeConfigOnce": "Potrai vedere la configurazione solo una volta.", + "siteLoadWGConfig": "Caricamento configurazione WireGuard...", + "siteDocker": "Espandi per i dettagli di distribuzione Docker", + "toggle": "Attiva/disattiva", + "dockerCompose": "Composizione Docker", + "dockerRun": "Corsa Docker", + "siteLearnLocal": "I siti locali non tunnel, saperne di più", + "siteConfirmCopy": "Ho copiato la configurazione", + "searchSitesProgress": "Cerca siti...", + "siteAdd": "Aggiungi Sito", + "siteInstallNewt": "Installa Newt", + "siteInstallNewtDescription": "Esegui Newt sul tuo sistema", + "WgConfiguration": "Configurazione WireGuard", + "WgConfigurationDescription": "Usa la seguente configurazione per connetterti alla tua rete", + "operatingSystem": "Sistema Operativo", + "commands": "Comandi", + "recommended": "Consigliato", + "siteNewtDescription": "Per la migliore esperienza utente, utilizzare Newt. Utilizza WireGuard sotto il cofano e ti permette di indirizzare le tue risorse private tramite il loro indirizzo LAN sulla tua rete privata dall'interno della dashboard Pangolin.", + "siteRunsInDocker": "Esegue nel Docker", + "siteRunsInShell": "Esegue in shell su macOS, Linux e Windows", + "siteErrorDelete": "Errore nell'eliminare il sito", + "siteErrorUpdate": "Impossibile aggiornare il sito", + "siteErrorUpdateDescription": "Si è verificato un errore durante l'aggiornamento del sito.", + "siteUpdated": "Sito aggiornato", + "siteUpdatedDescription": "Il sito è stato aggiornato.", + "siteGeneralDescription": "Configura le impostazioni generali per questo sito", + "siteSettingDescription": "Configura le impostazioni sul tuo sito", + "siteSetting": "Impostazioni {siteName}", + "siteNewtTunnel": "Tunnel Newt (Consigliato)", + "siteNewtTunnelDescription": "Modo più semplice per creare un entrypoint nella rete. Nessuna configurazione aggiuntiva.", + "siteWg": "WireGuard Base", + "siteWgDescription": "Usa qualsiasi client WireGuard per stabilire un tunnel. Impostazione NAT manuale richiesta.", + "siteWgDescriptionSaas": "Usa qualsiasi client WireGuard per stabilire un tunnel. Impostazione NAT manuale richiesta. FUNZIONA SOLO SU NODI AUTO-OSPITATI", + "siteLocalDescription": "Solo risorse locali. Nessun tunneling.", + "siteLocalDescriptionSaas": "Solo risorse locali. Nessun tunneling. FUNZIONA SOLO SU NODI AUTO-OSPITATI", + "siteSeeAll": "Vedi Tutti I Siti", + "siteTunnelDescription": "Determina come vuoi connetterti al tuo sito", + "siteNewtCredentials": "Credenziali Newt", + "siteNewtCredentialsDescription": "Questo è come Newt si autenticerà con il server", + "siteCredentialsSave": "Salva Le Tue Credenziali", + "siteCredentialsSaveDescription": "Potrai vederlo solo una volta. Assicurati di copiarlo in un luogo sicuro.", + "siteInfo": "Informazioni Sito", + "status": "Stato", + "shareTitle": "Gestisci Collegamenti Di Condivisione", + "shareDescription": "Crea link condivisibili per concedere un accesso temporaneo o permanente alle tue risorse", + "shareSearch": "Cerca link condivisi...", + "shareCreate": "Crea Link Di Condivisione", + "shareErrorDelete": "Impossibile eliminare il link", + "shareErrorDeleteMessage": "Si è verificato un errore durante l'eliminazione del link", + "shareDeleted": "Link eliminato", + "shareDeletedDescription": "Il link è stato eliminato", + "shareTokenDescription": "Il token di accesso può essere passato in due modi: come parametro di interrogazione o nelle intestazioni della richiesta. Questi devono essere passati dal client su ogni richiesta di accesso autenticato.", + "accessToken": "Token Di Accesso", + "usageExamples": "Esempi Di Utilizzo", + "tokenId": "ID del Token", + "requestHeades": "Richiedi Intestazioni", + "queryParameter": "Parametro Query", + "importantNote": "Nota Importante", + "shareImportantDescription": "Per motivi di sicurezza, si consiglia di utilizzare le intestazioni su parametri di query quando possibile, in quanto i parametri di query possono essere registrati in log server o cronologia browser.", + "token": "Token", + "shareTokenSecurety": "Mantieni sicuro il tuo token di accesso. Non condividerlo in aree accessibili al pubblico o codice lato client.", + "shareErrorFetchResource": "Recupero delle risorse non riuscito", + "shareErrorFetchResourceDescription": "Si è verificato un errore durante il recupero delle risorse", + "shareErrorCreate": "Impossibile creare il link di condivisione", + "shareErrorCreateDescription": "Si è verificato un errore durante la creazione del link di condivisione", + "shareCreateDescription": "Chiunque con questo link può accedere alla risorsa", + "shareTitleOptional": "Titolo (facoltativo)", + "expireIn": "Scadenza In", + "neverExpire": "Mai scadere", + "shareExpireDescription": "Il tempo di scadenza è per quanto tempo il link sarà utilizzabile e fornirà accesso alla risorsa. Dopo questo tempo, il link non funzionerà più e gli utenti che hanno utilizzato questo link perderanno l'accesso alla risorsa.", + "shareSeeOnce": "Potrai vedere solo questo linkonce. Assicurati di copiarlo.", + "shareAccessHint": "Chiunque abbia questo link può accedere alla risorsa. Condividilo con cura.", + "shareTokenUsage": "Vedi Utilizzo Token Di Accesso", + "createLink": "Crea Collegamento", + "resourcesNotFound": "Nessuna risorsa trovata", + "resourceSearch": "Cerca risorse", + "openMenu": "Apri menu", + "resource": "Risorsa", + "title": "Titolo", + "created": "Creato", + "expires": "Scade", + "never": "Mai", + "shareErrorSelectResource": "Seleziona una risorsa", + "resourceTitle": "Gestisci Risorse", + "resourceDescription": "Crea proxy sicuri per le tue applicazioni private", + "resourcesSearch": "Cerca risorse...", + "resourceAdd": "Aggiungi Risorsa", + "resourceErrorDelte": "Errore nell'eliminare la risorsa", + "authentication": "Autenticazione", + "protected": "Protetto", + "notProtected": "Non Protetto", + "resourceMessageRemove": "Una volta rimossa, la risorsa non sarà più accessibile. Tutti gli obiettivi associati alla risorsa saranno rimossi.", + "resourceMessageConfirm": "Per confermare, digita il nome della risorsa qui sotto.", + "resourceQuestionRemove": "Sei sicuro di voler rimuovere la risorsa {selectedResource} dall'organizzazione?", + "resourceHTTP": "Risorsa HTTPS", + "resourceHTTPDescription": "Richieste proxy alla tua app tramite HTTPS utilizzando un sottodominio o un dominio di base.", + "resourceRaw": "Risorsa Raw TCP/UDP", + "resourceRawDescription": "Richieste proxy alla tua app tramite TCP/UDP utilizzando un numero di porta.", + "resourceCreate": "Crea Risorsa", + "resourceCreateDescription": "Segui i passaggi seguenti per creare una nuova risorsa", + "resourceSeeAll": "Vedi Tutte Le Risorse", + "resourceInfo": "Informazioni Risorsa", + "resourceNameDescription": "Questo è il nome visualizzato per la risorsa.", + "siteSelect": "Seleziona sito", + "siteSearch": "Cerca sito", + "siteNotFound": "Nessun sito trovato.", + "siteSelectionDescription": "Questo sito fornirà connettività all'obiettivo.", + "resourceType": "Tipo Di Risorsa", + "resourceTypeDescription": "Determina come vuoi accedere alla tua risorsa", + "resourceHTTPSSettings": "Impostazioni HTTPS", + "resourceHTTPSSettingsDescription": "Configura come sarà possibile accedere alla tua risorsa su HTTPS", + "domainType": "Tipo Di Dominio", + "subdomain": "Sottodominio", + "baseDomain": "Dominio Base", + "subdomnainDescription": "Il sottodominio in cui la tua risorsa sarà accessibile.", + "resourceRawSettings": "Impostazioni TCP/UDP", + "resourceRawSettingsDescription": "Configura come accedere alla tua risorsa tramite TCP/UDP", + "protocol": "Protocollo", + "protocolSelect": "Seleziona un protocollo", + "resourcePortNumber": "Numero Porta", + "resourcePortNumberDescription": "Il numero di porta esterna per le richieste di proxy.", + "cancel": "Annulla", + "resourceConfig": "Snippet Di Configurazione", + "resourceConfigDescription": "Copia e incolla questi snippet di configurazione per configurare la tua risorsa TCP/UDP", + "resourceAddEntrypoints": "Traefik: Aggiungi Ingresso", + "resourceExposePorts": "Gerbil: espone le porte in Docker componi", + "resourceLearnRaw": "Scopri come configurare le risorse TCP/UDP", + "resourceBack": "Torna alle risorse", + "resourceGoTo": "Vai alla Risorsa", + "resourceDelete": "Elimina Risorsa", + "resourceDeleteConfirm": "Conferma Eliminazione Risorsa", + "visibility": "Visibilità", + "enabled": "Abilitato", + "disabled": "Disabilitato", + "general": "Generale", + "generalSettings": "Impostazioni Generali", + "proxy": "Proxy", + "internal": "Interno", + "rules": "Regole", + "resourceSettingDescription": "Configura le impostazioni sulla tua risorsa", + "resourceSetting": "Impostazioni {resourceName}", + "alwaysAllow": "Consenti Sempre", + "alwaysDeny": "Nega Sempre", + "passToAuth": "Passa all'autenticazione", + "orgSettingsDescription": "Configura le impostazioni generali della tua organizzazione", + "orgGeneralSettings": "Impostazioni Organizzazione", + "orgGeneralSettingsDescription": "Gestisci i dettagli dell'organizzazione e la configurazione", + "saveGeneralSettings": "Salva Impostazioni Generali", + "saveSettings": "Salva Impostazioni", + "orgDangerZone": "Zona Pericolosa", + "orgDangerZoneDescription": "Una volta che si elimina questo org, non c'è ritorno. Si prega di essere certi.", + "orgDelete": "Elimina Organizzazione", + "orgDeleteConfirm": "Conferma Elimina Organizzazione", + "orgMessageRemove": "Questa azione è irreversibile e cancellerà tutti i dati associati.", + "orgMessageConfirm": "Per confermare, digita il nome dell'organizzazione qui sotto.", + "orgQuestionRemove": "Sei sicuro di voler rimuovere l'organizzazione {selectedOrg}?", + "orgUpdated": "Organizzazione aggiornata", + "orgUpdatedDescription": "L'organizzazione è stata aggiornata.", + "orgErrorUpdate": "Impossibile aggiornare l'organizzazione", + "orgErrorUpdateMessage": "Si è verificato un errore nell'aggiornamento dell'organizzazione.", + "orgErrorFetch": "Recupero delle organizzazioni non riuscito", + "orgErrorFetchMessage": "Si è verificato un errore durante l'elenco delle organizzazioni", + "orgErrorDelete": "Impossibile eliminare l'organizzazione", + "orgErrorDeleteMessage": "Si è verificato un errore durante l'eliminazione dell'organizzazione.", + "orgDeleted": "Organizzazione eliminata", + "orgDeletedMessage": "L'organizzazione e i suoi dati sono stati eliminati.", + "orgMissing": "ID Organizzazione Mancante", + "orgMissingMessage": "Impossibile rigenerare l'invito senza un ID organizzazione.", + "accessUsersManage": "Gestisci Utenti", + "accessUsersDescription": "Invita gli utenti e aggiungili ai ruoli per gestire l'accesso alla tua organizzazione", + "accessUsersSearch": "Cerca utenti...", + "accessUserCreate": "Crea Utente", + "accessUserRemove": "Rimuovi Utente", + "username": "Nome utente", + "identityProvider": "Provider Di Identità", + "role": "Ruolo", + "nameRequired": "Il nome è obbligatorio", + "accessRolesManage": "Gestisci Ruoli", + "accessRolesDescription": "Configura i ruoli per gestire l'accesso alla tua organizzazione", + "accessRolesSearch": "Ricerca ruoli...", + "accessRolesAdd": "Aggiungi Ruolo", + "accessRoleDelete": "Elimina Ruolo", + "description": "Descrizione", + "inviteTitle": "Inviti Aperti", + "inviteDescription": "Gestisci i tuoi inviti ad altri utenti", + "inviteSearch": "Cerca inviti...", + "minutes": "Minuti", + "hours": "Ore", + "days": "Giorni", + "weeks": "Settimane", + "months": "Mesi", + "years": "Anni", + "day": "{count, plural, one {# giorno} other {# giorni}}", + "apiKeysTitle": "Informazioni Chiave API", + "apiKeysConfirmCopy2": "Devi confermare di aver copiato la chiave API.", + "apiKeysErrorCreate": "Errore nella creazione della chiave API", + "apiKeysErrorSetPermission": "Errore nell'impostazione dei permessi", + "apiKeysCreate": "Genera Chiave API", + "apiKeysCreateDescription": "Genera una nuova chiave API per la tua organizzazione", + "apiKeysGeneralSettings": "Permessi", + "apiKeysGeneralSettingsDescription": "Determina cosa può fare questa chiave API", + "apiKeysList": "La Tua Chiave API", + "apiKeysSave": "Salva La Tua Chiave API", + "apiKeysSaveDescription": "Potrai vederla solo una volta. Assicurati di copiarla in un luogo sicuro.", + "apiKeysInfo": "La tua chiave API è:", + "apiKeysConfirmCopy": "Ho copiato la chiave API", + "generate": "Genera", + "done": "Fatto", + "apiKeysSeeAll": "Vedi Tutte Le Chiavi API", + "apiKeysPermissionsErrorLoadingActions": "Errore nel caricamento delle azioni della chiave API", + "apiKeysPermissionsErrorUpdate": "Errore nell'impostazione dei permessi", + "apiKeysPermissionsUpdated": "Permessi aggiornati", + "apiKeysPermissionsUpdatedDescription": "I permessi sono stati aggiornati.", + "apiKeysPermissionsGeneralSettings": "Permessi", + "apiKeysPermissionsGeneralSettingsDescription": "Determina cosa può fare questa chiave API", + "apiKeysPermissionsSave": "Salva Permessi", + "apiKeysPermissionsTitle": "Permessi", + "apiKeys": "Chiavi API", + "searchApiKeys": "Cerca chiavi API...", + "apiKeysAdd": "Genera Chiave API", + "apiKeysErrorDelete": "Errore nell'eliminazione della chiave API", + "apiKeysErrorDeleteMessage": "Errore nell'eliminazione della chiave API", + "apiKeysQuestionRemove": "Sei sicuro di voler rimuovere la chiave API {selectedApiKey} dall'organizzazione?", + "apiKeysMessageRemove": "Una volta rimossa, la chiave API non potrà più essere utilizzata.", + "apiKeysMessageConfirm": "Per confermare, digita il nome della chiave API qui sotto.", + "apiKeysDeleteConfirm": "Conferma Eliminazione Chiave API", + "apiKeysDelete": "Elimina Chiave API", + "apiKeysManage": "Gestisci Chiavi API", + "apiKeysDescription": "Le chiavi API sono utilizzate per autenticarsi con l'API di integrazione", + "apiKeysSettings": "Impostazioni {apiKeyName}", + "userTitle": "Gestisci Tutti Gli Utenti", + "userDescription": "Visualizza e gestisci tutti gli utenti del sistema", + "userAbount": "Informazioni Sulla Gestione Utente", + "userAbountDescription": "Questa tabella mostra tutti gli oggetti utente root nel sistema. Ogni utente può appartenere a più organizzazioni. La rimozione di un utente da un'organizzazione non elimina il suo oggetto utente root, che rimarrà nel sistema. Per rimuovere completamente un utente dal sistema, è necessario eliminare il loro oggetto utente root utilizzando l'azione di eliminazione in questa tabella.", + "userServer": "Utenti Server", + "userSearch": "Cerca utenti del server...", + "userErrorDelete": "Errore nell'eliminare l'utente", + "userDeleteConfirm": "Conferma Eliminazione Utente", + "userDeleteServer": "Elimina utente dal server", + "userMessageRemove": "L'utente verrà rimosso da tutte le organizzazioni ed essere completamente rimosso dal server.", + "userMessageConfirm": "Per confermare, digita il nome dell'utente qui sotto.", + "userQuestionRemove": "Sei sicuro di voler eliminare definitivamente {selectedUser} dal server?", + "licenseKey": "Chiave Di Licenza", + "valid": "Valido", + "numberOfSites": "Numero di siti", + "licenseKeySearch": "Cerca chiavi di licenza...", + "licenseKeyAdd": "Aggiungi Chiave Di Licenza", + "type": "Tipo", + "licenseKeyRequired": "La chiave di licenza è obbligatoria", + "licenseTermsAgree": "Devi accettare i termini della licenza", + "licenseErrorKeyLoad": "Impossibile caricare le chiavi di licenza", + "licenseErrorKeyLoadDescription": "Si è verificato un errore durante il caricamento delle chiavi di licenza.", + "licenseErrorKeyDelete": "Impossibile eliminare la chiave di licenza", + "licenseErrorKeyDeleteDescription": "Si è verificato un errore durante l'eliminazione della chiave di licenza.", + "licenseKeyDeleted": "Chiave di licenza eliminata", + "licenseKeyDeletedDescription": "La chiave di licenza è stata eliminata.", + "licenseErrorKeyActivate": "Attivazione della chiave di licenza non riuscita", + "licenseErrorKeyActivateDescription": "Si è verificato un errore nell'attivazione della chiave di licenza.", + "licenseAbout": "Informazioni Su Licenze", + "communityEdition": "Edizione Community", + "licenseAboutDescription": "Questo è per gli utenti aziendali e aziendali che utilizzano Pangolin in un ambiente commerciale. Se stai usando Pangolin per uso personale, puoi ignorare questa sezione.", + "licenseKeyActivated": "Chiave di licenza attivata", + "licenseKeyActivatedDescription": "La chiave di licenza è stata attivata correttamente.", + "licenseErrorKeyRecheck": "Impossibile ricontrollare le chiavi di licenza", + "licenseErrorKeyRecheckDescription": "Si è verificato un errore nel ricontrollare le chiavi di licenza.", + "licenseErrorKeyRechecked": "Chiavi di licenza ricontrollate", + "licenseErrorKeyRecheckedDescription": "Tutte le chiavi di licenza sono state ricontrollate", + "licenseActivateKey": "Attiva Chiave Di Licenza", + "licenseActivateKeyDescription": "Inserisci una chiave di licenza per attivarla.", + "licenseActivate": "Attiva Licenza", + "licenseAgreement": "Selezionando questa casella, confermi di aver letto e accettato i termini di licenza corrispondenti al livello associato alla chiave di licenza.", + "fossorialLicense": "Visualizza I Termini Di Licenza Commerciale Fossorial E Abbonamento", + "licenseMessageRemove": "Questo rimuoverà la chiave di licenza e tutti i permessi associati da essa concessi.", + "licenseMessageConfirm": "Per confermare, digitare la chiave di licenza qui sotto.", + "licenseQuestionRemove": "Sei sicuro di voler eliminare la chiave di licenza {selectedKey}?", + "licenseKeyDelete": "Elimina Chiave Di Licenza", + "licenseKeyDeleteConfirm": "Conferma Elimina Chiave Di Licenza", + "licenseTitle": "Gestisci Stato Licenza", + "licenseTitleDescription": "Visualizza e gestisci le chiavi di licenza nel sistema", + "licenseHost": "Licenza Host", + "licenseHostDescription": "Gestisci la chiave di licenza principale per l'host.", + "licensedNot": "Non Licenziato", + "hostId": "ID Host", + "licenseReckeckAll": "Ricontrolla Tutte Le Tasti", + "licenseSiteUsage": "Utilizzo Siti", + "licenseSiteUsageDecsription": "Visualizza il numero di siti che utilizzano questa licenza.", + "licenseNoSiteLimit": "Non c'è alcun limite al numero di siti che utilizzano un host senza licenza.", + "licensePurchase": "Acquista Licenza", + "licensePurchaseSites": "Acquista Siti Aggiuntivi", + "licenseSitesUsedMax": "{usedSites} di {maxSites} siti utilizzati", + "licenseSitesUsed": "{count, plural, =0 {# siti} one {# sito} other {# siti}} nel sistema.", + "licensePurchaseDescription": "Scegli quanti siti vuoi {selectedMode, select, license {acquista una licenza. Puoi sempre aggiungere altri siti più tardi.} other {aggiungi alla tua licenza esistente.}}", + "licenseFee": "Costo della licenza", + "licensePriceSite": "Prezzo per sito", + "total": "Totale", + "licenseContinuePayment": "Continua al pagamento", + "pricingPage": "pagina prezzi", + "pricingPortal": "Vedi Il Portale Di Acquisto", + "licensePricingPage": "Per i prezzi e gli sconti più aggiornati, visita il ", + "invite": "Inviti", + "inviteRegenerate": "Rigenera Invito", + "inviteRegenerateDescription": "Revoca l'invito precedente e creane uno nuovo", + "inviteRemove": "Rimuovi Invito", + "inviteRemoveError": "Impossibile rimuovere l'invito", + "inviteRemoveErrorDescription": "Si è verificato un errore durante la rimozione dell'invito.", + "inviteRemoved": "Invito rimosso", + "inviteRemovedDescription": "L'invito per {email} è stato rimosso.", + "inviteQuestionRemove": "Sei sicuro di voler rimuovere l'invito {email}?", + "inviteMessageRemove": "Una volta rimosso, questo invito non sarà più valido. Puoi sempre reinvitare l'utente in seguito.", + "inviteMessageConfirm": "Per confermare, digita l'indirizzo email dell'invito qui sotto.", + "inviteQuestionRegenerate": "Sei sicuro di voler rigenerare l'invito {email}? Questo revocherà l'invito precedente.", + "inviteRemoveConfirm": "Conferma Rimozione Invito", + "inviteRegenerated": "Invito Rigenerato", + "inviteSent": "Un nuovo invito è stato inviato a {email}.", + "inviteSentEmail": "Invia notifica email all'utente", + "inviteGenerate": "Un nuovo invito è stato generato per {email}.", + "inviteDuplicateError": "Invito Duplicato", + "inviteDuplicateErrorDescription": "Esiste già un invito per questo utente.", + "inviteRateLimitError": "Limite di Frequenza Superato", + "inviteRateLimitErrorDescription": "Hai superato il limite di 3 rigenerazioni per ora. Riprova più tardi.", + "inviteRegenerateError": "Impossibile Rigenerare l'Invito", + "inviteRegenerateErrorDescription": "Si è verificato un errore durante la rigenerazione dell'invito.", + "inviteValidityPeriod": "Periodo di Validità", + "inviteValidityPeriodSelect": "Seleziona periodo di validità", + "inviteRegenerateMessage": "L'invito è stato rigenerato. L'utente deve accedere al link qui sotto per accettare l'invito.", + "inviteRegenerateButton": "Rigenera", + "expiresAt": "Scade Il", + "accessRoleUnknown": "Ruolo Sconosciuto", + "placeholder": "Segnaposto", + "userErrorOrgRemove": "Impossibile rimuovere l'utente", + "userErrorOrgRemoveDescription": "Si è verificato un errore durante la rimozione dell'utente.", + "userOrgRemoved": "Utente rimosso", + "userOrgRemovedDescription": "L'utente {email} è stato rimosso dall'organizzazione.", + "userQuestionOrgRemove": "Sei sicuro di voler rimuovere {email} dall'organizzazione?", + "userMessageOrgRemove": "Una volta rimosso, questo utente non avrà più accesso all'organizzazione. Puoi sempre reinvitarlo in seguito, ma dovrà accettare nuovamente l'invito.", + "userMessageOrgConfirm": "Per confermare, digita il nome dell'utente qui sotto.", + "userRemoveOrgConfirm": "Conferma Rimozione Utente", + "userRemoveOrg": "Rimuovi Utente dall'Organizzazione", + "users": "Utenti", + "accessRoleMember": "Membro", + "accessRoleOwner": "Proprietario", + "userConfirmed": "Confermato", + "idpNameInternal": "Interno", + "emailInvalid": "Indirizzo email non valido", + "inviteValidityDuration": "Seleziona una durata", + "accessRoleSelectPlease": "Seleziona un ruolo", + "usernameRequired": "Username richiesto", + "idpSelectPlease": "Seleziona un provider di identità", + "idpGenericOidc": "Provider OAuth2/OIDC generico.", + "accessRoleErrorFetch": "Impossibile recuperare i ruoli", + "accessRoleErrorFetchDescription": "Si è verificato un errore durante il recupero dei ruoli", + "idpErrorFetch": "Impossibile recuperare i provider di identità", + "idpErrorFetchDescription": "Si è verificato un errore durante il recupero dei provider di identità", + "userErrorExists": "Utente Già Esistente", + "userErrorExistsDescription": "Questo utente è già membro dell'organizzazione.", + "inviteError": "Impossibile invitare l'utente", + "inviteErrorDescription": "Si è verificato un errore durante l'invito dell'utente", + "userInvited": "Utente invitato", + "userInvitedDescription": "L'utente è stato invitato con successo.", + "userErrorCreate": "Impossibile creare l'utente", + "userErrorCreateDescription": "Si è verificato un errore durante la creazione dell'utente", + "userCreated": "Utente creato", + "userCreatedDescription": "L'utente è stato creato con successo.", + "userTypeInternal": "Utente Interno", + "userTypeInternalDescription": "Invita un utente a unirsi direttamente alla tua organizzazione.", + "userTypeExternal": "Utente Esterno", + "userTypeExternalDescription": "Crea un utente con un provider di identità esterno.", + "accessUserCreateDescription": "Segui i passaggi seguenti per creare un nuovo utente", + "userSeeAll": "Vedi Tutti gli Utenti", + "userTypeTitle": "Tipo di Utente", + "userTypeDescription": "Determina come vuoi creare l'utente", + "userSettings": "Informazioni Utente", + "userSettingsDescription": "Inserisci i dettagli per il nuovo utente", + "inviteEmailSent": "Invia email di invito all'utente", + "inviteValid": "Valido Per", + "selectDuration": "Seleziona durata", + "accessRoleSelect": "Seleziona ruolo", + "inviteEmailSentDescription": "È stata inviata un'email all'utente con il link di accesso qui sotto. Devono accedere al link per accettare l'invito.", + "inviteSentDescription": "L'utente è stato invitato. Deve accedere al link qui sotto per accettare l'invito.", + "inviteExpiresIn": "L'invito scadrà tra {days, plural, one {# giorno} other {# giorni}}.", + "idpTitle": "Informazioni Generali", + "idpSelect": "Seleziona il provider di identità per l'utente esterno", + "idpNotConfigured": "Nessun provider di identità configurato. Configura un provider di identità prima di creare utenti esterni.", + "usernameUniq": "Questo deve corrispondere all'username univoco esistente nel provider di identità selezionato.", + "emailOptional": "Email (Opzionale)", + "nameOptional": "Nome (Opzionale)", + "accessControls": "Controlli di Accesso", + "userDescription2": "Gestisci le impostazioni di questo utente", + "accessRoleErrorAdd": "Impossibile aggiungere l'utente al ruolo", + "accessRoleErrorAddDescription": "Si è verificato un errore durante l'aggiunta dell'utente al ruolo.", + "userSaved": "Utente salvato", + "userSavedDescription": "L'utente è stato aggiornato.", + "accessControlsDescription": "Gestisci cosa questo utente può accedere e fare nell'organizzazione", + "accessControlsSubmit": "Salva Controlli di Accesso", + "roles": "Ruoli", + "accessUsersRoles": "Gestisci Utenti e Ruoli", + "accessUsersRolesDescription": "Invita utenti e aggiungili ai ruoli per gestire l'accesso alla tua organizzazione", + "key": "Chiave", + "createdAt": "Creato Il", + "proxyErrorInvalidHeader": "Valore dell'intestazione Host personalizzata non valido. Usa il formato nome dominio o salva vuoto per rimuovere l'intestazione Host personalizzata.", + "proxyErrorTls": "Nome Server TLS non valido. Usa il formato nome dominio o salva vuoto per rimuovere il Nome Server TLS.", + "proxyEnableSSL": "Abilita SSL (https)", + "targetErrorFetch": "Impossibile recuperare i target", + "targetErrorFetchDescription": "Si è verificato un errore durante il recupero dei target", + "siteErrorFetch": "Impossibile recuperare la risorsa", + "siteErrorFetchDescription": "Si è verificato un errore durante il recupero della risorsa", + "targetErrorDuplicate": "Target duplicato", + "targetErrorDuplicateDescription": "Esiste già un target con queste impostazioni", + "targetWireGuardErrorInvalidIp": "IP target non valido", + "targetWireGuardErrorInvalidIpDescription": "L'IP target deve essere all'interno della subnet del sito", + "targetsUpdated": "Target aggiornati", + "targetsUpdatedDescription": "Target e impostazioni aggiornati con successo", + "targetsErrorUpdate": "Impossibile aggiornare i target", + "targetsErrorUpdateDescription": "Si è verificato un errore durante l'aggiornamento dei target", + "targetTlsUpdate": "Impostazioni TLS aggiornate", + "targetTlsUpdateDescription": "Le tue impostazioni TLS sono state aggiornate con successo", + "targetErrorTlsUpdate": "Impossibile aggiornare le impostazioni TLS", + "targetErrorTlsUpdateDescription": "Si è verificato un errore durante l'aggiornamento delle impostazioni TLS", + "proxyUpdated": "Impostazioni proxy aggiornate", + "proxyUpdatedDescription": "Le tue impostazioni proxy sono state aggiornate con successo", + "proxyErrorUpdate": "Impossibile aggiornare le impostazioni proxy", + "proxyErrorUpdateDescription": "Si è verificato un errore durante l'aggiornamento delle impostazioni proxy", + "targetAddr": "IP / Nome host", + "targetPort": "Porta", + "targetProtocol": "Protocollo", + "targetTlsSettings": "Configurazione Connessione Sicura", + "targetTlsSettingsDescription": "Configura le impostazioni SSL/TLS per la tua risorsa", + "targetTlsSettingsAdvanced": "Impostazioni TLS Avanzate", + "targetTlsSni": "Nome Server TLS (SNI)", + "targetTlsSniDescription": "Il Nome Server TLS da usare per SNI. Lascia vuoto per usare quello predefinito.", + "targetTlsSubmit": "Salva Impostazioni", + "targets": "Configurazione Target", + "targetsDescription": "Configura i target per instradare il traffico ai tuoi servizi backend", + "targetStickySessions": "Abilita Sessioni Persistenti", + "targetStickySessionsDescription": "Mantieni le connessioni sullo stesso target backend per l'intera sessione.", + "methodSelect": "Seleziona metodo", + "targetSubmit": "Aggiungi Target", + "targetNoOne": "Nessun target. Aggiungi un target usando il modulo.", + "targetNoOneDescription": "L'aggiunta di più di un target abiliterà il bilanciamento del carico.", + "targetsSubmit": "Salva Target", + "proxyAdditional": "Impostazioni Proxy Aggiuntive", + "proxyAdditionalDescription": "Configura come la tua risorsa gestisce le impostazioni proxy", + "proxyCustomHeader": "Intestazione Host Personalizzata", + "proxyCustomHeaderDescription": "L'intestazione host da impostare durante il proxy delle richieste. Lascia vuoto per usare quella predefinita.", + "proxyAdditionalSubmit": "Salva Impostazioni Proxy", + "subnetMaskErrorInvalid": "Maschera di sottorete non valida. Deve essere tra 0 e 32.", + "ipAddressErrorInvalidFormat": "Formato indirizzo IP non valido", + "ipAddressErrorInvalidOctet": "Ottetto indirizzo IP non valido", + "path": "Percorso", + "ipAddressRange": "Intervallo IP", + "rulesErrorFetch": "Impossibile recuperare le regole", + "rulesErrorFetchDescription": "Si è verificato un errore durante il recupero delle regole", + "rulesErrorDuplicate": "Regola duplicata", + "rulesErrorDuplicateDescription": "Esiste già una regola con queste impostazioni", + "rulesErrorInvalidIpAddressRange": "CIDR non valido", + "rulesErrorInvalidIpAddressRangeDescription": "Inserisci un valore CIDR valido", + "rulesErrorInvalidUrl": "Percorso URL non valido", + "rulesErrorInvalidUrlDescription": "Inserisci un valore di percorso URL valido", + "rulesErrorInvalidIpAddress": "IP non valido", + "rulesErrorInvalidIpAddressDescription": "Inserisci un indirizzo IP valido", + "rulesErrorUpdate": "Impossibile aggiornare le regole", + "rulesErrorUpdateDescription": "Si è verificato un errore durante l'aggiornamento delle regole", + "rulesUpdated": "Abilita Regole", + "rulesUpdatedDescription": "La valutazione delle regole è stata aggiornata", + "rulesMatchIpAddressRangeDescription": "Inserisci un indirizzo in formato CIDR (es. 103.21.244.0/22)", + "rulesMatchIpAddress": "Inserisci un indirizzo IP (es. 103.21.244.12)", + "rulesMatchUrl": "Inserisci un percorso URL o pattern (es. /api/v1/todos o /api/v1/*)", + "rulesErrorInvalidPriority": "Priorità Non Valida", + "rulesErrorInvalidPriorityDescription": "Inserisci una priorità valida", + "rulesErrorDuplicatePriority": "Priorità Duplicate", + "rulesErrorDuplicatePriorityDescription": "Inserisci priorità uniche", + "ruleUpdated": "Regole aggiornate", + "ruleUpdatedDescription": "Regole aggiornate con successo", + "ruleErrorUpdate": "Operazione fallita", + "ruleErrorUpdateDescription": "Si è verificato un errore durante il salvataggio", + "rulesPriority": "Priorità", + "rulesAction": "Azione", + "rulesMatchType": "Tipo di Corrispondenza", + "value": "Valore", + "rulesAbout": "Informazioni sulle Regole", + "rulesAboutDescription": "Le regole ti permettono di controllare l'accesso alla tua risorsa in base a una serie di criteri. Puoi creare regole per consentire o negare l'accesso basato su indirizzo IP o percorso URL.", + "rulesActions": "Azioni", + "rulesActionAlwaysAllow": "Consenti Sempre: Ignora tutti i metodi di autenticazione", + "rulesActionAlwaysDeny": "Nega Sempre: Blocca tutte le richieste; nessuna autenticazione può essere tentata", + "rulesActionPassToAuth": "Passa all'autenticazione: Consenti di tentare i metodi di autenticazione", + "rulesMatchCriteria": "Criteri di Corrispondenza", + "rulesMatchCriteriaIpAddress": "Corrisponde a un indirizzo IP specifico", + "rulesMatchCriteriaIpAddressRange": "Corrisponde a un intervallo di indirizzi IP in notazione CIDR", + "rulesMatchCriteriaUrl": "Corrisponde a un percorso URL o pattern", + "rulesEnable": "Abilita Regole", + "rulesEnableDescription": "Abilita o disabilita la valutazione delle regole per questa risorsa", + "rulesResource": "Configurazione Regole Risorsa", + "rulesResourceDescription": "Configura le regole per controllare l'accesso alla tua risorsa", + "ruleSubmit": "Aggiungi Regola", + "rulesNoOne": "Nessuna regola. Aggiungi una regola usando il modulo.", + "rulesOrder": "Le regole sono valutate per priorità in ordine crescente.", + "rulesSubmit": "Salva Regole", + "resourceErrorCreate": "Errore nella creazione della risorsa", + "resourceErrorCreateDescription": "Si è verificato un errore durante la creazione della risorsa", + "resourceErrorCreateMessage": "Errore nella creazione della risorsa:", + "resourceErrorCreateMessageDescription": "Si è verificato un errore imprevisto", + "sitesErrorFetch": "Errore nel recupero dei siti", + "sitesErrorFetchDescription": "Si è verificato un errore durante il recupero dei siti", + "domainsErrorFetch": "Errore nel recupero dei domini", + "domainsErrorFetchDescription": "Si è verificato un errore durante il recupero dei domini", + "none": "Nessuno", + "unknown": "Sconosciuto", + "resources": "Risorse", + "resourcesDescription": "Le risorse sono proxy per le applicazioni in esecuzione sulla tua rete privata. Crea una risorsa per qualsiasi servizio HTTP/HTTPS o TCP/UDP raw sulla tua rete privata. Ogni risorsa deve essere collegata a un sito per abilitare la connettività privata e sicura attraverso un tunnel WireGuard crittografato.", + "resourcesWireGuardConnect": "Connettività sicura con crittografia WireGuard", + "resourcesMultipleAuthenticationMethods": "Configura molteplici metodi di autenticazione", + "resourcesUsersRolesAccess": "Controllo accessi basato su utenti e ruoli", + "resourcesErrorUpdate": "Impossibile attivare/disattivare la risorsa", + "resourcesErrorUpdateDescription": "Si è verificato un errore durante l'aggiornamento della risorsa", + "access": "Accesso", + "shareLink": "Link di Condivisione {resource}", + "resourceSelect": "Seleziona risorsa", + "shareLinks": "Link di Condivisione", + "share": "Link Condivisibili", + "shareDescription2": "Crea link condivisibili per le tue risorse. I link forniscono accesso temporaneo o illimitato alla tua risorsa. Puoi configurare la durata di scadenza del link quando lo crei.", + "shareEasyCreate": "Facile da creare e condividere", + "shareConfigurableExpirationDuration": "Durata di scadenza configurabile", + "shareSecureAndRevocable": "Sicuro e revocabile", + "nameMin": "Il nome deve essere di almeno {len} caratteri.", + "nameMax": "Il nome non deve superare i {len} caratteri.", + "sitesConfirmCopy": "Conferma di aver copiato la configurazione.", + "unknownCommand": "Comando sconosciuto", + "newtErrorFetchReleases": "Impossibile recuperare le informazioni sulla versione: {err}", + "newtErrorFetchLatest": "Errore nel recupero dell'ultima versione: {err}", + "newtEndpoint": "Endpoint Newt", + "newtId": "ID Newt", + "newtSecretKey": "Chiave Segreta Newt", + "architecture": "Architettura", + "sites": "Siti", + "siteWgAnyClients": "Usa qualsiasi client WireGuard per connetterti. Dovrai indirizzare le tue risorse interne usando l'IP del peer.", + "siteWgCompatibleAllClients": "Compatibile con tutti i client WireGuard", + "siteWgManualConfigurationRequired": "Configurazione manuale richiesta", + "userErrorNotAdminOrOwner": "L'utente non è un amministratore o proprietario", + "pangolinSettings": "Impostazioni - Pangolin", + "accessRoleYour": "Il tuo ruolo:", + "accessRoleSelect2": "Seleziona un ruolo", + "accessUserSelect": "Seleziona un utente", + "otpEmailEnter": "Inserisci un'email", + "otpEmailEnterDescription": "Premi invio per aggiungere un'email dopo averla digitata nel campo di input.", + "otpEmailErrorInvalid": "Indirizzo email non valido. Il carattere jolly (*) deve essere l'intera parte locale.", + "otpEmailSmtpRequired": "SMTP Richiesto", + "otpEmailSmtpRequiredDescription": "SMTP deve essere abilitato sul server per utilizzare l'autenticazione con password monouso.", + "otpEmailTitle": "Password Monouso", + "otpEmailTitleDescription": "Richiedi autenticazione basata su email per l'accesso alle risorse", + "otpEmailWhitelist": "Lista Autorizzazioni Email", + "otpEmailWhitelistList": "Email Autorizzate", + "otpEmailWhitelistListDescription": "Solo gli utenti con questi indirizzi email potranno accedere a questa risorsa. Verrà richiesto loro di inserire una password monouso inviata alla loro email. I caratteri jolly (*@example.com) possono essere utilizzati per consentire qualsiasi indirizzo email da un dominio.", + "otpEmailWhitelistSave": "Salva Lista Autorizzazioni", + "passwordAdd": "Aggiungi Password", + "passwordRemove": "Rimuovi Password", + "pincodeAdd": "Aggiungi Codice PIN", + "pincodeRemove": "Rimuovi Codice PIN", + "resourceAuthMethods": "Metodi di Autenticazione", + "resourceAuthMethodsDescriptions": "Consenti l'accesso alla risorsa tramite metodi di autenticazione aggiuntivi", + "resourceAuthSettingsSave": "Salvato con successo", + "resourceAuthSettingsSaveDescription": "Le impostazioni di autenticazione sono state salvate", + "resourceErrorAuthFetch": "Impossibile recuperare i dati", + "resourceErrorAuthFetchDescription": "Si è verificato un errore durante il recupero dei dati", + "resourceErrorPasswordRemove": "Errore nella rimozione della password della risorsa", + "resourceErrorPasswordRemoveDescription": "Si è verificato un errore durante la rimozione della password della risorsa", + "resourceErrorPasswordSetup": "Errore nell'impostazione della password della risorsa", + "resourceErrorPasswordSetupDescription": "Si è verificato un errore durante l'impostazione della password della risorsa", + "resourceErrorPincodeRemove": "Errore nella rimozione del codice PIN della risorsa", + "resourceErrorPincodeRemoveDescription": "Si è verificato un errore durante la rimozione del codice PIN della risorsa", + "resourceErrorPincodeSetup": "Errore nell'impostazione del codice PIN della risorsa", + "resourceErrorPincodeSetupDescription": "Si è verificato un errore durante l'impostazione del codice PIN della risorsa", + "resourceErrorUsersRolesSave": "Impossibile impostare i ruoli", + "resourceErrorUsersRolesSaveDescription": "Si è verificato un errore durante l'impostazione dei ruoli", + "resourceErrorWhitelistSave": "Impossibile salvare la lista autorizzazioni", + "resourceErrorWhitelistSaveDescription": "Si è verificato un errore durante il salvataggio della lista autorizzazioni", + "resourcePasswordSubmit": "Abilita Protezione Password", + "resourcePasswordProtection": "Protezione Password {status}", + "resourcePasswordRemove": "Password della risorsa rimossa", + "resourcePasswordRemoveDescription": "La password della risorsa è stata rimossa con successo", + "resourcePasswordSetup": "Password della risorsa impostata", + "resourcePasswordSetupDescription": "La password della risorsa è stata impostata con successo", + "resourcePasswordSetupTitle": "Imposta Password", + "resourcePasswordSetupTitleDescription": "Imposta una password per proteggere questa risorsa", + "resourcePincode": "Codice PIN", + "resourcePincodeSubmit": "Abilita Protezione Codice PIN", + "resourcePincodeProtection": "Protezione Codice PIN {status}", + "resourcePincodeRemove": "Codice PIN della risorsa rimosso", + "resourcePincodeRemoveDescription": "Il codice PIN della risorsa è stato rimosso con successo", + "resourcePincodeSetup": "Codice PIN della risorsa impostato", + "resourcePincodeSetupDescription": "Il codice PIN della risorsa è stato impostato con successo", + "resourcePincodeSetupTitle": "Imposta Codice PIN", + "resourcePincodeSetupTitleDescription": "Imposta un codice PIN per proteggere questa risorsa", + "resourceRoleDescription": "Gli amministratori possono sempre accedere a questa risorsa.", + "resourceUsersRoles": "Utenti e Ruoli", + "resourceUsersRolesDescription": "Configura quali utenti e ruoli possono visitare questa risorsa", + "resourceUsersRolesSubmit": "Salva Utenti e Ruoli", + "resourceWhitelistSave": "Salvato con successo", + "resourceWhitelistSaveDescription": "Le impostazioni della lista autorizzazioni sono state salvate", + "ssoUse": "Usa SSO della Piattaforma", + "ssoUseDescription": "Gli utenti esistenti dovranno accedere solo una volta per tutte le risorse che hanno questa opzione abilitata.", + "proxyErrorInvalidPort": "Numero porta non valido", + "subdomainErrorInvalid": "Sottodominio non valido", + "domainErrorFetch": "Errore nel recupero dei domini", + "domainErrorFetchDescription": "Si è verificato un errore durante il recupero dei domini", + "resourceErrorUpdate": "Impossibile aggiornare la risorsa", + "resourceErrorUpdateDescription": "Si è verificato un errore durante l'aggiornamento della risorsa", + "resourceUpdated": "Risorsa aggiornata", + "resourceUpdatedDescription": "La risorsa è stata aggiornata con successo", + "resourceErrorTransfer": "Impossibile trasferire la risorsa", + "resourceErrorTransferDescription": "Si è verificato un errore durante il trasferimento della risorsa", + "resourceTransferred": "Risorsa trasferita", + "resourceTransferredDescription": "La risorsa è stata trasferita con successo", + "resourceErrorToggle": "Impossibile alternare la risorsa", + "resourceErrorToggleDescription": "Si è verificato un errore durante l'aggiornamento della risorsa", + "resourceVisibilityTitle": "Visibilità", + "resourceVisibilityTitleDescription": "Abilita o disabilita completamente la visibilità della risorsa", + "resourceGeneral": "Impostazioni Generali", + "resourceGeneralDescription": "Configura le impostazioni generali per questa risorsa", + "resourceEnable": "Abilita Risorsa", + "resourceTransfer": "Trasferisci Risorsa", + "resourceTransferDescription": "Trasferisci questa risorsa a un sito diverso", + "resourceTransferSubmit": "Trasferisci Risorsa", + "siteDestination": "Sito Di Destinazione", + "searchSites": "Cerca siti", + "accessRoleCreate": "Crea Ruolo", + "accessRoleCreateDescription": "Crea un nuovo ruolo per raggruppare gli utenti e gestire i loro permessi.", + "accessRoleCreateSubmit": "Crea Ruolo", + "accessRoleCreated": "Ruolo creato", + "accessRoleCreatedDescription": "Il ruolo è stato creato con successo.", + "accessRoleErrorCreate": "Impossibile creare il ruolo", + "accessRoleErrorCreateDescription": "Si è verificato un errore durante la creazione del ruolo.", + "accessRoleErrorNewRequired": "Nuovo ruolo richiesto", + "accessRoleErrorRemove": "Impossibile rimuovere il ruolo", + "accessRoleErrorRemoveDescription": "Si è verificato un errore durante la rimozione del ruolo.", + "accessRoleName": "Nome Del Ruolo", + "accessRoleQuestionRemove": "Stai per eliminare il ruolo {name}. Non puoi annullare questa azione.", + "accessRoleRemove": "Rimuovi Ruolo", + "accessRoleRemoveDescription": "Rimuovi un ruolo dall'organizzazione", + "accessRoleRemoveSubmit": "Rimuovi Ruolo", + "accessRoleRemoved": "Ruolo rimosso", + "accessRoleRemovedDescription": "Il ruolo è stato rimosso con successo.", + "accessRoleRequiredRemove": "Prima di eliminare questo ruolo, seleziona un nuovo ruolo a cui trasferire i membri esistenti.", + "manage": "Gestisci", + "sitesNotFound": "Nessun sito trovato.", + "pangolinServerAdmin": "Server Admin - Pangolina", + "licenseTierProfessional": "Licenza Professional", + "licenseTierEnterprise": "Licenza Enterprise", + "licenseTierCommercial": "Licenza Commerciale", + "licensed": "Con Licenza", + "yes": "Sì", + "no": "No", + "sitesAdditional": "Siti Aggiuntivi", + "licenseKeys": "Chiavi di Licenza", + "sitestCountDecrease": "Diminuisci conteggio siti", + "sitestCountIncrease": "Aumenta conteggio siti", + "idpManage": "Gestisci Provider di Identità", + "idpManageDescription": "Visualizza e gestisci i provider di identità nel sistema", + "idpDeletedDescription": "Provider di identità eliminato con successo", + "idpOidc": "OAuth2/OIDC", + "idpQuestionRemove": "Sei sicuro di voler eliminare definitivamente il provider di identità {name}?", + "idpMessageRemove": "Questo rimuoverà il provider di identità e tutte le configurazioni associate. Gli utenti che si autenticano tramite questo provider non potranno più accedere.", + "idpMessageConfirm": "Per confermare, digita il nome del provider di identità qui sotto.", + "idpConfirmDelete": "Conferma Eliminazione Provider di Identità", + "idpDelete": "Elimina Provider di Identità", + "idp": "Provider Di Identità", + "idpSearch": "Cerca provider di identità...", + "idpAdd": "Aggiungi Provider di Identità", + "idpClientIdRequired": "L'ID client è obbligatorio.", + "idpClientSecretRequired": "Il segreto client è obbligatorio.", + "idpErrorAuthUrlInvalid": "L'URL di autenticazione deve essere un URL valido.", + "idpErrorTokenUrlInvalid": "L'URL del token deve essere un URL valido.", + "idpPathRequired": "Il percorso identificativo è obbligatorio.", + "idpScopeRequired": "Gli scope sono obbligatori.", + "idpOidcDescription": "Configura un provider di identità OpenID Connect", + "idpCreatedDescription": "Provider di identità creato con successo", + "idpCreate": "Crea Provider di Identità", + "idpCreateDescription": "Configura un nuovo provider di identità per l'autenticazione degli utenti", + "idpSeeAll": "Vedi Tutti i Provider di Identità", + "idpSettingsDescription": "Configura le informazioni di base per il tuo provider di identità", + "idpDisplayName": "Un nome visualizzato per questo provider di identità", + "idpAutoProvisionUsers": "Provisioning Automatico Utenti", + "idpAutoProvisionUsersDescription": "Quando abilitato, gli utenti verranno creati automaticamente nel sistema al primo accesso con la possibilità di mappare gli utenti a ruoli e organizzazioni.", + "licenseBadge": "Professionista", + "idpType": "Tipo di Provider", + "idpTypeDescription": "Seleziona il tipo di provider di identità che desideri configurare", + "idpOidcConfigure": "Configurazione OAuth2/OIDC", + "idpOidcConfigureDescription": "Configura gli endpoint e le credenziali del provider OAuth2/OIDC", + "idpClientId": "ID Client", + "idpClientIdDescription": "L'ID client OAuth2 dal tuo provider di identità", + "idpClientSecret": "Segreto Client", + "idpClientSecretDescription": "Il segreto client OAuth2 dal tuo provider di identità", + "idpAuthUrl": "URL di Autorizzazione", + "idpAuthUrlDescription": "L'URL dell'endpoint di autorizzazione OAuth2", + "idpTokenUrl": "URL del Token", + "idpTokenUrlDescription": "L'URL dell'endpoint del token OAuth2", + "idpOidcConfigureAlert": "Informazioni Importanti", + "idpOidcConfigureAlertDescription": "Dopo aver creato il provider di identità, dovrai configurare l'URL di callback nelle impostazioni del tuo provider di identità. L'URL di callback verrà fornito dopo la creazione riuscita.", + "idpToken": "Configurazione Token", + "idpTokenDescription": "Configura come estrarre le informazioni dell'utente dal token ID", + "idpJmespathAbout": "Informazioni su JMESPath", + "idpJmespathAboutDescription": "I percorsi sottostanti utilizzano la sintassi JMESPath per estrarre valori dal token ID.", + "idpJmespathAboutDescriptionLink": "Scopri di più su JMESPath", + "idpJmespathLabel": "Percorso Identificativo", + "idpJmespathLabelDescription": "Il JMESPath per l'identificatore dell'utente nel token ID", + "idpJmespathEmailPathOptional": "Percorso Email (Opzionale)", + "idpJmespathEmailPathOptionalDescription": "Il JMESPath per l'email dell'utente nel token ID", + "idpJmespathNamePathOptional": "Percorso Nome (Opzionale)", + "idpJmespathNamePathOptionalDescription": "Il JMESPath per il nome dell'utente nel token ID", + "idpOidcConfigureScopes": "Scope", + "idpOidcConfigureScopesDescription": "Lista degli scope OAuth2 da richiedere separati da spazi", + "idpSubmit": "Crea Provider di Identità", + "orgPolicies": "Politiche Organizzazione", + "idpSettings": "Impostazioni {idpName}", + "idpCreateSettingsDescription": "Configura le impostazioni per il tuo provider di identità", + "roleMapping": "Mappatura Ruoli", + "orgMapping": "Mappatura Organizzazione", + "orgPoliciesSearch": "Cerca politiche organizzazione...", + "orgPoliciesAdd": "Aggiungi Politica Organizzazione", + "orgRequired": "L'organizzazione è obbligatoria", + "error": "Errore", + "success": "Successo", + "orgPolicyAddedDescription": "Politica aggiunta con successo", + "orgPolicyUpdatedDescription": "Politica aggiornata con successo", + "orgPolicyDeletedDescription": "Politica eliminata con successo", + "defaultMappingsUpdatedDescription": "Mappature predefinite aggiornate con successo", + "orgPoliciesAbout": "Informazioni sulle Politiche Organizzazione", + "orgPoliciesAboutDescription": "Le politiche organizzazione sono utilizzate per controllare l'accesso alle organizzazioni in base al token ID dell'utente. Puoi specificare espressioni JMESPath per estrarre informazioni su ruoli e organizzazioni dal token ID. Per maggiori informazioni, vedi", + "orgPoliciesAboutDescriptionLink": "la documentazione", + "defaultMappingsOptional": "Mappature Predefinite (Opzionale)", + "defaultMappingsOptionalDescription": "Le mappature predefinite sono utilizzate quando non esiste una politica organizzazione definita per un'organizzazione. Puoi specificare qui le mappature predefinite di ruolo e organizzazione da utilizzare come fallback.", + "defaultMappingsRole": "Mappatura Ruolo Predefinito", + "defaultMappingsRoleDescription": "JMESPath per estrarre informazioni sul ruolo dal token ID. Il risultato di questa espressione deve restituire il nome del ruolo come definito nell'organizzazione come stringa.", + "defaultMappingsOrg": "Mappatura Organizzazione Predefinita", + "defaultMappingsOrgDescription": "JMESPath per estrarre informazioni sull'organizzazione dal token ID. Questa espressione deve restituire l'ID dell'organizzazione o true affinché l'utente possa accedere all'organizzazione.", + "defaultMappingsSubmit": "Salva Mappature Predefinite", + "orgPoliciesEdit": "Modifica Politica Organizzazione", + "org": "Organizzazione", + "orgSelect": "Seleziona organizzazione", + "orgSearch": "Cerca organizzazione", + "orgNotFound": "Nessuna organizzazione trovata.", + "roleMappingPathOptional": "Percorso Mappatura Ruolo (Opzionale)", + "orgMappingPathOptional": "Percorso Mappatura Organizzazione (Opzionale)", + "orgPolicyUpdate": "Aggiorna Politica", + "orgPolicyAdd": "Aggiungi Politica", + "orgPolicyConfig": "Configura l'accesso per un'organizzazione", + "idpUpdatedDescription": "Provider di identità aggiornato con successo", + "redirectUrl": "URL di Reindirizzamento", + "redirectUrlAbout": "Informazioni sull'URL di Reindirizzamento", + "redirectUrlAboutDescription": "Questo è l'URL a cui gli utenti verranno reindirizzati dopo l'autenticazione. Devi configurare questo URL nelle impostazioni del tuo provider di identità.", + "pangolinAuth": "Autenticazione - Pangolina", + "verificationCodeLengthRequirements": "Il tuo codice di verifica deve essere di 8 caratteri.", + "errorOccurred": "Si è verificato un errore", + "emailErrorVerify": "Impossibile verificare l'email:", + "emailVerified": "Email verificata con successo! Reindirizzamento in corso...", + "verificationCodeErrorResend": "Impossibile reinviare il codice di verifica:", + "verificationCodeResend": "Codice di verifica reinviato", + "verificationCodeResendDescription": "Abbiamo reinviato un codice di verifica al tuo indirizzo email. Controlla la tua casella di posta.", + "emailVerify": "Verifica Email", + "emailVerifyDescription": "Inserisci il codice di verifica inviato al tuo indirizzo email.", + "verificationCode": "Codice di Verifica", + "verificationCodeEmailSent": "Abbiamo inviato un codice di verifica al tuo indirizzo email.", + "submit": "Invia", + "emailVerifyResendProgress": "Reinvio in corso...", + "emailVerifyResend": "Non hai ricevuto il codice? Clicca qui per reinviare", + "passwordNotMatch": "Le password non coincidono", + "signupError": "Si è verificato un errore durante la registrazione", + "pangolinLogoAlt": "Logo Pangolin", + "inviteAlready": "Sembra che sei stato invitato!", + "inviteAlreadyDescription": "Per accettare l'invito, devi accedere o creare un account.", + "signupQuestion": "Hai già un account?", + "login": "Accedi", + "resourceNotFound": "Risorsa Non Trovata", + "resourceNotFoundDescription": "La risorsa che stai cercando di accedere non esiste.", + "pincodeRequirementsLength": "Il PIN deve essere esattamente di 6 cifre", + "pincodeRequirementsChars": "Il PIN deve contenere solo numeri", + "passwordRequirementsLength": "La password deve essere lunga almeno 1 carattere", + "passwordRequirementsTitle": "Requisiti della password:", + "passwordRequirementLength": "Almeno 8 caratteri", + "passwordRequirementUppercase": "Almeno una lettera maiuscola", + "passwordRequirementLowercase": "Almeno una lettera minuscola", + "passwordRequirementNumber": "Almeno un numero", + "passwordRequirementSpecial": "Almeno un carattere speciale", + "passwordRequirementsMet": "✓ La password soddisfa tutti i requisiti", + "passwordStrength": "Forza della password", + "passwordStrengthWeak": "Debole", + "passwordStrengthMedium": "Media", + "passwordStrengthStrong": "Forte", + "passwordRequirements": "Requisiti:", + "passwordRequirementLengthText": "8+ caratteri", + "passwordRequirementUppercaseText": "Lettera maiuscola (A-Z)", + "passwordRequirementLowercaseText": "Lettera minuscola (a-z)", + "passwordRequirementNumberText": "Numero (0-9)", + "passwordRequirementSpecialText": "Carattere speciale (!@#$%...)", + "passwordsDoNotMatch": "Le password non coincidono", + "otpEmailRequirementsLength": "L'OTP deve essere lungo almeno 1 carattere", + "otpEmailSent": "OTP Inviato", + "otpEmailSentDescription": "Un OTP è stato inviato alla tua email", + "otpEmailErrorAuthenticate": "Impossibile autenticare con l'email", + "pincodeErrorAuthenticate": "Impossibile autenticare con il codice PIN", + "passwordErrorAuthenticate": "Impossibile autenticare con la password", + "poweredBy": "Offerto da", + "authenticationRequired": "Autenticazione Richiesta", + "authenticationMethodChoose": "Scegli il tuo metodo preferito per accedere a {name}", + "authenticationRequest": "Devi autenticarti per accedere a {name}", + "user": "Utente", + "pincodeInput": "Codice PIN a 6 cifre", + "pincodeSubmit": "Accedi con PIN", + "passwordSubmit": "Accedi con Password", + "otpEmailDescription": "Un codice usa e getta verrà inviato a questa email.", + "otpEmailSend": "Invia Codice Usa e Getta", + "otpEmail": "Password Usa e Getta (OTP)", + "otpEmailSubmit": "Invia OTP", + "backToEmail": "Torna all'Email", + "noSupportKey": "Il server è in esecuzione senza una chiave di supporto. Considera di supportare il progetto!", + "accessDenied": "Accesso Negato", + "accessDeniedDescription": "Non sei autorizzato ad accedere a questa risorsa. Se ritieni che sia un errore, contatta l'amministratore.", + "accessTokenError": "Errore nel controllo del token di accesso", + "accessGranted": "Accesso Concesso", + "accessUrlInvalid": "URL di Accesso Non Valido", + "accessGrantedDescription": "Ti è stato concesso l'accesso a questa risorsa. Reindirizzamento in corso...", + "accessUrlInvalidDescription": "Questo URL di accesso condiviso non è valido. Contatta il proprietario della risorsa per un nuovo URL.", + "tokenInvalid": "Token non valido", + "pincodeInvalid": "Codice non valido", + "passwordErrorRequestReset": "Impossibile richiedere il reset:", + "passwordErrorReset": "Impossibile reimpostare la password:", + "passwordResetSuccess": "Password reimpostata con successo! Torna al login...", + "passwordReset": "Reimposta Password", + "passwordResetDescription": "Segui i passaggi per reimpostare la tua password", + "passwordResetSent": "Invieremo un codice di reset della password a questo indirizzo email.", + "passwordResetCode": "Codice di Reset", + "passwordResetCodeDescription": "Controlla la tua email per il codice di reset.", + "passwordNew": "Nuova Password", + "passwordNewConfirm": "Conferma Nuova Password", + "pincodeAuth": "Codice Autenticatore", + "pincodeSubmit2": "Invia Codice", + "passwordResetSubmit": "Richiedi Reset", + "passwordBack": "Torna alla Password", + "loginBack": "Torna al login", + "signup": "Registrati", + "loginStart": "Accedi per iniziare", + "idpOidcTokenValidating": "Convalida token OIDC", + "idpOidcTokenResponse": "Convalida risposta token OIDC", + "idpErrorOidcTokenValidating": "Errore nella convalida del token OIDC", + "idpConnectingTo": "Connessione a {name}", + "idpConnectingToDescription": "Convalida della tua identità", + "idpConnectingToProcess": "Connessione in corso...", + "idpConnectingToFinished": "Connesso", + "idpErrorConnectingTo": "Si è verificato un problema durante la connessione a {name}. Contatta il tuo amministratore.", + "idpErrorNotFound": "IdP non trovato", + "inviteInvalid": "Invito Non Valido", + "inviteInvalidDescription": "Il link di invito non è valido.", + "inviteErrorWrongUser": "L'invito non è per questo utente", + "inviteErrorUserNotExists": "L'utente non esiste. Si prega di creare prima un account.", + "inviteErrorLoginRequired": "Devi effettuare l'accesso per accettare un invito", + "inviteErrorExpired": "L'invito potrebbe essere scaduto", + "inviteErrorRevoked": "L'invito potrebbe essere stato revocato", + "inviteErrorTypo": "Potrebbe esserci un errore di battitura nel link di invito", + "pangolinSetup": "Configurazione - Pangolin", + "orgNameRequired": "Il nome dell'organizzazione è obbligatorio", + "orgIdRequired": "L'ID dell'organizzazione è obbligatorio", + "orgErrorCreate": "Si è verificato un errore durante la creazione dell'organizzazione", + "pageNotFound": "Pagina Non Trovata", + "pageNotFoundDescription": "Oops! La pagina che stai cercando non esiste.", + "overview": "Panoramica", + "home": "Home", + "accessControl": "Controllo Accessi", + "settings": "Impostazioni", + "usersAll": "Tutti Gli Utenti", + "license": "Licenza", + "pangolinDashboard": "Cruscotto - Pangolino", + "noResults": "Nessun risultato trovato.", + "terabytes": "{count} TB", + "gigabytes": "{count}GB", + "megabytes": "{count} MB", + "tagsEntered": "Tag Inseriti", + "tagsEnteredDescription": "Questi sono i tag che hai inserito.", + "tagsWarnCannotBeLessThanZero": "maxTags e minTags non possono essere minori di 0", + "tagsWarnNotAllowedAutocompleteOptions": "Tag non consentito come da opzioni di autocompletamento", + "tagsWarnInvalid": "Tag non valido secondo validateTag", + "tagWarnTooShort": "Il tag {tagText} è troppo corto", + "tagWarnTooLong": "Il tag {tagText} è troppo lungo", + "tagsWarnReachedMaxNumber": "Raggiunto il numero massimo di tag consentiti", + "tagWarnDuplicate": "Tag duplicato {tagText} non aggiunto", + "supportKeyInvalid": "Chiave Non Valida", + "supportKeyInvalidDescription": "La tua chiave di supporto non è valida.", + "supportKeyValid": "Chiave Valida", + "supportKeyValidDescription": "La tua chiave di supporto è stata convalidata. Grazie per il tuo sostegno!", + "supportKeyErrorValidationDescription": "Impossibile convalidare la chiave di supporto.", + "supportKey": "Supporta lo Sviluppo e Adotta un Pangolino!", + "supportKeyDescription": "Acquista una chiave di supporto per aiutarci a continuare a sviluppare Pangolin per la comunità. Il tuo contributo ci permette di dedicare più tempo alla manutenzione e all'aggiunta di nuove funzionalità per tutti. Non useremo mai questo per bloccare le funzionalità. Questo è separato da qualsiasi Edizione Commerciale.", + "supportKeyPet": "Potrai anche adottare e incontrare il tuo pangolino personale!", + "supportKeyPurchase": "I pagamenti sono elaborati tramite GitHub. Successivamente, potrai recuperare la tua chiave su", + "supportKeyPurchaseLink": "il nostro sito web", + "supportKeyPurchase2": "e riscattarla qui.", + "supportKeyLearnMore": "Scopri di più.", + "supportKeyOptions": "Seleziona l'opzione più adatta a te.", + "supportKetOptionFull": "Supporto Completo", + "forWholeServer": "Per l'intero server", + "lifetimePurchase": "Acquisto a vita", + "supporterStatus": "Stato supportatore", + "buy": "Acquista", + "supportKeyOptionLimited": "Supporto Limitato", + "forFiveUsers": "Per 5 o meno utenti", + "supportKeyRedeem": "Riscatta Chiave di Supporto", + "supportKeyHideSevenDays": "Nascondi per 7 giorni", + "supportKeyEnter": "Inserisci Chiave di Supporto", + "supportKeyEnterDescription": "Incontra il tuo pangolino personale!", + "githubUsername": "Username GitHub", + "supportKeyInput": "Chiave di Supporto", + "supportKeyBuy": "Acquista Chiave di Supporto", + "logoutError": "Errore durante il logout", + "signingAs": "Accesso come", + "serverAdmin": "Amministratore Server", + "managedSelfhosted": "Gestito Auto-Ospitato", + "otpEnable": "Abilita Autenticazione a Due Fattori", + "otpDisable": "Disabilita Autenticazione a Due Fattori", + "logout": "Disconnetti", + "licenseTierProfessionalRequired": "Edizione Professional Richiesta", + "licenseTierProfessionalRequiredDescription": "Questa funzionalità è disponibile solo nell'Edizione Professional.", + "actionGetOrg": "Ottieni Organizzazione", + "actionUpdateOrg": "Aggiorna Organizzazione", + "actionUpdateUser": "Aggiorna Utente", + "actionGetUser": "Ottieni Utente", + "actionGetOrgUser": "Ottieni Utente Organizzazione", + "actionListOrgDomains": "Elenca Domini Organizzazione", + "actionCreateSite": "Crea Sito", + "actionDeleteSite": "Elimina Sito", + "actionGetSite": "Ottieni Sito", + "actionListSites": "Elenca Siti", + "setupToken": "Configura Token", + "setupTokenDescription": "Inserisci il token di configurazione dalla console del server.", + "setupTokenRequired": "Il token di configurazione è richiesto", + "actionUpdateSite": "Aggiorna Sito", + "actionListSiteRoles": "Elenca Ruoli Sito Consentiti", + "actionCreateResource": "Crea Risorsa", + "actionDeleteResource": "Elimina Risorsa", + "actionGetResource": "Ottieni Risorsa", + "actionListResource": "Elenca Risorse", + "actionUpdateResource": "Aggiorna Risorsa", + "actionListResourceUsers": "Elenca Utenti Risorsa", + "actionSetResourceUsers": "Imposta Utenti Risorsa", + "actionSetAllowedResourceRoles": "Imposta Ruoli Risorsa Consentiti", + "actionListAllowedResourceRoles": "Elenca Ruoli Risorsa Consentiti", + "actionSetResourcePassword": "Imposta Password Risorsa", + "actionSetResourcePincode": "Imposta Codice PIN Risorsa", + "actionSetResourceEmailWhitelist": "Imposta Lista Autorizzazioni Email Risorsa", + "actionGetResourceEmailWhitelist": "Ottieni Lista Autorizzazioni Email Risorsa", + "actionCreateTarget": "Crea Target", + "actionDeleteTarget": "Elimina Target", + "actionGetTarget": "Ottieni Target", + "actionListTargets": "Elenca Target", + "actionUpdateTarget": "Aggiorna Target", + "actionCreateRole": "Crea Ruolo", + "actionDeleteRole": "Elimina Ruolo", + "actionGetRole": "Ottieni Ruolo", + "actionListRole": "Elenca Ruoli", + "actionUpdateRole": "Aggiorna Ruolo", + "actionListAllowedRoleResources": "Elenca Risorse Ruolo Consentite", + "actionInviteUser": "Invita Utente", + "actionRemoveUser": "Rimuovi Utente", + "actionListUsers": "Elenca Utenti", + "actionAddUserRole": "Aggiungi Ruolo Utente", + "actionGenerateAccessToken": "Genera Token di Accesso", + "actionDeleteAccessToken": "Elimina Token di Accesso", + "actionListAccessTokens": "Elenca Token di Accesso", + "actionCreateResourceRule": "Crea Regola Risorsa", + "actionDeleteResourceRule": "Elimina Regola Risorsa", + "actionListResourceRules": "Elenca Regole Risorsa", + "actionUpdateResourceRule": "Aggiorna Regola Risorsa", + "actionListOrgs": "Elenca Organizzazioni", + "actionCheckOrgId": "Controlla ID", + "actionCreateOrg": "Crea Organizzazione", + "actionDeleteOrg": "Elimina Organizzazione", + "actionListApiKeys": "Elenca Chiavi API", + "actionListApiKeyActions": "Elenca Azioni Chiave API", + "actionSetApiKeyActions": "Imposta Azioni Consentite Chiave API", + "actionCreateApiKey": "Crea Chiave API", + "actionDeleteApiKey": "Elimina Chiave API", + "actionCreateIdp": "Crea IDP", + "actionUpdateIdp": "Aggiorna IDP", + "actionDeleteIdp": "Elimina IDP", + "actionListIdps": "Elenca IDP", + "actionGetIdp": "Ottieni IDP", + "actionCreateIdpOrg": "Crea Politica Org IDP", + "actionDeleteIdpOrg": "Elimina Politica Org IDP", + "actionListIdpOrgs": "Elenca Org IDP", + "actionUpdateIdpOrg": "Aggiorna Org IDP", + "actionCreateClient": "Crea Client", + "actionDeleteClient": "Elimina Client", + "actionUpdateClient": "Aggiorna Client", + "actionListClients": "Elenco Clienti", + "actionGetClient": "Ottieni Client", + "actionCreateSiteResource": "Crea Risorsa del Sito", + "actionDeleteSiteResource": "Elimina Risorsa del Sito", + "actionGetSiteResource": "Ottieni Risorsa del Sito", + "actionListSiteResources": "Elenca Risorse del Sito", + "actionUpdateSiteResource": "Aggiorna Risorsa del Sito", + "actionListInvitations": "Elenco Inviti", + "noneSelected": "Nessuna selezione", + "orgNotFound2": "Nessuna organizzazione trovata.", + "searchProgress": "Ricerca...", + "create": "Crea", + "orgs": "Organizzazioni", + "loginError": "Si è verificato un errore durante l'accesso", + "passwordForgot": "Password dimenticata?", + "otpAuth": "Autenticazione a Due Fattori", + "otpAuthDescription": "Inserisci il codice dalla tua app di autenticazione o uno dei tuoi codici di backup monouso.", + "otpAuthSubmit": "Invia Codice", + "idpContinue": "O continua con", + "otpAuthBack": "Torna al Login", + "navbar": "Menu di Navigazione", + "navbarDescription": "Menu di navigazione principale dell'applicazione", + "navbarDocsLink": "Documentazione", + "commercialEdition": "Edizione Commerciale", + "otpErrorEnable": "Impossibile abilitare 2FA", + "otpErrorEnableDescription": "Si è verificato un errore durante l'abilitazione di 2FA", + "otpSetupCheckCode": "Inserisci un codice a 6 cifre", + "otpSetupCheckCodeRetry": "Codice non valido. Riprova.", + "otpSetup": "Abilita Autenticazione a Due Fattori", + "otpSetupDescription": "Proteggi il tuo account con un livello extra di protezione", + "otpSetupScanQr": "Scansiona questo codice QR con la tua app di autenticazione o inserisci manualmente la chiave segreta:", + "otpSetupSecretCode": "Codice Autenticatore", + "otpSetupSuccess": "Autenticazione a Due Fattori Abilitata", + "otpSetupSuccessStoreBackupCodes": "Il tuo account è ora più sicuro. Non dimenticare di salvare i tuoi codici di backup.", + "otpErrorDisable": "Impossibile disabilitare 2FA", + "otpErrorDisableDescription": "Si è verificato un errore durante la disabilitazione di 2FA", + "otpRemove": "Disabilita Autenticazione a Due Fattori", + "otpRemoveDescription": "Disabilita l'autenticazione a due fattori per il tuo account", + "otpRemoveSuccess": "Autenticazione a Due Fattori Disabilitata", + "otpRemoveSuccessMessage": "L'autenticazione a due fattori è stata disabilitata per il tuo account. Puoi riattivarla in qualsiasi momento.", + "otpRemoveSubmit": "Disabilita 2FA", + "paginator": "Pagina {current} di {last}", + "paginatorToFirst": "Vai alla prima pagina", + "paginatorToPrevious": "Vai alla pagina precedente", + "paginatorToNext": "Vai alla pagina successiva", + "paginatorToLast": "Vai all'ultima pagina", + "copyText": "Copia testo", + "copyTextFailed": "Impossibile copiare il testo: ", + "copyTextClipboard": "Copia negli appunti", + "inviteErrorInvalidConfirmation": "Conferma non valida", + "passwordRequired": "La password è obbligatoria", + "allowAll": "Consenti Tutto", + "permissionsAllowAll": "Consenti Tutti I Permessi", + "githubUsernameRequired": "È richiesto l'username GitHub", + "supportKeyRequired": "È richiesta la chiave di supporto", + "passwordRequirementsChars": "La password deve essere di almeno 8 caratteri", + "language": "Lingua", + "verificationCodeRequired": "È richiesto un codice", + "userErrorNoUpdate": "Nessun utente da aggiornare", + "siteErrorNoUpdate": "Nessun sito da aggiornare", + "resourceErrorNoUpdate": "Nessuna risorsa da aggiornare", + "authErrorNoUpdate": "Nessuna informazione di autenticazione da aggiornare", + "orgErrorNoUpdate": "Nessuna organizzazione da aggiornare", + "orgErrorNoProvided": "Nessuna organizzazione fornita", + "apiKeysErrorNoUpdate": "Nessuna chiave API da aggiornare", + "sidebarOverview": "Panoramica", + "sidebarHome": "Home", + "sidebarSites": "Siti", + "sidebarResources": "Risorse", + "sidebarAccessControl": "Controllo Accesso", + "sidebarUsers": "Utenti", + "sidebarInvitations": "Inviti", + "sidebarRoles": "Ruoli", + "sidebarShareableLinks": "Collegamenti Condividibili", + "sidebarApiKeys": "Chiavi API", + "sidebarSettings": "Impostazioni", + "sidebarAllUsers": "Tutti Gli Utenti", + "sidebarIdentityProviders": "Fornitori Di Identità", + "sidebarLicense": "Licenza", + "sidebarClients": "Clienti (Beta)", + "sidebarDomains": "Domini", + "enableDockerSocket": "Abilita Docker Socket", + "enableDockerSocketDescription": "Abilita il rilevamento Docker Socket per popolare le informazioni del contenitore. Il percorso del socket deve essere fornito a Newt.", + "enableDockerSocketLink": "Scopri di più", + "viewDockerContainers": "Visualizza Contenitori Docker", + "containersIn": "Contenitori in {siteName}", + "selectContainerDescription": "Seleziona qualsiasi contenitore da usare come hostname per questo obiettivo. Fai clic su una porta per usare una porta.", + "containerName": "Nome", + "containerImage": "Immagine", + "containerState": "Stato", + "containerNetworks": "Reti", + "containerHostnameIp": "Hostname/IP", + "containerLabels": "Etichette", + "containerLabelsCount": "{count, plural, one {# etichetta} other {# etichette}}", + "containerLabelsTitle": "Etichette Del Contenitore", + "containerLabelEmpty": "", + "containerPorts": "Porte", + "containerPortsMore": "+{count} in più", + "containerActions": "Azioni", + "select": "Seleziona", + "noContainersMatchingFilters": "Nessun contenitore trovato corrispondente ai filtri correnti.", + "showContainersWithoutPorts": "Mostra contenitori senza porte", + "showStoppedContainers": "Mostra contenitori fermati", + "noContainersFound": "Nessun contenitore trovato. Assicurarsi che i contenitori Docker siano in esecuzione.", + "searchContainersPlaceholder": "Cerca tra i contenitori {count}...", + "searchResultsCount": "{count, plural, one {# risultato} other {# risultati}}", + "filters": "Filtri", + "filterOptions": "Opzioni Filtro", + "filterPorts": "Porte", + "filterStopped": "Fermato", + "clearAllFilters": "Cancella tutti i filtri", + "columns": "Colonne", + "toggleColumns": "Attiva/Disattiva Colonne", + "refreshContainersList": "Aggiorna elenco contenitori", + "searching": "Ricerca...", + "noContainersFoundMatching": "Nessun contenitore trovato corrispondente \"{filter}\".", + "light": "chiaro", + "dark": "scuro", + "system": "sistema", + "theme": "Tema", + "subnetRequired": "Sottorete richiesta", + "initialSetupTitle": "Impostazione Iniziale del Server", + "initialSetupDescription": "Crea l'account amministratore del server iniziale. Può esistere solo un amministratore del server. È sempre possibile modificare queste credenziali in seguito.", + "createAdminAccount": "Crea Account Admin", + "setupErrorCreateAdmin": "Si è verificato un errore durante la creazione dell'account amministratore del server.", + "certificateStatus": "Stato del Certificato", + "loading": "Caricamento", + "restart": "Riavvia", + "domains": "Domini", + "domainsDescription": "Gestisci domini per la tua organizzazione", + "domainsSearch": "Cerca domini...", + "domainAdd": "Aggiungi Dominio", + "domainAddDescription": "Registra un nuovo dominio con la tua organizzazione", + "domainCreate": "Crea Dominio", + "domainCreatedDescription": "Dominio creato con successo", + "domainDeletedDescription": "Dominio eliminato con successo", + "domainQuestionRemove": "Sei sicuro di voler rimuovere il dominio {domain} dal tuo account?", + "domainMessageRemove": "Una volta rimosso, il dominio non sarà più associato al tuo account.", + "domainMessageConfirm": "Per confermare, digita il nome del dominio qui sotto.", + "domainConfirmDelete": "Conferma Eliminazione Dominio", + "domainDelete": "Elimina Dominio", + "domain": "Dominio", + "selectDomainTypeNsName": "Delega Dominio (NS)", + "selectDomainTypeNsDescription": "Questo dominio e tutti i suoi sottodomini. Usa questo quando desideri controllare un'intera zona di dominio.", + "selectDomainTypeCnameName": "Dominio Singolo (CNAME)", + "selectDomainTypeCnameDescription": "Solo questo dominio specifico. Usa questo per sottodomini individuali o specifiche voci di dominio.", + "selectDomainTypeWildcardName": "Dominio Jolly", + "selectDomainTypeWildcardDescription": "Questo dominio e i suoi sottodomini.", + "domainDelegation": "Dominio Singolo", + "selectType": "Seleziona un tipo", + "actions": "Azioni", + "refresh": "Aggiorna", + "refreshError": "Impossibile aggiornare i dati", + "verified": "Verificato", + "pending": "In attesa", + "sidebarBilling": "Fatturazione", + "billing": "Fatturazione", + "orgBillingDescription": "Gestisci le tue informazioni di fatturazione e abbonamenti", + "github": "GitHub", + "pangolinHosted": "Pangolin Hosted", + "fossorial": "Fossorial", + "completeAccountSetup": "Completa la Configurazione dell'Account", + "completeAccountSetupDescription": "Imposta la tua password per iniziare", + "accountSetupSent": "Invieremo un codice di configurazione dell'account a questo indirizzo email.", + "accountSetupCode": "Codice di Configurazione", + "accountSetupCodeDescription": "Controlla la tua email per il codice di configurazione.", + "passwordCreate": "Crea Password", + "passwordCreateConfirm": "Conferma Password", + "accountSetupSubmit": "Invia Codice di Configurazione", + "completeSetup": "Completa la Configurazione", + "accountSetupSuccess": "Configurazione dell'account completata! Benvenuto su Pangolin!", + "documentation": "Documentazione", + "saveAllSettings": "Salva Tutte le Impostazioni", + "settingsUpdated": "Impostazioni aggiornate", + "settingsUpdatedDescription": "Tutte le impostazioni sono state aggiornate con successo", + "settingsErrorUpdate": "Impossibile aggiornare le impostazioni", + "settingsErrorUpdateDescription": "Si è verificato un errore durante l'aggiornamento delle impostazioni", + "sidebarCollapse": "Comprimi", + "sidebarExpand": "Espandi", + "newtUpdateAvailable": "Aggiornamento Disponibile", + "newtUpdateAvailableInfo": "È disponibile una nuova versione di Newt. Si prega di aggiornare all'ultima versione per la migliore esperienza.", + "domainPickerEnterDomain": "Dominio", + "domainPickerPlaceholder": "myapp.example.com, api.v1.mydomain.com, o semplicemente myapp", + "domainPickerDescription": "Inserisci il dominio completo della risorsa per vedere le opzioni disponibili.", + "domainPickerDescriptionSaas": "Inserisci un dominio completo, un sottodominio o semplicemente un nome per vedere le opzioni disponibili", + "domainPickerTabAll": "Tutti", + "domainPickerTabOrganization": "Organizzazione", + "domainPickerTabProvided": "Fornito", + "domainPickerSortAsc": "A-Z", + "domainPickerSortDesc": "Z-A", + "domainPickerCheckingAvailability": "Controllando la disponibilità...", + "domainPickerNoMatchingDomains": "Nessun dominio corrispondente trovato. Prova un dominio diverso o verifica le impostazioni del dominio della tua organizzazione.", + "domainPickerOrganizationDomains": "Domini dell'Organizzazione", + "domainPickerProvidedDomains": "Domini Forniti", + "domainPickerSubdomain": "Sottodominio: {subdomain}", + "domainPickerNamespace": "Namespace: {namespace}", + "domainPickerShowMore": "Mostra Altro", + "domainNotFound": "Domini Non Trovati", + "domainNotFoundDescription": "Questa risorsa è disabilitata perché il dominio non esiste più nel nostro sistema. Si prega di impostare un nuovo dominio per questa risorsa.", + "failed": "Fallito", + "createNewOrgDescription": "Crea una nuova organizzazione", + "organization": "Organizzazione", + "port": "Porta", + "securityKeyManage": "Gestisci chiavi di sicurezza", + "securityKeyDescription": "Aggiungi o rimuovi chiavi di sicurezza per l'autenticazione senza password", + "securityKeyRegister": "Registra nuova chiave di sicurezza", + "securityKeyList": "Le tue chiavi di sicurezza", + "securityKeyNone": "Nessuna chiave di sicurezza registrata", + "securityKeyNameRequired": "Il nome è obbligatorio", + "securityKeyRemove": "Rimuovi", + "securityKeyLastUsed": "Ultimo utilizzo: {date}", + "securityKeyNameLabel": "Nome", + "securityKeyRegisterSuccess": "Chiave di sicurezza registrata con successo", + "securityKeyRegisterError": "Errore durante la registrazione della chiave di sicurezza", + "securityKeyRemoveSuccess": "Chiave di sicurezza rimossa con successo", + "securityKeyRemoveError": "Errore durante la rimozione della chiave di sicurezza", + "securityKeyLoadError": "Errore durante il caricamento delle chiavi di sicurezza", + "securityKeyLogin": "Continua con la chiave di sicurezza", + "securityKeyAuthError": "Errore durante l'autenticazione con chiave di sicurezza", + "securityKeyRecommendation": "Considera di registrare un'altra chiave di sicurezza su un dispositivo diverso per assicurarti di non rimanere bloccato fuori dal tuo account.", + "registering": "Registrazione in corso...", + "securityKeyPrompt": "Verifica la tua identità usando la chiave di sicurezza. Assicurati che sia connessa e pronta.", + "securityKeyBrowserNotSupported": "Il tuo browser non supporta le chiavi di sicurezza. Per favore, usa un browser moderno come Chrome, Firefox o Safari.", + "securityKeyPermissionDenied": "Consenti accesso alla tua chiave di sicurezza per continuare ad accedere.", + "securityKeyRemovedTooQuickly": "Mantieni la chiave di sicurezza connessa fino a quando il processo di accesso non è completato.", + "securityKeyNotSupported": "La tua chiave di sicurezza potrebbe non essere compatibile. Prova un'altra chiave di sicurezza.", + "securityKeyUnknownError": "Si è verificato un problema con la tua chiave di sicurezza. Riprova.", + "twoFactorRequired": "È richiesta l'autenticazione a due fattori per registrare una chiave di sicurezza.", + "twoFactor": "Autenticazione a Due Fattori", + "adminEnabled2FaOnYourAccount": "Il tuo amministratore ha abilitato l'autenticazione a due fattori per {email}. Completa il processo di configurazione per continuare.", + "continueToApplication": "Continua all'Applicazione", + "securityKeyAdd": "Aggiungi Chiave di Sicurezza", + "securityKeyRegisterTitle": "Registra Nuova Chiave di Sicurezza", + "securityKeyRegisterDescription": "Collega la tua chiave di sicurezza e inserisci un nome per identificarla", + "securityKeyTwoFactorRequired": "Autenticazione a Due Fattori Richiesta", + "securityKeyTwoFactorDescription": "Inserisci il codice di autenticazione a due fattori per registrare la chiave di sicurezza", + "securityKeyTwoFactorRemoveDescription": "Inserisci il codice di autenticazione a due fattori per rimuovere la chiave di sicurezza", + "securityKeyTwoFactorCode": "Codice a Due Fattori", + "securityKeyRemoveTitle": "Rimuovi Chiave di Sicurezza", + "securityKeyRemoveDescription": "Inserisci la tua password per rimuovere la chiave di sicurezza \"{name}\"", + "securityKeyNoKeysRegistered": "Nessuna chiave di sicurezza registrata", + "securityKeyNoKeysDescription": "Aggiungi una chiave di sicurezza per migliorare la sicurezza del tuo account", + "createDomainRequired": "Dominio richiesto", + "createDomainAddDnsRecords": "Aggiungi Record DNS", + "createDomainAddDnsRecordsDescription": "Aggiungi i seguenti record DNS al tuo provider di domini per completare la configurazione.", + "createDomainNsRecords": "Record NS", + "createDomainRecord": "Record", + "createDomainType": "Tipo:", + "createDomainName": "Nome:", + "createDomainValue": "Valore:", + "createDomainCnameRecords": "Record CNAME", + "createDomainARecords": "Record A", + "createDomainRecordNumber": "Record {number}", + "createDomainTxtRecords": "Record TXT", + "createDomainSaveTheseRecords": "Salva Questi Record", + "createDomainSaveTheseRecordsDescription": "Assicurati di salvare questi record DNS poiché non li vedrai più.", + "createDomainDnsPropagation": "Propagazione DNS", + "createDomainDnsPropagationDescription": "Le modifiche DNS possono richiedere del tempo per propagarsi in Internet. Questo può richiedere da pochi minuti a 48 ore, a seconda del tuo provider DNS e delle impostazioni TTL.", + "resourcePortRequired": "Numero di porta richiesto per risorse non-HTTP", + "resourcePortNotAllowed": "Il numero di porta non deve essere impostato per risorse HTTP", + "signUpTerms": { + "IAgreeToThe": "Accetto i", + "termsOfService": "termini di servizio", + "and": "e", + "privacyPolicy": "informativa sulla privacy" + }, + "siteRequired": "Il sito è richiesto.", + "olmTunnel": "Olm Tunnel", + "olmTunnelDescription": "Usa Olm per la connettività client", + "errorCreatingClient": "Errore nella creazione del client", + "clientDefaultsNotFound": "Impostazioni predefinite del client non trovate", + "createClient": "Crea Cliente", + "createClientDescription": "Crea un nuovo cliente per connettersi ai tuoi siti", + "seeAllClients": "Vedi Tutti i Clienti", + "clientInformation": "Informazioni sul Cliente", + "clientNamePlaceholder": "Nome Cliente", + "address": "Indirizzo", + "subnetPlaceholder": "Sottorete", + "addressDescription": "L'indirizzo che questo cliente utilizzerà per la connettività", + "selectSites": "Seleziona siti", + "sitesDescription": "Il cliente avrà connettività ai siti selezionati", + "clientInstallOlm": "Installa Olm", + "clientInstallOlmDescription": "Avvia Olm sul tuo sistema", + "clientOlmCredentials": "Credenziali Olm", + "clientOlmCredentialsDescription": "Ecco come Olm si autenticherà con il server", + "olmEndpoint": "Endpoint Olm", + "olmId": "ID Olm", + "olmSecretKey": "Chiave Segreta Olm", + "clientCredentialsSave": "Salva le Tue Credenziali", + "clientCredentialsSaveDescription": "Potrai vederlo solo una volta. Assicurati di copiarlo in un luogo sicuro.", + "generalSettingsDescription": "Configura le impostazioni generali per questo cliente", + "clientUpdated": "Cliente aggiornato", + "clientUpdatedDescription": "Il cliente è stato aggiornato.", + "clientUpdateFailed": "Impossibile aggiornare il cliente", + "clientUpdateError": "Si è verificato un errore durante l'aggiornamento del cliente.", + "sitesFetchFailed": "Impossibile recuperare i siti", + "sitesFetchError": "Si è verificato un errore durante il recupero dei siti.", + "olmErrorFetchReleases": "Si è verificato un errore durante il recupero delle versioni di Olm.", + "olmErrorFetchLatest": "Si è verificato un errore durante il recupero dell'ultima versione di Olm.", + "remoteSubnets": "Sottoreti Remote", + "enterCidrRange": "Inserisci l'intervallo CIDR", + "remoteSubnetsDescription": "Aggiungi intervalli CIDR che possono essere accessibili da questo sito in remoto utilizzando i client. Usa il formato come 10.0.0.0/24. Questo si applica SOLO alla connettività del client VPN.", + "resourceEnableProxy": "Abilita Proxy Pubblico", + "resourceEnableProxyDescription": "Abilita il proxy pubblico a questa risorsa. Consente l'accesso alla risorsa dall'esterno della rete tramite il cloud su una porta aperta. Richiede la configurazione di Traefik.", + "externalProxyEnabled": "Proxy Esterno Abilitato", + "addNewTarget": "Aggiungi Nuovo Target", + "targetsList": "Elenco dei Target", + "targetErrorDuplicateTargetFound": "Target duplicato trovato", + "httpMethod": "Metodo HTTP", + "selectHttpMethod": "Seleziona metodo HTTP", + "domainPickerSubdomainLabel": "Sottodominio", + "domainPickerBaseDomainLabel": "Dominio Base", + "domainPickerSearchDomains": "Cerca domini...", + "domainPickerNoDomainsFound": "Nessun dominio trovato", + "domainPickerLoadingDomains": "Caricamento domini...", + "domainPickerSelectBaseDomain": "Seleziona dominio base...", + "domainPickerNotAvailableForCname": "Non disponibile per i domini CNAME", + "domainPickerEnterSubdomainOrLeaveBlank": "Inserisci un sottodominio o lascia vuoto per utilizzare il dominio base.", + "domainPickerEnterSubdomainToSearch": "Inserisci un sottodominio per cercare e selezionare dai domini gratuiti disponibili.", + "domainPickerFreeDomains": "Domini Gratuiti", + "domainPickerSearchForAvailableDomains": "Cerca domini disponibili", + "resourceDomain": "Dominio", + "resourceEditDomain": "Modifica Dominio", + "siteName": "Nome del Sito", + "proxyPort": "Porta", + "resourcesTableProxyResources": "Risorse Proxy", + "resourcesTableClientResources": "Risorse Client", + "resourcesTableNoProxyResourcesFound": "Nessuna risorsa proxy trovata.", + "resourcesTableNoInternalResourcesFound": "Nessuna risorsa interna trovata.", + "resourcesTableDestination": "Destinazione", + "resourcesTableTheseResourcesForUseWith": "Queste risorse sono per uso con", + "resourcesTableClients": "Client", + "resourcesTableAndOnlyAccessibleInternally": "e sono accessibili solo internamente quando connessi con un client.", + "editInternalResourceDialogEditClientResource": "Modifica Risorsa Client", + "editInternalResourceDialogUpdateResourceProperties": "Aggiorna le proprietà della risorsa e la configurazione del target per {resourceName}.", + "editInternalResourceDialogResourceProperties": "Proprietà della Risorsa", + "editInternalResourceDialogName": "Nome", + "editInternalResourceDialogProtocol": "Protocollo", + "editInternalResourceDialogSitePort": "Porta del Sito", + "editInternalResourceDialogTargetConfiguration": "Configurazione Target", + "editInternalResourceDialogDestinationIP": "IP di Destinazione", + "editInternalResourceDialogDestinationPort": "Porta di Destinazione", + "editInternalResourceDialogCancel": "Annulla", + "editInternalResourceDialogSaveResource": "Salva Risorsa", + "editInternalResourceDialogSuccess": "Successo", + "editInternalResourceDialogInternalResourceUpdatedSuccessfully": "Risorsa interna aggiornata con successo", + "editInternalResourceDialogError": "Errore", + "editInternalResourceDialogFailedToUpdateInternalResource": "Impossibile aggiornare la risorsa interna", + "editInternalResourceDialogNameRequired": "Il nome è obbligatorio", + "editInternalResourceDialogNameMaxLength": "Il nome deve essere inferiore a 255 caratteri", + "editInternalResourceDialogProxyPortMin": "La porta proxy deve essere almeno 1", + "editInternalResourceDialogProxyPortMax": "La porta proxy deve essere inferiore a 65536", + "editInternalResourceDialogInvalidIPAddressFormat": "Formato dell'indirizzo IP non valido", + "editInternalResourceDialogDestinationPortMin": "La porta di destinazione deve essere almeno 1", + "editInternalResourceDialogDestinationPortMax": "La porta di destinazione deve essere inferiore a 65536", + "createInternalResourceDialogNoSitesAvailable": "Nessun Sito Disponibile", + "createInternalResourceDialogNoSitesAvailableDescription": "Devi avere almeno un sito Newt con una subnet configurata per creare risorse interne.", + "createInternalResourceDialogClose": "Chiudi", + "createInternalResourceDialogCreateClientResource": "Crea Risorsa Client", + "createInternalResourceDialogCreateClientResourceDescription": "Crea una nuova risorsa che sarà accessibile ai client connessi al sito selezionato.", + "createInternalResourceDialogResourceProperties": "Proprietà della Risorsa", + "createInternalResourceDialogName": "Nome", + "createInternalResourceDialogSite": "Sito", + "createInternalResourceDialogSelectSite": "Seleziona sito...", + "createInternalResourceDialogSearchSites": "Cerca siti...", + "createInternalResourceDialogNoSitesFound": "Nessun sito trovato.", + "createInternalResourceDialogProtocol": "Protocollo", + "createInternalResourceDialogTcp": "TCP", + "createInternalResourceDialogUdp": "UDP", + "createInternalResourceDialogSitePort": "Porta del Sito", + "createInternalResourceDialogSitePortDescription": "Usa questa porta per accedere alla risorsa nel sito quando sei connesso con un client.", + "createInternalResourceDialogTargetConfiguration": "Configurazione Target", + "createInternalResourceDialogDestinationIP": "IP di Destinazione", + "createInternalResourceDialogDestinationIPDescription": "L'indirizzo IP della risorsa sulla rete del sito.", + "createInternalResourceDialogDestinationPort": "Porta di Destinazione", + "createInternalResourceDialogDestinationPortDescription": "La porta sull'IP di destinazione dove la risorsa è accessibile.", + "createInternalResourceDialogCancel": "Annulla", + "createInternalResourceDialogCreateResource": "Crea Risorsa", + "createInternalResourceDialogSuccess": "Successo", + "createInternalResourceDialogInternalResourceCreatedSuccessfully": "Risorsa interna creata con successo", + "createInternalResourceDialogError": "Errore", + "createInternalResourceDialogFailedToCreateInternalResource": "Impossibile creare la risorsa interna", + "createInternalResourceDialogNameRequired": "Il nome è obbligatorio", + "createInternalResourceDialogNameMaxLength": "Il nome non deve superare i 255 caratteri", + "createInternalResourceDialogPleaseSelectSite": "Si prega di selezionare un sito", + "createInternalResourceDialogProxyPortMin": "La porta proxy deve essere almeno 1", + "createInternalResourceDialogProxyPortMax": "La porta proxy deve essere inferiore a 65536", + "createInternalResourceDialogInvalidIPAddressFormat": "Formato dell'indirizzo IP non valido", + "createInternalResourceDialogDestinationPortMin": "La porta di destinazione deve essere almeno 1", + "createInternalResourceDialogDestinationPortMax": "La porta di destinazione deve essere inferiore a 65536", + "siteConfiguration": "Configurazione", + "siteAcceptClientConnections": "Accetta Connessioni Client", + "siteAcceptClientConnectionsDescription": "Permetti ad altri dispositivi di connettersi attraverso questa istanza Newt come gateway utilizzando i client.", + "siteAddress": "Indirizzo del Sito", + "siteAddressDescription": "Specifica l'indirizzo IP dell'host a cui i client si collegano. Questo è l'indirizzo interno del sito nella rete Pangolin per indirizzare i client. Deve rientrare nella subnet dell'Organizzazione.", + "autoLoginExternalIdp": "Accesso Automatico con IDP Esterno", + "autoLoginExternalIdpDescription": "Reindirizzare immediatamente l'utente all'IDP esterno per l'autenticazione.", + "selectIdp": "Seleziona IDP", + "selectIdpPlaceholder": "Scegli un IDP...", + "selectIdpRequired": "Si prega di selezionare un IDP quando l'accesso automatico è abilitato.", + "autoLoginTitle": "Reindirizzamento", + "autoLoginDescription": "Reindirizzandoti al provider di identità esterno per l'autenticazione.", + "autoLoginProcessing": "Preparazione dell'autenticazione...", + "autoLoginRedirecting": "Reindirizzamento al login...", + "autoLoginError": "Errore di Accesso Automatico", + "autoLoginErrorNoRedirectUrl": "Nessun URL di reindirizzamento ricevuto dal provider di identità.", + "autoLoginErrorGeneratingUrl": "Impossibile generare l'URL di autenticazione.", + "managedSelfHosted": { + "title": "Gestito Auto-Ospitato", + "description": "Server Pangolin self-hosted più affidabile e a bassa manutenzione con campanelli e fischietti extra", + "introTitle": "Managed Self-Hosted Pangolin", + "introDescription": "è un'opzione di distribuzione progettata per le persone che vogliono la semplicità e l'affidabilità extra mantenendo i loro dati privati e self-hosted.", + "introDetail": "Con questa opzione, esegui ancora il tuo nodo Pangolin — i tunnel, la terminazione SSL e il traffico rimangono tutti sul tuo server. La differenza è che la gestione e il monitoraggio sono gestiti attraverso il nostro cruscotto cloud, che sblocca una serie di vantaggi:", + "benefitSimplerOperations": { + "title": "Operazioni più semplici", + "description": "Non è necessario eseguire il proprio server di posta o impostare un avviso complesso. Otterrai controlli di salute e avvisi di inattività fuori dalla casella." + }, + "benefitAutomaticUpdates": { + "title": "Aggiornamenti automatici", + "description": "Il cruscotto cloud si evolve rapidamente, in modo da ottenere nuove funzionalità e correzioni di bug senza dover tirare manualmente nuovi contenitori ogni volta." + }, + "benefitLessMaintenance": { + "title": "Meno manutenzione", + "description": "Nessuna migrazione di database, backup o infrastruttura extra da gestire. Gestiamo questo problema nel cloud." + }, + "benefitCloudFailover": { + "title": "failover del cloud", + "description": "Se il tuo nodo scende, i tuoi tunnel possono temporaneamente fallire nei nostri punti di presenza cloud fino a quando non lo riporti online." + }, + "benefitHighAvailability": { + "title": "Alta disponibilità (PoPs)", + "description": "Puoi anche allegare più nodi al tuo account per ridondanza e prestazioni migliori." + }, + "benefitFutureEnhancements": { + "title": "Miglioramenti futuri", + "description": "Stiamo pianificando di aggiungere più strumenti di analisi, allerta e gestione per rendere la tua distribuzione ancora più robusta." + }, + "docsAlert": { + "text": "Scopri di più sull'opzione Managed Self-Hosted nella nostra", + "documentation": "documentazione" + }, + "convertButton": "Converti questo nodo in auto-ospitato gestito" + }, + "internationaldomaindetected": "Dominio Internazionale Rilevato", + "willbestoredas": "Verrà conservato come:" +} diff --git a/messages/ko-KR.json b/messages/ko-KR.json new file mode 100644 index 00000000..2b9e7b1c --- /dev/null +++ b/messages/ko-KR.json @@ -0,0 +1,1500 @@ +{ + "setupCreate": "조직, 사이트 및 리소스를 생성하십시오.", + "setupNewOrg": "새 조직", + "setupCreateOrg": "조직 생성", + "setupCreateResources": "리소스 생성", + "setupOrgName": "조직 이름", + "orgDisplayName": "이것은 귀하의 조직의 표시 이름입니다.", + "orgId": "조직 ID", + "setupIdentifierMessage": "이것은 귀하의 조직에 대한 고유 식별자입니다. 표시 이름과는 별개입니다.", + "setupErrorIdentifier": "조직 ID가 이미 사용 중입니다. 다른 것을 선택해 주세요.", + "componentsErrorNoMemberCreate": "현재 어떤 조직의 구성원도 아닙니다. 시작하려면 조직을 생성하세요.", + "componentsErrorNoMember": "현재 어떤 조직의 구성원도 아닙니다.", + "welcome": "판골린에 오신 것을 환영합니다.", + "welcomeTo": "환영합니다", + "componentsCreateOrg": "조직 생성", + "componentsMember": "당신은 {count, plural, =0 {조직이 없습니다} one {하나의 조직} other {# 개의 조직}}의 구성원입니다.", + "componentsInvalidKey": "유효하지 않거나 만료된 라이센스 키가 감지되었습니다. 모든 기능을 계속 사용하려면 라이센스 조건을 따르십시오.", + "dismiss": "해제", + "componentsLicenseViolation": "라이센스 위반: 이 서버는 {usedSites} 사이트를 사용하고 있으며, 이는 {maxSites} 사이트의 라이센스 한도를 초과합니다. 모든 기능을 계속 사용하려면 라이센스 조건을 따르십시오.", + "componentsSupporterMessage": "{tier}로 판골린을 지원해 주셔서 감사합니다!", + "inviteErrorNotValid": "죄송하지만, 접근하려는 초대가 수락되지 않았거나 더 이상 유효하지 않은 것 같습니다.", + "inviteErrorUser": "죄송하지만, 접근하려는 초대가 이 사용자에게 해당되지 않는 것 같습니다.", + "inviteLoginUser": "올바른 사용자로 로그인했는지 확인하십시오.", + "inviteErrorNoUser": "죄송하지만, 접근하려는 초대가 존재하지 않는 사용자에 대한 것인 것 같습니다.", + "inviteCreateUser": "먼저 계정을 생성해 주세요.", + "goHome": "홈으로 가기", + "inviteLogInOtherUser": "다른 사용자로 로그인", + "createAnAccount": "계정 만들기", + "inviteNotAccepted": "초대가 수락되지 않음", + "authCreateAccount": "시작하려면 계정을 생성하세요.", + "authNoAccount": "계정이 없으신가요?", + "email": "이메일", + "password": "비밀번호", + "confirmPassword": "비밀번호 확인", + "createAccount": "계정 생성", + "viewSettings": "설정 보기", + "delete": "삭제", + "name": "이름", + "online": "온라인", + "offline": "오프라인", + "site": "사이트", + "dataIn": "데이터 입력", + "dataOut": "데이터 출력", + "connectionType": "연결 유형", + "tunnelType": "터널 유형", + "local": "로컬", + "edit": "편집", + "siteConfirmDelete": "사이트 삭제 확인", + "siteDelete": "사이트 삭제", + "siteMessageRemove": "제거되면 사이트에 더 이상 접근할 수 없습니다. 사이트와 관련된 모든 리소스와 대상도 제거됩니다.", + "siteMessageConfirm": "확인을 위해 아래에 사이트 이름을 입력해 주세요.", + "siteQuestionRemove": "조직에서 사이트 {selectedSite}를 제거하시겠습니까?", + "siteManageSites": "사이트 관리", + "siteDescription": "안전한 터널을 통해 네트워크에 연결할 수 있도록 허용", + "siteCreate": "사이트 생성", + "siteCreateDescription2": "아래 단계를 따라 새 사이트를 생성하고 연결하십시오", + "siteCreateDescription": "리소스를 연결하기 위해 새 사이트를 생성하십시오.", + "close": "닫기", + "siteErrorCreate": "사이트 생성 오류", + "siteErrorCreateKeyPair": "키 쌍 또는 사이트 기본값을 찾을 수 없습니다", + "siteErrorCreateDefaults": "사이트 기본값을 찾을 수 없습니다", + "method": "방법", + "siteMethodDescription": "이것이 연결을 노출하는 방법입니다.", + "siteLearnNewt": "시스템에 Newt 설치하는 방법 배우기", + "siteSeeConfigOnce": "구성을 한 번만 볼 수 있습니다.", + "siteLoadWGConfig": "WireGuard 구성 로딩 중...", + "siteDocker": "Docker 배포 세부정보 확장", + "toggle": "전환", + "dockerCompose": "도커 컴포즈", + "dockerRun": "도커 실행", + "siteLearnLocal": "로컬 사이트는 터널링하지 않습니다. 자세히 알아보기", + "siteConfirmCopy": "구성을 복사했습니다.", + "searchSitesProgress": "사이트 검색...", + "siteAdd": "사이트 추가", + "siteInstallNewt": "Newt 설치", + "siteInstallNewtDescription": "시스템에서 Newt 실행하기", + "WgConfiguration": "WireGuard 구성", + "WgConfigurationDescription": "네트워크에 연결하기 위한 다음 구성을 사용하십시오.", + "operatingSystem": "운영 체제", + "commands": "명령", + "recommended": "추천", + "siteNewtDescription": "최고의 사용자 경험을 위해 Newt를 사용하십시오. Newt는 WireGuard를 기반으로 하며, 판골린 대시보드 내에서 개인 네트워크의 LAN 주소로 개인 리소스에 접근할 수 있도록 합니다.", + "siteRunsInDocker": "Docker에서 실행", + "siteRunsInShell": "macOS, Linux 및 Windows에서 셸에서 실행", + "siteErrorDelete": "사이트 삭제 오류", + "siteErrorUpdate": "사이트 업데이트에 실패했습니다", + "siteErrorUpdateDescription": "사이트 업데이트 중 오류가 발생했습니다.", + "siteUpdated": "사이트가 업데이트되었습니다", + "siteUpdatedDescription": "사이트가 업데이트되었습니다.", + "siteGeneralDescription": "이 사이트에 대한 일반 설정을 구성하세요.", + "siteSettingDescription": "사이트에서 설정을 구성하세요", + "siteSetting": "{siteName} 설정", + "siteNewtTunnel": "뉴트 터널 (추천)", + "siteNewtTunnelDescription": "네트워크에 대한 진입점을 생성하는 가장 쉬운 방법입니다. 추가 설정이 필요 없습니다.", + "siteWg": "기본 WireGuard", + "siteWgDescription": "모든 WireGuard 클라이언트를 사용하여 터널을 설정하세요. 수동 NAT 설정이 필요합니다.", + "siteWgDescriptionSaas": "모든 WireGuard 클라이언트를 사용하여 터널을 설정하세요. 수동 NAT 설정이 필요합니다. 자체 호스팅 노드에서만 작동합니다.", + "siteLocalDescription": "로컬 리소스만 사용 가능합니다. 터널링이 없습니다.", + "siteLocalDescriptionSaas": "로컬 리소스만. 터널링 없음. 자체 호스팅 노드에서만 작동합니다.", + "siteSeeAll": "모든 사이트 보기", + "siteTunnelDescription": "사이트에 연결하는 방법을 결정하세요", + "siteNewtCredentials": "Newt 자격 증명", + "siteNewtCredentialsDescription": "이것이 Newt가 서버와 인증하는 방법입니다", + "siteCredentialsSave": "자격 증명 저장", + "siteCredentialsSaveDescription": "이것은 한 번만 볼 수 있습니다. 안전한 장소에 복사해 두세요.", + "siteInfo": "사이트 정보", + "status": "상태", + "shareTitle": "공유 링크 관리", + "shareDescription": "공유 가능한 링크를 생성하여 리소스에 대한 임시 또는 영구 액세스를 부여합니다.", + "shareSearch": "공유 링크 검색...", + "shareCreate": "공유 링크 생성", + "shareErrorDelete": "링크 삭제에 실패했습니다.", + "shareErrorDeleteMessage": "링크 삭제 중 오류가 발생했습니다.", + "shareDeleted": "링크가 삭제되었습니다.", + "shareDeletedDescription": "링크가 삭제되었습니다.", + "shareTokenDescription": "액세스 토큰은 쿼리 매개변수 또는 요청 헤더의 두 가지 방법으로 전달될 수 있습니다. 이는 인증된 액세스를 위해 클라이언트에서 모든 요청마다 전달되어야 합니다.", + "accessToken": "액세스 토큰", + "usageExamples": "사용 예", + "tokenId": "토큰 ID", + "requestHeades": "요청 헤더", + "queryParameter": "쿼리 매개변수", + "importantNote": "중요한 참고 사항", + "shareImportantDescription": "보안상의 이유로 가능한 경우 쿼리 매개변수보다 헤더를 사용하는 것이 권장됩니다. 쿼리 매개변수는 서버 로그나 브라우저 기록에 기록될 수 있습니다.", + "token": "토큰", + "shareTokenSecurety": "액세스 토큰을 안전하게 유지하세요. 공개적으로 접근 가능한 영역이나 클라이언트 측 코드에서 공유하지 마세요.", + "shareErrorFetchResource": "리소스를 가져오는 데 실패했습니다.", + "shareErrorFetchResourceDescription": "리소스를 가져오는 중 오류가 발생했습니다.", + "shareErrorCreate": "공유 링크 생성에 실패했습니다.", + "shareErrorCreateDescription": "공유 링크를 생성하는 동안 오류가 발생했습니다", + "shareCreateDescription": "이 링크가 있는 누구나 리소스에 접근할 수 있습니다.", + "shareTitleOptional": "제목 (선택 사항)", + "expireIn": "만료됨", + "neverExpire": "만료되지 않음", + "shareExpireDescription": "만료 시간은 링크가 사용 가능하고 리소스에 접근할 수 있는 기간입니다. 이 시간이 지나면 링크는 더 이상 작동하지 않으며, 이 링크를 사용한 사용자는 리소스에 대한 접근 권한을 잃게 됩니다.", + "shareSeeOnce": "이 링크는 한 번만 볼 수 있습니다. 반드시 복사해 두세요.", + "shareAccessHint": "이 링크가 있는 누구나 리소스에 접근할 수 있습니다. 주의해서 공유하세요.", + "shareTokenUsage": "액세스 토큰 사용 보기", + "createLink": "링크 생성", + "resourcesNotFound": "리소스가 발견되지 않았습니다.", + "resourceSearch": "리소스 검색", + "openMenu": "메뉴 열기", + "resource": "리소스", + "title": "제목", + "created": "생성됨", + "expires": "만료", + "never": "절대", + "shareErrorSelectResource": "리소스를 선택하세요", + "resourceTitle": "리소스 관리", + "resourceDescription": "개인 애플리케이션에 대한 보안 프록시 생성", + "resourcesSearch": "리소스 검색...", + "resourceAdd": "리소스 추가", + "resourceErrorDelte": "리소스 삭제 중 오류 발생", + "authentication": "인증", + "protected": "보호됨", + "notProtected": "보호되지 않음", + "resourceMessageRemove": "제거되면 리소스에 더 이상 접근할 수 없습니다. 리소스와 연결된 모든 대상도 제거됩니다.", + "resourceMessageConfirm": "확인을 위해 아래에 리소스의 이름을 입력하세요.", + "resourceQuestionRemove": "조직에서 리소스 {selectedResource}를 제거하시겠습니까?", + "resourceHTTP": "HTTPS 리소스", + "resourceHTTPDescription": "서브도메인 또는 기본 도메인을 사용하여 HTTPS를 통해 앱에 대한 요청을 프록시합니다.", + "resourceRaw": "원시 TCP/UDP 리소스", + "resourceRawDescription": "TCP/UDP를 통해 포트 번호를 사용하여 앱에 요청을 프록시합니다.", + "resourceCreate": "리소스 생성", + "resourceCreateDescription": "아래 단계를 따라 새 리소스를 생성하세요.", + "resourceSeeAll": "모든 리소스 보기", + "resourceInfo": "리소스 정보", + "resourceNameDescription": "이것은 리소스의 표시 이름입니다.", + "siteSelect": "사이트 선택", + "siteSearch": "사이트 검색", + "siteNotFound": "사이트를 찾을 수 없습니다.", + "siteSelectionDescription": "이 사이트는 대상에 대한 연결을 제공합니다.", + "resourceType": "리소스 유형", + "resourceTypeDescription": "리소스에 접근하는 방법을 결정하세요", + "resourceHTTPSSettings": "HTTPS 설정", + "resourceHTTPSSettingsDescription": "리소스에 대한 HTTPS 접근 방식을 구성하십시오.", + "domainType": "도메인 유형", + "subdomain": "서브도메인", + "baseDomain": "기본 도메인", + "subdomnainDescription": "리소스에 접근할 수 있는 하위 도메인입니다.", + "resourceRawSettings": "TCP/UDP 설정", + "resourceRawSettingsDescription": "TCP/UDP를 통해 리소스에 접근하는 방법을 구성하세요.", + "protocol": "프로토콜", + "protocolSelect": "프로토콜 선택", + "resourcePortNumber": "포트 번호", + "resourcePortNumberDescription": "요청을 프록시하기 위한 외부 포트 번호입니다.", + "cancel": "취소", + "resourceConfig": "구성 스니펫", + "resourceConfigDescription": "TCP/UDP 리소스를 설정하기 위해 이 구성 스니펫을 복사하여 붙여넣으십시오.", + "resourceAddEntrypoints": "Traefik: 엔트리포인트 추가", + "resourceExposePorts": "Gerbil: Docker Compose에서 포트 노출", + "resourceLearnRaw": "TCP/UDP 리소스 구성 방법 알아보기", + "resourceBack": "리소스로 돌아가기", + "resourceGoTo": "리소스로 이동", + "resourceDelete": "리소스 삭제", + "resourceDeleteConfirm": "리소스 삭제 확인", + "visibility": "가시성", + "enabled": "활성화됨", + "disabled": "비활성화됨", + "general": "일반", + "generalSettings": "일반 설정", + "proxy": "프록시", + "internal": "내부", + "rules": "규칙", + "resourceSettingDescription": "리소스의 설정을 구성하세요.", + "resourceSetting": "{resourceName} 설정", + "alwaysAllow": "항상 허용", + "alwaysDeny": "항상 거부", + "passToAuth": "인증으로 전달", + "orgSettingsDescription": "조직의 일반 설정을 구성하세요", + "orgGeneralSettings": "조직 설정", + "orgGeneralSettingsDescription": "조직 세부정보 및 구성을 관리하세요.", + "saveGeneralSettings": "일반 설정 저장", + "saveSettings": "설정 저장", + "orgDangerZone": "위험 구역", + "orgDangerZoneDescription": "이 조직을 삭제하면 되돌릴 수 없습니다. 확실히 하세요.", + "orgDelete": "조직 삭제", + "orgDeleteConfirm": "조직 삭제 확인", + "orgMessageRemove": "이 작업은 되돌릴 수 없으며 모든 관련 데이터를 삭제합니다.", + "orgMessageConfirm": "확인을 위해 아래에 조직 이름을 입력하십시오.", + "orgQuestionRemove": "조직 {selectedOrg}을(를) 제거하시겠습니까?", + "orgUpdated": "조직이 업데이트되었습니다.", + "orgUpdatedDescription": "조직이 업데이트되었습니다.", + "orgErrorUpdate": "조직 업데이트에 실패했습니다.", + "orgErrorUpdateMessage": "조직을 업데이트하는 동안 오류가 발생했습니다.", + "orgErrorFetch": "조직을 가져오는 데 실패했습니다.", + "orgErrorFetchMessage": "조직을 나열하는 동안 오류가 발생했습니다", + "orgErrorDelete": "조직 삭제에 실패했습니다.", + "orgErrorDeleteMessage": "조직을 삭제하는 중 오류가 발생했습니다.", + "orgDeleted": "조직이 삭제되었습니다.", + "orgDeletedMessage": "조직과 그 데이터가 삭제되었습니다.", + "orgMissing": "조직 ID가 누락되었습니다", + "orgMissingMessage": "조직 ID 없이 초대장을 재생성할 수 없습니다.", + "accessUsersManage": "사용자 관리", + "accessUsersDescription": "사용자를 초대하고 역할에 추가하여 조직에 대한 접근을 관리하세요", + "accessUsersSearch": "사용자 검색...", + "accessUserCreate": "사용자 생성", + "accessUserRemove": "사용자 제거", + "username": "사용자 이름", + "identityProvider": "아이덴티티 공급자", + "role": "역할", + "nameRequired": "이름은 필수입니다", + "accessRolesManage": "역할 관리", + "accessRolesDescription": "조직에 대한 액세스를 관리할 역할 구성", + "accessRolesSearch": "역할 검색...", + "accessRolesAdd": "역할 추가", + "accessRoleDelete": "역할 삭제", + "description": "설명", + "inviteTitle": "열린 초대", + "inviteDescription": "다른 사용자에 대한 초대를 관리하세요", + "inviteSearch": "초대 검색...", + "minutes": "분", + "hours": "시간", + "days": "일", + "weeks": "주", + "months": "개월", + "years": "연도", + "day": "{count, plural, one {#일} other {#일}}", + "apiKeysTitle": "API 키 정보", + "apiKeysConfirmCopy2": "API 키를 복사했음을 확인해야 합니다.", + "apiKeysErrorCreate": "API 키 생성 오류", + "apiKeysErrorSetPermission": "권한 설정 오류", + "apiKeysCreate": "API 키 생성", + "apiKeysCreateDescription": "조직을 위한 새로운 API 키 생성", + "apiKeysGeneralSettings": "권한", + "apiKeysGeneralSettingsDescription": "이 API 키가 수행할 수 있는 작업 결정", + "apiKeysList": "귀하의 API 키", + "apiKeysSave": "API 키 저장", + "apiKeysSaveDescription": "이것은 한 번만 볼 수 있습니다. 안전한 장소에 복사해 두세요.", + "apiKeysInfo": "귀하의 API 키는 다음과 같습니다:", + "apiKeysConfirmCopy": "API 키를 복사했습니다", + "generate": "생성", + "done": "완료", + "apiKeysSeeAll": "모든 API 키 보기", + "apiKeysPermissionsErrorLoadingActions": "API 키 작업 로드 오류", + "apiKeysPermissionsErrorUpdate": "권한 설정 오류", + "apiKeysPermissionsUpdated": "권한이 업데이트되었습니다", + "apiKeysPermissionsUpdatedDescription": "권한이 업데이트되었습니다.", + "apiKeysPermissionsGeneralSettings": "권한", + "apiKeysPermissionsGeneralSettingsDescription": "이 API 키가 수행할 수 있는 작업 결정", + "apiKeysPermissionsSave": "권한 저장", + "apiKeysPermissionsTitle": "권한", + "apiKeys": "API 키", + "searchApiKeys": "API 키 검색...", + "apiKeysAdd": "API 키 생성", + "apiKeysErrorDelete": "API 키 삭제 오류", + "apiKeysErrorDeleteMessage": "API 키 삭제 오류", + "apiKeysQuestionRemove": "조직에서 API 키 {selectedApiKey}를 제거하시겠습니까?", + "apiKeysMessageRemove": "삭제되면 API 키를 더 이상 사용할 수 없습니다.", + "apiKeysMessageConfirm": "확인을 위해 아래에 API 키의 이름을 입력해 주세요.", + "apiKeysDeleteConfirm": "API 키 삭제 확인", + "apiKeysDelete": "API 키 삭제", + "apiKeysManage": "API 키 관리", + "apiKeysDescription": "API 키는 통합 API와 인증하는 데 사용됩니다.", + "apiKeysSettings": "{apiKeyName} 설정", + "userTitle": "모든 사용자 관리", + "userDescription": "시스템의 모든 사용자를 보고 관리합니다", + "userAbount": "사용자 관리에 대한 정보", + "userAbountDescription": "이 표는 시스템의 모든 루트 사용자 객체를 표시합니다. 각 사용자는 여러 조직에 속할 수 있습니다. 사용자를 조직에서 제거해도 루트 사용자 객체는 삭제되지 않으며, 시스템에 남아 있습니다. 사용자를 시스템에서 완전히 제거하려면 이 표의 삭제 작업을 사용하여 루트 사용자 객체를 삭제해야 합니다.", + "userServer": "서버 사용자", + "userSearch": "서버 사용자 검색 중...", + "userErrorDelete": "사용자 삭제 오류", + "userDeleteConfirm": "사용자 삭제 확인", + "userDeleteServer": "서버에서 사용자 삭제", + "userMessageRemove": "사용자가 모든 조직에서 제거되며 서버에서 완전히 삭제됩니다.", + "userMessageConfirm": "확인을 위해 아래에 사용자 이름을 입력하십시오.", + "userQuestionRemove": "정말로 {selectedUser}를 서버에서 영구적으로 삭제하시겠습니까?", + "licenseKey": "라이센스 키", + "valid": "유효", + "numberOfSites": "사이트 수", + "licenseKeySearch": "라이센스 키 검색 중...", + "licenseKeyAdd": "라이센스 키 추가", + "type": "유형", + "licenseKeyRequired": "라이센스 키가 필요합니다", + "licenseTermsAgree": "라이선스 조건에 동의해야 합니다.", + "licenseErrorKeyLoad": "라이센스 키를 로드하는 데 실패했습니다.", + "licenseErrorKeyLoadDescription": "라이센스 키 로드 중 오류가 발생했습니다.", + "licenseErrorKeyDelete": "라이센스 키 삭제에 실패했습니다.", + "licenseErrorKeyDeleteDescription": "라이센스 키 삭제 중 오류가 발생했습니다.", + "licenseKeyDeleted": "라이센스 키가 삭제되었습니다.", + "licenseKeyDeletedDescription": "라이센스 키가 삭제되었습니다.", + "licenseErrorKeyActivate": "라이센스 키 활성화에 실패했습니다.", + "licenseErrorKeyActivateDescription": "라이센스 키를 활성화하는 동안 오류가 발생했습니다", + "licenseAbout": "라이센스에 대한 정보", + "communityEdition": "커뮤니티 에디션", + "licenseAboutDescription": "이것은 상업적 환경에서 Pangolin을 사용하는 비즈니스 및 기업 사용자용입니다. 개인 용도로 Pangolin을 사용하는 경우 이 섹션을 무시할 수 있습니다.", + "licenseKeyActivated": "라이센스 키가 활성화되었습니다", + "licenseKeyActivatedDescription": "라이센스 키가 성공적으로 활성화되었습니다.", + "licenseErrorKeyRecheck": "라이센스 키 재확인 실패", + "licenseErrorKeyRecheckDescription": "라이센스 키를 재확인하는 중 오류가 발생했습니다.", + "licenseErrorKeyRechecked": "라이센스 키가 재확인되었습니다.", + "licenseErrorKeyRecheckedDescription": "모든 라이센스 키가 재검사되었습니다.", + "licenseActivateKey": "라이센스 키 활성화", + "licenseActivateKeyDescription": "라이센스 키를 입력하여 활성화하십시오.", + "licenseActivate": "라이센스 활성화", + "licenseAgreement": "이 상자를 체크함으로써, 귀하는 귀하의 라이선스 키와 관련된 계층에 해당하는 라이선스 조건을 읽고 동의했음을 확인합니다.", + "fossorialLicense": "Fossorial 상업 라이선스 및 구독 약관 보기", + "licenseMessageRemove": "이 작업은 라이센스 키와 그에 의해 부여된 모든 관련 권한을 제거합니다.", + "licenseMessageConfirm": "확인을 위해 아래에 라이센스 키를 입력하세요.", + "licenseQuestionRemove": "라이센스 키 {selectedKey}를 삭제하시겠습니까?", + "licenseKeyDelete": "라이센스 키 삭제", + "licenseKeyDeleteConfirm": "라이센스 키 삭제 확인", + "licenseTitle": "라이선스 상태 관리", + "licenseTitleDescription": "시스템에서 라이센스 키를 보고 관리합니다.", + "licenseHost": "호스트 라이센스", + "licenseHostDescription": "호스트의 주요 라이센스 키를 관리합니다.", + "licensedNot": "라이센스 없음", + "hostId": "호스트 ID", + "licenseReckeckAll": "모든 키 재확인", + "licenseSiteUsage": "사이트 사용량", + "licenseSiteUsageDecsription": "이 라이센스를 사용하는 사이트 수를 확인하세요.", + "licenseNoSiteLimit": "라이선스가 없는 호스트를 사용하는 사이트 수에 제한이 없습니다.", + "licensePurchase": "라이센스 구매", + "licensePurchaseSites": "추가 사이트 구매", + "licenseSitesUsedMax": "{maxSites}개의 사이트 중 {usedSites}개 사용 중", + "licenseSitesUsed": "시스템에 {count, plural, =0 {# 사이트} one {# 사이트} other {# 사이트}}가 있습니다.", + "licensePurchaseDescription": "구매할 사이트 수를 선택하세요 {selectedMode, select, license {라이센스를 구매합니다. 나중에 더 많은 사이트를 추가할 수 있습니다.} other {기존 라이센스에 추가합니다.}}", + "licenseFee": "라이선스 요금", + "licensePriceSite": "사이트당 가격", + "total": "총계", + "licenseContinuePayment": "결제로 진행", + "pricingPage": "가격 페이지", + "pricingPortal": "구매 포털 보기", + "licensePricingPage": "가장 최신의 가격 및 할인 정보를 보려면 방문하십시오 ", + "invite": "초대", + "inviteRegenerate": "초대장 재생성", + "inviteRegenerateDescription": "이전 초대를 취소하고 새로 생성", + "inviteRemove": "초대 제거", + "inviteRemoveError": "초대 제거 실패", + "inviteRemoveErrorDescription": "초대를 제거하는 동안 오류가 발생했습니다.", + "inviteRemoved": "초대가 제거되었습니다.", + "inviteRemovedDescription": "{email}에 대한 초대가 삭제되었습니다.", + "inviteQuestionRemove": "초대 {email}를 제거하시겠습니까?", + "inviteMessageRemove": "한 번 제거되면 이 초대는 더 이상 유효하지 않습니다. 나중에 사용자를 다시 초대할 수 있습니다.", + "inviteMessageConfirm": "확인을 위해 아래 초대의 이메일 주소를 입력해 주세요.", + "inviteQuestionRegenerate": "{email}에 대한 초대장을 다시 생성하시겠습니까? 이전 초대장은 취소됩니다.", + "inviteRemoveConfirm": "초대 제거 확인", + "inviteRegenerated": "초대 재생성됨", + "inviteSent": "새 초대장이 {email}로 전송되었습니다.", + "inviteSentEmail": "사용자에게 이메일 알림 전송", + "inviteGenerate": "{email}에 대한 새로운 초대장이 생성되었습니다.", + "inviteDuplicateError": "초대 중복", + "inviteDuplicateErrorDescription": "이 사용자에 대한 초대가 이미 존재합니다.", + "inviteRateLimitError": "요청 한도 초과", + "inviteRateLimitErrorDescription": "시간당 3회 재생성 한도를 초과했습니다. 나중에 다시 시도하세요.", + "inviteRegenerateError": "초대 재생성 실패", + "inviteRegenerateErrorDescription": "초대장을 재생성하는 동안 오류가 발생했습니다.", + "inviteValidityPeriod": "유효 기간", + "inviteValidityPeriodSelect": "유효 기간 선택", + "inviteRegenerateMessage": "초대장이 다시 생성되었습니다. 사용자는 아래 링크에 접속하여 초대장을 수락해야 합니다.", + "inviteRegenerateButton": "재생성", + "expiresAt": "만료 시간", + "accessRoleUnknown": "알 수 없는 역할", + "placeholder": "자리 표시자", + "userErrorOrgRemove": "사용자를 제거하지 못했습니다", + "userErrorOrgRemoveDescription": "사용자를 제거하는 동안 오류가 발생했습니다.", + "userOrgRemoved": "사용자가 제거되었습니다.", + "userOrgRemovedDescription": "사용자 {email}가 조직에서 제거되었습니다.", + "userQuestionOrgRemove": "{email}을 조직에서 제거하시겠습니까?", + "userMessageOrgRemove": "이 사용자가 제거되면 더 이상 조직에 접근할 수 없습니다. 나중에 다시 초대할 수 있지만, 초대를 다시 수락해야 합니다.", + "userMessageOrgConfirm": "확인을 위해 아래에 사용자 이름을 입력하세요.", + "userRemoveOrgConfirm": "사용자 제거 확인", + "userRemoveOrg": "조직에서 사용자 제거", + "users": "사용자", + "accessRoleMember": "회원", + "accessRoleOwner": "소유자", + "userConfirmed": "확인됨", + "idpNameInternal": "내부", + "emailInvalid": "유효하지 않은 이메일 주소입니다.", + "inviteValidityDuration": "지속 시간을 선택하십시오.", + "accessRoleSelectPlease": "역할을 선택하세요", + "usernameRequired": "사용자 이름은 필수입니다.", + "idpSelectPlease": "신원 제공자를 선택하십시오", + "idpGenericOidc": "일반 OAuth2/OIDC 공급자.", + "accessRoleErrorFetch": "역할을 가져오는 데 실패했습니다.", + "accessRoleErrorFetchDescription": "역할을 가져오는 중 오류가 발생했습니다.", + "idpErrorFetch": "신원 제공자를 가져오는 데 실패했습니다", + "idpErrorFetchDescription": "신원 공급자를 가져오는 중 오류가 발생했습니다.", + "userErrorExists": "사용자가 이미 존재합니다.", + "userErrorExistsDescription": "이 사용자는 이미 조직의 구성원입니다.", + "inviteError": "사용자 초대에 실패했습니다", + "inviteErrorDescription": "사용자를 초대하는 동안 오류가 발생했습니다.", + "userInvited": "사용자가 초대되었습니다.", + "userInvitedDescription": "사용자가 성공적으로 초대되었습니다.", + "userErrorCreate": "사용자 생성에 실패했습니다.", + "userErrorCreateDescription": "사용자를 생성하는 동안 오류가 발생했습니다.", + "userCreated": "사용자가 생성되었습니다.", + "userCreatedDescription": "사용자가 성공적으로 생성되었습니다.", + "userTypeInternal": "내부 사용자", + "userTypeInternalDescription": "사용자를 초대하여 귀하의 조직에 직접 참여하게 하세요.", + "userTypeExternal": "외부 사용자", + "userTypeExternalDescription": "외부 신원 공급자를 사용하여 사용자를 생성하세요.", + "accessUserCreateDescription": "새 사용자를 만들기 위한 아래 단계를 따르세요.", + "userSeeAll": "모든 사용자 보기", + "userTypeTitle": "사용자 유형", + "userTypeDescription": "사용자를 생성하는 방법을 결정하세요.", + "userSettings": "사용자 정보", + "userSettingsDescription": "새 사용자에 대한 세부정보를 입력하십시오.", + "inviteEmailSent": "사용자에게 초대 이메일 보내기", + "inviteValid": "유효 기간", + "selectDuration": "지속 시간 선택", + "accessRoleSelect": "역할 선택", + "inviteEmailSentDescription": "아래의 접근 링크와 함께 사용자에게 이메일이 전송되었습니다. 사용자는 초대를 수락하기 위해 링크에 접근해야 합니다.", + "inviteSentDescription": "사용자가 초대되었습니다. 초대를 수락하려면 아래 링크에 접속해야 합니다.", + "inviteExpiresIn": "초대는 {days, plural, one {#일} other {#일}} 후에 만료됩니다.", + "idpTitle": "아이덴티티 공급자", + "idpSelect": "외부 사용자를 위한 아이덴티티 공급자를 선택하십시오", + "idpNotConfigured": "구성된 아이덴티티 공급자가 없습니다. 외부 사용자를 생성하기 전에 아이덴티티 공급자를 구성하십시오.", + "usernameUniq": "선택한 아이덴티티 공급자에 존재하는 고유한 사용자 이름과 일치해야 합니다.", + "emailOptional": "이메일 (선택 사항)", + "nameOptional": "이름 (선택 사항)", + "accessControls": "접근 제어", + "userDescription2": "이 사용자의 설정 관리", + "accessRoleErrorAdd": "사용자를 역할에 추가하는 데 실패했습니다.", + "accessRoleErrorAddDescription": "사용자를 역할에 추가하는 동안 오류가 발생했습니다.", + "userSaved": "사용자 저장됨", + "userSavedDescription": "사용자가 업데이트되었습니다.", + "accessControlsDescription": "이 사용자가 조직에서 접근하고 수행할 수 있는 작업을 관리하세요", + "accessControlsSubmit": "접근 제어 저장", + "roles": "역할", + "accessUsersRoles": "사용자 및 역할 관리", + "accessUsersRolesDescription": "사용자를 초대하고 역할에 추가하여 조직에 대한 접근을 관리하세요", + "key": "키", + "createdAt": "생성일", + "proxyErrorInvalidHeader": "잘못된 사용자 정의 호스트 헤더 값입니다. 도메인 이름 형식을 사용하거나 사용자 정의 호스트 헤더를 해제하려면 비워 두십시오.", + "proxyErrorTls": "유효하지 않은 TLS 서버 이름입니다. 도메인 이름 형식을 사용하거나 비워 두어 TLS 서버 이름을 제거하십시오.", + "proxyEnableSSL": "SSL 활성화 (https)", + "targetErrorFetch": "대상 가져오는 데 실패했습니다.", + "targetErrorFetchDescription": "대상 가져오는 중 오류가 발생했습니다", + "siteErrorFetch": "리소스를 가져오는 데 실패했습니다", + "siteErrorFetchDescription": "리소스를 가져오는 동안 오류가 발생했습니다", + "targetErrorDuplicate": "중복 대상", + "targetErrorDuplicateDescription": "이 설정을 가진 대상이 이미 존재합니다", + "targetWireGuardErrorInvalidIp": "유효하지 않은 대상 IP", + "targetWireGuardErrorInvalidIpDescription": "대상 IP는 사이트 서브넷 내에 있어야 합니다.", + "targetsUpdated": "대상 업데이트됨", + "targetsUpdatedDescription": "대상 및 설정이 성공적으로 업데이트되었습니다.", + "targetsErrorUpdate": "대상 업데이트 실패", + "targetsErrorUpdateDescription": "대상 업데이트 중 오류가 발생했습니다.", + "targetTlsUpdate": "TLS 설정이 업데이트되었습니다.", + "targetTlsUpdateDescription": "TLS 설정이 성공적으로 업데이트되었습니다.", + "targetErrorTlsUpdate": "TLS 설정 업데이트에 실패했습니다.", + "targetErrorTlsUpdateDescription": "TLS 설정을 업데이트하는 동안 오류가 발생했습니다", + "proxyUpdated": "프록시 설정이 업데이트되었습니다.", + "proxyUpdatedDescription": "프록시 설정이 성공적으로 업데이트되었습니다", + "proxyErrorUpdate": "프록시 설정 업데이트에 실패했습니다.", + "proxyErrorUpdateDescription": "프록시 설정을 업데이트하는 동안 오류가 발생했습니다", + "targetAddr": "IP / 호스트 이름", + "targetPort": "포트", + "targetProtocol": "프로토콜", + "targetTlsSettings": "보안 연결 구성", + "targetTlsSettingsDescription": "리소스에 대한 SSL/TLS 설정 구성", + "targetTlsSettingsAdvanced": "고급 TLS 설정", + "targetTlsSni": "TLS 서버 이름 (SNI)", + "targetTlsSniDescription": "SNI에 사용할 TLS 서버 이름. 기본값을 사용하려면 비워 두십시오.", + "targetTlsSubmit": "설정 저장", + "targets": "대상 구성", + "targetsDescription": "사용자 백엔드 서비스로 트래픽을 라우팅할 대상을 설정하십시오.", + "targetStickySessions": "스티키 세션 활성화", + "targetStickySessionsDescription": "세션 전체 동안 동일한 백엔드 대상을 유지합니다.", + "methodSelect": "선택 방법", + "targetSubmit": "대상 추가", + "targetNoOne": "대상이 없습니다. 양식을 사용하여 대상을 추가하세요.", + "targetNoOneDescription": "위에 하나 이상의 대상을 추가하면 로드 밸런싱이 활성화됩니다.", + "targetsSubmit": "대상 저장", + "proxyAdditional": "추가 프록시 설정", + "proxyAdditionalDescription": "리소스가 프록시 설정을 처리하는 방법 구성", + "proxyCustomHeader": "사용자 정의 호스트 헤더", + "proxyCustomHeaderDescription": "요청을 프록시할 때 설정할 호스트 헤더입니다. 기본값을 사용하려면 비워 두십시오.", + "proxyAdditionalSubmit": "프록시 설정 저장", + "subnetMaskErrorInvalid": "유효하지 않은 서브넷 마스크입니다. 0에서 32 사이여야 합니다.", + "ipAddressErrorInvalidFormat": "잘못된 IP 주소 형식", + "ipAddressErrorInvalidOctet": "유효하지 않은 IP 주소 옥텟", + "path": "경로", + "ipAddressRange": "IP 범위", + "rulesErrorFetch": "규칙을 가져오는 데 실패했습니다.", + "rulesErrorFetchDescription": "규칙을 가져오는 중 오류가 발생했습니다", + "rulesErrorDuplicate": "중복 규칙", + "rulesErrorDuplicateDescription": "이 설정을 가진 규칙이 이미 존재합니다.", + "rulesErrorInvalidIpAddressRange": "유효하지 않은 CIDR", + "rulesErrorInvalidIpAddressRangeDescription": "유효한 CIDR 값을 입력하십시오.", + "rulesErrorInvalidUrl": "유효하지 않은 URL 경로", + "rulesErrorInvalidUrlDescription": "유효한 URL 경로 값을 입력해 주세요.", + "rulesErrorInvalidIpAddress": "유효하지 않은 IP", + "rulesErrorInvalidIpAddressDescription": "유효한 IP 주소를 입력하세요", + "rulesErrorUpdate": "규칙 업데이트에 실패했습니다.", + "rulesErrorUpdateDescription": "규칙 업데이트 중 오류가 발생했습니다.", + "rulesUpdated": "규칙 활성화", + "rulesUpdatedDescription": "규칙 평가가 업데이트되었습니다", + "rulesMatchIpAddressRangeDescription": "CIDR 형식으로 주소를 입력하세요 (예: 103.21.244.0/22)", + "rulesMatchIpAddress": "IP 주소를 입력하세요 (예: 103.21.244.12)", + "rulesMatchUrl": "URL 경로 또는 패턴을 입력하세요 (예: /api/v1/todos 또는 /api/v1/*)", + "rulesErrorInvalidPriority": "유효하지 않은 우선순위", + "rulesErrorInvalidPriorityDescription": "유효한 우선 순위를 입력하세요.", + "rulesErrorDuplicatePriority": "중복 우선순위", + "rulesErrorDuplicatePriorityDescription": "고유한 우선 순위를 입력하십시오.", + "ruleUpdated": "규칙이 업데이트되었습니다", + "ruleUpdatedDescription": "규칙이 성공적으로 업데이트되었습니다", + "ruleErrorUpdate": "작업 실패", + "ruleErrorUpdateDescription": "저장 작업 중 오류가 발생했습니다.", + "rulesPriority": "우선순위", + "rulesAction": "작업", + "rulesMatchType": "일치 유형", + "value": "값", + "rulesAbout": "규칙에 대한 정보", + "rulesAboutDescription": "규칙을 사용하면 IP 주소 또는 URL 경로를 기준으로 리소스에 대한 액세스를 제어할 수 있습니다. IP 주소 또는 URL 경로를 기준으로 액세스를 허용하거나 거부하는 규칙을 만들 수 있습니다.", + "rulesActions": "작업", + "rulesActionAlwaysAllow": "항상 허용: 모든 인증 방법 우회", + "rulesActionAlwaysDeny": "항상 거부: 모든 요청을 차단합니다. 인증을 시도할 수 없습니다.", + "rulesActionPassToAuth": "인증으로 전달: 인증 방법 시도를 허용합니다", + "rulesMatchCriteria": "일치 기준", + "rulesMatchCriteriaIpAddress": "특정 IP 주소와 일치", + "rulesMatchCriteriaIpAddressRange": "CIDR 표기법으로 IP 주소 범위를 일치시킵니다", + "rulesMatchCriteriaUrl": "URL 경로 또는 패턴 일치", + "rulesEnable": "규칙 활성화", + "rulesEnableDescription": "이 리소스에 대한 규칙 평가를 활성화하거나 비활성화합니다.", + "rulesResource": "리소스 규칙 구성", + "rulesResourceDescription": "리소스에 대한 접근을 제어하는 규칙 구성", + "ruleSubmit": "규칙 추가", + "rulesNoOne": "규칙이 없습니다. 양식을 사용하여 규칙을 추가하십시오.", + "rulesOrder": "규칙은 우선 순위에 따라 오름차순으로 평가됩니다.", + "rulesSubmit": "규칙 저장", + "resourceErrorCreate": "리소스 생성 오류", + "resourceErrorCreateDescription": "리소스를 생성하는 중 오류가 발생했습니다.", + "resourceErrorCreateMessage": "리소스 생성 오류:", + "resourceErrorCreateMessageDescription": "예기치 않은 오류가 발생했습니다.", + "sitesErrorFetch": "사이트를 가져오는 중 오류가 발생했습니다.", + "sitesErrorFetchDescription": "사이트를 가져오는 중 오류가 발생했습니다", + "domainsErrorFetch": "도메인 가져오기 오류", + "domainsErrorFetchDescription": "도메인을 가져오는 중 오류가 발생했습니다.", + "none": "없음", + "unknown": "알 수 없음", + "resources": "리소스", + "resourcesDescription": "리소스는 개인 네트워크에서 실행 중인 애플리케이션에 대한 프록시입니다. 개인 네트워크에서 HTTP/HTTPS 또는 원시 TCP/UDP 서비스에 대한 리소스를 생성하십시오. 각 리소스는 암호화된 WireGuard 터널을 통해 개인적이고 안전한 연결을 가능하게 하려면 사이트에 연결되어야 합니다.", + "resourcesWireGuardConnect": "WireGuard 암호화를 통한 안전한 연결", + "resourcesMultipleAuthenticationMethods": "다중 인증 방법 구성", + "resourcesUsersRolesAccess": "사용자 및 역할 기반 접근 제어", + "resourcesErrorUpdate": "리소스를 전환하는 데 실패했습니다.", + "resourcesErrorUpdateDescription": "리소스를 업데이트하는 동안 오류가 발생했습니다.", + "access": "접속", + "shareLink": "{resource} 공유 링크", + "resourceSelect": "리소스 선택", + "shareLinks": "공유 링크", + "share": "공유 가능한 링크", + "shareDescription2": "리소스에 대한 공유 가능한 링크를 생성하세요. 링크는 리소스에 대한 임시 또는 무제한 액세스를 제공합니다. 링크를 생성할 때 만료 기간을 설정할 수 있습니다.", + "shareEasyCreate": "생성하고 공유하기 쉬움", + "shareConfigurableExpirationDuration": "구성 가능한 만료 기간", + "shareSecureAndRevocable": "안전하고 철회 가능", + "nameMin": "이름은 최소 {len}자 이상이어야 합니다.", + "nameMax": "이름은 {len}자보다 길 수 없습니다.", + "sitesConfirmCopy": "구성을 복사했는지 확인하십시오.", + "unknownCommand": "알 수 없는 명령", + "newtErrorFetchReleases": "릴리스 정보를 가져오는 데 실패했습니다: {err}", + "newtErrorFetchLatest": "최신 릴리스를 가져오는 중 오류 발생: {err}", + "newtEndpoint": "Newt 엔드포인트", + "newtId": "뉴트 ID", + "newtSecretKey": "Newt 비밀 키", + "architecture": "아키텍처", + "sites": "사이트", + "siteWgAnyClients": "WireGuard 클라이언트를 사용하여 연결하십시오. 피어 IP를 사용하여 내부 리소스에 접근해야 합니다.", + "siteWgCompatibleAllClients": "모든 WireGuard 클라이언트와 호환", + "siteWgManualConfigurationRequired": "수동 구성이 필요합니다.", + "userErrorNotAdminOrOwner": "사용자는 관리자 또는 소유자가 아닙니다.", + "pangolinSettings": "설정 - 판골린", + "accessRoleYour": "귀하의 역할:", + "accessRoleSelect2": "역할 선택", + "accessUserSelect": "사용자를 선택하세요.", + "otpEmailEnter": "이메일을 입력하세요", + "otpEmailEnterDescription": "입력 필드에 입력한 후 Enter 키를 눌러 이메일을 추가합니다.", + "otpEmailErrorInvalid": "유효하지 않은 이메일 주소입니다. 와일드카드(*)는 전체 로컬 부분이어야 합니다.", + "otpEmailSmtpRequired": "SMTP 필요", + "otpEmailSmtpRequiredDescription": "일회성 비밀번호 인증을 사용하려면 서버에서 SMTP가 활성화되어 있어야 합니다.", + "otpEmailTitle": "일회용 비밀번호", + "otpEmailTitleDescription": "리소스 접근을 위한 이메일 기반 인증 필요", + "otpEmailWhitelist": "이메일 화이트리스트", + "otpEmailWhitelistList": "화이트리스트된 이메일", + "otpEmailWhitelistListDescription": "이 이메일 주소를 가진 사용자만 이 리소스에 접근할 수 있습니다. 그들은 이메일로 전송된 일회용 비밀번호를 입력하라는 메시지를 받게 됩니다. 도메인에서 모든 이메일 주소를 허용하기 위해 와일드카드(*@example.com)를 사용할 수 있습니다.", + "otpEmailWhitelistSave": "허용 목록 저장", + "passwordAdd": "비밀번호 추가", + "passwordRemove": "비밀번호 제거", + "pincodeAdd": "PIN 코드 추가", + "pincodeRemove": "PIN 코드 제거", + "resourceAuthMethods": "인증 방법", + "resourceAuthMethodsDescriptions": "추가 인증 방법을 통해 리소스에 대한 액세스 허용", + "resourceAuthSettingsSave": "성공적으로 저장되었습니다.", + "resourceAuthSettingsSaveDescription": "인증 설정이 저장되었습니다", + "resourceErrorAuthFetch": "데이터를 가져오는 데 실패했습니다.", + "resourceErrorAuthFetchDescription": "데이터를 가져오는 중 오류가 발생했습니다.", + "resourceErrorPasswordRemove": "리소스 비밀번호 제거 오류", + "resourceErrorPasswordRemoveDescription": "리소스 비밀번호를 제거하는 동안 오류가 발생했습니다.", + "resourceErrorPasswordSetup": "리소스 비밀번호 설정 오류", + "resourceErrorPasswordSetupDescription": "리소스 비밀번호 설정 중 오류가 발생했습니다", + "resourceErrorPincodeRemove": "리소스 핀 코드 제거 오류", + "resourceErrorPincodeRemoveDescription": "리소스 핀코드를 제거하는 중 오류가 발생했습니다.", + "resourceErrorPincodeSetup": "리소스 PIN 코드 설정 중 오류가 발생했습니다.", + "resourceErrorPincodeSetupDescription": "리소스 PIN 코드를 설정하는 동안 오류가 발생했습니다.", + "resourceErrorUsersRolesSave": "역할 설정에 실패했습니다.", + "resourceErrorUsersRolesSaveDescription": "역할 설정 중 오류가 발생했습니다.", + "resourceErrorWhitelistSave": "화이트리스트 저장에 실패했습니다.", + "resourceErrorWhitelistSaveDescription": "화이트리스트를 저장하는 동안 오류가 발생했습니다.", + "resourcePasswordSubmit": "비밀번호 보호 활성화", + "resourcePasswordProtection": "비밀번호 보호 {status}", + "resourcePasswordRemove": "리소스 비밀번호가 제거되었습니다", + "resourcePasswordRemoveDescription": "리소스 비밀번호가 성공적으로 제거되었습니다.", + "resourcePasswordSetup": "리소스 비밀번호 설정됨", + "resourcePasswordSetupDescription": "리소스 비밀번호가 성공적으로 설정되었습니다.", + "resourcePasswordSetupTitle": "비밀번호 설정", + "resourcePasswordSetupTitleDescription": "이 리소스를 보호하기 위해 비밀번호를 설정하세요.", + "resourcePincode": "PIN 코드", + "resourcePincodeSubmit": "PIN 코드 보호 활성화", + "resourcePincodeProtection": "PIN 코드 보호 {상태}", + "resourcePincodeRemove": "리소스 핀코드가 제거되었습니다.", + "resourcePincodeRemoveDescription": "리소스 비밀번호가 성공적으로 제거되었습니다.", + "resourcePincodeSetup": "리소스 PIN 코드가 설정되었습니다", + "resourcePincodeSetupDescription": "리소스 핀코드가 성공적으로 설정되었습니다", + "resourcePincodeSetupTitle": "핀코드 설정", + "resourcePincodeSetupTitleDescription": "이 리소스를 보호하기 위해 핀 코드를 설정하십시오.", + "resourceRoleDescription": "관리자는 항상 이 리소스에 접근할 수 있습니다.", + "resourceUsersRoles": "사용자 및 역할", + "resourceUsersRolesDescription": "이 리소스를 방문할 수 있는 사용자 및 역할을 구성하십시오", + "resourceUsersRolesSubmit": "사용자 및 역할 저장", + "resourceWhitelistSave": "성공적으로 저장되었습니다.", + "resourceWhitelistSaveDescription": "허용 목록 설정이 저장되었습니다.", + "ssoUse": "플랫폼 SSO 사용", + "ssoUseDescription": "기존 사용자는 이 기능이 활성화된 모든 리소스에 대해 한 번만 로그인하면 됩니다.", + "proxyErrorInvalidPort": "유효하지 않은 포트 번호", + "subdomainErrorInvalid": "잘못된 하위 도메인", + "domainErrorFetch": "도메인 가져오기 오류", + "domainErrorFetchDescription": "도메인을 가져오는 중 오류가 발생했습니다.", + "resourceErrorUpdate": "리소스 업데이트에 실패했습니다.", + "resourceErrorUpdateDescription": "리소스를 업데이트하는 동안 오류가 발생했습니다.", + "resourceUpdated": "리소스가 업데이트되었습니다.", + "resourceUpdatedDescription": "리소스가 성공적으로 업데이트되었습니다.", + "resourceErrorTransfer": "리소스 전송에 실패했습니다", + "resourceErrorTransferDescription": "리소스를 전송하는 동안 오류가 발생했습니다", + "resourceTransferred": "리소스가 전송되었습니다.", + "resourceTransferredDescription": "리소스가 성공적으로 전송되었습니다.", + "resourceErrorToggle": "리소스를 전환하는 데 실패했습니다.", + "resourceErrorToggleDescription": "리소스를 업데이트하는 동안 오류가 발생했습니다.", + "resourceVisibilityTitle": "가시성", + "resourceVisibilityTitleDescription": "리소스 가시성을 완전히 활성화하거나 비활성화", + "resourceGeneral": "일반 설정", + "resourceGeneralDescription": "이 리소스에 대한 일반 설정을 구성하십시오.", + "resourceEnable": "리소스 활성화", + "resourceTransfer": "리소스 전송", + "resourceTransferDescription": "이 리소스를 다른 사이트로 전송", + "resourceTransferSubmit": "리소스 전송", + "siteDestination": "대상 사이트", + "searchSites": "사이트 검색", + "accessRoleCreate": "역할 생성", + "accessRoleCreateDescription": "사용자를 그룹화하고 권한을 관리하기 위해 새 역할을 생성하세요.", + "accessRoleCreateSubmit": "역할 생성", + "accessRoleCreated": "역할이 생성되었습니다.", + "accessRoleCreatedDescription": "역할이 성공적으로 생성되었습니다.", + "accessRoleErrorCreate": "역할 생성 실패", + "accessRoleErrorCreateDescription": "역할 생성 중 오류가 발생했습니다.", + "accessRoleErrorNewRequired": "새 역할이 필요합니다.", + "accessRoleErrorRemove": "역할 제거에 실패했습니다.", + "accessRoleErrorRemoveDescription": "역할을 제거하는 동안 오류가 발생했습니다.", + "accessRoleName": "역할 이름", + "accessRoleQuestionRemove": "{name} 역할을 삭제하려고 합니다. 이 작업은 취소할 수 없습니다.", + "accessRoleRemove": "역할 제거", + "accessRoleRemoveDescription": "조직에서 역할 제거", + "accessRoleRemoveSubmit": "역할 제거", + "accessRoleRemoved": "역할이 제거되었습니다", + "accessRoleRemovedDescription": "역할이 성공적으로 제거되었습니다.", + "accessRoleRequiredRemove": "이 역할을 삭제하기 전에 기존 구성원을 전송할 새 역할을 선택하세요.", + "manage": "관리", + "sitesNotFound": "사이트를 찾을 수 없습니다.", + "pangolinServerAdmin": "서버 관리자 - 판골린", + "licenseTierProfessional": "전문 라이센스", + "licenseTierEnterprise": "기업 라이선스", + "licenseTierCommercial": "상업용 라이선스", + "licensed": "라이센스", + "yes": "예", + "no": "아니요", + "sitesAdditional": "추가 사이트", + "licenseKeys": "라이센스 키", + "sitestCountDecrease": "사이트 수 줄이기", + "sitestCountIncrease": "사이트 수 증가", + "idpManage": "아이덴티티 공급자 관리", + "idpManageDescription": "시스템에서 ID 제공자를 보고 관리합니다", + "idpDeletedDescription": "신원 공급자가 성공적으로 삭제되었습니다", + "idpOidc": "OAuth2/OIDC", + "idpQuestionRemove": "정말로 아이덴티티 공급자 {name}를 영구적으로 삭제하시겠습니까?", + "idpMessageRemove": "이 작업은 아이덴티티 공급자와 모든 관련 구성을 제거합니다. 이 공급자를 통해 인증하는 사용자는 더 이상 로그인할 수 없습니다.", + "idpMessageConfirm": "확인을 위해 아래에 아이덴티티 제공자의 이름을 입력하세요.", + "idpConfirmDelete": "신원 제공자 삭제 확인", + "idpDelete": "아이덴티티 공급자 삭제", + "idp": "신원 공급자", + "idpSearch": "ID 공급자 검색...", + "idpAdd": "아이덴티티 공급자 추가", + "idpClientIdRequired": "클라이언트 ID가 필요합니다.", + "idpClientSecretRequired": "클라이언트 비밀이 필요합니다.", + "idpErrorAuthUrlInvalid": "인증 URL은 유효한 URL이어야 합니다.", + "idpErrorTokenUrlInvalid": "토큰 URL은 유효한 URL이어야 합니다.", + "idpPathRequired": "식별자 경로가 필요합니다.", + "idpScopeRequired": "범위가 필요합니다.", + "idpOidcDescription": "OpenID Connect ID 공급자를 구성하십시오.", + "idpCreatedDescription": "ID 공급자가 성공적으로 생성되었습니다.", + "idpCreate": "아이덴티티 공급자 생성", + "idpCreateDescription": "사용자 인증을 위한 새로운 ID 공급자를 구성합니다.", + "idpSeeAll": "모든 ID 공급자 보기", + "idpSettingsDescription": "신원 제공자의 기본 정보를 구성하세요", + "idpDisplayName": "이 신원 공급자를 위한 표시 이름", + "idpAutoProvisionUsers": "사용자 자동 프로비저닝", + "idpAutoProvisionUsersDescription": "활성화되면 사용자가 첫 로그인 시 시스템에 자동으로 생성되며, 사용자와 역할 및 조직을 매핑할 수 있습니다.", + "licenseBadge": "전문가", + "idpType": "제공자 유형", + "idpTypeDescription": "구성할 ID 공급자의 유형을 선택하십시오.", + "idpOidcConfigure": "OAuth2/OIDC 구성", + "idpOidcConfigureDescription": "OAuth2/OIDC 공급자 엔드포인트 및 자격 증명을 구성하십시오.", + "idpClientId": "클라이언트 ID", + "idpClientIdDescription": "아이덴티티 공급자의 OAuth2 클라이언트 ID", + "idpClientSecret": "클라이언트 비밀", + "idpClientSecretDescription": "신원 제공자로부터의 OAuth2 클라이언트 비밀", + "idpAuthUrl": "인증 URL", + "idpAuthUrlDescription": "OAuth2 인증 엔드포인트 URL", + "idpTokenUrl": "토큰 URL", + "idpTokenUrlDescription": "OAuth2 토큰 엔드포인트 URL", + "idpOidcConfigureAlert": "중요 정보", + "idpOidcConfigureAlertDescription": "아이덴티티 공급자를 생성한 후, 아이덴티티 공급자의 설정에서 콜백 URL을 구성해야 합니다. 콜백 URL은 성공적으로 생성된 후 제공됩니다.", + "idpToken": "토큰 구성", + "idpTokenDescription": "ID 토큰에서 사용자 정보를 추출하는 방법 구성", + "idpJmespathAbout": "JMESPath에 대하여", + "idpJmespathAboutDescription": "아래 경로는 ID 토큰에서 값을 추출하기 위해 JMESPath 구문을 사용합니다.", + "idpJmespathAboutDescriptionLink": "JMESPath에 대해 더 알아보기", + "idpJmespathLabel": "식별자 경로", + "idpJmespathLabelDescription": "ID 토큰에서 사용자 식별자에 대한 경로", + "idpJmespathEmailPathOptional": "이메일 경로 (선택 사항)", + "idpJmespathEmailPathOptionalDescription": "ID 토큰에서 사용자의 이메일 경로", + "idpJmespathNamePathOptional": "이름 경로 (선택 사항)", + "idpJmespathNamePathOptionalDescription": "ID 토큰에서 사용자의 이름 경로", + "idpOidcConfigureScopes": "범위", + "idpOidcConfigureScopesDescription": "요청할 OAuth2 범위의 공백으로 구분된 목록", + "idpSubmit": "아이덴티티 공급자 생성", + "orgPolicies": "조직 정책", + "idpSettings": "{idpName} 설정", + "idpCreateSettingsDescription": "아이덴티티 공급자의 설정을 구성하십시오", + "roleMapping": "역할 매핑", + "orgMapping": "조직 매핑", + "orgPoliciesSearch": "조직 정책 검색...", + "orgPoliciesAdd": "조직 정책 추가", + "orgRequired": "조직은 필수입니다.", + "error": "오류", + "success": "성공", + "orgPolicyAddedDescription": "정책이 성공적으로 추가되었습니다", + "orgPolicyUpdatedDescription": "정책이 성공적으로 업데이트되었습니다.", + "orgPolicyDeletedDescription": "정책이 성공적으로 삭제되었습니다", + "defaultMappingsUpdatedDescription": "기본 매핑이 성공적으로 업데이트되었습니다.", + "orgPoliciesAbout": "조직 정책에 대하여", + "orgPoliciesAboutDescription": "조직 정책은 사용자의 ID 토큰에 따라 조직에 대한 액세스를 제어하는 데 사용됩니다. ID 토큰에서 역할 및 조직 정보를 추출하기 위해 JMESPath 표현식을 지정할 수 있습니다.", + "orgPoliciesAboutDescriptionLink": "자세한 내용은 문서를 참조하십시오.", + "defaultMappingsOptional": "기본 매핑(선택 사항)", + "defaultMappingsOptionalDescription": "조직에 대해 정의된 정책이 없을 때 기본 매핑이 사용됩니다. 여기에서 기본 역할 및 조직 매핑을 지정하여 대체할 수 있습니다.", + "defaultMappingsRole": "기본 역할 매핑", + "defaultMappingsRoleDescription": "이 표현식의 결과는 조직에서 정의된 역할 이름을 문자열로 반환해야 합니다.", + "defaultMappingsOrg": "기본 조직 매핑", + "defaultMappingsOrgDescription": "이 표현식은 사용자가 조직에 접근할 수 있도록 조직 ID 또는 true를 반환해야 합니다.", + "defaultMappingsSubmit": "기본 매핑 저장", + "orgPoliciesEdit": "조직 정책 편집", + "org": "조직", + "orgSelect": "조직 선택", + "orgSearch": "조직 검색", + "orgNotFound": "조직을 찾을 수 없습니다.", + "roleMappingPathOptional": "역할 매핑 경로 (선택 사항)", + "orgMappingPathOptional": "조직 매핑 경로 (선택 사항)", + "orgPolicyUpdate": "정책 업데이트", + "orgPolicyAdd": "정책 추가", + "orgPolicyConfig": "조직에 대한 접근을 구성하십시오.", + "idpUpdatedDescription": "아이덴티티 제공자가 성공적으로 업데이트되었습니다", + "redirectUrl": "리디렉션 URL", + "redirectUrlAbout": "리디렉션 URL에 대한 정보", + "redirectUrlAboutDescription": "사용자가 인증 후 리디렉션될 URL입니다. 이 URL을 신원 제공자 설정에서 구성해야 합니다.", + "pangolinAuth": "인증 - 판골린", + "verificationCodeLengthRequirements": "인증 코드가 8자여야 합니다.", + "errorOccurred": "오류가 발생했습니다.", + "emailErrorVerify": "이메일 확인에 실패했습니다:", + "emailVerified": "이메일이 성공적으로 확인되었습니다! 리디렉션 중입니다...", + "verificationCodeErrorResend": "인증 코드를 재전송하는 데 실패했습니다:", + "verificationCodeResend": "인증 코드가 재전송되었습니다", + "verificationCodeResendDescription": "검증 코드를 귀하의 이메일 주소로 재전송했습니다. 받은 편지함을 확인해 주세요.", + "emailVerify": "이메일 확인", + "emailVerifyDescription": "이메일 주소로 전송된 인증 코드를 입력하세요.", + "verificationCode": "인증 코드", + "verificationCodeEmailSent": "귀하의 이메일 주소로 인증 코드가 전송되었습니다.", + "submit": "제출", + "emailVerifyResendProgress": "재전송 중...", + "emailVerifyResend": "코드를 받지 못하셨나요? 여기 클릭하여 재전송하세요", + "passwordNotMatch": "비밀번호가 일치하지 않습니다.", + "signupError": "가입하는 동안 오류가 발생했습니다.", + "pangolinLogoAlt": "판골린 로고", + "inviteAlready": "초대받은 것 같습니다!", + "inviteAlreadyDescription": "초대를 수락하려면 로그인하거나 계정을 생성해야 합니다.", + "signupQuestion": "이미 계정이 있습니까?", + "login": "로그인", + "resourceNotFound": "리소스를 찾을 수 없습니다", + "resourceNotFoundDescription": "접근하려는 리소스가 존재하지 않습니다.", + "pincodeRequirementsLength": "PIN은 정확히 6자리여야 합니다", + "pincodeRequirementsChars": "PIN은 숫자만 포함해야 합니다.", + "passwordRequirementsLength": "비밀번호는 최소 1자 이상이어야 합니다", + "passwordRequirementsTitle": "비밀번호 요구사항:", + "passwordRequirementLength": "최소 8자 이상", + "passwordRequirementUppercase": "최소 대문자 하나", + "passwordRequirementLowercase": "최소 소문자 하나", + "passwordRequirementNumber": "최소 숫자 하나", + "passwordRequirementSpecial": "최소 특수 문자 하나", + "passwordRequirementsMet": "✓ 비밀번호가 모든 요구사항을 충족합니다.", + "passwordStrength": "비밀번호 강도", + "passwordStrengthWeak": "약함", + "passwordStrengthMedium": "보통", + "passwordStrengthStrong": "강함", + "passwordRequirements": "요구 사항:", + "passwordRequirementLengthText": "8자 이상", + "passwordRequirementUppercaseText": "대문자 (A-Z)", + "passwordRequirementLowercaseText": "소문자 (a-z)", + "passwordRequirementNumberText": "숫자 (0-9)", + "passwordRequirementSpecialText": "특수 문자 (!@#$%...)", + "passwordsDoNotMatch": "비밀번호가 일치하지 않습니다.", + "otpEmailRequirementsLength": "OTP는 최소 1자 이상이어야 합니다", + "otpEmailSent": "OTP 전송됨", + "otpEmailSentDescription": "OTP가 귀하의 이메일로 전송되었습니다.", + "otpEmailErrorAuthenticate": "이메일로 인증에 실패했습니다", + "pincodeErrorAuthenticate": "핀코드로 인증하는 데 실패했습니다", + "passwordErrorAuthenticate": "비밀번호로 인증하는 데 실패했습니다.", + "poweredBy": "제공자", + "authenticationRequired": "인증 필요", + "authenticationMethodChoose": "{name}에 접근하기 위한 선호하는 방법을 선택하세요.", + "authenticationRequest": "{name}에 접근하려면 인증해야 합니다.", + "user": "사용자", + "pincodeInput": "6자리 PIN 코드", + "pincodeSubmit": "PIN으로 로그인", + "passwordSubmit": "비밀번호로 로그인", + "otpEmailDescription": "일회성 코드가 이 이메일로 전송됩니다.", + "otpEmailSend": "일회성 코드 전송", + "otpEmail": "일회성 비밀번호 (OTP)", + "otpEmailSubmit": "OTP 제출", + "backToEmail": "이메일로 돌아가기", + "noSupportKey": "서버가 지원 키 없이 실행되고 있습니다. 프로젝트 지원을 고려하세요!", + "accessDenied": "접근 거부", + "accessDeniedDescription": "이 리소스에 접근할 수 있는 권한이 없습니다. 이게 실수라면 관리자에게 문의해 주세요.", + "accessTokenError": "액세스 토큰 확인 중 오류 발생", + "accessGranted": "접근 허가됨", + "accessUrlInvalid": "접근 URL이 유효하지 않습니다", + "accessGrantedDescription": "이 리소스에 대한 접근이 허용되었습니다. 리디렉션 중입니다...", + "accessUrlInvalidDescription": "이 공유 액세스 URL은 유효하지 않습니다. 새로운 URL을 위해 리소스 소유자에게 문의하세요.", + "tokenInvalid": "유효하지 않은 토큰", + "pincodeInvalid": "유효하지 않은 코드", + "passwordErrorRequestReset": "재설정을 요청하는 데 실패했습니다:", + "passwordErrorReset": "비밀번호 재설정 실패:", + "passwordResetSuccess": "비밀번호가 성공적으로 재설정되었습니다! 로그인으로 돌아가기...", + "passwordReset": "비밀번호 재설정", + "passwordResetDescription": "비밀번호를 재설정하는 단계를 따르세요", + "passwordResetSent": "이 이메일 주소로 비밀번호 재설정 코드를 전송하겠습니다.", + "passwordResetCode": "코드 재설정", + "passwordResetCodeDescription": "재설정 코드를 확인하려면 이메일을 확인하세요.", + "passwordNew": "새 비밀번호", + "passwordNewConfirm": "새 비밀번호 확인", + "pincodeAuth": "인증 코드", + "pincodeSubmit2": "코드 제출", + "passwordResetSubmit": "재설정 요청", + "passwordBack": "비밀번호로 돌아가기", + "loginBack": "로그인으로 돌아가기", + "signup": "가입하기", + "loginStart": "시작하려면 로그인하세요.", + "idpOidcTokenValidating": "OIDC 토큰 검증 중", + "idpOidcTokenResponse": "OIDC 토큰 응답 검증", + "idpErrorOidcTokenValidating": "OIDC 토큰 검증 오류", + "idpConnectingTo": "{name}에 연결 중", + "idpConnectingToDescription": "귀하의 신원을 확인하는 중", + "idpConnectingToProcess": "연결 중...", + "idpConnectingToFinished": "연결됨", + "idpErrorConnectingTo": "{name}에 연결하는 데 문제가 발생했습니다. 관리자에게 문의하십시오.", + "idpErrorNotFound": "IdP를 찾을 수 없습니다.", + "inviteInvalid": "유효하지 않은 초대", + "inviteInvalidDescription": "초대 링크가 유효하지 않습니다.", + "inviteErrorWrongUser": "이 초대는 이 사용자에게 해당되지 않습니다", + "inviteErrorUserNotExists": "사용자가 존재하지 않습니다. 먼저 계정을 생성해 주세요.", + "inviteErrorLoginRequired": "초대를 수락하려면 로그인해야 합니다.", + "inviteErrorExpired": "초대가 만료되었을 수 있습니다.", + "inviteErrorRevoked": "초대가 취소되었을 수 있습니다.", + "inviteErrorTypo": "초대 링크에 오타가 있을 수 있습니다.", + "pangolinSetup": "설정 - 판골린", + "orgNameRequired": "조직 이름은 필수입니다.", + "orgIdRequired": "조직 ID가 필요합니다", + "orgErrorCreate": "조직 생성 중 오류가 발생했습니다.", + "pageNotFound": "페이지를 찾을 수 없습니다", + "pageNotFoundDescription": "앗! 찾고 있는 페이지가 존재하지 않습니다.", + "overview": "개요", + "home": "홈", + "accessControl": "액세스 제어", + "settings": "설정", + "usersAll": "모든 사용자", + "license": "라이선스", + "pangolinDashboard": "대시보드 - 판골린", + "noResults": "결과를 찾을 수 없습니다.", + "terabytes": "{count} TB", + "gigabytes": "{count} GB", + "megabytes": "{count} MB", + "tagsEntered": "입력된 태그", + "tagsEnteredDescription": "입력한 태그는 다음과 같습니다.", + "tagsWarnCannotBeLessThanZero": "maxTags와 minTags는 0보다 작을 수 없습니다", + "tagsWarnNotAllowedAutocompleteOptions": "자동 완성 옵션에 따라 태그가 허용되지 않습니다", + "tagsWarnInvalid": "validateTag에 따라 유효하지 않은 태그입니다", + "tagWarnTooShort": "태그 {tagText}가 너무 짧습니다", + "tagWarnTooLong": "태그 {tagText}가 너무 깁니다.", + "tagsWarnReachedMaxNumber": "허용된 최대 태그 수에 도달했습니다.", + "tagWarnDuplicate": "중복 태그 {tagText}가 추가되지 않았습니다.", + "supportKeyInvalid": "유효하지 않은 키", + "supportKeyInvalidDescription": "지원자 키가 유효하지 않습니다.", + "supportKeyValid": "유효한 키", + "supportKeyValidDescription": "귀하의 후원자 키가 검증되었습니다. 지원해 주셔서 감사합니다!", + "supportKeyErrorValidationDescription": "서포터 키 유효성 검사에 실패했습니다.", + "supportKey": "개발 지원 및 판골린을 입양하세요!", + "supportKeyDescription": "커뮤니티를 위해 Pangolin 개발을 지속할 수 있도록 후원자 키를 구매하세요. 귀하의 기여는 모든 사용자를 위해 애플리케이션을 유지하고 새로운 기능을 추가하는 데 더 많은 시간을 할애할 수 있게 해줍니다. 우리는 절대 이 기능을 유료화하는 데 사용하지 않을 것입니다. 이는 상업용 에디션과는 별개입니다.", + "supportKeyPet": "자신만의 애완 판골린을 입양하고 만날 수 있습니다!", + "supportKeyPurchase": "결제는 GitHub를 통해 처리됩니다. 이후, 키를 다음에서 검색할 수 있습니다.", + "supportKeyPurchaseLink": "우리 웹사이트", + "supportKeyPurchase2": "여기에서 사용하세요.", + "supportKeyLearnMore": "자세히 알아보기.", + "supportKeyOptions": "가장 적합한 옵션을 선택해 주세요.", + "supportKetOptionFull": "전체 후원자", + "forWholeServer": "전체 서버에 대해", + "lifetimePurchase": "평생 구매", + "supporterStatus": "후원자 상태", + "buy": "구매", + "supportKeyOptionLimited": "제한된 후원자", + "forFiveUsers": "5명 이하의 사용자에 대해", + "supportKeyRedeem": "서포터 키 사용", + "supportKeyHideSevenDays": "7일 동안 숨기기", + "supportKeyEnter": "지원자 키 입력", + "supportKeyEnterDescription": "당신만의 펭귄 애완동물을 만나보세요!", + "githubUsername": "GitHub 사용자 이름", + "supportKeyInput": "후원자 키", + "supportKeyBuy": "서포터 키 구매", + "logoutError": "로그아웃 중 오류 발생", + "signingAs": "로그인한 사용자", + "serverAdmin": "서버 관리자", + "managedSelfhosted": "관리 자체 호스팅", + "otpEnable": "이중 인증 활성화", + "otpDisable": "이중 인증 비활성화", + "logout": "로그 아웃", + "licenseTierProfessionalRequired": "전문 에디션이 필요합니다.", + "licenseTierProfessionalRequiredDescription": "이 기능은 Professional Edition에서만 사용할 수 있습니다.", + "actionGetOrg": "조직 가져오기", + "actionUpdateOrg": "조직 업데이트", + "actionUpdateUser": "사용자 업데이트", + "actionGetUser": "사용자 조회", + "actionGetOrgUser": "조직 사용자 가져오기", + "actionListOrgDomains": "조직 도메인 목록", + "actionCreateSite": "사이트 생성", + "actionDeleteSite": "사이트 삭제", + "actionGetSite": "사이트 가져오기", + "actionListSites": "사이트 목록", + "setupToken": "설정 토큰", + "setupTokenDescription": "서버 콘솔에서 설정 토큰 입력.", + "setupTokenRequired": "설정 토큰이 필요합니다", + "actionUpdateSite": "사이트 업데이트", + "actionListSiteRoles": "허용된 사이트 역할 목록", + "actionCreateResource": "리소스 생성", + "actionDeleteResource": "리소스 삭제", + "actionGetResource": "리소스 가져오기", + "actionListResource": "리소스 목록", + "actionUpdateResource": "리소스 업데이트", + "actionListResourceUsers": "리소스 사용자 목록", + "actionSetResourceUsers": "리소스 사용자 설정", + "actionSetAllowedResourceRoles": "허용된 리소스 역할 설정", + "actionListAllowedResourceRoles": "허용된 리소스 역할 목록", + "actionSetResourcePassword": "리소스 비밀번호 설정", + "actionSetResourcePincode": "리소스 핀코드 설정", + "actionSetResourceEmailWhitelist": "리소스 이메일 화이트리스트 설정", + "actionGetResourceEmailWhitelist": "리소스 이메일 화이트리스트 가져오기", + "actionCreateTarget": "대상 만들기", + "actionDeleteTarget": "대상 삭제", + "actionGetTarget": "대상 가져오기", + "actionListTargets": "대상 목록", + "actionUpdateTarget": "대상 업데이트", + "actionCreateRole": "역할 생성", + "actionDeleteRole": "역할 삭제", + "actionGetRole": "역할 가져오기", + "actionListRole": "역할 목록", + "actionUpdateRole": "역할 업데이트", + "actionListAllowedRoleResources": "허용된 역할 리소스 목록", + "actionInviteUser": "사용자 초대", + "actionRemoveUser": "사용자 제거", + "actionListUsers": "사용자 목록", + "actionAddUserRole": "사용자 역할 추가", + "actionGenerateAccessToken": "액세스 토큰 생성", + "actionDeleteAccessToken": "액세스 토큰 삭제", + "actionListAccessTokens": "액세스 토큰 목록", + "actionCreateResourceRule": "리소스 규칙 생성", + "actionDeleteResourceRule": "리소스 규칙 삭제", + "actionListResourceRules": "리소스 규칙 목록", + "actionUpdateResourceRule": "리소스 규칙 업데이트", + "actionListOrgs": "조직 목록", + "actionCheckOrgId": "ID 확인", + "actionCreateOrg": "조직 생성", + "actionDeleteOrg": "조직 삭제", + "actionListApiKeys": "API 키 목록", + "actionListApiKeyActions": "API 키 작업 목록", + "actionSetApiKeyActions": "API 키 허용 작업 설정", + "actionCreateApiKey": "API 키 생성", + "actionDeleteApiKey": "API 키 삭제", + "actionCreateIdp": "IDP 생성", + "actionUpdateIdp": "IDP 업데이트", + "actionDeleteIdp": "IDP 삭제", + "actionListIdps": "IDP 목록", + "actionGetIdp": "IDP 가져오기", + "actionCreateIdpOrg": "IDP 조직 정책 생성", + "actionDeleteIdpOrg": "IDP 조직 정책 삭제", + "actionListIdpOrgs": "IDP 조직 목록", + "actionUpdateIdpOrg": "IDP 조직 업데이트", + "actionCreateClient": "클라이언트 생성", + "actionDeleteClient": "클라이언트 삭제", + "actionUpdateClient": "클라이언트 업데이트", + "actionListClients": "클라이언트 목록", + "actionGetClient": "클라이언트 가져오기", + "actionCreateSiteResource": "사이트 리소스 생성", + "actionDeleteSiteResource": "사이트 리소스 삭제", + "actionGetSiteResource": "사이트 리소스 가져오기", + "actionListSiteResources": "사이트 리소스 목록", + "actionUpdateSiteResource": "사이트 리소스 업데이트", + "actionListInvitations": "초대 목록", + "noneSelected": "선택된 항목 없음", + "orgNotFound2": "조직이 없습니다.", + "searchProgress": "검색...", + "create": "생성", + "orgs": "조직", + "loginError": "로그인 중 오류가 발생했습니다", + "passwordForgot": "비밀번호를 잊으셨나요?", + "otpAuth": "이중 인증", + "otpAuthDescription": "인증 앱에서 코드를 입력하거나 단일 사용 백업 코드 중 하나를 입력하세요.", + "otpAuthSubmit": "코드 제출", + "idpContinue": "또는 계속 진행하십시오.", + "otpAuthBack": "로그인으로 돌아가기", + "navbar": "탐색 메뉴", + "navbarDescription": "애플리케이션의 주요 탐색 메뉴", + "navbarDocsLink": "문서", + "commercialEdition": "상업용 에디션", + "otpErrorEnable": "2FA를 활성화할 수 없습니다.", + "otpErrorEnableDescription": "2FA를 활성화하는 동안 오류가 발생했습니다", + "otpSetupCheckCode": "6자리 코드를 입력하세요", + "otpSetupCheckCodeRetry": "유효하지 않은 코드입니다. 다시 시도하세요.", + "otpSetup": "이중 인증 활성화", + "otpSetupDescription": "추가 보호 계층으로 계정을 안전하게 유지하세요.", + "otpSetupScanQr": "인증 앱으로 이 QR 코드를 스캔하거나 비밀 키를 수동으로 입력하십시오:", + "otpSetupSecretCode": "인증 코드", + "otpSetupSuccess": "이중 인증 활성화됨", + "otpSetupSuccessStoreBackupCodes": "귀하의 계정이 이제 더 안전해졌습니다. 백업 코드를 저장하는 것을 잊지 마세요.", + "otpErrorDisable": "2FA를 비활성화할 수 없습니다.", + "otpErrorDisableDescription": "2FA를 비활성화하는 동안 오류가 발생했습니다.", + "otpRemove": "이중 인증 비활성화", + "otpRemoveDescription": "계정에 대한 이중 인증 비활성화", + "otpRemoveSuccess": "이중 인증 비활성화", + "otpRemoveSuccessMessage": "이중 인증이 귀하의 계정에서 비활성화되었습니다. 언제든지 다시 활성화할 수 있습니다.", + "otpRemoveSubmit": "2FA 비활성화", + "paginator": "페이지 {current} / {last}", + "paginatorToFirst": "첫 페이지로 이동", + "paginatorToPrevious": "이전 페이지로 이동", + "paginatorToNext": "다음 페이지로 이동", + "paginatorToLast": "마지막 페이지로 이동", + "copyText": "텍스트 복사", + "copyTextFailed": "텍스트 복사 실패: ", + "copyTextClipboard": "클립보드에 복사", + "inviteErrorInvalidConfirmation": "유효하지 않은 확인", + "passwordRequired": "비밀번호는 필수입니다.", + "allowAll": "모두 허용", + "permissionsAllowAll": "모든 권한 허용", + "githubUsernameRequired": "GitHub 사용자 이름이 필요합니다.", + "supportKeyRequired": "지원자 키가 필요합니다.", + "passwordRequirementsChars": "비밀번호는 최소 8자 이상이어야 합니다", + "language": "언어", + "verificationCodeRequired": "코드가 필요합니다.", + "userErrorNoUpdate": "업데이트할 사용자가 없습니다", + "siteErrorNoUpdate": "업데이트할 사이트가 없습니다.", + "resourceErrorNoUpdate": "업데이트할 리소스가 없습니다", + "authErrorNoUpdate": "업데이트할 인증 정보가 없습니다.", + "orgErrorNoUpdate": "업데이트할 조직이 없습니다.", + "orgErrorNoProvided": "제공된 조직이 없습니다.", + "apiKeysErrorNoUpdate": "업데이트할 API 키가 없습니다.", + "sidebarOverview": "개요", + "sidebarHome": "홈", + "sidebarSites": "사이트", + "sidebarResources": "리소스", + "sidebarAccessControl": "액세스 제어", + "sidebarUsers": "사용자", + "sidebarInvitations": "초대", + "sidebarRoles": "역할", + "sidebarShareableLinks": "공유 가능한 링크", + "sidebarApiKeys": "API 키", + "sidebarSettings": "설정", + "sidebarAllUsers": "모든 사용자", + "sidebarIdentityProviders": "신원 공급자", + "sidebarLicense": "라이선스", + "sidebarClients": "클라이언트 (Beta)", + "sidebarDomains": "도메인", + "enableDockerSocket": "Docker 소켓 활성화", + "enableDockerSocketDescription": "컨테이너 정보를 채우기 위해 Docker 소켓 검색을 활성화합니다. 소켓 경로는 Newt에 제공되어야 합니다.", + "enableDockerSocketLink": "자세히 알아보기", + "viewDockerContainers": "도커 컨테이너 보기", + "containersIn": "{siteName}의 컨테이너", + "selectContainerDescription": "이 대상을 위한 호스트 이름으로 사용할 컨테이너를 선택하세요. 포트를 사용하려면 포트를 클릭하세요.", + "containerName": "이름", + "containerImage": "이미지", + "containerState": "주", + "containerNetworks": "네트워크", + "containerHostnameIp": "호스트 이름/IP", + "containerLabels": "레이블", + "containerLabelsCount": "{count, plural, one {# 레이블} other {# 레이블}}", + "containerLabelsTitle": "컨테이너 레이블", + "containerLabelEmpty": "<비어 있음>", + "containerPorts": "포트", + "containerPortsMore": "+{count}개 더", + "containerActions": "작업", + "select": "선택", + "noContainersMatchingFilters": "현재 필터와 일치하는 컨테이너를 찾을 수 없습니다.", + "showContainersWithoutPorts": "포트가 없는 컨테이너 표시", + "showStoppedContainers": "중지된 컨테이너 표시", + "noContainersFound": "컨테이너를 찾을 수 없습니다. Docker 컨테이너가 실행 중인지 확인하십시오.", + "searchContainersPlaceholder": "{count}개의 컨테이너에서 검색...", + "searchResultsCount": "{count, plural, one {# 결과} other {# 결과}}", + "filters": "필터", + "filterOptions": "필터 옵션", + "filterPorts": "포트", + "filterStopped": "중지됨", + "clearAllFilters": "모든 필터 지우기", + "columns": "열", + "toggleColumns": "열 전환", + "refreshContainersList": "컨테이너 목록 새로 고침", + "searching": "검색 중...", + "noContainersFoundMatching": "\"{filter}\"와 일치하는 컨테이너를 찾을 수 없습니다.", + "light": "빛", + "dark": "어두운", + "system": "시스템", + "theme": "테마", + "subnetRequired": "서브넷은 필수입니다", + "initialSetupTitle": "초기 서버 설정", + "initialSetupDescription": "초기 서버 관리자 계정을 생성하세요. 서버 관리자 계정은 하나만 존재할 수 있습니다. 이러한 자격 증명은 나중에 언제든지 변경할 수 있습니다.", + "createAdminAccount": "관리자 계정 생성", + "setupErrorCreateAdmin": "서버 관리자 계정을 생성하는 동안 오류가 발생했습니다.", + "certificateStatus": "인증서 상태", + "loading": "로딩 중", + "restart": "재시작", + "domains": "도메인", + "domainsDescription": "조직의 도메인을 관리합니다", + "domainsSearch": "도메인 검색...", + "domainAdd": "도메인 추가", + "domainAddDescription": "조직에 새로운 도메인을 등록하세요", + "domainCreate": "도메인 생성", + "domainCreatedDescription": "도메인이 성공적으로 생성되었습니다", + "domainDeletedDescription": "도메인이 성공적으로 삭제되었습니다", + "domainQuestionRemove": "도메인 {domain}을(를) 계정에서 제거하시겠습니까?", + "domainMessageRemove": "제거되면 도메인이 더 이상 계정과 연관되지 않습니다.", + "domainMessageConfirm": "확인하려면 아래에 도메인명을 입력하세요.", + "domainConfirmDelete": "도메인 삭제 확인", + "domainDelete": "도메인 삭제", + "domain": "도메인", + "selectDomainTypeNsName": "도메인 위임 (NS)", + "selectDomainTypeNsDescription": "이 도메인과 모든 하위 도메인입니다. 전체 도메인 영역을 제어하려면 이를 사용하세요.", + "selectDomainTypeCnameName": "단일 도메인 (CNAME)", + "selectDomainTypeCnameDescription": "단일 하위 도메인 또는 특정 도메인 항목에 사용됩니다.", + "selectDomainTypeWildcardName": "와일드카드 도메인", + "selectDomainTypeWildcardDescription": "이 도메인 및 그 하위 도메인.", + "domainDelegation": "단일 도메인", + "selectType": "유형 선택", + "actions": "작업", + "refresh": "새로 고침", + "refreshError": "데이터 새로고침 실패", + "verified": "검증됨", + "pending": "대기 중", + "sidebarBilling": "청구", + "billing": "청구", + "orgBillingDescription": "청구 정보 및 구독을 관리하세요", + "github": "GitHub", + "pangolinHosted": "판골린 호스팅", + "fossorial": "지하 서식", + "completeAccountSetup": "계정 설정 완료", + "completeAccountSetupDescription": "시작하려면 비밀번호를 설정하세요", + "accountSetupSent": "이 이메일 주소로 계정 설정 코드를 보내드리겠습니다.", + "accountSetupCode": "설정 코드", + "accountSetupCodeDescription": "설정 코드를 확인하기 위해 이메일을 확인하세요.", + "passwordCreate": "비밀번호 생성", + "passwordCreateConfirm": "비밀번호 확인", + "accountSetupSubmit": "설정 코드 전송", + "completeSetup": "설정 완료", + "accountSetupSuccess": "계정 설정이 완료되었습니다! 판골린에 오신 것을 환영합니다!", + "documentation": "문서", + "saveAllSettings": "모든 설정 저장", + "settingsUpdated": "설정이 업데이트되었습니다", + "settingsUpdatedDescription": "모든 설정이 성공적으로 업데이트되었습니다", + "settingsErrorUpdate": "설정 업데이트 실패", + "settingsErrorUpdateDescription": "설정을 업데이트하는 동안 오류가 발생했습니다", + "sidebarCollapse": "줄이기", + "sidebarExpand": "확장하기", + "newtUpdateAvailable": "업데이트 가능", + "newtUpdateAvailableInfo": "뉴트의 새 버전이 출시되었습니다. 최상의 경험을 위해 최신 버전으로 업데이트하세요.", + "domainPickerEnterDomain": "도메인", + "domainPickerPlaceholder": "myapp.example.com, api.v1.mydomain.com, 또는 그냥 myapp", + "domainPickerDescription": "리소스의 전체 도메인을 입력하여 사용 가능한 옵션을 확인하십시오.", + "domainPickerDescriptionSaas": "전체 도메인, 서브도메인 또는 이름을 입력하여 사용 가능한 옵션을 확인하십시오.", + "domainPickerTabAll": "모두", + "domainPickerTabOrganization": "조직", + "domainPickerTabProvided": "제공 됨", + "domainPickerSortAsc": "A-Z", + "domainPickerSortDesc": "Z-A", + "domainPickerCheckingAvailability": "가용성을 확인 중...", + "domainPickerNoMatchingDomains": "일치하는 도메인을 찾을 수 없습니다. 다른 도메인을 시도하거나 조직의 도메인 설정을 확인하십시오.", + "domainPickerOrganizationDomains": "조직 도메인", + "domainPickerProvidedDomains": "제공된 도메인", + "domainPickerSubdomain": "서브도메인: {subdomain}", + "domainPickerNamespace": "이름 공간: {namespace}", + "domainPickerShowMore": "더보기", + "domainNotFound": "도메인을 찾을 수 없습니다", + "domainNotFoundDescription": "이 리소스는 도메인이 더 이상 시스템에 존재하지 않아 비활성화되었습니다. 이 리소스에 대한 새 도메인을 설정하세요.", + "failed": "실패", + "createNewOrgDescription": "새 조직 생성", + "organization": "조직", + "port": "포트", + "securityKeyManage": "보안 키 관리", + "securityKeyDescription": "비밀번호 없는 인증을 위해 보안 키를 추가하거나 제거합니다.", + "securityKeyRegister": "새 보안 키 등록", + "securityKeyList": "귀하의 보안 키", + "securityKeyNone": "등록된 보안 키가 아직 없습니다", + "securityKeyNameRequired": "이름은 필수입니다", + "securityKeyRemove": "제거", + "securityKeyLastUsed": "마지막 사용: {date}", + "securityKeyNameLabel": "보안 키 이름", + "securityKeyRegisterSuccess": "보안 키가 성공적으로 등록되었습니다", + "securityKeyRegisterError": "보안 키 등록 실패", + "securityKeyRemoveSuccess": "보안 키가 성공적으로 제거되었습니다", + "securityKeyRemoveError": "보안 키 제거 실패", + "securityKeyLoadError": "보안 키를 불러오는 데 실패했습니다", + "securityKeyLogin": "보안 키로 계속하기", + "securityKeyAuthError": "보안 키를 사용한 인증 실패", + "securityKeyRecommendation": "항상 계정에 액세스할 수 있도록 다른 장치에 백업 보안 키를 등록하세요.", + "registering": "등록 중...", + "securityKeyPrompt": "보안 키를 사용하여 본인 확인을 진행하세요. 보안 키가 연결되어 사용 준비가 되었는지 확인하세요.", + "securityKeyBrowserNotSupported": "귀하의 브라우저는 보안 키를 지원하지 않습니다. Chrome, Firefox, 또는 Safari와 같은 최신 브라우저를 사용하세요.", + "securityKeyPermissionDenied": "로그인을 계속하려면 보안 키에 대한 액세스를 허용하세요.", + "securityKeyRemovedTooQuickly": "로그인 프로세스가 완료될 때까지 보안 키를 연결 상태로 유지하세요.", + "securityKeyNotSupported": "보안 키가 호환되지 않을 수 있습니다. 다른 보안 키를 사용해보세요.", + "securityKeyUnknownError": "보안 키를 사용하는 데 문제가 발생했습니다. 다시 시도하세요.", + "twoFactorRequired": "보안 키를 등록하려면 이중 인증이 필요합니다.", + "twoFactor": "이중 인증", + "adminEnabled2FaOnYourAccount": "관리자가 {email}에 대한 이중 인증을 활성화했습니다. 계속하려면 설정을 완료하세요.", + "continueToApplication": "응용 프로그램으로 계속", + "securityKeyAdd": "보안 키 추가", + "securityKeyRegisterTitle": "새 보안 키 등록", + "securityKeyRegisterDescription": "보안 키를 연결하고 식별할 이름을 입력하세요.", + "securityKeyTwoFactorRequired": "이중 인증 필요", + "securityKeyTwoFactorDescription": "보안 키를 등록하려면 이중 인증 코드를 입력하세요.", + "securityKeyTwoFactorRemoveDescription": "보안 키를 제거하려면 이중 인증 코드를 입력하세요.", + "securityKeyTwoFactorCode": "이중 인증 코드", + "securityKeyRemoveTitle": "보안 키 삭제", + "securityKeyRemoveDescription": "보안 키 \"{name}\"를 제거하려면 비밀번호를 입력하세요", + "securityKeyNoKeysRegistered": "등록된 보안 키가 없습니다", + "securityKeyNoKeysDescription": "계정 보안을 강화하려면 보안 키를 추가하세요.", + "createDomainRequired": "도메인은 필수입니다", + "createDomainAddDnsRecords": "DNS 레코드 추가", + "createDomainAddDnsRecordsDescription": "설정을 완료하려면 도메인 제공자에게 다음 DNS 레코드를 추가하세요.", + "createDomainNsRecords": "NS 레코드", + "createDomainRecord": "레코드", + "createDomainType": "유형:", + "createDomainName": "이름:", + "createDomainValue": "값:", + "createDomainCnameRecords": "CNAME 레코드", + "createDomainARecords": "A 레코드", + "createDomainRecordNumber": "레코드 {number}", + "createDomainTxtRecords": "TXT 레코드", + "createDomainSaveTheseRecords": "이 레코드 저장", + "createDomainSaveTheseRecordsDescription": "이 DNS 레코드를 저장하여 이후에 다시 볼 수 없습니다.", + "createDomainDnsPropagation": "DNS 전파", + "createDomainDnsPropagationDescription": "DNS 변경 사항은 인터넷 전체에 전파되는 데 시간이 걸립니다. DNS 제공자와 TTL 설정에 따라 몇 분에서 48시간까지 걸릴 수 있습니다.", + "resourcePortRequired": "HTTP 리소스가 아닌 경우 포트 번호가 필요합니다", + "resourcePortNotAllowed": "HTTP 리소스에 대해 포트 번호를 설정하지 마세요", + "signUpTerms": { + "IAgreeToThe": "동의합니다", + "termsOfService": "서비스 약관", + "and": "및", + "privacyPolicy": "개인 정보 보호 정책" + }, + "siteRequired": "사이트가 필요합니다.", + "olmTunnel": "Olm 터널", + "olmTunnelDescription": "클라이언트 연결에 Olm 사용", + "errorCreatingClient": "클라이언트 생성 오류", + "clientDefaultsNotFound": "클라이언트 기본값을 찾을 수 없습니다.", + "createClient": "클라이언트 생성", + "createClientDescription": "사이트에 연결하기 위한 새 클라이언트를 생성하십시오.", + "seeAllClients": "모든 클라이언트 보기", + "clientInformation": "클라이언트 정보", + "clientNamePlaceholder": "클라이언트 이름", + "address": "주소", + "subnetPlaceholder": "서브넷", + "addressDescription": "이 클라이언트가 연결에 사용할 주소", + "selectSites": "사이트 선택", + "sitesDescription": "클라이언트는 선택한 사이트에 연결됩니다.", + "clientInstallOlm": "Olm 설치", + "clientInstallOlmDescription": "시스템에서 Olm을 실행하기", + "clientOlmCredentials": "Olm 자격 증명", + "clientOlmCredentialsDescription": "Olm이 서버와 인증하는 방법입니다.", + "olmEndpoint": "Olm 엔드포인트", + "olmId": "Olm ID", + "olmSecretKey": "Olm 비밀 키", + "clientCredentialsSave": "자격 증명 저장", + "clientCredentialsSaveDescription": "이것은 한 번만 볼 수 있습니다. 안전한 장소에 복사해 두세요.", + "generalSettingsDescription": "이 클라이언트에 대한 일반 설정을 구성하세요.", + "clientUpdated": "클라이언트 업데이트됨", + "clientUpdatedDescription": "클라이언트가 업데이트되었습니다.", + "clientUpdateFailed": "클라이언트 업데이트 실패", + "clientUpdateError": "클라이언트 업데이트 중 오류가 발생했습니다.", + "sitesFetchFailed": "사이트 가져오기 실패", + "sitesFetchError": "사이트 가져오는 중 오류가 발생했습니다.", + "olmErrorFetchReleases": "Olm 릴리즈 가져오는 중 오류가 발생했습니다.", + "olmErrorFetchLatest": "최신 Olm 릴리즈 가져오는 중 오류가 발생했습니다.", + "remoteSubnets": "원격 서브넷", + "enterCidrRange": "CIDR 범위 입력", + "remoteSubnetsDescription": "이 사이트에서 원격으로 액세스할 수 있는 CIDR 범위를 추가하세요. 10.0.0.0/24와 같은 형식을 사용하세요. 이는 VPN 클라이언트 연결에만 적용됩니다.", + "resourceEnableProxy": "공개 프록시 사용", + "resourceEnableProxyDescription": "이 리소스에 대한 공개 프록시를 활성화하십시오. 이를 통해 네트워크 외부로부터 클라우드를 통해 열린 포트에서 리소스에 액세스할 수 있습니다. Traefik 구성이 필요합니다.", + "externalProxyEnabled": "외부 프록시 활성화됨", + "addNewTarget": "새 대상 추가", + "targetsList": "대상 목록", + "targetErrorDuplicateTargetFound": "중복 대상 발견", + "httpMethod": "HTTP 메소드", + "selectHttpMethod": "HTTP 메소드 선택", + "domainPickerSubdomainLabel": "서브도메인", + "domainPickerBaseDomainLabel": "기본 도메인", + "domainPickerSearchDomains": "도메인 검색...", + "domainPickerNoDomainsFound": "찾을 수 없는 도메인이 없습니다", + "domainPickerLoadingDomains": "도메인 로딩 중...", + "domainPickerSelectBaseDomain": "기본 도메인 선택...", + "domainPickerNotAvailableForCname": "CNAME 도메인에는 사용할 수 없습니다", + "domainPickerEnterSubdomainOrLeaveBlank": "서브도메인을 입력하거나 기본 도메인을 사용하려면 공백으로 두십시오.", + "domainPickerEnterSubdomainToSearch": "사용 가능한 무료 도메인에서 검색 및 선택할 서브도메인 입력.", + "domainPickerFreeDomains": "무료 도메인", + "domainPickerSearchForAvailableDomains": "사용 가능한 도메인 검색", + "resourceDomain": "도메인", + "resourceEditDomain": "도메인 수정", + "siteName": "사이트 이름", + "proxyPort": "포트", + "resourcesTableProxyResources": "프록시 리소스", + "resourcesTableClientResources": "클라이언트 리소스", + "resourcesTableNoProxyResourcesFound": "프록시 리소스를 찾을 수 없습니다.", + "resourcesTableNoInternalResourcesFound": "내부 리소스를 찾을 수 없습니다.", + "resourcesTableDestination": "대상지", + "resourcesTableTheseResourcesForUseWith": "이 리소스는 다음과 함께 사용하기 위한 것입니다.", + "resourcesTableClients": "클라이언트", + "resourcesTableAndOnlyAccessibleInternally": "클라이언트와 연결되었을 때만 내부적으로 접근 가능합니다.", + "editInternalResourceDialogEditClientResource": "클라이언트 리소스 수정", + "editInternalResourceDialogUpdateResourceProperties": "{resourceName}의 리소스 속성과 대상 구성을 업데이트하세요.", + "editInternalResourceDialogResourceProperties": "리소스 속성", + "editInternalResourceDialogName": "이름", + "editInternalResourceDialogProtocol": "프로토콜", + "editInternalResourceDialogSitePort": "사이트 포트", + "editInternalResourceDialogTargetConfiguration": "대상 구성", + "editInternalResourceDialogDestinationIP": "대상 IP", + "editInternalResourceDialogDestinationPort": "대상 IP의 포트", + "editInternalResourceDialogCancel": "취소", + "editInternalResourceDialogSaveResource": "리소스 저장", + "editInternalResourceDialogSuccess": "성공", + "editInternalResourceDialogInternalResourceUpdatedSuccessfully": "내부 리소스가 성공적으로 업데이트되었습니다", + "editInternalResourceDialogError": "오류", + "editInternalResourceDialogFailedToUpdateInternalResource": "내부 리소스 업데이트 실패", + "editInternalResourceDialogNameRequired": "이름은 필수입니다.", + "editInternalResourceDialogNameMaxLength": "이름은 255자 이하이어야 합니다.", + "editInternalResourceDialogProxyPortMin": "프록시 포트는 최소 1이어야 합니다.", + "editInternalResourceDialogProxyPortMax": "프록시 포트는 65536 미만이어야 합니다.", + "editInternalResourceDialogInvalidIPAddressFormat": "잘못된 IP 주소 형식", + "editInternalResourceDialogDestinationPortMin": "대상 포트는 최소 1이어야 합니다.", + "editInternalResourceDialogDestinationPortMax": "대상 포트는 65536 미만이어야 합니다.", + "createInternalResourceDialogNoSitesAvailable": "사용 가능한 사이트가 없습니다.", + "createInternalResourceDialogNoSitesAvailableDescription": "내부 리소스를 생성하려면 서브넷이 구성된 최소 하나의 Newt 사이트가 필요합니다.", + "createInternalResourceDialogClose": "닫기", + "createInternalResourceDialogCreateClientResource": "클라이언트 리소스 생성", + "createInternalResourceDialogCreateClientResourceDescription": "선택한 사이트에 연결된 클라이언트에 접근할 새 리소스를 생성합니다.", + "createInternalResourceDialogResourceProperties": "리소스 속성", + "createInternalResourceDialogName": "이름", + "createInternalResourceDialogSite": "사이트", + "createInternalResourceDialogSelectSite": "사이트 선택...", + "createInternalResourceDialogSearchSites": "사이트 검색...", + "createInternalResourceDialogNoSitesFound": "사이트를 찾을 수 없습니다.", + "createInternalResourceDialogProtocol": "프로토콜", + "createInternalResourceDialogTcp": "TCP", + "createInternalResourceDialogUdp": "UDP", + "createInternalResourceDialogSitePort": "사이트 포트", + "createInternalResourceDialogSitePortDescription": "사이트에 연결되었을 때 리소스에 접근하기 위해 이 포트를 사용합니다.", + "createInternalResourceDialogTargetConfiguration": "대상 설정", + "createInternalResourceDialogDestinationIP": "대상 IP", + "createInternalResourceDialogDestinationIPDescription": "사이트 네트워크의 자원 IP 주소입니다.", + "createInternalResourceDialogDestinationPort": "대상 포트", + "createInternalResourceDialogDestinationPortDescription": "대상 IP에서 리소스에 접근할 수 있는 포트입니다.", + "createInternalResourceDialogCancel": "취소", + "createInternalResourceDialogCreateResource": "리소스 생성", + "createInternalResourceDialogSuccess": "성공", + "createInternalResourceDialogInternalResourceCreatedSuccessfully": "내부 리소스가 성공적으로 생성되었습니다.", + "createInternalResourceDialogError": "오류", + "createInternalResourceDialogFailedToCreateInternalResource": "내부 리소스 생성 실패", + "createInternalResourceDialogNameRequired": "이름은 필수입니다.", + "createInternalResourceDialogNameMaxLength": "이름은 255자 이하이어야 합니다.", + "createInternalResourceDialogPleaseSelectSite": "사이트를 선택하세요", + "createInternalResourceDialogProxyPortMin": "프록시 포트는 최소 1이어야 합니다.", + "createInternalResourceDialogProxyPortMax": "프록시 포트는 65536 미만이어야 합니다.", + "createInternalResourceDialogInvalidIPAddressFormat": "잘못된 IP 주소 형식", + "createInternalResourceDialogDestinationPortMin": "대상 포트는 최소 1이어야 합니다.", + "createInternalResourceDialogDestinationPortMax": "대상 포트는 65536 미만이어야 합니다.", + "siteConfiguration": "설정", + "siteAcceptClientConnections": "클라이언트 연결 허용", + "siteAcceptClientConnectionsDescription": "이 Newt 인스턴스를 게이트웨이로 사용하여 다른 장치가 연결될 수 있도록 허용합니다.", + "siteAddress": "사이트 주소", + "siteAddressDescription": "클라이언트가 연결하기 위한 호스트의 IP 주소를 지정합니다. 이는 클라이언트가 주소를 지정하기 위한 Pangolin 네트워크의 사이트 내부 주소입니다. 조직 서브넷 내에 있어야 합니다.", + "autoLoginExternalIdp": "외부 IDP로 자동 로그인", + "autoLoginExternalIdpDescription": "인증을 위해 외부 IDP로 사용자를 즉시 리디렉션합니다.", + "selectIdp": "IDP 선택", + "selectIdpPlaceholder": "IDP 선택...", + "selectIdpRequired": "자동 로그인이 활성화된 경우 IDP를 선택하십시오.", + "autoLoginTitle": "리디렉션 중", + "autoLoginDescription": "인증을 위해 외부 ID 공급자로 리디렉션 중입니다.", + "autoLoginProcessing": "인증 준비 중...", + "autoLoginRedirecting": "로그인으로 리디렉션 중...", + "autoLoginError": "자동 로그인 오류", + "autoLoginErrorNoRedirectUrl": "ID 공급자로부터 리디렉션 URL을 받지 못했습니다.", + "autoLoginErrorGeneratingUrl": "인증 URL 생성 실패.", + "managedSelfHosted": { + "title": "관리 자체 호스팅", + "description": "더 신뢰할 수 있고 낮은 유지보수의 자체 호스팅 팡골린 서버, 추가 기능 포함", + "introTitle": "관리 자체 호스팅 팡골린", + "introDescription": "는 자신의 데이터를 프라이빗하고 자체 호스팅을 유지하면서 더 간단하고 추가적인 신뢰성을 원하는 사람들을 위한 배포 옵션입니다.", + "introDetail": "이 옵션을 사용하면 여전히 자신의 팡골린 노드를 운영하고 - 터널, SSL 종료 및 트래픽 모두 서버에 유지됩니다. 차이점은 관리 및 모니터링이 클라우드 대시보드를 통해 처리되어 여러 혜택을 제공합니다.", + "benefitSimplerOperations": { + "title": "더 간단한 운영", + "description": "자체 메일 서버를 운영하거나 복잡한 경고를 설정할 필요가 없습니다. 기본적으로 상태 점검 및 다운타임 경고를 받을 수 있습니다." + }, + "benefitAutomaticUpdates": { + "title": "자동 업데이트", + "description": "클라우드 대시보드는 빠르게 발전하므로 새로운 기능과 버그 수정 사항을 수동으로 새로운 컨테이너를 가져오지 않고도 받을 수 있습니다." + }, + "benefitLessMaintenance": { + "title": "유지보수 감소", + "description": "데이터베이스 마이그레이션, 백업 또는 추가 인프라를 관리할 필요가 없습니다. 저희가 클라우드에서 처리합니다." + }, + "benefitCloudFailover": { + "title": "클라우드 장애 조치", + "description": "노드가 다운되면 터널이 클라우드의 프레즌스 포인트로 임시 전환되어 노드를 다시 온라인으로 가져올 때까지 유지됩니다." + }, + "benefitHighAvailability": { + "title": "고가용성 (PoPs)", + "description": "계정에 여러 노드를 연결하여 이중성과 성능을 향상시킬 수 있습니다." + }, + "benefitFutureEnhancements": { + "title": "향후 개선", + "description": "배포를 더욱 견고하게 만들기 위해 더 많은 분석, 경고, 및 관리 도구를 추가할 계획입니다." + }, + "docsAlert": { + "text": "관리 자체 호스팅 옵션에 대해 더 알아보세요", + "documentation": "문서" + }, + "convertButton": "이 노드를 관리 자체 호스팅으로 변환" + }, + "internationaldomaindetected": "국제 도메인 감지됨", + "willbestoredas": "다음으로 저장됩니다:" +} diff --git a/messages/nb-NO.json b/messages/nb-NO.json new file mode 100644 index 00000000..6d1ae86a --- /dev/null +++ b/messages/nb-NO.json @@ -0,0 +1,1500 @@ +{ + "setupCreate": "Lag din organisasjon, område og dine ressurser", + "setupNewOrg": "Ny Organisasjon", + "setupCreateOrg": "Opprett organisasjon", + "setupCreateResources": "Opprett ressurser", + "setupOrgName": "Organisasjonsnavn", + "orgDisplayName": "Dette er visningsnavnet til organisasjonen din.", + "orgId": "Organisasjons-ID", + "setupIdentifierMessage": "Dette er den unike identifikator for din organisasjon. Dette er separat fra visningsnavnet.", + "setupErrorIdentifier": "Organisasjons-ID er allerede tatt. Vennligst velg en annen.", + "componentsErrorNoMemberCreate": "Du er for øyeblikket ikke medlem av noen organisasjoner. Lag en organisasjon for å komme i gang.", + "componentsErrorNoMember": "Du er for øyeblikket ikke medlem av noen organisasjoner.", + "welcome": "Velkommen!", + "welcomeTo": "Velkommen til", + "componentsCreateOrg": "Lag en Organisasjon", + "componentsMember": "Du er {count, plural, =0 {ikke medlem av noen organisasjoner} one {medlem av en organisasjon} other {medlem av # organisasjoner}}.", + "componentsInvalidKey": "Ugyldig eller utgått lisensnøkkel oppdaget. Følg lisensvilkårene for å fortsette å kunne bruke alle funksjonene.", + "dismiss": "Avvis", + "componentsLicenseViolation": "Lisens Brudd: Denne serveren bruker {usedSites} områder som overskrider den lisensierte grenser av {maxSites} områder. Følg lisensvilkårene for å fortsette å kunne bruke alle funksjonene.", + "componentsSupporterMessage": "Takk for at du støtter Pangolin som en {tier}!", + "inviteErrorNotValid": "Beklager, men det ser ut som invitasjonen du prøver å bruke ikke har blitt akseptert eller ikke er gyldig lenger.", + "inviteErrorUser": "Vi beklager, men det ser ut som invitasjonen du prøver å få tilgang til, ikke er for denne brukeren.", + "inviteLoginUser": "Vennligst sjekk at du er logget inn som riktig bruker.", + "inviteErrorNoUser": "Vi beklager, men det ser ut som invitasjonen du prøver å få tilgang til ikke er for en bruker som eksisterer.", + "inviteCreateUser": "Vennligst opprett en konto først.", + "goHome": "Gå hjem", + "inviteLogInOtherUser": "Logg inn som en annen bruker", + "createAnAccount": "Lag konto", + "inviteNotAccepted": "Invitasjonen ikke akseptert", + "authCreateAccount": "Opprett en konto for å komme i gang", + "authNoAccount": "Har du ikke konto?", + "email": "E-post", + "password": "Passord", + "confirmPassword": "Bekreft Passord", + "createAccount": "Opprett Konto", + "viewSettings": "Vis Innstillinger", + "delete": "Slett", + "name": "Navn", + "online": "Online", + "offline": "Frakoblet", + "site": "Område", + "dataIn": "Data Inn", + "dataOut": "Data Ut", + "connectionType": "Tilkoblingstype", + "tunnelType": "Tunneltype", + "local": "Lokal", + "edit": "Rediger", + "siteConfirmDelete": "Bekreft Sletting av Område", + "siteDelete": "Slett Område", + "siteMessageRemove": "Når området slettes, vil det ikke lenger være tilgjengelig. Alle ressurser og mål assosiert med området vil også bli slettet.", + "siteMessageConfirm": "For å bekrefte, vennligst skriv inn navnet i området nedenfor.", + "siteQuestionRemove": "Er du sikker på at du vil slette området {selectedSite} fra organisasjonen?", + "siteManageSites": "Administrer Områder", + "siteDescription": "Tillat tilkobling til nettverket ditt gjennom sikre tunneler", + "siteCreate": "Opprett område", + "siteCreateDescription2": "Følg trinnene nedenfor for å opprette og koble til et nytt område", + "siteCreateDescription": "Opprett et nytt område for å begynne å koble til ressursene dine", + "close": "Lukk", + "siteErrorCreate": "Feil ved oppretting av område", + "siteErrorCreateKeyPair": "Nøkkelpar eller standardinnstillinger for område ikke funnet", + "siteErrorCreateDefaults": "Standardinnstillinger for område ikke funnet", + "method": "Metode", + "siteMethodDescription": "Slik eksponerer du tilkoblinger.", + "siteLearnNewt": "Lær hvordan du installerer Newt på systemet ditt", + "siteSeeConfigOnce": "Du kan kun se konfigurasjonen én gang.", + "siteLoadWGConfig": "Laster WireGuard-konfigurasjon...", + "siteDocker": "Utvid for detaljer om Docker-deployment", + "toggle": "Veksle", + "dockerCompose": "Docker Compose", + "dockerRun": "Docker Run", + "siteLearnLocal": "Lokale områder tunnelerer ikke, lær mer", + "siteConfirmCopy": "Jeg har kopiert konfigurasjonen", + "searchSitesProgress": "Søker i områder...", + "siteAdd": "Legg til område", + "siteInstallNewt": "Installer Newt", + "siteInstallNewtDescription": "Få Newt til å kjøre på systemet ditt", + "WgConfiguration": "WireGuard Konfigurasjon", + "WgConfigurationDescription": "Bruk følgende konfigurasjon for å koble til nettverket ditt", + "operatingSystem": "Operativsystem", + "commands": "Kommandoer", + "recommended": "Anbefalt", + "siteNewtDescription": "For den beste brukeropplevelsen, bruk Newt. Den bruker WireGuard i bakgrunnen og lar deg adressere dine private ressurser med deres LAN-adresse på ditt private nettverk fra Pangolin-dashbordet.", + "siteRunsInDocker": "Kjører i Docker", + "siteRunsInShell": "Kjører i skall på macOS, Linux og Windows", + "siteErrorDelete": "Feil ved sletting av området", + "siteErrorUpdate": "Klarte ikke å oppdatere området", + "siteErrorUpdateDescription": "En feil oppstod under oppdatering av området.", + "siteUpdated": "Område oppdatert", + "siteUpdatedDescription": "Området har blitt oppdatert.", + "siteGeneralDescription": "Konfigurer de generelle innstillingene for dette området", + "siteSettingDescription": "Konfigurer innstillingene for området ditt", + "siteSetting": "{siteName} Innstillinger", + "siteNewtTunnel": "Newt Tunnel (Anbefalt)", + "siteNewtTunnelDescription": "Enkleste måte å opprette et inngangspunkt i nettverket ditt. Ingen ekstra oppsett.", + "siteWg": "Grunnleggende WireGuard", + "siteWgDescription": "Bruk hvilken som helst WireGuard-klient for å etablere en tunnel. Manuell NAT-oppsett kreves.", + "siteWgDescriptionSaas": "Bruk hvilken som helst WireGuard-klient for å etablere en tunnel. Manuell NAT-oppsett er nødvendig. FUNGERER KUN PÅ SELVHOSTEDE NODER", + "siteLocalDescription": "Kun lokale ressurser. Ingen tunnelering.", + "siteLocalDescriptionSaas": "Kun lokale ressurser. Ingen tunneling. FUNGERER KUN PÅ SELVHOSTEDE NODER", + "siteSeeAll": "Se alle områder", + "siteTunnelDescription": "Bestem hvordan du vil koble deg til ditt område", + "siteNewtCredentials": "Newt påloggingsinformasjon", + "siteNewtCredentialsDescription": "Slik vil Newt autentisere seg mot serveren", + "siteCredentialsSave": "Lagre påloggingsinformasjonen din", + "siteCredentialsSaveDescription": "Du vil kun kunne se dette én gang. Sørg for å kopiere det til et sikkert sted.", + "siteInfo": "Områdeinformasjon", + "status": "Status", + "shareTitle": "Administrer delingslenker", + "shareDescription": "Opprett delbare lenker for å gi midlertidig eller permanent tilgang til ressursene dine", + "shareSearch": "Søk delingslenker...", + "shareCreate": "Opprett delingslenke", + "shareErrorDelete": "Klarte ikke å slette lenke", + "shareErrorDeleteMessage": "En feil oppstod ved sletting av lenke", + "shareDeleted": "Lenke slettet", + "shareDeletedDescription": "Lenken har blitt slettet", + "shareTokenDescription": "Din tilgangsnøkkel kan sendes på to måter: som en query parameter eller i request headers. Disse må sendes fra klienten på hver forespørsel for autentisert tilgang.", + "accessToken": "Tilgangsnøkkel", + "usageExamples": "Brukseksempler", + "tokenId": "Token-ID", + "requestHeades": "Request Headers", + "queryParameter": "Query Parameter", + "importantNote": "Viktig merknad", + "shareImportantDescription": "Av sikkerhetsgrunner anbefales det å bruke headere fremfor query parametere der det er mulig, da query parametere kan logges i serverlogger eller nettleserhistorikk.", + "token": "Token", + "shareTokenSecurety": "Hold tilgangsnøkkelen ditt sikkert. Ikke del i offentlig tilgjengelige områder eller klientkode.", + "shareErrorFetchResource": "Klarte ikke å hente ressurser", + "shareErrorFetchResourceDescription": "En feil oppstod under henting av ressursene", + "shareErrorCreate": "Mislyktes med å opprette delingslenke", + "shareErrorCreateDescription": "Det oppsto en feil ved opprettelse av delingslenken", + "shareCreateDescription": "Alle med denne lenken får tilgang til ressursen", + "shareTitleOptional": "Tittel (valgfritt)", + "expireIn": "Utløper om", + "neverExpire": "Utløper aldri", + "shareExpireDescription": "Utløpstid er hvor lenge lenken vil være brukbar og gi tilgang til ressursen. Etter denne tiden vil lenken ikke lenger fungere, og brukere som brukte denne lenken vil miste tilgangen til ressursen.", + "shareSeeOnce": "Du får bare se denne lenken én gang. Pass på å kopiere den.", + "shareAccessHint": "Alle med denne lenken kan få tilgang til ressursen. Del forsiktig.", + "shareTokenUsage": "Se tilgangstokenbruk", + "createLink": "Opprett lenke", + "resourcesNotFound": "Ingen ressurser funnet", + "resourceSearch": "Søk i ressurser", + "openMenu": "Åpne meny", + "resource": "Ressurs", + "title": "Tittel", + "created": "Opprettet", + "expires": "Utløper", + "never": "Aldri", + "shareErrorSelectResource": "Vennligst velg en ressurs", + "resourceTitle": "Administrer Ressurser", + "resourceDescription": "Opprett sikre proxyer til dine private applikasjoner", + "resourcesSearch": "Søk i ressurser...", + "resourceAdd": "Legg til ressurs", + "resourceErrorDelte": "Feil ved sletting av ressurs", + "authentication": "Autentisering", + "protected": "Beskyttet", + "notProtected": "Ikke beskyttet", + "resourceMessageRemove": "Når den er fjernet, vil ressursen ikke lenger være tilgjengelig. Alle mål knyttet til ressursen vil også bli fjernet.", + "resourceMessageConfirm": "For å bekrefte, skriv inn navnet på ressursen nedenfor.", + "resourceQuestionRemove": "Er du sikker på at du vil fjerne ressursen {selectedResource} fra organisasjonen?", + "resourceHTTP": "HTTPS-ressurs", + "resourceHTTPDescription": "Proxy-forespørsler til appen din over HTTPS ved bruk av et underdomene eller grunndomene.", + "resourceRaw": "Rå TCP/UDP-ressurs", + "resourceRawDescription": "Proxyer forespørsler til appen din over TCP/UDP ved å bruke et portnummer.", + "resourceCreate": "Opprett ressurs", + "resourceCreateDescription": "Følg trinnene nedenfor for å opprette en ny ressurs", + "resourceSeeAll": "Se alle ressurser", + "resourceInfo": "Ressursinformasjon", + "resourceNameDescription": "Dette er visningsnavnet for ressursen.", + "siteSelect": "Velg område", + "siteSearch": "Søk i område", + "siteNotFound": "Ingen område funnet.", + "siteSelectionDescription": "Dette området vil gi tilkobling til mål.", + "resourceType": "Ressurstype", + "resourceTypeDescription": "Bestem hvordan du vil få tilgang til ressursen din", + "resourceHTTPSSettings": "HTTPS-innstillinger", + "resourceHTTPSSettingsDescription": "Konfigurer tilgang til ressursen din over HTTPS", + "domainType": "Domenetype", + "subdomain": "Underdomene", + "baseDomain": "Grunndomene", + "subdomnainDescription": "Underdomenet der ressursen din vil være tilgjengelig.", + "resourceRawSettings": "TCP/UDP-innstillinger", + "resourceRawSettingsDescription": "Konfigurer tilgang til ressursen din over TCP/UDP", + "protocol": "Protokoll", + "protocolSelect": "Velg en protokoll", + "resourcePortNumber": "Portnummer", + "resourcePortNumberDescription": "Det eksterne portnummeret for proxy forespørsler.", + "cancel": "Avbryt", + "resourceConfig": "Konfigurasjonsutdrag", + "resourceConfigDescription": "Kopier og lim inn disse konfigurasjonsutdragene for å sette opp din TCP/UDP-ressurs", + "resourceAddEntrypoints": "Traefik: Legg til inngangspunkter", + "resourceExposePorts": "Gerbil: Eksponer Porter i Docker Compose", + "resourceLearnRaw": "Lær hvordan å konfigurere TCP/UDP-ressurser", + "resourceBack": "Tilbake til ressurser", + "resourceGoTo": "Gå til ressurs", + "resourceDelete": "Slett ressurs", + "resourceDeleteConfirm": "Bekreft sletting av ressurs", + "visibility": "Synlighet", + "enabled": "Aktivert", + "disabled": "Deaktivert", + "general": "Generelt", + "generalSettings": "Generelle innstillinger", + "proxy": "Proxy", + "internal": "Intern", + "rules": "Regler", + "resourceSettingDescription": "Konfigurer innstillingene på ressursen din", + "resourceSetting": "{resourceName} Innstillinger", + "alwaysAllow": "Alltid tillat", + "alwaysDeny": "Alltid avslå", + "passToAuth": "Pass til Autentisering", + "orgSettingsDescription": "Konfigurer organisasjonens generelle innstillinger", + "orgGeneralSettings": "Organisasjonsinnstillinger", + "orgGeneralSettingsDescription": "Administrer dine organisasjonsdetaljer og konfigurasjon", + "saveGeneralSettings": "Lagre generelle innstillinger", + "saveSettings": "Lagre innstillinger", + "orgDangerZone": "Faresone", + "orgDangerZoneDescription": "Når du sletter denne organisasjonen er det ingen vei tilbake. Vennligst vær sikker.", + "orgDelete": "Slett organisasjon", + "orgDeleteConfirm": "Bekreft Sletting av Organisasjon", + "orgMessageRemove": "Denne handlingen er irreversibel og vil slette alle tilknyttede data.", + "orgMessageConfirm": "For å bekrefte, vennligst skriv inn navnet på organisasjonen nedenfor.", + "orgQuestionRemove": "Er du sikker på at du vil fjerne organisasjonen {selectedOrg}?", + "orgUpdated": "Organisasjon oppdatert", + "orgUpdatedDescription": "Organisasjonen har blitt oppdatert.", + "orgErrorUpdate": "Kunne ikke oppdatere organisasjonen", + "orgErrorUpdateMessage": "En feil oppsto under oppdatering av organisasjonen.", + "orgErrorFetch": "Klarte ikke å hente organisasjoner", + "orgErrorFetchMessage": "Det oppstod en feil under opplisting av organisasjonene dine", + "orgErrorDelete": "Klarte ikke å slette organisasjon", + "orgErrorDeleteMessage": "Det oppsto en feil under sletting av organisasjonen.", + "orgDeleted": "Organisasjon slettet", + "orgDeletedMessage": "Organisasjonen og tilhørende data er slettet.", + "orgMissing": "Organisasjons-ID Mangler", + "orgMissingMessage": "Kan ikke regenerere invitasjon uten en organisasjons-ID.", + "accessUsersManage": "Administrer brukere", + "accessUsersDescription": "Inviter brukere og gi dem roller for å administrere tilgang til organisasjonen din", + "accessUsersSearch": "Søk etter brukere...", + "accessUserCreate": "Opprett bruker", + "accessUserRemove": "Fjern bruker", + "username": "Brukernavn", + "identityProvider": "Identitetsleverandør", + "role": "Rolle", + "nameRequired": "Navn er påkrevd", + "accessRolesManage": "Administrer Roller", + "accessRolesDescription": "Konfigurer roller for å administrere tilgang til organisasjonen din", + "accessRolesSearch": "Søk etter roller...", + "accessRolesAdd": "Legg til rolle", + "accessRoleDelete": "Slett rolle", + "description": "Beskrivelse", + "inviteTitle": "Åpne invitasjoner", + "inviteDescription": "Administrer invitasjonene dine til andre brukere", + "inviteSearch": "Søk i invitasjoner...", + "minutes": "Minutter", + "hours": "Timer", + "days": "Dager", + "weeks": "Uker", + "months": "Måneder", + "years": "År", + "day": "{count, plural, one {en dag} other {# dager}}", + "apiKeysTitle": "API-nøkkel informasjon", + "apiKeysConfirmCopy2": "Du må bekrefte at du har kopiert API-nøkkelen.", + "apiKeysErrorCreate": "Feil ved oppretting av API-nøkkel", + "apiKeysErrorSetPermission": "Feil ved innstilling av tillatelser", + "apiKeysCreate": "Generer API-nøkkel", + "apiKeysCreateDescription": "Generer en ny API-nøkkel for din organisasjon", + "apiKeysGeneralSettings": "Tillatelser", + "apiKeysGeneralSettingsDescription": "Finn ut hva denne API-nøkkelen kan gjøre", + "apiKeysList": "Din API-nøkkel", + "apiKeysSave": "Lagre API-nøkkelen din", + "apiKeysSaveDescription": "Du vil bare kunne se dette én gang. Sørg for å kopiere det til et sikkert sted.", + "apiKeysInfo": "Din API-nøkkel er:", + "apiKeysConfirmCopy": "Jeg har kopiert API-nøkkelen", + "generate": "Generer", + "done": "Ferdig", + "apiKeysSeeAll": "Se alle API-nøkler", + "apiKeysPermissionsErrorLoadingActions": "Feil ved innlasting av API-nøkkel handlinger", + "apiKeysPermissionsErrorUpdate": "Feil ved innstilling av tillatelser", + "apiKeysPermissionsUpdated": "Tillatelser oppdatert", + "apiKeysPermissionsUpdatedDescription": "Tillatelsene har blitt oppdatert.", + "apiKeysPermissionsGeneralSettings": "Tillatelser", + "apiKeysPermissionsGeneralSettingsDescription": "Bestem hva denne API-nøkkelen kan gjøre", + "apiKeysPermissionsSave": "Lagre tillatelser", + "apiKeysPermissionsTitle": "Tillatelser", + "apiKeys": "API-nøkler", + "searchApiKeys": "Søk API-nøkler", + "apiKeysAdd": "Generer API-nøkkel", + "apiKeysErrorDelete": "Feil under sletting av API-nøkkel", + "apiKeysErrorDeleteMessage": "Feil ved sletting av API-nøkkel", + "apiKeysQuestionRemove": "Er du sikker på at du vil fjerne API-nøkkelen {selectedApiKey} fra organisasjonen?", + "apiKeysMessageRemove": "Når den er fjernet, vil API-nøkkelen ikke lenger kunne brukes.", + "apiKeysMessageConfirm": "For å bekrefte, vennligst skriv inn navnet på API-nøkkelen nedenfor.", + "apiKeysDeleteConfirm": "Bekreft sletting av API-nøkkel", + "apiKeysDelete": "Slett API-nøkkel", + "apiKeysManage": "Administrer API-nøkler", + "apiKeysDescription": "API-nøkler brukes for å autentisere med integrasjons-API", + "apiKeysSettings": "{apiKeyName} Innstillinger", + "userTitle": "Administrer alle brukere", + "userDescription": "Vis og administrer alle brukere i systemet", + "userAbount": "Om brukeradministrasjon", + "userAbountDescription": "Denne tabellen viser alle rotbrukerobjekter i systemet. Hver bruker kan tilhøre flere organisasjoner. Å fjerne en bruker fra en organisasjon sletter ikke deres rotbrukerobjekt – de vil forbli i systemet. For å fullstendig fjerne en bruker fra systemet, må du slette deres rotbrukerobjekt ved å bruke slett-handlingen i denne tabellen.", + "userServer": "Serverbrukere", + "userSearch": "Søk serverbrukere...", + "userErrorDelete": "Feil ved sletting av bruker", + "userDeleteConfirm": "Bekreft sletting av bruker", + "userDeleteServer": "Slett bruker fra server", + "userMessageRemove": "Brukeren vil bli fjernet fra alle organisasjoner og vil bli fullstendig fjernet fra serveren.", + "userMessageConfirm": "For å bekrefte, vennligst skriv inn navnet på brukeren nedenfor.", + "userQuestionRemove": "Er du sikker på at du vil slette {selectedUser} permanent fra serveren?", + "licenseKey": "Lisensnøkkel", + "valid": "Gyldig", + "numberOfSites": "Antall områder", + "licenseKeySearch": "Søk lisensnøkler...", + "licenseKeyAdd": "Legg til lisensnøkkel", + "type": "Type", + "licenseKeyRequired": "Lisensnøkkel er påkrevd", + "licenseTermsAgree": "Du må godta lisensvilkårene", + "licenseErrorKeyLoad": "Feil ved lasting av lisensnøkler", + "licenseErrorKeyLoadDescription": "Det oppstod en feil ved lasting av lisensnøkler.", + "licenseErrorKeyDelete": "Kunne ikke slette lisensnøkkel", + "licenseErrorKeyDeleteDescription": "Det oppstod en feil ved sletting av lisensnøkkel.", + "licenseKeyDeleted": "Lisensnøkkel slettet", + "licenseKeyDeletedDescription": "Lisensnøkkelen har blitt slettet.", + "licenseErrorKeyActivate": "Aktivering av lisensnøkkel feilet", + "licenseErrorKeyActivateDescription": "Det oppstod en feil under aktivering av lisensnøkkelen.", + "licenseAbout": "Om Lisensiering", + "communityEdition": "Fellesskapsutgave", + "licenseAboutDescription": "Dette er for bedrifts- og foretaksbrukere som bruker Pangolin i et kommersielt miljø. Hvis du bruker Pangolin til personlig bruk, kan du ignorere denne seksjonen.", + "licenseKeyActivated": "Lisensnøkkel aktivert", + "licenseKeyActivatedDescription": "Lisensnøkkelen har blitt vellykket aktivert.", + "licenseErrorKeyRecheck": "En feil oppsto under verifisering av lisensnøkler", + "licenseErrorKeyRecheckDescription": "Det oppstod en feil under verifisering av lisensnøkler.", + "licenseErrorKeyRechecked": "Lisensnøkler verifisert", + "licenseErrorKeyRecheckedDescription": "Alle lisensnøkler er verifisert", + "licenseActivateKey": "Aktiver lisensnøkkel", + "licenseActivateKeyDescription": "Skriv inn en lisensnøkkel for å aktivere den.", + "licenseActivate": "Aktiver lisens", + "licenseAgreement": "Ved å krysse av denne boksen bekrefter du at du har lest og godtar lisensvilkårene som tilsvarer nivået tilknyttet lisensnøkkelen din.", + "fossorialLicense": "Vis Fossorial kommersiell lisens og abonnementsvilkår", + "licenseMessageRemove": "Dette vil fjerne lisensnøkkelen og alle tilknyttede tillatelser gitt av den.", + "licenseMessageConfirm": "For å bekrefte, vennligst skriv inn lisensnøkkelen nedenfor.", + "licenseQuestionRemove": "Er du sikker på at du vil slette lisensnøkkelen {selectedKey} ?", + "licenseKeyDelete": "Slett Lisensnøkkel", + "licenseKeyDeleteConfirm": "Bekreft sletting av lisensnøkkel", + "licenseTitle": "Behandle lisensstatus", + "licenseTitleDescription": "Se og administrer lisensnøkler i systemet", + "licenseHost": "Vertslisens", + "licenseHostDescription": "Behandle hovedlisensnøkkelen for verten.", + "licensedNot": "Ikke lisensiert", + "hostId": "Verts-ID", + "licenseReckeckAll": "Verifiser alle nøkler", + "licenseSiteUsage": "Område Bruk", + "licenseSiteUsageDecsription": "Vis antall områder som bruker denne lisensen.", + "licenseNoSiteLimit": "Det er ingen grense på antall områder som bruker en ulisensiert vert.", + "licensePurchase": "Kjøp lisens", + "licensePurchaseSites": "Kjøp flere områder", + "licenseSitesUsedMax": "{usedSites} av {maxSites} områder brukt", + "licenseSitesUsed": "{count, plural, =0 {ingen områder} one {ett område} other {# områder}} i systemet.", + "licensePurchaseDescription": "Velg hvor mange områder du vil {selectedMode, select, license {kjøpe en lisens for. Du kan alltid legge til flere områder senere.} other {legge til din eksisterende lisens.}}", + "licenseFee": "Lisensavgift", + "licensePriceSite": "Pris per område", + "total": "Totalt", + "licenseContinuePayment": "Fortsett til betaling", + "pricingPage": "Pris oversikt", + "pricingPortal": "Se Kjøpsportal", + "licensePricingPage": "For de mest oppdaterte prisene og rabattene, vennligst besøk", + "invite": "Invitasjoner", + "inviteRegenerate": "Regenerer invitasjonen", + "inviteRegenerateDescription": "Tilbakekall tidligere invitasjon og opprette en ny", + "inviteRemove": "Fjern invitasjon", + "inviteRemoveError": "Mislyktes å fjerne invitasjon", + "inviteRemoveErrorDescription": "Det oppstod en feil under fjerning av invitasjonen.", + "inviteRemoved": "Invitasjon fjernet", + "inviteRemovedDescription": "Invitasjonen for {email} er fjernet.", + "inviteQuestionRemove": "Er du sikker på at du vil fjerne invitasjonen {email}?", + "inviteMessageRemove": "Når fjernet, vil denne invitasjonen ikke lenger være gyldig. Du kan alltid invitere brukeren på nytt senere.", + "inviteMessageConfirm": "For å bekrefte, vennligst tast inn invitasjonens e-postadresse nedenfor.", + "inviteQuestionRegenerate": "Er du sikker på at du vil generere invitasjonen på nytt for {email}? Dette vil ugyldiggjøre den forrige invitasjonen.", + "inviteRemoveConfirm": "Bekreft fjerning av invitasjon", + "inviteRegenerated": "Invitasjon fornyet", + "inviteSent": "En ny invitasjon er sendt til {email}.", + "inviteSentEmail": "Send e-postvarsel til brukeren", + "inviteGenerate": "En ny invitasjon er generert for {email}.", + "inviteDuplicateError": "Dupliser invitasjon", + "inviteDuplicateErrorDescription": "En invitasjon for denne brukeren eksisterer allerede.", + "inviteRateLimitError": "Forespørselsgrense overskredet", + "inviteRateLimitErrorDescription": "Du har overskredet grensen på 3 regenerasjoner per time. Prøv igjen senere.", + "inviteRegenerateError": "Kunne ikke regenerere invitasjon", + "inviteRegenerateErrorDescription": "Det oppsto en feil under regenerering av invitasjonen.", + "inviteValidityPeriod": "Gyldighetsperiode", + "inviteValidityPeriodSelect": "Velg gyldighetsperiode", + "inviteRegenerateMessage": "Invitasjonen er generert på nytt. Brukeren må gå til lenken nedenfor for å akseptere invitasjonen.", + "inviteRegenerateButton": "Regenerer", + "expiresAt": "Utløpstidspunkt", + "accessRoleUnknown": "Ukjent rolle", + "placeholder": "Plassholder", + "userErrorOrgRemove": "En feil oppsto under fjerning av bruker", + "userErrorOrgRemoveDescription": "Det oppstod en feil under fjerning av brukeren.", + "userOrgRemoved": "Bruker fjernet", + "userOrgRemovedDescription": "Brukeren {email} er fjernet fra organisasjonen.", + "userQuestionOrgRemove": "Er du sikker på at du vil fjerne {email} fra organisasjonen?", + "userMessageOrgRemove": "Når denne brukeren er fjernet, vil de ikke lenger ha tilgang til organisasjonen. Du kan alltid invitere dem på nytt senere, men de vil måtte godta invitasjonen på nytt.", + "userMessageOrgConfirm": "For å bekrefte, vennligst skriv inn navnet på brukeren nedenfor.", + "userRemoveOrgConfirm": "Bekreft fjerning av bruker", + "userRemoveOrg": "Fjern bruker fra organisasjon", + "users": "Brukere", + "accessRoleMember": "Medlem", + "accessRoleOwner": "Eier", + "userConfirmed": "Bekreftet", + "idpNameInternal": "Intern", + "emailInvalid": "Ugyldig e-postadresse", + "inviteValidityDuration": "Vennligst velg en varighet", + "accessRoleSelectPlease": "Vennligst velg en rolle", + "usernameRequired": "Brukernavn er påkrevd", + "idpSelectPlease": "Vennligst velg en identitetsleverandør", + "idpGenericOidc": "Generisk OAuth2/OIDC-leverandør.", + "accessRoleErrorFetch": "En feil oppsto under henting av roller", + "accessRoleErrorFetchDescription": "En feil oppsto under henting av rollene", + "idpErrorFetch": "En feil oppsto under henting av identitetsleverandører", + "idpErrorFetchDescription": "En feil oppsto ved henting av identitetsleverandører", + "userErrorExists": "Bruker eksisterer allerede", + "userErrorExistsDescription": "Denne brukeren er allerede medlem av organisasjonen.", + "inviteError": "Kunne ikke invitere bruker", + "inviteErrorDescription": "En feil oppsto under invitering av brukeren", + "userInvited": "Bruker invitert", + "userInvitedDescription": "Brukeren er vellykket invitert.", + "userErrorCreate": "Kunne ikke opprette bruker", + "userErrorCreateDescription": "Det oppsto en feil under oppretting av brukeren", + "userCreated": "Bruker opprettet", + "userCreatedDescription": "Brukeren har blitt vellykket opprettet.", + "userTypeInternal": "Intern bruker", + "userTypeInternalDescription": "Inviter en bruker til å bli med i organisasjonen din direkte.", + "userTypeExternal": "Ekstern bruker", + "userTypeExternalDescription": "Opprett en bruker med en ekstern identitetsleverandør.", + "accessUserCreateDescription": "Følg stegene under for å opprette en ny bruker", + "userSeeAll": "Se alle brukere", + "userTypeTitle": "Brukertype", + "userTypeDescription": "Bestem hvordan du vil opprette brukeren", + "userSettings": "Brukerinformasjon", + "userSettingsDescription": "Skriv inn detaljene for den nye brukeren", + "inviteEmailSent": "Send invitasjonsepost til bruker", + "inviteValid": "Gyldig for", + "selectDuration": "Velg varighet", + "accessRoleSelect": "Velg rolle", + "inviteEmailSentDescription": "En e-post er sendt til brukeren med tilgangslenken nedenfor. De må åpne lenken for å akseptere invitasjonen.", + "inviteSentDescription": "Brukeren har blitt invitert. De må åpne lenken nedenfor for å godta invitasjonen.", + "inviteExpiresIn": "Invitasjonen utløper om {days, plural, one {en dag} other {# dager}}.", + "idpTitle": "Identitetsleverandør", + "idpSelect": "Velg identitetsleverandøren for den eksterne brukeren", + "idpNotConfigured": "Ingen identitetsleverandører er konfigurert. Vennligst konfigurer en identitetsleverandør før du oppretter eksterne brukere.", + "usernameUniq": "Dette må matche det unike brukernavnet som finnes i den valgte identitetsleverandøren.", + "emailOptional": "E-post (Valgfritt)", + "nameOptional": "Navn (valgfritt)", + "accessControls": "Tilgangskontroller", + "userDescription2": "Administrer innstillingene for denne brukeren", + "accessRoleErrorAdd": "Kunne ikke legge til bruker i rolle", + "accessRoleErrorAddDescription": "Det oppstod en feil under tilordning av brukeren til rollen.", + "userSaved": "Bruker lagret", + "userSavedDescription": "Brukeren har blitt oppdatert.", + "accessControlsDescription": "Administrer hva denne brukeren kan få tilgang til og gjøre i organisasjonen", + "accessControlsSubmit": "Lagre tilgangskontroller", + "roles": "Roller", + "accessUsersRoles": "Administrer brukere og roller", + "accessUsersRolesDescription": "Inviter brukere og legg dem til roller for å administrere tilgang til organisasjonen din.", + "key": "Nøkkel", + "createdAt": "Opprettet", + "proxyErrorInvalidHeader": "Ugyldig verdi for egendefinert vertsoverskrift. Bruk domenenavnformat, eller lagre tomt for å fjerne den egendefinerte vertsoverskriften.", + "proxyErrorTls": "Ugyldig TLS-servernavn. Bruk domenenavnformat, eller la stå tomt for å fjerne TLS-servernavnet.", + "proxyEnableSSL": "Aktiver SSL (https)", + "targetErrorFetch": "Kunne ikke hente mål", + "targetErrorFetchDescription": "Det oppsto en feil under henting av mål", + "siteErrorFetch": "Klarte ikke å hente ressurs", + "siteErrorFetchDescription": "Det oppstod en feil under henting av ressurs", + "targetErrorDuplicate": "Dupliser mål", + "targetErrorDuplicateDescription": "Et mål med disse innstillingene finnes allerede", + "targetWireGuardErrorInvalidIp": "Ugyldig mål-IP", + "targetWireGuardErrorInvalidIpDescription": "Mål-IP må være i områdets undernett.", + "targetsUpdated": "Mål oppdatert", + "targetsUpdatedDescription": "Mål og innstillinger oppdatert vellykket", + "targetsErrorUpdate": "Feilet å oppdatere mål", + "targetsErrorUpdateDescription": "En feil oppsto under oppdatering av mål", + "targetTlsUpdate": "TLS-innstillinger oppdatert", + "targetTlsUpdateDescription": "Dine TLS-innstillinger er oppdatert", + "targetErrorTlsUpdate": "Feilet under oppdatering av TLS-innstillinger", + "targetErrorTlsUpdateDescription": "Det oppstod en feil under oppdatering av TLS-innstillinger", + "proxyUpdated": "Proxy-innstillinger oppdatert", + "proxyUpdatedDescription": "Proxy-innstillingene dine er oppdatert", + "proxyErrorUpdate": "En feil oppsto under oppdatering av proxyinnstillinger", + "proxyErrorUpdateDescription": "En feil oppsto under oppdatering av proxyinnstillinger", + "targetAddr": "IP / vertsnavn", + "targetPort": "Port", + "targetProtocol": "Protokoll", + "targetTlsSettings": "Sikker tilkoblings-konfigurasjon", + "targetTlsSettingsDescription": "Konfigurer SSL/TLS-innstillinger for ressursen din", + "targetTlsSettingsAdvanced": "Avanserte TLS-innstillinger", + "targetTlsSni": "TLS Servernavn (SNI)", + "targetTlsSniDescription": "TLS-servernavnet som skal brukes for SNI. La stå tomt for å bruke standardverdien.", + "targetTlsSubmit": "Lagre innstillinger", + "targets": "Målkonfigurasjon", + "targetsDescription": "Sett opp mål for å rute trafikk til dine backend-tjenester", + "targetStickySessions": "Aktiver klebrige sesjoner", + "targetStickySessionsDescription": "Behold tilkoblinger på samme bakend-mål gjennom hele sesjonen.", + "methodSelect": "Velg metode", + "targetSubmit": "Legg til mål", + "targetNoOne": "Ingen mål. Legg til et mål ved hjelp av skjemaet.", + "targetNoOneDescription": "Å legge til mer enn ett mål ovenfor vil aktivere lastbalansering.", + "targetsSubmit": "Lagre mål", + "proxyAdditional": "Ytterligere Proxy-innstillinger", + "proxyAdditionalDescription": "Konfigurer hvordan ressursen din håndterer proxy-innstillinger", + "proxyCustomHeader": "Tilpasset verts-header", + "proxyCustomHeaderDescription": "Verts-header som skal settes ved videresending av forespørsler. La stå tom for å bruke standardinnstillingen.", + "proxyAdditionalSubmit": "Lagre proxy-innstillinger", + "subnetMaskErrorInvalid": "Ugyldig subnettmaske. Må være mellom 0 og 32.", + "ipAddressErrorInvalidFormat": "Ugyldig IP-adresseformat", + "ipAddressErrorInvalidOctet": "Ugyldig IP-adresse-oktet", + "path": "Sti", + "ipAddressRange": "IP-område", + "rulesErrorFetch": "Klarte ikke å hente regler", + "rulesErrorFetchDescription": "Det oppsto en feil under henting av regler", + "rulesErrorDuplicate": "Duplisert regel", + "rulesErrorDuplicateDescription": "En regel med disse innstillingene finnes allerede", + "rulesErrorInvalidIpAddressRange": "Ugyldig CIDR", + "rulesErrorInvalidIpAddressRangeDescription": "Vennligst skriv inn en gyldig CIDR-verdi", + "rulesErrorInvalidUrl": "Ugyldig URL-sti", + "rulesErrorInvalidUrlDescription": "Skriv inn en gyldig verdi for URL-sti", + "rulesErrorInvalidIpAddress": "Ugyldig IP", + "rulesErrorInvalidIpAddressDescription": "Skriv inn en gyldig IP-adresse", + "rulesErrorUpdate": "Kunne ikke oppdatere regler", + "rulesErrorUpdateDescription": "Det oppsto en feil under oppdatering av regler", + "rulesUpdated": "Aktiver Regler", + "rulesUpdatedDescription": "Regelevalueringen har blitt oppdatert", + "rulesMatchIpAddressRangeDescription": "Angi en adresse i CIDR-format (f.eks., 103.21.244.0/22)", + "rulesMatchIpAddress": "Angi en IP-adresse (f.eks. 103.21.244.12)", + "rulesMatchUrl": "Skriv inn en URL-sti eller et mønster (f.eks. /api/v1/todos eller /api/v1/*)", + "rulesErrorInvalidPriority": "Ugyldig prioritet", + "rulesErrorInvalidPriorityDescription": "Vennligst skriv inn en gyldig prioritet", + "rulesErrorDuplicatePriority": "Dupliserte prioriteringer", + "rulesErrorDuplicatePriorityDescription": "Vennligst angi unike prioriteringer", + "ruleUpdated": "Regler oppdatert", + "ruleUpdatedDescription": "Reglene er oppdatert", + "ruleErrorUpdate": "Operasjon mislyktes", + "ruleErrorUpdateDescription": "En feil oppsto under lagringsoperasjonen", + "rulesPriority": "Prioritet", + "rulesAction": "Handling", + "rulesMatchType": "Trefftype", + "value": "Verdi", + "rulesAbout": "Om regler", + "rulesAboutDescription": "Regler lar deg kontrollere tilgang til din ressurs basert på et sett med kriterier. Du kan opprette regler for å tillate eller nekte tilgang basert på IP-adresse eller URL-sti.", + "rulesActions": "Handlinger", + "rulesActionAlwaysAllow": "Alltid Tillat: Omgå alle autentiserings metoder", + "rulesActionAlwaysDeny": "Alltid Nekt: Blokker alle forespørsler; ingen autentisering kan forsøkes", + "rulesActionPassToAuth": "Pass til Autentisering: Tillat at autentiseringsmetoder forsøkes", + "rulesMatchCriteria": "Samsvarende kriterier", + "rulesMatchCriteriaIpAddress": "Samsvar med en spesifikk IP-adresse", + "rulesMatchCriteriaIpAddressRange": "Samsvar et IP-adresseområde i CIDR-notasjon", + "rulesMatchCriteriaUrl": "Match en URL-sti eller et mønster", + "rulesEnable": "Aktiver regler", + "rulesEnableDescription": "Aktiver eller deaktiver regelvurdering for denne ressursen", + "rulesResource": "Konfigurasjon av ressursregler", + "rulesResourceDescription": "Konfigurere regler for tilgangskontroll til ressursen din", + "ruleSubmit": "Legg til regel", + "rulesNoOne": "Ingen regler. Legg til en regel ved å bruke skjemaet.", + "rulesOrder": "Regler evalueres etter prioritet i stigende rekkefølge.", + "rulesSubmit": "Lagre regler", + "resourceErrorCreate": "Feil under oppretting av ressurs", + "resourceErrorCreateDescription": "Det oppstod en feil under oppretting av ressursen", + "resourceErrorCreateMessage": "Feil ved oppretting av ressurs:", + "resourceErrorCreateMessageDescription": "En uventet feil oppstod", + "sitesErrorFetch": "Feil ved henting av områder", + "sitesErrorFetchDescription": "En feil oppstod ved henting av områdene", + "domainsErrorFetch": "Kunne ikke hente domener", + "domainsErrorFetchDescription": "Det oppsto en feil under henting av domenene", + "none": "Ingen", + "unknown": "Ukjent", + "resources": "Ressurser", + "resourcesDescription": "Ressurser er proxyer for applikasjoner som kjører på ditt private nettverk. Opprett en ressurs for enhver HTTP/HTTPS- eller rå TCP/UDP-tjeneste på ditt private nettverk. Hver ressurs må kobles til et område for å muliggjøre privat, sikker tilkobling gjennom en kryptert WireGuard-tunnel.", + "resourcesWireGuardConnect": "Sikker tilkobling med WireGuard-kryptering", + "resourcesMultipleAuthenticationMethods": "Konfigurer flere autentiseringsmetoder", + "resourcesUsersRolesAccess": "Bruker- og rollebasert tilgangskontroll", + "resourcesErrorUpdate": "Feilet å slå av/på ressurs", + "resourcesErrorUpdateDescription": "En feil oppstod under oppdatering av ressursen", + "access": "Tilgang", + "shareLink": "{resource} Del Lenke", + "resourceSelect": "Velg ressurs", + "shareLinks": "Del lenker", + "share": "Delbare lenker", + "shareDescription2": "Opprett delbare lenker til ressursene dine. Lenker gir midlertidig eller ubegrenset tilgang til ressursen din. Du kan konfigurere utløpsvarigheten for lenken når du oppretter den.", + "shareEasyCreate": "Enkelt å lage og dele", + "shareConfigurableExpirationDuration": "Konfigurerbar utløpsvarighet", + "shareSecureAndRevocable": "Sikker og tilbakekallbar", + "nameMin": "Navn må være minst {len} tegn.", + "nameMax": "Navn kan ikke være lengre enn {len} tegn.", + "sitesConfirmCopy": "Vennligst bekreft at du har kopiert konfigurasjonen.", + "unknownCommand": "Ukjent kommando", + "newtErrorFetchReleases": "Feilet å hente utgivelsesinfo: {err}", + "newtErrorFetchLatest": "Feil ved henting av siste utgivelse: {err}", + "newtEndpoint": "Newt endepunkt", + "newtId": "Newt-ID", + "newtSecretKey": "Newt hemmelig nøkkel", + "architecture": "Arkitektur", + "sites": "Områder", + "siteWgAnyClients": "Bruk en hvilken som helst WireGuard-klient for å koble til. Du må adressere dine interne ressurser ved å bruke peer-IP-en.", + "siteWgCompatibleAllClients": "Kompatibel med alle WireGuard-klienter", + "siteWgManualConfigurationRequired": "Manuell konfigurasjon påkrevd", + "userErrorNotAdminOrOwner": "Bruker er ikke administrator eller eier", + "pangolinSettings": "Innstillinger - Pangolin", + "accessRoleYour": "Din rolle:", + "accessRoleSelect2": "Velg en rolle", + "accessUserSelect": "Velg en bruker", + "otpEmailEnter": "Skriv inn én e-post", + "otpEmailEnterDescription": "Trykk enter for å legge til en e-post etter å ha tastet den inn i tekstfeltet.", + "otpEmailErrorInvalid": "Ugyldig e-postadresse. Jokertegnet (*) må være hele lokaldelen.", + "otpEmailSmtpRequired": "SMTP påkrevd", + "otpEmailSmtpRequiredDescription": "SMTP må være aktivert på serveren for å bruke engangspassord-autentisering.", + "otpEmailTitle": "Engangspassord", + "otpEmailTitleDescription": "Krev e-postbasert autentisering for ressurstilgang", + "otpEmailWhitelist": "E-post-hviteliste", + "otpEmailWhitelistList": "Hvitlistede e-poster", + "otpEmailWhitelistListDescription": "Kun brukere med disse e-postadressene vil ha tilgang til denne ressursen. De vil bli bedt om å skrive inn et engangspassord sendt til e-posten deres. Jokertegn (*@example.com) kan brukes for å tillate enhver e-postadresse fra et domene.", + "otpEmailWhitelistSave": "Lagre hvitliste", + "passwordAdd": "Legg til passord", + "passwordRemove": "Fjern passord", + "pincodeAdd": "Legg til PIN-kode", + "pincodeRemove": "Fjern PIN-kode", + "resourceAuthMethods": "Autentiseringsmetoder", + "resourceAuthMethodsDescriptions": "Tillat tilgang til ressursen via ytterligere autentiseringsmetoder", + "resourceAuthSettingsSave": "Lagret vellykket", + "resourceAuthSettingsSaveDescription": "Autentiseringsinnstillinger er lagret", + "resourceErrorAuthFetch": "Kunne ikke hente data", + "resourceErrorAuthFetchDescription": "Det oppstod en feil ved henting av data", + "resourceErrorPasswordRemove": "Feil ved fjerning av passord for ressurs", + "resourceErrorPasswordRemoveDescription": "Det oppstod en feil ved fjerning av ressurspassordet", + "resourceErrorPasswordSetup": "Feil ved innstilling av ressurspassord", + "resourceErrorPasswordSetupDescription": "Det oppstod en feil ved innstilling av ressurspassordet", + "resourceErrorPincodeRemove": "Feil ved fjerning av ressurs-PIN-koden", + "resourceErrorPincodeRemoveDescription": "Det oppstod en feil under fjerning av ressurs-pinkoden", + "resourceErrorPincodeSetup": "Feil ved innstilling av ressurs-PIN-kode", + "resourceErrorPincodeSetupDescription": "Det oppstod en feil under innstilling av ressursens PIN-kode", + "resourceErrorUsersRolesSave": "Klarte ikke å sette roller", + "resourceErrorUsersRolesSaveDescription": "En feil oppstod ved innstilling av rollene", + "resourceErrorWhitelistSave": "Feilet å lagre hvitliste", + "resourceErrorWhitelistSaveDescription": "Det oppstod en feil under lagring av hvitlisten", + "resourcePasswordSubmit": "Aktiver passordbeskyttelse", + "resourcePasswordProtection": "Passordbeskyttelse {status}", + "resourcePasswordRemove": "Ressurspassord fjernet", + "resourcePasswordRemoveDescription": "Fjerning av ressurspassordet var vellykket", + "resourcePasswordSetup": "Ressurspassord satt", + "resourcePasswordSetupDescription": "Ressurspassordet har blitt vellykket satt", + "resourcePasswordSetupTitle": "Angi passord", + "resourcePasswordSetupTitleDescription": "Sett et passord for å beskytte denne ressursen", + "resourcePincode": "PIN-kode", + "resourcePincodeSubmit": "Aktiver PIN-kodebeskyttelse", + "resourcePincodeProtection": "PIN-kodebeskyttelse {status}", + "resourcePincodeRemove": "Ressurs PIN-kode fjernet", + "resourcePincodeRemoveDescription": "Ressurspassordet ble fjernet", + "resourcePincodeSetup": "Ressurs PIN-kode satt", + "resourcePincodeSetupDescription": "Ressurs PIN-kode er satt vellykket", + "resourcePincodeSetupTitle": "Angi PIN-kode", + "resourcePincodeSetupTitleDescription": "Sett en pinkode for å beskytte denne ressursen", + "resourceRoleDescription": "Administratorer har alltid tilgang til denne ressursen.", + "resourceUsersRoles": "Brukere og Roller", + "resourceUsersRolesDescription": "Konfigurer hvilke brukere og roller som har tilgang til denne ressursen", + "resourceUsersRolesSubmit": "Lagre brukere og roller", + "resourceWhitelistSave": "Lagring vellykket", + "resourceWhitelistSaveDescription": "Hvitlisteinnstillinger er lagret", + "ssoUse": "Bruk plattform SSO", + "ssoUseDescription": "Eksisterende brukere trenger kun å logge på én gang for alle ressurser som har dette aktivert.", + "proxyErrorInvalidPort": "Ugyldig portnummer", + "subdomainErrorInvalid": "Ugyldig underdomene", + "domainErrorFetch": "Feil ved henting av domener", + "domainErrorFetchDescription": "Det oppstod en feil ved henting av domenene", + "resourceErrorUpdate": "Mislyktes å oppdatere ressurs", + "resourceErrorUpdateDescription": "Det oppstod en feil under oppdatering av ressursen", + "resourceUpdated": "Ressurs oppdatert", + "resourceUpdatedDescription": "Ressursen er oppdatert vellykket", + "resourceErrorTransfer": "Klarte ikke å overføre ressurs", + "resourceErrorTransferDescription": "En feil oppsto under overføring av ressursen", + "resourceTransferred": "Ressurs overført", + "resourceTransferredDescription": "Ressursen er overført vellykket.", + "resourceErrorToggle": "Feilet å veksle ressurs", + "resourceErrorToggleDescription": "Det oppstod en feil ved oppdatering av ressursen", + "resourceVisibilityTitle": "Synlighet", + "resourceVisibilityTitleDescription": "Fullstendig aktiver eller deaktiver ressursynlighet", + "resourceGeneral": "Generelle innstillinger", + "resourceGeneralDescription": "Konfigurer de generelle innstillingene for denne ressursen", + "resourceEnable": "Aktiver ressurs", + "resourceTransfer": "Overfør Ressurs", + "resourceTransferDescription": "Overfør denne ressursen til et annet område", + "resourceTransferSubmit": "Overfør ressurs", + "siteDestination": "Destinasjonsområde", + "searchSites": "Søk områder", + "accessRoleCreate": "Opprett rolle", + "accessRoleCreateDescription": "Opprett en ny rolle for å gruppere brukere og administrere deres tillatelser.", + "accessRoleCreateSubmit": "Opprett rolle", + "accessRoleCreated": "Rolle opprettet", + "accessRoleCreatedDescription": "Rollen er vellykket opprettet.", + "accessRoleErrorCreate": "Klarte ikke å opprette rolle", + "accessRoleErrorCreateDescription": "Det oppstod en feil under opprettelse av rollen.", + "accessRoleErrorNewRequired": "Ny rolle kreves", + "accessRoleErrorRemove": "Kunne ikke fjerne rolle", + "accessRoleErrorRemoveDescription": "Det oppstod en feil under fjerning av rollen.", + "accessRoleName": "Rollenavn", + "accessRoleQuestionRemove": "Du er i ferd med å slette rollen {name}. Du kan ikke angre denne handlingen.", + "accessRoleRemove": "Fjern Rolle", + "accessRoleRemoveDescription": "Fjern en rolle fra organisasjonen", + "accessRoleRemoveSubmit": "Fjern Rolle", + "accessRoleRemoved": "Rolle fjernet", + "accessRoleRemovedDescription": "Rollen er vellykket fjernet.", + "accessRoleRequiredRemove": "Før du sletter denne rollen, vennligst velg en ny rolle å overføre eksisterende medlemmer til.", + "manage": "Administrer", + "sitesNotFound": "Ingen områder funnet.", + "pangolinServerAdmin": "Server Admin - Pangolin", + "licenseTierProfessional": "Profesjonell lisens", + "licenseTierEnterprise": "Bedriftslisens", + "licenseTierCommercial": "Kommersiell lisens", + "licensed": "Lisensiert", + "yes": "Ja", + "no": "Nei", + "sitesAdditional": "Ytterligere områder", + "licenseKeys": "Lisensnøkler", + "sitestCountDecrease": "Reduser antall områder", + "sitestCountIncrease": "Øk antall områder", + "idpManage": "Administrer Identitetsleverandører", + "idpManageDescription": "Vis og administrer identitetsleverandører i systemet", + "idpDeletedDescription": "Identitetsleverandør slettet vellykket", + "idpOidc": "OAuth2/OIDC", + "idpQuestionRemove": "Er du sikker på at du vil slette identitetsleverandøren {name} permanent?", + "idpMessageRemove": "Dette vil fjerne identitetsleverandøren og alle tilhørende konfigurasjoner. Brukere som autentiserer seg via denne leverandøren vil ikke lenger kunne logge inn.", + "idpMessageConfirm": "For å bekrefte, vennligst skriv inn navnet på identitetsleverandøren nedenfor.", + "idpConfirmDelete": "Bekreft Sletting av Identitetsleverandør", + "idpDelete": "Slett identitetsleverandør", + "idp": "Identitetsleverandører", + "idpSearch": "Søk identitetsleverandører...", + "idpAdd": "Legg til Identitetsleverandør", + "idpClientIdRequired": "Klient-ID er påkrevd.", + "idpClientSecretRequired": "Klienthemmelighet er påkrevd.", + "idpErrorAuthUrlInvalid": "Autentiserings-URL må være en gyldig URL.", + "idpErrorTokenUrlInvalid": "Token-URL må være en gyldig URL.", + "idpPathRequired": "Identifikatorbane er påkrevd.", + "idpScopeRequired": "Omfang kreves.", + "idpOidcDescription": "Konfigurer en OpenID Connect identitetsleverandør", + "idpCreatedDescription": "Identitetsleverandør opprettet vellykket.", + "idpCreate": "Opprett identitetsleverandør", + "idpCreateDescription": "Konfigurer en ny identitetsleverandør for brukerautentisering", + "idpSeeAll": "Se alle identitetsleverandører", + "idpSettingsDescription": "Konfigurer grunnleggende informasjon for din identitetsleverandør", + "idpDisplayName": "Et visningsnavn for denne identitetsleverandøren", + "idpAutoProvisionUsers": "Automatisk brukerklargjøring", + "idpAutoProvisionUsersDescription": "Når aktivert, opprettes brukere automatisk i systemet ved første innlogging, med mulighet til å tilordne brukere til roller og organisasjoner.", + "licenseBadge": "Profesjonell", + "idpType": "Leverandørtype", + "idpTypeDescription": "Velg typen identitetsleverandør du ønsker å konfigurere", + "idpOidcConfigure": "OAuth2/OIDC-konfigurasjon", + "idpOidcConfigureDescription": "Konfigurer OAuth2/OIDC-leverandørens endepunkter og legitimasjon", + "idpClientId": "Klient-ID", + "idpClientIdDescription": "OAuth2-klient-ID-en fra identitetsleverandøren din", + "idpClientSecret": "Klienthemmelighet", + "idpClientSecretDescription": "OAuth2-klienthemmeligheten fra din identitetsleverandør", + "idpAuthUrl": "Autorisasjons-URL", + "idpAuthUrlDescription": "OAuth2 autorisasjonsendepunkt URL", + "idpTokenUrl": "Token-URL", + "idpTokenUrlDescription": "OAuth2-tokenendepunkt-URL", + "idpOidcConfigureAlert": "Viktig informasjon", + "idpOidcConfigureAlertDescription": "Etter at du har opprettet identitetsleverandøren, må du konfigurere callback-URL-en i identitetsleverandørens innstillinger. Callback-URL-en blir oppgitt etter vellykket opprettelse.", + "idpToken": "Token-konfigurasjon", + "idpTokenDescription": "Konfigurer hvordan brukerinformasjon trekkes ut fra ID-tokenet", + "idpJmespathAbout": "Om JMESPath", + "idpJmespathAboutDescription": "Stiene nedenfor bruker JMESPath-syntaks for å hente ut verdier fra ID-tokenet.", + "idpJmespathAboutDescriptionLink": "Lær mer om JMESPath", + "idpJmespathLabel": "Identifikatorsti", + "idpJmespathLabelDescription": "Stien til brukeridentifikatoren i ID-tokenet", + "idpJmespathEmailPathOptional": "E-poststi (Valgfritt)", + "idpJmespathEmailPathOptionalDescription": "Stien til brukerens e-postadresse i ID-tokenet", + "idpJmespathNamePathOptional": "Navn Sti (Valgfritt)", + "idpJmespathNamePathOptionalDescription": "Stien til brukerens navn i ID-tokenet", + "idpOidcConfigureScopes": "Omfang", + "idpOidcConfigureScopesDescription": "Mellomromseparert liste over OAuth2-omfang å be om", + "idpSubmit": "Opprett identitetsleverandør", + "orgPolicies": "Organisasjonsretningslinjer", + "idpSettings": "{idpName} Innstillinger", + "idpCreateSettingsDescription": "Konfigurer innstillingene for din identitetsleverandør", + "roleMapping": "Rolletilordning", + "orgMapping": "Organisasjon Kartlegging", + "orgPoliciesSearch": "Søk i organisasjonens retningslinjer...", + "orgPoliciesAdd": "Legg til organisasjonspolicy", + "orgRequired": "Organisasjon er påkrevd", + "error": "Feil", + "success": "Suksess", + "orgPolicyAddedDescription": "Policy vellykket lagt til", + "orgPolicyUpdatedDescription": "Policyen er vellykket oppdatert", + "orgPolicyDeletedDescription": "Policy slettet vellykket", + "defaultMappingsUpdatedDescription": "Standardtilordninger oppdatert vellykket", + "orgPoliciesAbout": "Om organisasjonens retningslinjer", + "orgPoliciesAboutDescription": "Organisasjonspolicyer brukes til å kontrollere tilgang til organisasjoner basert på brukerens ID-token. Du kan spesifisere JMESPath-uttrykk for å trekke ut rolle- og organisasjonsinformasjon fra ID-tokenet.", + "orgPoliciesAboutDescriptionLink": "Se dokumentasjon, for mer informasjon.", + "defaultMappingsOptional": "Standard Tilordninger (Valgfritt)", + "defaultMappingsOptionalDescription": "Standardtilordningene brukes når det ikke er definert en organisasjonspolicy for en organisasjon. Du kan spesifisere standard rolle- og organisasjonstilordninger som det kan falles tilbake på her.", + "defaultMappingsRole": "Standard rolletilordning", + "defaultMappingsRoleDescription": "Resultatet av dette uttrykket må returnere rollenavnet slik det er definert i organisasjonen som en streng.", + "defaultMappingsOrg": "Standard organisasjonstilordning", + "defaultMappingsOrgDescription": "Dette uttrykket må returnere organisasjons-ID-en eller «true» for å gi brukeren tilgang til organisasjonen.", + "defaultMappingsSubmit": "Lagre standard tilordninger", + "orgPoliciesEdit": "Rediger Organisasjonspolicy", + "org": "Organisasjon", + "orgSelect": "Velg organisasjon", + "orgSearch": "Søk organisasjon", + "orgNotFound": "Ingen organisasjon funnet.", + "roleMappingPathOptional": "Rollekartleggingssti (Valgfritt)", + "orgMappingPathOptional": "Organisasjonstilordningssti (Valgfritt)", + "orgPolicyUpdate": "Oppdater policy", + "orgPolicyAdd": "Legg til policy", + "orgPolicyConfig": "Konfigurer tilgang for en organisasjon", + "idpUpdatedDescription": "Identitetsleverandør vellykket oppdatert", + "redirectUrl": "Omdirigerings-URL", + "redirectUrlAbout": "Om omdirigerings-URL", + "redirectUrlAboutDescription": "Dette er URL-en som brukere vil bli omdirigert til etter autentisering. Du må konfigurere denne URL-en i innstillingene for identitetsleverandøren din.", + "pangolinAuth": "Autentisering - Pangolin", + "verificationCodeLengthRequirements": "Din verifiseringskode må være 8 tegn.", + "errorOccurred": "Det oppstod en feil", + "emailErrorVerify": "Kunne ikke verifisere e-post:", + "emailVerified": "E-posten er bekreftet! Omdirigerer deg...", + "verificationCodeErrorResend": "Kunne ikke sende bekreftelseskode på nytt:", + "verificationCodeResend": "Bekreftelseskode sendt på nytt", + "verificationCodeResendDescription": "Vi har sendt en ny bekreftelseskode til e-postadressen din. Vennligst sjekk innboksen din.", + "emailVerify": "Verifiser e-post", + "emailVerifyDescription": "Skriv inn bekreftelseskoden sendt til e-postadressen din.", + "verificationCode": "Verifiseringskode", + "verificationCodeEmailSent": "Vi har sendt en bekreftelseskode til e-postadressen din.", + "submit": "Send inn", + "emailVerifyResendProgress": "Sender på nytt...", + "emailVerifyResend": "Har du ikke mottatt en kode? Klikk her for å sende på nytt", + "passwordNotMatch": "Passordene stemmer ikke", + "signupError": "Det oppsto en feil ved registrering", + "pangolinLogoAlt": "Pangolin Logo", + "inviteAlready": "Ser ut til at du har blitt invitert!", + "inviteAlreadyDescription": "For å godta invitasjonen, må du logge inn eller opprette en konto.", + "signupQuestion": "Har du allerede en konto?", + "login": "Logg inn", + "resourceNotFound": "Ressurs ikke funnet", + "resourceNotFoundDescription": "Ressursen du prøver å få tilgang til eksisterer ikke.", + "pincodeRequirementsLength": "PIN må være nøyaktig 6 siffer", + "pincodeRequirementsChars": "PIN må kun inneholde tall", + "passwordRequirementsLength": "Passord må være minst 1 tegn langt", + "passwordRequirementsTitle": "Passordkrav:", + "passwordRequirementLength": "Minst 8 tegn lang", + "passwordRequirementUppercase": "Minst én stor bokstav", + "passwordRequirementLowercase": "Minst én liten bokstav", + "passwordRequirementNumber": "Minst ét tall", + "passwordRequirementSpecial": "Minst ett spesialtegn", + "passwordRequirementsMet": "✓ Passord oppfyller alle krav", + "passwordStrength": "Passordstyrke", + "passwordStrengthWeak": "Svakt", + "passwordStrengthMedium": "Medium", + "passwordStrengthStrong": "Sterkt", + "passwordRequirements": "Krav:", + "passwordRequirementLengthText": "8+ tegn", + "passwordRequirementUppercaseText": "Stor bokstav (A-Z)", + "passwordRequirementLowercaseText": "Liten bokstav (a-z)", + "passwordRequirementNumberText": "Tall (0-9)", + "passwordRequirementSpecialText": "Spesialtegn (!@#$%...)", + "passwordsDoNotMatch": "Passordene stemmer ikke", + "otpEmailRequirementsLength": "OTP må være minst 1 tegn lang.", + "otpEmailSent": "OTP sendt", + "otpEmailSentDescription": "En OTP er sendt til din e-post", + "otpEmailErrorAuthenticate": "Mislyktes å autentisere med e-post", + "pincodeErrorAuthenticate": "Kunne ikke autentisere med pinkode", + "passwordErrorAuthenticate": "Kunne ikke autentisere med passord", + "poweredBy": "Drevet av", + "authenticationRequired": "Autentisering påkrevd", + "authenticationMethodChoose": "Velg din foretrukne metode for å få tilgang til {name}", + "authenticationRequest": "Du må autentisere deg for å få tilgang til {name}", + "user": "Bruker", + "pincodeInput": "6-sifret PIN-kode", + "pincodeSubmit": "Logg inn med PIN", + "passwordSubmit": "Logg inn med passord", + "otpEmailDescription": "En engangskode vil bli sendt til denne e-posten.", + "otpEmailSend": "Send engangskode", + "otpEmail": "Engangspassord (OTP)", + "otpEmailSubmit": "Send inn OTP", + "backToEmail": "Tilbake til E-post", + "noSupportKey": "Serveren kjører uten en supporterlisens. Vurder å støtte prosjektet!", + "accessDenied": "Tilgang nektet", + "accessDeniedDescription": "Du har ikke tilgang til denne ressursen. Hvis dette er en feil, vennligst kontakt administratoren.", + "accessTokenError": "Feil ved sjekk av tilgangstoken", + "accessGranted": "Tilgang gitt", + "accessUrlInvalid": "Ugyldig tilgangs-URL", + "accessGrantedDescription": "Du har fått tilgang til denne ressursen. Omdirigerer deg...", + "accessUrlInvalidDescription": "Denne delings-URL-en er ugyldig. Vennligst kontakt ressurseieren for en ny URL.", + "tokenInvalid": "Ugyldig token", + "pincodeInvalid": "Ugyldig kode", + "passwordErrorRequestReset": "Forespørsel om tilbakestilling mislyktes", + "passwordErrorReset": "Klarte ikke å tilbakestille passord:", + "passwordResetSuccess": "Passordet er tilbakestilt! Går tilbake til innlogging...", + "passwordReset": "Tilbakestill passord", + "passwordResetDescription": "Følg stegene for å tilbakestille passordet ditt", + "passwordResetSent": "Vi sender en kode for tilbakestilling av passord til denne e-postadressen.", + "passwordResetCode": "Tilbakestillingskode", + "passwordResetCodeDescription": "Sjekk e-posten din for tilbakestillingskoden.", + "passwordNew": "Nytt passord", + "passwordNewConfirm": "Bekreft nytt passord", + "pincodeAuth": "Autentiseringskode", + "pincodeSubmit2": "Send inn kode", + "passwordResetSubmit": "Be om tilbakestilling", + "passwordBack": "Tilbake til passord", + "loginBack": "Gå tilbake til innlogging", + "signup": "Registrer deg", + "loginStart": "Logg inn for å komme i gang", + "idpOidcTokenValidating": "Validerer OIDC-token", + "idpOidcTokenResponse": "Valider OIDC-tokensvar", + "idpErrorOidcTokenValidating": "Feil ved validering av OIDC-token", + "idpConnectingTo": "Kobler til {name}", + "idpConnectingToDescription": "Validerer identiteten din", + "idpConnectingToProcess": "Kobler til...", + "idpConnectingToFinished": "Tilkoblet", + "idpErrorConnectingTo": "Det oppstod et problem med å koble til {name}. Vennligst kontakt din administrator.", + "idpErrorNotFound": "IdP ikke funnet", + "inviteInvalid": "Ugyldig invitasjon", + "inviteInvalidDescription": "Invitasjonslenken er ugyldig.", + "inviteErrorWrongUser": "Invitasjonen er ikke for denne brukeren", + "inviteErrorUserNotExists": "Brukeren eksisterer ikke. Vennligst opprett en konto først.", + "inviteErrorLoginRequired": "Du må være logget inn for å godta en invitasjon", + "inviteErrorExpired": "Invitasjonen kan ha utløpt", + "inviteErrorRevoked": "Invitasjonen kan ha blitt trukket tilbake", + "inviteErrorTypo": "Det kan være en skrivefeil i invitasjonslenken", + "pangolinSetup": "Oppsett - Pangolin", + "orgNameRequired": "Organisasjonsnavn er påkrevd", + "orgIdRequired": "Organisasjons-ID er påkrevd", + "orgErrorCreate": "En feil oppstod under oppretting av organisasjon", + "pageNotFound": "Siden ble ikke funnet", + "pageNotFoundDescription": "Oops! Siden du leter etter finnes ikke.", + "overview": "Oversikt", + "home": "Hjem", + "accessControl": "Tilgangskontroll", + "settings": "Innstillinger", + "usersAll": "Alle brukere", + "license": "Lisens", + "pangolinDashboard": "Dashbord - Pangolin", + "noResults": "Ingen resultater funnet.", + "terabytes": "{count} TB", + "gigabytes": "{count} GB", + "megabytes": "{count} MB", + "tagsEntered": "Inntastede tagger", + "tagsEnteredDescription": "Dette er taggene du har tastet inn.", + "tagsWarnCannotBeLessThanZero": "maxTags og minTags kan ikke være mindre enn 0", + "tagsWarnNotAllowedAutocompleteOptions": "Tagg ikke tillatt i henhold til autofullfør-alternativer", + "tagsWarnInvalid": "Ugyldig tagg i henhold til validateTag", + "tagWarnTooShort": "Tagg {tagText} er for kort", + "tagWarnTooLong": "Tagg {tagText} er for lang", + "tagsWarnReachedMaxNumber": "Maksimalt antall tillatte tagger er nådd", + "tagWarnDuplicate": "Duplisert tagg {tagText} ble ikke lagt til", + "supportKeyInvalid": "Ugyldig nøkkel", + "supportKeyInvalidDescription": "Din supporternøkkel er ugyldig.", + "supportKeyValid": "Gyldig nøkkel", + "supportKeyValidDescription": "Din supporternøkkel er validert. Takk for din støtte!", + "supportKeyErrorValidationDescription": "Klarte ikke å validere supporternøkkel.", + "supportKey": "Støtt utviklingen og adopter en Pangolin!", + "supportKeyDescription": "Kjøp en supporternøkkel for å hjelpe oss med å fortsette utviklingen av Pangolin for fellesskapet. Ditt bidrag lar oss bruke mer tid på å vedlikeholde og legge til nye funksjoner i applikasjonen for alle. Vi vil aldri bruke dette til å legge funksjoner bak en betalingsmur. Dette er atskilt fra enhver kommersiell utgave.", + "supportKeyPet": "Du vil også få adoptere og møte din helt egen kjæledyr-Pangolin!", + "supportKeyPurchase": "Betalinger behandles via GitHub. Etterpå kan du hente nøkkelen din på", + "supportKeyPurchaseLink": "vår nettside", + "supportKeyPurchase2": "og løse den inn her.", + "supportKeyLearnMore": "Lær mer.", + "supportKeyOptions": "Vennligst velg det alternativet som passer deg best.", + "supportKetOptionFull": "Full støttespiller", + "forWholeServer": "For hele serveren", + "lifetimePurchase": "Livstidskjøp", + "supporterStatus": "Supporterstatus", + "buy": "Kjøp", + "supportKeyOptionLimited": "Begrenset støttespiller", + "forFiveUsers": "For 5 eller færre brukere", + "supportKeyRedeem": "Løs inn supporternøkkel", + "supportKeyHideSevenDays": "Skjul i 7 dager", + "supportKeyEnter": "Skriv inn supporternøkkel", + "supportKeyEnterDescription": "Møt din helt egen kjæledyr-Pangolin!", + "githubUsername": "GitHub-brukernavn", + "supportKeyInput": "Supporternøkkel", + "supportKeyBuy": "Kjøp supporternøkkel", + "logoutError": "Feil ved utlogging", + "signingAs": "Logget inn som", + "serverAdmin": "Serveradministrator", + "managedSelfhosted": "Administrert selv-hostet", + "otpEnable": "Aktiver tofaktor", + "otpDisable": "Deaktiver tofaktor", + "logout": "Logg ut", + "licenseTierProfessionalRequired": "Profesjonell utgave påkrevd", + "licenseTierProfessionalRequiredDescription": "Denne funksjonen er kun tilgjengelig i den profesjonelle utgaven.", + "actionGetOrg": "Hent organisasjon", + "actionUpdateOrg": "Oppdater organisasjon", + "actionUpdateUser": "Oppdater bruker", + "actionGetUser": "Hent bruker", + "actionGetOrgUser": "Hent organisasjonsbruker", + "actionListOrgDomains": "List opp organisasjonsdomener", + "actionCreateSite": "Opprett område", + "actionDeleteSite": "Slett område", + "actionGetSite": "Hent område", + "actionListSites": "List opp områder", + "setupToken": "Oppsetttoken", + "setupTokenDescription": "Skriv inn oppsetttoken fra serverkonsollen.", + "setupTokenRequired": "Oppsetttoken er nødvendig", + "actionUpdateSite": "Oppdater område", + "actionListSiteRoles": "List opp tillatte områderoller", + "actionCreateResource": "Opprett ressurs", + "actionDeleteResource": "Slett ressurs", + "actionGetResource": "Hent ressurs", + "actionListResource": "List opp ressurser", + "actionUpdateResource": "Oppdater ressurs", + "actionListResourceUsers": "List opp ressursbrukere", + "actionSetResourceUsers": "Angi ressursbrukere", + "actionSetAllowedResourceRoles": "Angi tillatte ressursroller", + "actionListAllowedResourceRoles": "List opp tillatte ressursroller", + "actionSetResourcePassword": "Angi ressurspassord", + "actionSetResourcePincode": "Angi ressurspinkode", + "actionSetResourceEmailWhitelist": "Angi e-post-hviteliste for ressurs", + "actionGetResourceEmailWhitelist": "Hent e-post-hviteliste for ressurs", + "actionCreateTarget": "Opprett mål", + "actionDeleteTarget": "Slett mål", + "actionGetTarget": "Hent mål", + "actionListTargets": "List opp mål", + "actionUpdateTarget": "Oppdater mål", + "actionCreateRole": "Opprett rolle", + "actionDeleteRole": "Slett rolle", + "actionGetRole": "Hent rolle", + "actionListRole": "List opp roller", + "actionUpdateRole": "Oppdater rolle", + "actionListAllowedRoleResources": "List opp tillatte rolleressurser", + "actionInviteUser": "Inviter bruker", + "actionRemoveUser": "Fjern bruker", + "actionListUsers": "List opp brukere", + "actionAddUserRole": "Legg til brukerrolle", + "actionGenerateAccessToken": "Generer tilgangstoken", + "actionDeleteAccessToken": "Slett tilgangstoken", + "actionListAccessTokens": "List opp tilgangstokener", + "actionCreateResourceRule": "Opprett ressursregel", + "actionDeleteResourceRule": "Slett ressursregel", + "actionListResourceRules": "List opp ressursregler", + "actionUpdateResourceRule": "Oppdater ressursregel", + "actionListOrgs": "List opp organisasjoner", + "actionCheckOrgId": "Sjekk ID", + "actionCreateOrg": "Opprett organisasjon", + "actionDeleteOrg": "Slett organisasjon", + "actionListApiKeys": "List opp API-nøkler", + "actionListApiKeyActions": "List opp API-nøkkelhandlinger", + "actionSetApiKeyActions": "Angi tillatte handlinger for API-nøkkel", + "actionCreateApiKey": "Opprett API-nøkkel", + "actionDeleteApiKey": "Slett API-nøkkel", + "actionCreateIdp": "Opprett IDP", + "actionUpdateIdp": "Oppdater IDP", + "actionDeleteIdp": "Slett IDP", + "actionListIdps": "List opp IDP-er", + "actionGetIdp": "Hent IDP", + "actionCreateIdpOrg": "Opprett IDP-organisasjonspolicy", + "actionDeleteIdpOrg": "Slett IDP-organisasjonspolicy", + "actionListIdpOrgs": "List opp IDP-organisasjoner", + "actionUpdateIdpOrg": "Oppdater IDP-organisasjon", + "actionCreateClient": "Opprett Klient", + "actionDeleteClient": "Slett klient", + "actionUpdateClient": "Oppdater klient", + "actionListClients": "List klienter", + "actionGetClient": "Hent klient", + "actionCreateSiteResource": "Opprett stedsressurs", + "actionDeleteSiteResource": "Slett Stedsressurs", + "actionGetSiteResource": "Hent Stedsressurs", + "actionListSiteResources": "List opp Stedsressurser", + "actionUpdateSiteResource": "Oppdater Stedsressurs", + "actionListInvitations": "Liste invitasjoner", + "noneSelected": "Ingen valgt", + "orgNotFound2": "Ingen organisasjoner funnet.", + "searchProgress": "Søker...", + "create": "Opprett", + "orgs": "Organisasjoner", + "loginError": "En feil oppstod under innlogging", + "passwordForgot": "Glemt passordet ditt?", + "otpAuth": "Tofaktorautentisering", + "otpAuthDescription": "Skriv inn koden fra autentiseringsappen din eller en av dine engangs reservekoder.", + "otpAuthSubmit": "Send inn kode", + "idpContinue": "Eller fortsett med", + "otpAuthBack": "Tilbake til innlogging", + "navbar": "Navigasjonsmeny", + "navbarDescription": "Hovednavigasjonsmeny for applikasjonen", + "navbarDocsLink": "Dokumentasjon", + "commercialEdition": "Kommersiell utgave", + "otpErrorEnable": "Kunne ikke aktivere 2FA", + "otpErrorEnableDescription": "En feil oppstod under aktivering av 2FA", + "otpSetupCheckCode": "Vennligst skriv inn en 6-sifret kode", + "otpSetupCheckCodeRetry": "Ugyldig kode. Vennligst prøv igjen.", + "otpSetup": "Aktiver tofaktorautentisering", + "otpSetupDescription": "Sikre kontoen din med et ekstra lag med beskyttelse", + "otpSetupScanQr": "Skann denne QR-koden med autentiseringsappen din eller skriv inn den hemmelige nøkkelen manuelt:", + "otpSetupSecretCode": "Autentiseringskode", + "otpSetupSuccess": "Tofaktorautentisering aktivert", + "otpSetupSuccessStoreBackupCodes": "Kontoen din er nå sikrere. Ikke glem å lagre reservekodene dine.", + "otpErrorDisable": "Kunne ikke deaktivere 2FA", + "otpErrorDisableDescription": "En feil oppstod under deaktivering av 2FA", + "otpRemove": "Deaktiver tofaktorautentisering", + "otpRemoveDescription": "Deaktiver tofaktorautentisering for kontoen din", + "otpRemoveSuccess": "Tofaktorautentisering deaktivert", + "otpRemoveSuccessMessage": "Tofaktorautentisering er deaktivert for kontoen din. Du kan aktivere den igjen når som helst.", + "otpRemoveSubmit": "Deaktiver 2FA", + "paginator": "Side {current} av {last}", + "paginatorToFirst": "Gå til første side", + "paginatorToPrevious": "Gå til forrige side", + "paginatorToNext": "Gå til neste side", + "paginatorToLast": "Gå til siste side", + "copyText": "Kopier tekst", + "copyTextFailed": "Klarte ikke å kopiere tekst: ", + "copyTextClipboard": "Kopier til utklippstavle", + "inviteErrorInvalidConfirmation": "Ugyldig bekreftelse", + "passwordRequired": "Passord er påkrevd", + "allowAll": "Tillat alle", + "permissionsAllowAll": "Tillat alle rettigheter", + "githubUsernameRequired": "GitHub-brukernavn er påkrevd", + "supportKeyRequired": "supporternøkkel er påkrevd", + "passwordRequirementsChars": "Passordet må være minst 8 tegn", + "language": "Språk", + "verificationCodeRequired": "Kode er påkrevd", + "userErrorNoUpdate": "Ingen bruker å oppdatere", + "siteErrorNoUpdate": "Ingen område å oppdatere", + "resourceErrorNoUpdate": "Ingen ressurs å oppdatere", + "authErrorNoUpdate": "Ingen autentiseringsinfo å oppdatere", + "orgErrorNoUpdate": "Ingen organisasjon å oppdatere", + "orgErrorNoProvided": "Ingen organisasjon angitt", + "apiKeysErrorNoUpdate": "Ingen API-nøkkel å oppdatere", + "sidebarOverview": "Oversikt", + "sidebarHome": "Hjem", + "sidebarSites": "Områder", + "sidebarResources": "Ressurser", + "sidebarAccessControl": "Tilgangskontroll", + "sidebarUsers": "Brukere", + "sidebarInvitations": "Invitasjoner", + "sidebarRoles": "Roller", + "sidebarShareableLinks": "Delbare lenker", + "sidebarApiKeys": "API-nøkler", + "sidebarSettings": "Innstillinger", + "sidebarAllUsers": "Alle brukere", + "sidebarIdentityProviders": "Identitetsleverandører", + "sidebarLicense": "Lisens", + "sidebarClients": "Klienter (Beta)", + "sidebarDomains": "Domener", + "enableDockerSocket": "Aktiver Docker Socket", + "enableDockerSocketDescription": "Aktiver Docker Socket-oppdagelse for å fylle ut containerinformasjon. Socket-stien må oppgis til Newt.", + "enableDockerSocketLink": "Lær mer", + "viewDockerContainers": "Vis Docker-containere", + "containersIn": "Containere i {siteName}", + "selectContainerDescription": "Velg en hvilken som helst container for å bruke som vertsnavn for dette målet. Klikk på en port for å bruke en port.", + "containerName": "Navn", + "containerImage": "Bilde", + "containerState": "Tilstand", + "containerNetworks": "Nettverk", + "containerHostnameIp": "Vertsnavn/IP", + "containerLabels": "Etiketter", + "containerLabelsCount": "{count, plural, one {en etikett} other {# etiketter}}", + "containerLabelsTitle": "Containeretiketter", + "containerLabelEmpty": "", + "containerPorts": "Porter", + "containerPortsMore": "+{count} til", + "containerActions": "Handlinger", + "select": "Velg", + "noContainersMatchingFilters": "Ingen containere funnet som matcher de nåværende filtrene.", + "showContainersWithoutPorts": "Vis containere uten porter", + "showStoppedContainers": "Vis stoppede containere", + "noContainersFound": "Ingen containere funnet. Sørg for at Docker-containere kjører.", + "searchContainersPlaceholder": "Søk blant {count} containere...", + "searchResultsCount": "{count, plural, one {ett resultat} other {# resultater}}", + "filters": "Filtre", + "filterOptions": "Filteralternativer", + "filterPorts": "Porter", + "filterStopped": "Stoppet", + "clearAllFilters": "Fjern alle filtre", + "columns": "Kolonner", + "toggleColumns": "Vis/skjul kolonner", + "refreshContainersList": "Oppdater containerliste", + "searching": "Søker...", + "noContainersFoundMatching": "Ingen containere funnet som matcher \"{filter}\".", + "light": "lys", + "dark": "mørk", + "system": "system", + "theme": "Tema", + "subnetRequired": "Subnett er påkrevd", + "initialSetupTitle": "Førstegangsoppsett av server", + "initialSetupDescription": "Opprett den første serveradministratorkontoen. Det kan bare finnes én serveradministrator. Du kan alltid endre denne påloggingsinformasjonen senere.", + "createAdminAccount": "Opprett administratorkonto", + "setupErrorCreateAdmin": "En feil oppstod under opprettelsen av serveradministratorkontoen.", + "certificateStatus": "Sertifikatstatus", + "loading": "Laster inn", + "restart": "Start på nytt", + "domains": "Domener", + "domainsDescription": "Administrer domener for organisasjonen din", + "domainsSearch": "Søk i domener...", + "domainAdd": "Legg til domene", + "domainAddDescription": "Registrer et nytt domene hos organisasjonen din", + "domainCreate": "Opprett domene", + "domainCreatedDescription": "Domene ble opprettet", + "domainDeletedDescription": "Domene ble slettet", + "domainQuestionRemove": "Er du sikker på at du vil fjerne domenet {domain} fra kontoen din?", + "domainMessageRemove": "Når domenet er fjernet, vil det ikke lenger være knyttet til kontoen din.", + "domainMessageConfirm": "For å bekrefte, vennligst skriv inn domenenavnet nedenfor.", + "domainConfirmDelete": "Bekreft sletting av domene", + "domainDelete": "Slett domene", + "domain": "Domene", + "selectDomainTypeNsName": "Domenedelegering (NS)", + "selectDomainTypeNsDescription": "Dette domenet og alle dets underdomener. Bruk dette når du vil kontrollere en hel domenesone.", + "selectDomainTypeCnameName": "Enkelt domene (CNAME)", + "selectDomainTypeCnameDescription": "Bare dette spesifikke domenet. Bruk dette for individuelle underdomener eller spesifikke domeneoppføringer.", + "selectDomainTypeWildcardName": "Wildcard-domene", + "selectDomainTypeWildcardDescription": "Dette domenet og dets underdomener.", + "domainDelegation": "Enkelt domene", + "selectType": "Velg en type", + "actions": "Handlinger", + "refresh": "Oppdater", + "refreshError": "Klarte ikke å oppdatere data", + "verified": "Verifisert", + "pending": "Venter", + "sidebarBilling": "Fakturering", + "billing": "Fakturering", + "orgBillingDescription": "Administrer faktureringsinformasjon og abonnementer", + "github": "GitHub", + "pangolinHosted": "Driftet av Pangolin", + "fossorial": "Fossorial", + "completeAccountSetup": "Fullfør kontooppsett", + "completeAccountSetupDescription": "Angi passordet ditt for å komme i gang", + "accountSetupSent": "Vi sender en oppsettskode for kontoen til denne e-postadressen.", + "accountSetupCode": "Oppsettskode", + "accountSetupCodeDescription": "Sjekk e-posten din for oppsettskoden.", + "passwordCreate": "Opprett passord", + "passwordCreateConfirm": "Bekreft passord", + "accountSetupSubmit": "Send oppsettskode", + "completeSetup": "Fullfør oppsett", + "accountSetupSuccess": "Kontooppsett fullført! Velkommen til Pangolin!", + "documentation": "Dokumentasjon", + "saveAllSettings": "Lagre alle innstillinger", + "settingsUpdated": "Innstillinger oppdatert", + "settingsUpdatedDescription": "Alle innstillinger er oppdatert", + "settingsErrorUpdate": "Klarte ikke å oppdatere innstillinger", + "settingsErrorUpdateDescription": "En feil oppstod under oppdatering av innstillinger", + "sidebarCollapse": "Skjul", + "sidebarExpand": "Utvid", + "newtUpdateAvailable": "Oppdatering tilgjengelig", + "newtUpdateAvailableInfo": "En ny versjon av Newt er tilgjengelig. Vennligst oppdater til den nyeste versjonen for den beste opplevelsen.", + "domainPickerEnterDomain": "Domene", + "domainPickerPlaceholder": "minapp.eksempel.com, api.v1.mittdomene.com, eller bare minapp", + "domainPickerDescription": "Skriv inn hele domenet til ressursen for å se tilgjengelige alternativer.", + "domainPickerDescriptionSaas": "Skriv inn et fullt domene, underdomene eller bare et navn for å se tilgjengelige alternativer", + "domainPickerTabAll": "Alle", + "domainPickerTabOrganization": "Organisasjon", + "domainPickerTabProvided": "Levert", + "domainPickerSortAsc": "A-Å", + "domainPickerSortDesc": "Å-A", + "domainPickerCheckingAvailability": "Sjekker tilgjengelighet...", + "domainPickerNoMatchingDomains": "Ingen samsvarende domener funnet. Prøv et annet domene eller sjekk organisasjonens domeneinnstillinger.", + "domainPickerOrganizationDomains": "Organisasjonsdomener", + "domainPickerProvidedDomains": "Leverte domener", + "domainPickerSubdomain": "Underdomene: {subdomain}", + "domainPickerNamespace": "Navnerom: {namespace}", + "domainPickerShowMore": "Vis mer", + "domainNotFound": "Domene ikke funnet", + "domainNotFoundDescription": "Denne ressursen er deaktivert fordi domenet ikke lenger eksisterer i systemet vårt. Vennligst angi et nytt domene for denne ressursen.", + "failed": "Mislyktes", + "createNewOrgDescription": "Opprett en ny organisasjon", + "organization": "Organisasjon", + "port": "Port", + "securityKeyManage": "Administrer sikkerhetsnøkler", + "securityKeyDescription": "Legg til eller fjern sikkerhetsnøkler for passordløs autentisering", + "securityKeyRegister": "Registrer ny sikkerhetsnøkkel", + "securityKeyList": "Dine sikkerhetsnøkler", + "securityKeyNone": "Ingen sikkerhetsnøkler er registrert enda", + "securityKeyNameRequired": "Navn er påkrevd", + "securityKeyRemove": "Fjern", + "securityKeyLastUsed": "Sist brukt: {date}", + "securityKeyNameLabel": "Navn på sikkerhetsnøkkel", + "securityKeyRegisterSuccess": "Sikkerhetsnøkkel registrert", + "securityKeyRegisterError": "Klarte ikke å registrere sikkerhetsnøkkel", + "securityKeyRemoveSuccess": "Sikkerhetsnøkkel fjernet", + "securityKeyRemoveError": "Klarte ikke å fjerne sikkerhetsnøkkel", + "securityKeyLoadError": "Klarte ikke å laste inn sikkerhetsnøkler", + "securityKeyLogin": "Fortsett med sikkerhetsnøkkel", + "securityKeyAuthError": "Klarte ikke å autentisere med sikkerhetsnøkkel", + "securityKeyRecommendation": "Registrer en reservesikkerhetsnøkkel på en annen enhet for å sikre at du alltid har tilgang til kontoen din.", + "registering": "Registrerer...", + "securityKeyPrompt": "Vennligst verifiser identiteten din med sikkerhetsnøkkelen. Sørg for at sikkerhetsnøkkelen er koblet til og klar.", + "securityKeyBrowserNotSupported": "Nettleseren din støtter ikke sikkerhetsnøkler. Vennligst bruk en moderne nettleser som Chrome, Firefox eller Safari.", + "securityKeyPermissionDenied": "Vennligst tillat tilgang til sikkerhetsnøkkelen din for å fortsette innloggingen.", + "securityKeyRemovedTooQuickly": "Vennligst hold sikkerhetsnøkkelen tilkoblet til innloggingsprosessen er fullført.", + "securityKeyNotSupported": "Sikkerhetsnøkkelen din er kanskje ikke kompatibel. Vennligst prøv en annen sikkerhetsnøkkel.", + "securityKeyUnknownError": "Det oppstod et problem med å bruke sikkerhetsnøkkelen din. Vennligst prøv igjen.", + "twoFactorRequired": "Tofaktorautentisering er påkrevd for å registrere en sikkerhetsnøkkel.", + "twoFactor": "Tofaktorautentisering", + "adminEnabled2FaOnYourAccount": "Din administrator har aktivert tofaktorautentisering for {email}. Vennligst fullfør oppsettsprosessen for å fortsette.", + "continueToApplication": "Fortsett til applikasjonen", + "securityKeyAdd": "Legg til sikkerhetsnøkkel", + "securityKeyRegisterTitle": "Registrer ny sikkerhetsnøkkel", + "securityKeyRegisterDescription": "Koble til sikkerhetsnøkkelen og skriv inn et navn for å identifisere den", + "securityKeyTwoFactorRequired": "Tofaktorautentisering påkrevd", + "securityKeyTwoFactorDescription": "Vennligst skriv inn koden for tofaktorautentisering for å registrere sikkerhetsnøkkelen", + "securityKeyTwoFactorRemoveDescription": "Vennligst skriv inn koden for tofaktorautentisering for å fjerne sikkerhetsnøkkelen", + "securityKeyTwoFactorCode": "Tofaktorkode", + "securityKeyRemoveTitle": "Fjern sikkerhetsnøkkel", + "securityKeyRemoveDescription": "Skriv inn passordet ditt for å fjerne sikkerhetsnøkkelen \"{name}\"", + "securityKeyNoKeysRegistered": "Ingen sikkerhetsnøkler registrert", + "securityKeyNoKeysDescription": "Legg til en sikkerhetsnøkkel for å øke sikkerheten på kontoen din", + "createDomainRequired": "Domene er påkrevd", + "createDomainAddDnsRecords": "Legg til DNS-oppføringer", + "createDomainAddDnsRecordsDescription": "Legg til følgende DNS-oppføringer hos din domeneleverandør for å fullføre oppsettet.", + "createDomainNsRecords": "NS-oppføringer", + "createDomainRecord": "Oppføring", + "createDomainType": "Type:", + "createDomainName": "Navn:", + "createDomainValue": "Verdi:", + "createDomainCnameRecords": "CNAME-oppføringer", + "createDomainARecords": "A-oppføringer", + "createDomainRecordNumber": "Oppføring {number}", + "createDomainTxtRecords": "TXT-oppføringer", + "createDomainSaveTheseRecords": "Lagre disse oppføringene", + "createDomainSaveTheseRecordsDescription": "Sørg for å lagre disse DNS-oppføringene, da du ikke vil se dem igjen.", + "createDomainDnsPropagation": "DNS-propagering", + "createDomainDnsPropagationDescription": "DNS-endringer kan ta litt tid å propagere over internett. Dette kan ta fra noen få minutter til 48 timer, avhengig av din DNS-leverandør og TTL-innstillinger.", + "resourcePortRequired": "Portnummer er påkrevd for ikke-HTTP-ressurser", + "resourcePortNotAllowed": "Portnummer skal ikke angis for HTTP-ressurser", + "signUpTerms": { + "IAgreeToThe": "Jeg godtar", + "termsOfService": "brukervilkårene", + "and": "og", + "privacyPolicy": "personvernerklæringen" + }, + "siteRequired": "Område er påkrevd.", + "olmTunnel": "Olm-tunnel", + "olmTunnelDescription": "Bruk Olm for klienttilkobling", + "errorCreatingClient": "Feil ved oppretting av klient", + "clientDefaultsNotFound": "Klientstandarder ikke funnet", + "createClient": "Opprett klient", + "createClientDescription": "Opprett en ny klient for å koble til dine områder", + "seeAllClients": "Se alle klienter", + "clientInformation": "Klientinformasjon", + "clientNamePlaceholder": "Klientnavn", + "address": "Adresse", + "subnetPlaceholder": "Subnett", + "addressDescription": "Adressen denne klienten vil bruke for tilkobling", + "selectSites": "Velg områder", + "sitesDescription": "Klienten vil ha tilkobling til de valgte områdene", + "clientInstallOlm": "Installer Olm", + "clientInstallOlmDescription": "Få Olm til å kjøre på systemet ditt", + "clientOlmCredentials": "Olm-legitimasjon", + "clientOlmCredentialsDescription": "Slik vil Olm autentisere med serveren", + "olmEndpoint": "Olm-endepunkt", + "olmId": "Olm-ID", + "olmSecretKey": "Olm hemmelig nøkkel", + "clientCredentialsSave": "Lagre din legitimasjon", + "clientCredentialsSaveDescription": "Du vil bare kunne se dette én gang. Sørg for å kopiere det til et sikkert sted.", + "generalSettingsDescription": "Konfigurer de generelle innstillingene for denne klienten", + "clientUpdated": "Klient oppdatert", + "clientUpdatedDescription": "Klienten er blitt oppdatert.", + "clientUpdateFailed": "Klarte ikke å oppdatere klient", + "clientUpdateError": "En feil oppstod under oppdatering av klienten.", + "sitesFetchFailed": "Klarte ikke å hente områder", + "sitesFetchError": "En feil oppstod under henting av områder.", + "olmErrorFetchReleases": "En feil oppstod under henting av Olm-utgivelser.", + "olmErrorFetchLatest": "En feil oppstod under henting av den nyeste Olm-utgivelsen.", + "remoteSubnets": "Fjern-subnett", + "enterCidrRange": "Skriv inn CIDR-område", + "remoteSubnetsDescription": "Legg til CIDR-områder som kan få fjerntilgang til dette området. Bruk format som 10.0.0.0/24 eller 192.168.1.0/24.", + "resourceEnableProxy": "Aktiver offentlig proxy", + "resourceEnableProxyDescription": "Aktiver offentlig proxying til denne ressursen. Dette gir tilgang til ressursen fra utsiden av nettverket gjennom skyen på en åpen port. Krever Traefik-konfigurasjon.", + "externalProxyEnabled": "Ekstern proxy aktivert", + "addNewTarget": "Legg til nytt mål", + "targetsList": "Liste over mål", + "targetErrorDuplicateTargetFound": "Duplikat av mål funnet", + "httpMethod": "HTTP-metode", + "selectHttpMethod": "Velg HTTP-metode", + "domainPickerSubdomainLabel": "Underdomene", + "domainPickerBaseDomainLabel": "Grunndomene", + "domainPickerSearchDomains": "Søk i domener...", + "domainPickerNoDomainsFound": "Ingen domener funnet", + "domainPickerLoadingDomains": "Laster inn domener...", + "domainPickerSelectBaseDomain": "Velg grunndomene...", + "domainPickerNotAvailableForCname": "Ikke tilgjengelig for CNAME-domener", + "domainPickerEnterSubdomainOrLeaveBlank": "Skriv inn underdomene eller la feltet stå tomt for å bruke grunndomene.", + "domainPickerEnterSubdomainToSearch": "Skriv inn et underdomene for å søke og velge blant tilgjengelige gratis domener.", + "domainPickerFreeDomains": "Gratis domener", + "domainPickerSearchForAvailableDomains": "Søk etter tilgjengelige domener", + "resourceDomain": "Domene", + "resourceEditDomain": "Rediger domene", + "siteName": "Områdenavn", + "proxyPort": "Port", + "resourcesTableProxyResources": "Proxy-ressurser", + "resourcesTableClientResources": "Klientressurser", + "resourcesTableNoProxyResourcesFound": "Ingen proxy-ressurser funnet.", + "resourcesTableNoInternalResourcesFound": "Ingen interne ressurser funnet.", + "resourcesTableDestination": "Destinasjon", + "resourcesTableTheseResourcesForUseWith": "Disse ressursene er til bruk med", + "resourcesTableClients": "Klienter", + "resourcesTableAndOnlyAccessibleInternally": "og er kun tilgjengelig internt når de er koblet til med en klient.", + "editInternalResourceDialogEditClientResource": "Rediger klientressurs", + "editInternalResourceDialogUpdateResourceProperties": "Oppdater ressursens egenskaper og målkonfigurasjon for {resourceName}.", + "editInternalResourceDialogResourceProperties": "Ressursegenskaper", + "editInternalResourceDialogName": "Navn", + "editInternalResourceDialogProtocol": "Protokoll", + "editInternalResourceDialogSitePort": "Områdeport", + "editInternalResourceDialogTargetConfiguration": "Målkonfigurasjon", + "editInternalResourceDialogDestinationIP": "Destinasjons-IP", + "editInternalResourceDialogDestinationPort": "Destinasjonsport", + "editInternalResourceDialogCancel": "Avbryt", + "editInternalResourceDialogSaveResource": "Lagre ressurs", + "editInternalResourceDialogSuccess": "Suksess", + "editInternalResourceDialogInternalResourceUpdatedSuccessfully": "Intern ressurs oppdatert vellykket", + "editInternalResourceDialogError": "Feil", + "editInternalResourceDialogFailedToUpdateInternalResource": "Mislyktes å oppdatere intern ressurs", + "editInternalResourceDialogNameRequired": "Navn er påkrevd", + "editInternalResourceDialogNameMaxLength": "Navn kan ikke være lengre enn 255 tegn", + "editInternalResourceDialogProxyPortMin": "Proxy-port må være minst 1", + "editInternalResourceDialogProxyPortMax": "Proxy-port må være mindre enn 65536", + "editInternalResourceDialogInvalidIPAddressFormat": "Ugyldig IP-adresseformat", + "editInternalResourceDialogDestinationPortMin": "Destinasjonsport må være minst 1", + "editInternalResourceDialogDestinationPortMax": "Destinasjonsport må være mindre enn 65536", + "createInternalResourceDialogNoSitesAvailable": "Ingen tilgjengelige steder", + "createInternalResourceDialogNoSitesAvailableDescription": "Du må ha minst ett Newt-område med et konfigureret delnett for å lage interne ressurser.", + "createInternalResourceDialogClose": "Lukk", + "createInternalResourceDialogCreateClientResource": "Opprett klientressurs", + "createInternalResourceDialogCreateClientResourceDescription": "Lag en ny ressurs som blir tilgjengelig for klienter koblet til det valgte området.", + "createInternalResourceDialogResourceProperties": "Ressursegenskaper", + "createInternalResourceDialogName": "Navn", + "createInternalResourceDialogSite": "Område", + "createInternalResourceDialogSelectSite": "Velg område...", + "createInternalResourceDialogSearchSites": "Søk i områder...", + "createInternalResourceDialogNoSitesFound": "Ingen områder funnet.", + "createInternalResourceDialogProtocol": "Protokoll", + "createInternalResourceDialogTcp": "TCP", + "createInternalResourceDialogUdp": "UDP", + "createInternalResourceDialogSitePort": "Områdeport", + "createInternalResourceDialogSitePortDescription": "Bruk denne porten for å få tilgang til ressursen på området når du er tilkoblet med en klient.", + "createInternalResourceDialogTargetConfiguration": "Målkonfigurasjon", + "createInternalResourceDialogDestinationIP": "Destinasjons-IP", + "createInternalResourceDialogDestinationIPDescription": "IP-adressen til ressursen på områdets nettverk.", + "createInternalResourceDialogDestinationPort": "Destinasjonsport", + "createInternalResourceDialogDestinationPortDescription": "Porten på destinasjons-IP-en der ressursen kan nås.", + "createInternalResourceDialogCancel": "Avbryt", + "createInternalResourceDialogCreateResource": "Opprett ressurs", + "createInternalResourceDialogSuccess": "Suksess", + "createInternalResourceDialogInternalResourceCreatedSuccessfully": "Intern ressurs opprettet vellykket", + "createInternalResourceDialogError": "Feil", + "createInternalResourceDialogFailedToCreateInternalResource": "Kunne ikke opprette intern ressurs", + "createInternalResourceDialogNameRequired": "Navn er påkrevd", + "createInternalResourceDialogNameMaxLength": "Navn kan ikke være lengre enn 255 tegn", + "createInternalResourceDialogPleaseSelectSite": "Vennligst velg et område", + "createInternalResourceDialogProxyPortMin": "Proxy-port må være minst 1", + "createInternalResourceDialogProxyPortMax": "Proxy-port må være mindre enn 65536", + "createInternalResourceDialogInvalidIPAddressFormat": "Ugyldig IP-adresseformat", + "createInternalResourceDialogDestinationPortMin": "Destinasjonsport må være minst 1", + "createInternalResourceDialogDestinationPortMax": "Destinasjonsport må være mindre enn 65536", + "siteConfiguration": "Konfigurasjon", + "siteAcceptClientConnections": "Godta klientforbindelser", + "siteAcceptClientConnectionsDescription": "Tillat andre enheter å koble seg til gjennom denne Newt-instansen som en gateway ved hjelp av klienter.", + "siteAddress": "Områdeadresse", + "siteAddressDescription": "Angi IP-adressen til verten for klienter å koble seg til. Dette er den interne adressen til området i Pangolin-nettverket for klienter som adresserer. Må falle innenfor Org-underettet.", + "autoLoginExternalIdp": "Automatisk innlogging med ekstern IDP", + "autoLoginExternalIdpDescription": "Omdiriger brukeren umiddelbart til den eksterne IDP-en for autentisering.", + "selectIdp": "Velg IDP", + "selectIdpPlaceholder": "Velg en IDP...", + "selectIdpRequired": "Vennligst velg en IDP når automatisk innlogging er aktivert.", + "autoLoginTitle": "Omdirigering", + "autoLoginDescription": "Omdirigerer deg til den eksterne identitetsleverandøren for autentisering.", + "autoLoginProcessing": "Forbereder autentisering...", + "autoLoginRedirecting": "Omdirigerer til innlogging...", + "autoLoginError": "Feil ved automatisk innlogging", + "autoLoginErrorNoRedirectUrl": "Ingen omdirigerings-URL mottatt fra identitetsleverandøren.", + "autoLoginErrorGeneratingUrl": "Kunne ikke generere autentiserings-URL.", + "managedSelfHosted": { + "title": "Administrert selv-hostet", + "description": "Sikre og lavvedlikeholdsservere, selvbetjente Pangolin med ekstra klokker, og understell", + "introTitle": "Administrert Self-Hosted Pangolin", + "introDescription": "er et alternativ for bruk utviklet for personer som ønsker enkel og ekstra pålitelighet mens de fortsatt holder sine data privat og selvdrevne.", + "introDetail": "Med dette valget kjører du fortsatt din egen Pangolin-node - tunneler, SSL-terminering og trafikken ligger på serveren din. Forskjellen er at behandling og overvåking håndteres gjennom vårt skydashbord, som låser opp en rekke fordeler:", + "benefitSimplerOperations": { + "title": "Enklere operasjoner", + "description": "Ingen grunn til å kjøre din egen e-postserver eller sette opp kompleks varsling. Du vil få helsesjekk og nedetid varsler ut av boksen." + }, + "benefitAutomaticUpdates": { + "title": "Automatiske oppdateringer", + "description": "Cloud dashbordet utvikler seg raskt, så du får nye funksjoner og feilrettinger uten at du trenger å trekke nye beholdere manuelt hver gang." + }, + "benefitLessMaintenance": { + "title": "Mindre vedlikehold", + "description": "Ingen databasestyrer, sikkerhetskopier eller ekstra infrastruktur for å forvalte. Vi håndterer det i skyen." + }, + "benefitCloudFailover": { + "title": "Sky feilslått", + "description": "Hvis EK-gruppen din går ned, kan tunnlene midlertidig mislykkes i å nå våre sky-punkter til du tar den tilbake på nett." + }, + "benefitHighAvailability": { + "title": "Høy tilgjengelighet (PoPs)", + "description": "Du kan også legge ved flere noder til kontoen din for redundans og bedre ytelse." + }, + "benefitFutureEnhancements": { + "title": "Fremtidige forbedringer", + "description": "Vi planlegger å legge inn mer analyser, varsle og styringsverktøy for å gjøre din distribusjon enda mer robust." + }, + "docsAlert": { + "text": "Lær mer om Managed Self-Hosted alternativet i vår", + "documentation": "dokumentasjon" + }, + "convertButton": "Konverter denne noden til manuelt bruk" + }, + "internationaldomaindetected": "Internasjonalt domene oppdaget", + "willbestoredas": "Vil bli lagret som:" +} diff --git a/messages/nl-NL.json b/messages/nl-NL.json new file mode 100644 index 00000000..6252d752 --- /dev/null +++ b/messages/nl-NL.json @@ -0,0 +1,1500 @@ +{ + "setupCreate": "Maak uw organisatie, site en bronnen aan", + "setupNewOrg": "Nieuwe organisatie", + "setupCreateOrg": "Nieuwe organisatie aanmaken", + "setupCreateResources": "Bronnen aanmaken", + "setupOrgName": "Naam organisatie", + "orgDisplayName": "Dit is de weergavenaam van uw organisatie.", + "orgId": "Organisatie ID", + "setupIdentifierMessage": "Dit is de unieke identificatie voor uw organisatie. Deze is gescheiden van de weergavenaam.", + "setupErrorIdentifier": "Organisatie-ID is al in gebruik. Kies een andere.", + "componentsErrorNoMemberCreate": "U bent momenteel geen lid van een organisatie. Maak een organisatie aan om aan de slag te gaan.", + "componentsErrorNoMember": "U bent momenteel geen lid van een organisatie.", + "welcome": "Welkom bij Pangolin", + "welcomeTo": "Welkom bij", + "componentsCreateOrg": "Maak een Organisatie", + "componentsMember": "Je bent lid van {count, plural, =0 {geen organisatie} one {één organisatie} other {# organisaties}}.", + "componentsInvalidKey": "Ongeldige of verlopen licentiesleutels gedetecteerd. Volg de licentievoorwaarden om alle functies te blijven gebruiken.", + "dismiss": "Uitschakelen", + "componentsLicenseViolation": "Licentie overtreding: Deze server gebruikt {usedSites} sites die de gelicentieerde limiet van {maxSites} sites overschrijden. Volg de licentievoorwaarden om door te gaan met het gebruik van alle functies.", + "componentsSupporterMessage": "Bedankt voor het ondersteunen van Pangolin als {tier}!", + "inviteErrorNotValid": "Het spijt ons, maar de uitnodiging die je probeert te bezoeken is niet geaccepteerd of is niet meer geldig.", + "inviteErrorUser": "Het spijt ons, maar de uitnodiging die u probeert te gebruiken is niet voor deze gebruiker.", + "inviteLoginUser": "Controleer of je bent aangemeld als de juiste gebruiker.", + "inviteErrorNoUser": "Het spijt ons, maar de uitnodiging die u probeert te gebruiken is niet voor een bestaande gebruiker.", + "inviteCreateUser": "U moet eerst een account aanmaken", + "goHome": "Ga naar huis", + "inviteLogInOtherUser": "Log in als een andere gebruiker", + "createAnAccount": "Account aanmaken", + "inviteNotAccepted": "Uitnodiging niet geaccepteerd", + "authCreateAccount": "Maak een account aan om te beginnen", + "authNoAccount": "Nog geen account?", + "email": "E-mailadres", + "password": "Wachtwoord", + "confirmPassword": "Bevestig wachtwoord", + "createAccount": "Account Aanmaken", + "viewSettings": "Instellingen weergeven", + "delete": "Verwijderen", + "name": "naam", + "online": "Online", + "offline": "Offline", + "site": "Website", + "dataIn": "Gegevens in", + "dataOut": "Data Uit", + "connectionType": "Type verbinding", + "tunnelType": "Tunnel type", + "local": "lokaal", + "edit": "Bewerken", + "siteConfirmDelete": "Verwijderen van site bevestigen", + "siteDelete": "Site verwijderen", + "siteMessageRemove": "Eenmaal verwijderd, zal de site niet langer toegankelijk zijn. Alle bronnen en doelen die aan de site zijn gekoppeld, zullen ook worden verwijderd.", + "siteMessageConfirm": "Typ ter bevestiging de naam van de site hieronder.", + "siteQuestionRemove": "Weet u zeker dat u de site {selectedSite} uit de organisatie wilt verwijderen?", + "siteManageSites": "Sites beheren", + "siteDescription": "Verbindt met uw netwerk via beveiligde tunnels", + "siteCreate": "Site maken", + "siteCreateDescription2": "Volg de onderstaande stappen om een nieuwe site aan te maken en te verbinden", + "siteCreateDescription": "Maak een nieuwe site aan om verbinding te maken met uw bronnen", + "close": "Afsluiten", + "siteErrorCreate": "Fout bij maken site", + "siteErrorCreateKeyPair": "Key pair of site standaard niet gevonden", + "siteErrorCreateDefaults": "Standaardinstellingen niet gevonden", + "method": "Methode", + "siteMethodDescription": "Op deze manier legt u verbindingen bloot.", + "siteLearnNewt": "Leer hoe u Newt kunt installeren op uw systeem", + "siteSeeConfigOnce": "U kunt de configuratie maar één keer zien.", + "siteLoadWGConfig": "WireGuard configuratie wordt geladen...", + "siteDocker": "Details Docker implementatie uitvouwen", + "toggle": "Omschakelen", + "dockerCompose": "Docker opstellen", + "dockerRun": "Docker Uitvoeren", + "siteLearnLocal": "Lokale sites doen geen tunnel, leren meer", + "siteConfirmCopy": "Ik heb de configuratie gekopieerd", + "searchSitesProgress": "Sites zoeken...", + "siteAdd": "Site toevoegen", + "siteInstallNewt": "Installeer Newt", + "siteInstallNewtDescription": "Laat Newt draaien op uw systeem", + "WgConfiguration": "WireGuard Configuratie", + "WgConfigurationDescription": "Gebruik de volgende configuratie om verbinding te maken met je netwerk", + "operatingSystem": "Operating systeem", + "commands": "Opdrachten", + "recommended": "Aanbevolen", + "siteNewtDescription": "Gebruik Newt voor de beste gebruikerservaring. Het maakt gebruik van WireGuard onder de capuchon en laat je toe om contact op te nemen met je privébronnen via hun LAN-adres op je privénetwerk vanuit het Pangolin dashboard.", + "siteRunsInDocker": "Loopt in Docker", + "siteRunsInShell": "Voert in shell op macOS, Linux en Windows", + "siteErrorDelete": "Fout bij verwijderen site", + "siteErrorUpdate": "Bijwerken site mislukt", + "siteErrorUpdateDescription": "Fout opgetreden tijdens het bijwerken van de site.", + "siteUpdated": "Site bijgewerkt", + "siteUpdatedDescription": "De site is bijgewerkt.", + "siteGeneralDescription": "Algemene instellingen voor deze site configureren", + "siteSettingDescription": "Configureer de instellingen op uw site", + "siteSetting": "{siteName} instellingen", + "siteNewtTunnel": "Nieuwstunnel (Aanbevolen)", + "siteNewtTunnelDescription": "Gemakkelijkste manier om een ingangspunt in uw netwerk te maken. Geen extra opzet.", + "siteWg": "Basis WireGuard", + "siteWgDescription": "Gebruik een WireGuard client om een tunnel te bouwen. Handmatige NAT installatie vereist.", + "siteWgDescriptionSaas": "Gebruik elke WireGuard-client om een tunnel op te zetten. Handmatige NAT-instelling vereist. WERKT ALLEEN OP SELF HOSTED NODES", + "siteLocalDescription": "Alleen lokale bronnen. Geen tunneling.", + "siteLocalDescriptionSaas": "Alleen lokale bronnen. Geen tunneling. WERKT ALLEEN OP SELF HOSTED NODES", + "siteSeeAll": "Alle werkruimtes bekijken", + "siteTunnelDescription": "Bepaal hoe u verbinding wilt maken met uw site", + "siteNewtCredentials": "Nieuwste aanmeldgegevens", + "siteNewtCredentialsDescription": "Dit is hoe Newt zich zal verifiëren met de server", + "siteCredentialsSave": "Uw referenties opslaan", + "siteCredentialsSaveDescription": "Je kunt dit slechts één keer zien. Kopieer het naar een beveiligde plek.", + "siteInfo": "Site informatie", + "status": "status", + "shareTitle": "Beheer deellinks", + "shareDescription": "Maak deelbare links aan om tijdelijke of permanente toegang tot uw bronnen te verlenen", + "shareSearch": "Zoek share links...", + "shareCreate": "Maak Share link", + "shareErrorDelete": "Kan link niet verwijderen", + "shareErrorDeleteMessage": "Fout opgetreden tijdens het verwijderen link", + "shareDeleted": "Link verwijderd", + "shareDeletedDescription": "De link is verwijderd", + "shareTokenDescription": "Uw toegangstoken kan op twee manieren worden doorgegeven: als queryparameter of in de header van de aanvraag. Deze moeten worden doorgegeven van de client op elk verzoek voor geverifieerde toegang.", + "accessToken": "Toegangs-token", + "usageExamples": "Voorbeelden van gebruik", + "tokenId": "Token ID", + "requestHeades": "Aanvraag van headers", + "queryParameter": "Queryparameter", + "importantNote": "Belangrijke opmerking", + "shareImportantDescription": "Om veiligheidsredenen wordt het gebruik van headers aanbevolen over queryparameters indien mogelijk, omdat query parameters kunnen worden aangemeld in serverlogboeken of browsergeschiedenis.", + "token": "Token", + "shareTokenSecurety": "Houd uw toegangstoken veilig. Deel deze niet in openbaar toegankelijke gebieden of client-side code.", + "shareErrorFetchResource": "Fout bij het ophalen van bronnen", + "shareErrorFetchResourceDescription": "Er is een fout opgetreden bij het ophalen van de resources", + "shareErrorCreate": "Aanmaken van link delen mislukt", + "shareErrorCreateDescription": "Fout opgetreden tijdens het maken van de share link", + "shareCreateDescription": "Iedereen met deze link heeft toegang tot de pagina", + "shareTitleOptional": "Titel (optioneel)", + "expireIn": "Vervalt in", + "neverExpire": "Nooit verlopen", + "shareExpireDescription": "Vervaltijd is hoe lang de link bruikbaar is en geeft toegang tot de bron. Na deze tijd zal de link niet meer werken en zullen gebruikers die deze link hebben gebruikt de toegang tot de pagina verliezen.", + "shareSeeOnce": "Je kunt deze koppeling alleen zien. Zorg ervoor dat je het kopieert.", + "shareAccessHint": "Iedereen met deze link heeft toegang tot de bron. Deel deze met zorg.", + "shareTokenUsage": "Zie Toegangstoken Gebruik", + "createLink": "Koppeling aanmaken", + "resourcesNotFound": "Geen bronnen gevonden", + "resourceSearch": "Zoek bronnen", + "openMenu": "Menu openen", + "resource": "Bron", + "title": "Aanspreektitel", + "created": "Aangemaakt", + "expires": "Verloopt", + "never": "Nooit", + "shareErrorSelectResource": "Selecteer een bron", + "resourceTitle": "Bronnen beheren", + "resourceDescription": "Veilige proxy's voor uw privé applicaties maken", + "resourcesSearch": "Zoek bronnen...", + "resourceAdd": "Bron toevoegen", + "resourceErrorDelte": "Fout bij verwijderen document", + "authentication": "Authenticatie", + "protected": "Beschermd", + "notProtected": "Niet beschermd", + "resourceMessageRemove": "Eenmaal verwijderd, zal het bestand niet langer toegankelijk zijn. Alle doelen die gekoppeld zijn aan het hulpbron, zullen ook verwijderd worden.", + "resourceMessageConfirm": "Om te bevestigen, typ de naam van de bron hieronder.", + "resourceQuestionRemove": "Weet u zeker dat u de resource {selectedResource} uit de organisatie wilt verwijderen?", + "resourceHTTP": "HTTPS bron", + "resourceHTTPDescription": "Proxy verzoeken aan uw app via HTTPS via een subdomein of basisdomein.", + "resourceRaw": "Ruwe TCP/UDP bron", + "resourceRawDescription": "Proxy verzoeken naar je app via TCP/UDP met behulp van een poortnummer.", + "resourceCreate": "Bron maken", + "resourceCreateDescription": "Volg de onderstaande stappen om een nieuwe bron te maken", + "resourceSeeAll": "Alle bronnen bekijken", + "resourceInfo": "Bron informatie", + "resourceNameDescription": "Dit is de weergavenaam voor het document.", + "siteSelect": "Selecteer site", + "siteSearch": "Zoek site", + "siteNotFound": "Geen site gevonden.", + "siteSelectionDescription": "Deze site zal connectiviteit met het doelwit bieden.", + "resourceType": "Type bron", + "resourceTypeDescription": "Bepaal hoe u toegang wilt krijgen tot uw bron", + "resourceHTTPSSettings": "HTTPS instellingen", + "resourceHTTPSSettingsDescription": "Stel in hoe de bron wordt benaderd via HTTPS", + "domainType": "Domein type", + "subdomain": "Subdomein", + "baseDomain": "Basis domein", + "subdomnainDescription": "Het subdomein waar de bron toegankelijk is.", + "resourceRawSettings": "TCP/UDP instellingen", + "resourceRawSettingsDescription": "Stel in hoe je bron wordt benaderd via TCP/UDP", + "protocol": "Protocol", + "protocolSelect": "Selecteer een protocol", + "resourcePortNumber": "Nummer van poort", + "resourcePortNumberDescription": "Het externe poortnummer naar proxyverzoeken.", + "cancel": "annuleren", + "resourceConfig": "Configuratie tekstbouwstenen", + "resourceConfigDescription": "Kopieer en plak deze configuratie-snippets om je TCP/UDP-bron in te stellen", + "resourceAddEntrypoints": "Traefik: Entrypoints toevoegen", + "resourceExposePorts": "Gerbild: Gevangen blootstellen in Docker Compose", + "resourceLearnRaw": "Leer hoe je TCP/UDP bronnen kunt configureren", + "resourceBack": "Terug naar bronnen", + "resourceGoTo": "Ga naar Resource", + "resourceDelete": "Document verwijderen", + "resourceDeleteConfirm": "Bevestig Verwijderen Document", + "visibility": "Zichtbaarheid", + "enabled": "Ingeschakeld", + "disabled": "Uitgeschakeld", + "general": "Algemeen", + "generalSettings": "Algemene instellingen", + "proxy": "Proxy", + "internal": "Intern", + "rules": "Regels", + "resourceSettingDescription": "Configureer de instellingen op uw bron", + "resourceSetting": "{resourceName} instellingen", + "alwaysAllow": "Altijd toestaan", + "alwaysDeny": "Altijd weigeren", + "passToAuth": "Passeren naar Auth", + "orgSettingsDescription": "Configureer de algemene instellingen van je organisatie", + "orgGeneralSettings": "Organisatie Instellingen", + "orgGeneralSettingsDescription": "Beheer de details en configuratie van uw organisatie", + "saveGeneralSettings": "Algemene instellingen opslaan", + "saveSettings": "Instellingen opslaan", + "orgDangerZone": "Gevaarlijke zone", + "orgDangerZoneDescription": "Als u deze instantie verwijdert, is er geen weg terug. Wees het alstublieft zeker.", + "orgDelete": "Verwijder organisatie", + "orgDeleteConfirm": "Bevestig Verwijderen Organisatie", + "orgMessageRemove": "Deze actie is onomkeerbaar en zal alle bijbehorende gegevens verwijderen.", + "orgMessageConfirm": "Om te bevestigen, typ de naam van de onderstaande organisatie in.", + "orgQuestionRemove": "Weet u zeker dat u de organisatie {selectedOrg} wilt verwijderen?", + "orgUpdated": "Organisatie bijgewerkt", + "orgUpdatedDescription": "De organisatie is bijgewerkt.", + "orgErrorUpdate": "Bijwerken organisatie mislukt", + "orgErrorUpdateMessage": "Fout opgetreden tijdens het bijwerken van de organisatie.", + "orgErrorFetch": "Organisaties ophalen mislukt", + "orgErrorFetchMessage": "Er is een fout opgetreden tijdens het plaatsen van uw organisaties", + "orgErrorDelete": "Kan organisatie niet verwijderen", + "orgErrorDeleteMessage": "Er is een fout opgetreden tijdens het verwijderen van de organisatie.", + "orgDeleted": "Organisatie verwijderd", + "orgDeletedMessage": "De organisatie en haar gegevens zijn verwijderd.", + "orgMissing": "Organisatie-ID ontbreekt", + "orgMissingMessage": "Niet in staat om de uitnodiging te regenereren zonder organisatie-ID.", + "accessUsersManage": "Gebruikers beheren", + "accessUsersDescription": "Nodig gebruikers uit en voeg ze toe aan de rollen om toegang tot uw organisatie te beheren", + "accessUsersSearch": "Gebruikers zoeken...", + "accessUserCreate": "Gebruiker aanmaken", + "accessUserRemove": "Gebruiker verwijderen", + "username": "Gebruikersnaam", + "identityProvider": "Identiteit Provider", + "role": "Functie", + "nameRequired": "Naam is verplicht", + "accessRolesManage": "Rollen beheren", + "accessRolesDescription": "Configureer rollen om toegang tot uw organisatie te beheren", + "accessRolesSearch": "Rollen zoeken...", + "accessRolesAdd": "Rol toevoegen", + "accessRoleDelete": "Verwijder rol", + "description": "Beschrijving", + "inviteTitle": "Open uitnodigingen", + "inviteDescription": "Beheer je uitnodigingen aan andere gebruikers", + "inviteSearch": "Uitnodigingen zoeken...", + "minutes": "minuten", + "hours": "Uren", + "days": "dagen", + "weeks": "Weken", + "months": "maanden", + "years": "Jaar", + "day": "{count, plural, one {# dag} other {# dagen}}", + "apiKeysTitle": "API Key Informatie", + "apiKeysConfirmCopy2": "Bevestig dat u de API-sleutel hebt gekopieerd.", + "apiKeysErrorCreate": "Fout bij maken API-sleutel", + "apiKeysErrorSetPermission": "Fout instellen permissies", + "apiKeysCreate": "API-sleutel genereren", + "apiKeysCreateDescription": "Genereer een nieuwe API-sleutel voor uw organisatie", + "apiKeysGeneralSettings": "Machtigingen", + "apiKeysGeneralSettingsDescription": "Bepaal wat deze API-sleutel kan doen", + "apiKeysList": "Uw API-sleutel", + "apiKeysSave": "Uw API-sleutel opslaan", + "apiKeysSaveDescription": "Je kunt dit slechts één keer zien. Kopieer het naar een beveiligde plek.", + "apiKeysInfo": "Uw API-sleutel is:", + "apiKeysConfirmCopy": "Ik heb de API-sleutel gekopieerd", + "generate": "Genereren", + "done": "Voltooid", + "apiKeysSeeAll": "Alle API-sleutels bekijken", + "apiKeysPermissionsErrorLoadingActions": "Fout bij het laden van API key acties", + "apiKeysPermissionsErrorUpdate": "Fout instellen permissies", + "apiKeysPermissionsUpdated": "Permissies bijgewerkt", + "apiKeysPermissionsUpdatedDescription": "De bevoegdheden zijn bijgewerkt.", + "apiKeysPermissionsGeneralSettings": "Machtigingen", + "apiKeysPermissionsGeneralSettingsDescription": "Bepaal wat deze API-sleutel kan doen", + "apiKeysPermissionsSave": "Rechten opslaan", + "apiKeysPermissionsTitle": "Machtigingen", + "apiKeys": "API sleutels", + "searchApiKeys": "API-sleutels zoeken...", + "apiKeysAdd": "API-sleutel genereren", + "apiKeysErrorDelete": "Fout bij verwijderen API-sleutel", + "apiKeysErrorDeleteMessage": "Fout bij verwijderen API-sleutel", + "apiKeysQuestionRemove": "Weet u zeker dat u de API-sleutel {selectedApiKey} van de organisatie wilt verwijderen?", + "apiKeysMessageRemove": "Eenmaal verwijderd, kan de API-sleutel niet meer worden gebruikt.", + "apiKeysMessageConfirm": "Om dit te bevestigen, typt u de naam van de API-sleutel hieronder.", + "apiKeysDeleteConfirm": "Bevestig Verwijderen API-sleutel", + "apiKeysDelete": "API-sleutel verwijderen", + "apiKeysManage": "API-sleutels beheren", + "apiKeysDescription": "API-sleutels worden gebruikt om te verifiëren met de integratie-API", + "apiKeysSettings": "{apiKeyName} instellingen", + "userTitle": "Alle gebruikers beheren", + "userDescription": "Bekijk en beheer alle gebruikers in het systeem", + "userAbount": "Over gebruikersbeheer", + "userAbountDescription": "Deze tabel toont alle root user objecten in het systeem. Elke gebruiker kan tot meerdere organisaties behoren. Een gebruiker verwijderen uit een organisatie verwijdert hun root gebruiker object niet - ze zullen in het systeem blijven. Om een gebruiker volledig te verwijderen uit het systeem, moet u hun root gebruiker object verwijderen met behulp van de actie in deze tabel.", + "userServer": "Server Gebruikers", + "userSearch": "Zoek server gebruikers...", + "userErrorDelete": "Fout bij verwijderen gebruiker", + "userDeleteConfirm": "Bevestig verwijderen gebruiker", + "userDeleteServer": "Gebruiker verwijderen van de server", + "userMessageRemove": "De gebruiker zal uit alle organisaties verwijderd worden en volledig verwijderd worden van de server.", + "userMessageConfirm": "Typ de naam van de gebruiker hieronder om te bevestigen.", + "userQuestionRemove": "Weet je zeker dat je {selectedUser} permanent van de server wilt verwijderen?", + "licenseKey": "Licentie sleutel", + "valid": "Geldig", + "numberOfSites": "Aantal sites", + "licenseKeySearch": "Licentiesleutels zoeken...", + "licenseKeyAdd": "Licentiesleutel toevoegen", + "type": "Type", + "licenseKeyRequired": "Licentiesleutel is vereist", + "licenseTermsAgree": "U moet akkoord gaan met de licentievoorwaarden", + "licenseErrorKeyLoad": "Laden van licentiesleutels mislukt", + "licenseErrorKeyLoadDescription": "Er is een fout opgetreden bij het laden van licentiecodes.", + "licenseErrorKeyDelete": "Licentiesleutel verwijderen mislukt", + "licenseErrorKeyDeleteDescription": "Er is een fout opgetreden bij het verwijderen van licentiesleutel.", + "licenseKeyDeleted": "Licentiesleutel verwijderd", + "licenseKeyDeletedDescription": "De licentiesleutel is verwijderd.", + "licenseErrorKeyActivate": "Licentiesleutel activeren mislukt", + "licenseErrorKeyActivateDescription": "Er is een fout opgetreden tijdens het activeren van de licentiesleutel.", + "licenseAbout": "Over licenties", + "communityEdition": "Community editie", + "licenseAboutDescription": "Dit geldt voor gebruikers van bedrijven en ondernemingen die Pangolin in gebruiken in een commerciële omgeving. Als u Pangolin gebruikt voor persoonlijk gebruik, kunt u dit gedeelte negeren.", + "licenseKeyActivated": "Licentiesleutel geactiveerd", + "licenseKeyActivatedDescription": "De licentiesleutel is geactiveerd.", + "licenseErrorKeyRecheck": "Kon licentiesleutels niet opnieuw controleren", + "licenseErrorKeyRecheckDescription": "Er is een fout opgetreden bij het opnieuw controleren van licentiecodes.", + "licenseErrorKeyRechecked": "Licentiesleutels opnieuw gecontroleerd", + "licenseErrorKeyRecheckedDescription": "Alle licentiesleutels zijn opnieuw gecontroleerd", + "licenseActivateKey": "Activeer licentiesleutel", + "licenseActivateKeyDescription": "Voer een licentiesleutel in om deze te activeren.", + "licenseActivate": "Licentie activeren", + "licenseAgreement": "Door dit selectievakje aan te vinken, bevestigt u dat u de licentievoorwaarden hebt gelezen en ermee akkoord gaat die overeenkomen met de rang die is gekoppeld aan uw licentiesleutel.", + "fossorialLicense": "Fossorial Commerciële licentie- en abonnementsvoorwaarden bekijken", + "licenseMessageRemove": "Dit zal de licentiesleutel en alle bijbehorende machtigingen verwijderen die hierdoor zijn verleend.", + "licenseMessageConfirm": "Typ de licentiesleutel hieronder om te bevestigen.", + "licenseQuestionRemove": "Weet u zeker dat u de licentiesleutel {selectedKey} wilt verwijderen?", + "licenseKeyDelete": "Licentiesleutel verwijderen", + "licenseKeyDeleteConfirm": "Bevestig verwijderen licentiesleutel", + "licenseTitle": "Licentiestatus beheren", + "licenseTitleDescription": "Bekijk en beheer licentiesleutels in het systeem", + "licenseHost": "Host Licentie", + "licenseHostDescription": "Beheer de belangrijkste licentiesleutel voor de host.", + "licensedNot": "Niet gelicentieerd", + "hostId": "Host-ID", + "licenseReckeckAll": "Alle sleutels opnieuw selecteren", + "licenseSiteUsage": "Websites gebruik", + "licenseSiteUsageDecsription": "Bekijk het aantal sites dat deze licentie gebruikt.", + "licenseNoSiteLimit": "Er is geen limiet op het aantal sites dat een ongelicentieerde host gebruikt.", + "licensePurchase": "Licentie kopen", + "licensePurchaseSites": "Extra sites kopen", + "licenseSitesUsedMax": "{usedSites} van {maxSites} sites gebruikt", + "licenseSitesUsed": "{count, plural, =0 {# locaties} one {# locatie} other {# locaties}} in het systeem.", + "licensePurchaseDescription": "Kies hoeveel sites je wilt {selectedMode, select, license {Koop een licentie. Je kunt later altijd meer sites toevoegen.} other {Voeg je bestaande licentie toe}}", + "licenseFee": "Licentie vergoeding", + "licensePriceSite": "Prijs per site", + "total": "Totaal", + "licenseContinuePayment": "Doorgaan naar betaling", + "pricingPage": "prijsaanduiding pagina", + "pricingPortal": "Inkoopportaal bekijken", + "licensePricingPage": "Bezoek voor de meest recente prijzen en kortingen, a.u.b. de ", + "invite": "Uitnodigingen", + "inviteRegenerate": "Uitnodiging opnieuw genereren", + "inviteRegenerateDescription": "Verwijder vorige uitnodiging en maak een nieuwe", + "inviteRemove": "Verwijder uitnodiging", + "inviteRemoveError": "Uitnodiging verwijderen mislukt", + "inviteRemoveErrorDescription": "Er is een fout opgetreden tijdens het verwijderen van de uitnodiging.", + "inviteRemoved": "Uitnodiging verwijderd", + "inviteRemovedDescription": "De uitnodiging voor {email} is verwijderd.", + "inviteQuestionRemove": "Weet u zeker dat u de uitnodiging {email} wilt verwijderen?", + "inviteMessageRemove": "Eenmaal verwijderd, zal deze uitnodiging niet meer geldig zijn. U kunt de gebruiker later altijd opnieuw uitnodigen.", + "inviteMessageConfirm": "Om dit te bevestigen, typ dan het e-mailadres van onderstaande uitnodiging.", + "inviteQuestionRegenerate": "Weet u zeker dat u de uitnodiging voor {email}opnieuw wilt genereren? Dit zal de vorige uitnodiging intrekken.", + "inviteRemoveConfirm": "Bevestig verwijderen uitnodiging", + "inviteRegenerated": "Uitnodiging opnieuw gegenereerd", + "inviteSent": "Een nieuwe uitnodiging is verstuurd naar {email}.", + "inviteSentEmail": "Stuur e-mail notificatie naar de gebruiker", + "inviteGenerate": "Er is een nieuwe uitnodiging aangemaakt voor {email}.", + "inviteDuplicateError": "Dubbele uitnodiging", + "inviteDuplicateErrorDescription": "Er bestaat al een uitnodiging voor deze gebruiker.", + "inviteRateLimitError": "Tarief limiet overschreden", + "inviteRateLimitErrorDescription": "U hebt de limiet van 3 regeneratie per uur overschreden. Probeer het later opnieuw.", + "inviteRegenerateError": "Kan uitnodiging niet opnieuw aanmaken", + "inviteRegenerateErrorDescription": "Fout opgetreden tijdens het opnieuw genereren van de uitnodiging.", + "inviteValidityPeriod": "Geldigheid periode", + "inviteValidityPeriodSelect": "Geldigheid kiezen", + "inviteRegenerateMessage": "De uitnodiging is opnieuw gegenereerd. De gebruiker moet toegang krijgen tot de link hieronder om de uitnodiging te accepteren.", + "inviteRegenerateButton": "Hergenereren", + "expiresAt": "Verloopt op", + "accessRoleUnknown": "Onbekende rol", + "placeholder": "Plaatsaanduiding", + "userErrorOrgRemove": "Kan gebruiker niet verwijderen", + "userErrorOrgRemoveDescription": "Er is een fout opgetreden tijdens het verwijderen van de gebruiker.", + "userOrgRemoved": "Gebruiker verwijderd", + "userOrgRemovedDescription": "De gebruiker {email} is verwijderd uit de organisatie.", + "userQuestionOrgRemove": "Weet u zeker dat u {email} wilt verwijderen uit de organisatie?", + "userMessageOrgRemove": "Eenmaal verwijderd, heeft deze gebruiker geen toegang meer tot de organisatie. Je kunt ze later altijd opnieuw uitnodigen, maar ze zullen de uitnodiging opnieuw moeten accepteren.", + "userMessageOrgConfirm": "Typ om te bevestigen de naam van de gebruiker hieronder.", + "userRemoveOrgConfirm": "Bevestig verwijderen gebruiker", + "userRemoveOrg": "Gebruiker uit organisatie verwijderen", + "users": "Gebruikers", + "accessRoleMember": "Lid", + "accessRoleOwner": "Eigenaar", + "userConfirmed": "Bevestigd", + "idpNameInternal": "Intern", + "emailInvalid": "Ongeldig e-mailadres", + "inviteValidityDuration": "Selecteer een tijdsduur", + "accessRoleSelectPlease": "Selecteer een rol", + "usernameRequired": "Gebruikersnaam is verplicht", + "idpSelectPlease": "Selecteer een identiteitsprovider", + "idpGenericOidc": "Algemene OAuth2/OIDC provider.", + "accessRoleErrorFetch": "Rollen ophalen mislukt", + "accessRoleErrorFetchDescription": "Er is een fout opgetreden bij het ophalen van de rollen", + "idpErrorFetch": "Kan identiteitsaanbieders niet ophalen", + "idpErrorFetchDescription": "Er is een fout opgetreden bij het ophalen van identiteitsproviders", + "userErrorExists": "Gebruiker bestaat al", + "userErrorExistsDescription": "Deze gebruiker is al lid van de organisatie.", + "inviteError": "Uitnodigen van gebruiker mislukt", + "inviteErrorDescription": "Er is een fout opgetreden tijdens het uitnodigen van de gebruiker", + "userInvited": "Gebruiker uitgenodigd", + "userInvitedDescription": "De gebruiker is succesvol uitgenodigd.", + "userErrorCreate": "Gebruiker aanmaken mislukt", + "userErrorCreateDescription": "Fout opgetreden tijdens het aanmaken van de gebruiker", + "userCreated": "Gebruiker aangemaakt", + "userCreatedDescription": "De gebruiker is succesvol aangemaakt.", + "userTypeInternal": "Interne gebruiker", + "userTypeInternalDescription": "Nodig een gebruiker uit om direct lid te worden van je organisatie.", + "userTypeExternal": "Externe gebruiker", + "userTypeExternalDescription": "Maak een gebruiker aan met een externe identiteitsprovider.", + "accessUserCreateDescription": "Volg de onderstaande stappen om een nieuwe gebruiker te maken", + "userSeeAll": "Alle gebruikers bekijken", + "userTypeTitle": "Type gebruiker", + "userTypeDescription": "Bepaal hoe u de gebruiker wilt aanmaken", + "userSettings": "Gebruikers informatie", + "userSettingsDescription": "Voer de gegevens van de nieuwe gebruiker in", + "inviteEmailSent": "Stuur uitnodigingsmail naar de gebruiker", + "inviteValid": "Geldig voor", + "selectDuration": "Selecteer duur", + "accessRoleSelect": "Selecteer rol", + "inviteEmailSentDescription": "Een e-mail is verstuurd naar de gebruiker met de link hieronder. Ze moeten toegang krijgen tot de link om de uitnodiging te accepteren.", + "inviteSentDescription": "De gebruiker is uitgenodigd. Ze moeten toegang krijgen tot de link hieronder om de uitnodiging te accepteren.", + "inviteExpiresIn": "De uitnodiging vervalt over {days, plural, one {# dag} other {# dagen}}.", + "idpTitle": "Identiteit Provider", + "idpSelect": "Identiteitsprovider voor de externe gebruiker selecteren", + "idpNotConfigured": "Er zijn geen identiteitsproviders geconfigureerd. Configureer een identiteitsprovider voordat u externe gebruikers aanmaakt.", + "usernameUniq": "Dit moet overeenkomen met de unieke gebruikersnaam die bestaat in de geselecteerde identiteitsprovider.", + "emailOptional": "E-mailadres (optioneel)", + "nameOptional": "Naam (optioneel)", + "accessControls": "Toegang Bediening", + "userDescription2": "Beheer de instellingen van deze gebruiker", + "accessRoleErrorAdd": "Gebruiker aan rol toevoegen mislukt", + "accessRoleErrorAddDescription": "Er is een fout opgetreden tijdens het toevoegen van de rol.", + "userSaved": "Gebruiker opgeslagen", + "userSavedDescription": "De gebruiker is bijgewerkt.", + "accessControlsDescription": "Beheer wat deze gebruiker toegang heeft tot en doet in de organisatie", + "accessControlsSubmit": "Bewaar Toegangsbesturing", + "roles": "Rollen", + "accessUsersRoles": "Beheer Gebruikers & Rollen", + "accessUsersRolesDescription": "Nodig gebruikers uit en voeg ze toe aan de rollen om toegang tot uw organisatie te beheren", + "key": "Sleutel", + "createdAt": "Aangemaakt op", + "proxyErrorInvalidHeader": "Ongeldige aangepaste Header waarde. Gebruik het domeinnaam formaat, of sla leeg op om de aangepaste Host header ongedaan te maken.", + "proxyErrorTls": "Ongeldige TLS servernaam. Gebruik de domeinnaam of sla leeg op om de TLS servernaam te verwijderen.", + "proxyEnableSSL": "SSL (https) inschakelen", + "targetErrorFetch": "Ophalen van doelen mislukt", + "targetErrorFetchDescription": "Er is een fout opgetreden bij het ophalen van de objecten", + "siteErrorFetch": "Mislukt om resource op te halen", + "siteErrorFetchDescription": "Er is een fout opgetreden tijdens het ophalen van het document", + "targetErrorDuplicate": "Dubbel doelwit", + "targetErrorDuplicateDescription": "Een doel met deze instellingen bestaat al", + "targetWireGuardErrorInvalidIp": "Ongeldig doel-IP", + "targetWireGuardErrorInvalidIpDescription": "Doel IP moet binnen de site subnet zijn", + "targetsUpdated": "Doelstellingen bijgewerkt", + "targetsUpdatedDescription": "Doelstellingen en instellingen succesvol bijgewerkt", + "targetsErrorUpdate": "Kan doelen niet bijwerken", + "targetsErrorUpdateDescription": "Fout opgetreden tijdens het bijwerken van de doelen", + "targetTlsUpdate": "TLS instellingen bijgewerkt", + "targetTlsUpdateDescription": "Uw TLS instellingen zijn succesvol bijgewerkt", + "targetErrorTlsUpdate": "Bijwerken van TLS instellingen mislukt", + "targetErrorTlsUpdateDescription": "Fout opgetreden tijdens het bijwerken van de TLS-instellingen", + "proxyUpdated": "Proxyinstellingen bijgewerkt", + "proxyUpdatedDescription": "Uw proxyinstellingen zijn succesvol bijgewerkt", + "proxyErrorUpdate": "Bijwerken van proxy-instellingen mislukt", + "proxyErrorUpdateDescription": "Fout opgetreden tijdens het bijwerken van de proxy-instellingen", + "targetAddr": "IP / Hostnaam", + "targetPort": "Poort", + "targetProtocol": "Protocol", + "targetTlsSettings": "HTTPS & TLS instellingen", + "targetTlsSettingsDescription": "SSL/TLS-instellingen voor uw bron configureren", + "targetTlsSettingsAdvanced": "Geavanceerde TLS instellingen", + "targetTlsSni": "TLS Server Naam (SNI)", + "targetTlsSniDescription": "De TLS servernaam om te gebruiken voor SNI. Laat leeg om de standaard te gebruiken.", + "targetTlsSubmit": "Instellingen opslaan", + "targets": "Doelstellingen configuratie", + "targetsDescription": "Stel doelen in om verkeer naar uw backend-services te leiden", + "targetStickySessions": "Sticky sessies inschakelen", + "targetStickySessionsDescription": "Behoud verbindingen op hetzelfde backend doel voor hun hele sessie.", + "methodSelect": "Selecteer methode", + "targetSubmit": "Doelwit toevoegen", + "targetNoOne": "Geen doelwitten. Voeg een doel toe via het formulier.", + "targetNoOneDescription": "Het toevoegen van meer dan één doel hierboven zal de load balancering mogelijk maken.", + "targetsSubmit": "Doelstellingen opslaan", + "proxyAdditional": "Extra Proxy-instellingen", + "proxyAdditionalDescription": "Configureer hoe de proxy-instellingen van uw bron worden afgehandeld", + "proxyCustomHeader": "Aangepaste Host-header", + "proxyCustomHeaderDescription": "De hostkop om in te stellen bij proxying verzoeken. Laat leeg om de standaard te gebruiken.", + "proxyAdditionalSubmit": "Proxyinstellingen opslaan", + "subnetMaskErrorInvalid": "Ongeldig subnet masker. Moet tussen 0 en 32 zijn.", + "ipAddressErrorInvalidFormat": "Ongeldig IP-adresformaat", + "ipAddressErrorInvalidOctet": "Ongeldige IP adres octet", + "path": "Pad", + "ipAddressRange": "IP Bereik", + "rulesErrorFetch": "Regels ophalen mislukt", + "rulesErrorFetchDescription": "Er is een fout opgetreden bij het ophalen van de regels", + "rulesErrorDuplicate": "Dupliceer regel", + "rulesErrorDuplicateDescription": "Een regel met deze instellingen bestaat al", + "rulesErrorInvalidIpAddressRange": "Ongeldige CIDR", + "rulesErrorInvalidIpAddressRangeDescription": "Voer een geldige CIDR waarde in", + "rulesErrorInvalidUrl": "Ongeldige URL pad", + "rulesErrorInvalidUrlDescription": "Voer een geldige URL padwaarde in", + "rulesErrorInvalidIpAddress": "Ongeldig IP", + "rulesErrorInvalidIpAddressDescription": "Voer een geldig IP-adres in", + "rulesErrorUpdate": "Regels bijwerken mislukt", + "rulesErrorUpdateDescription": "Fout opgetreden tijdens het bijwerken van de regels", + "rulesUpdated": "Regels inschakelen", + "rulesUpdatedDescription": "Regel evaluatie is bijgewerkt", + "rulesMatchIpAddressRangeDescription": "Voer een adres in in het CIDR-formaat (bijv. 103.21.244.0/22)", + "rulesMatchIpAddress": "Voer een IP-adres in (bijv. 103.21.244.12)", + "rulesMatchUrl": "Voer een URL-pad of patroon in (bijv. /api/v1/todos of /api/v1/*)", + "rulesErrorInvalidPriority": "Ongeldige prioriteit", + "rulesErrorInvalidPriorityDescription": "Voer een geldige prioriteit in", + "rulesErrorDuplicatePriority": "Dubbele prioriteiten", + "rulesErrorDuplicatePriorityDescription": "Voer unieke prioriteiten in", + "ruleUpdated": "Regels bijgewerkt", + "ruleUpdatedDescription": "Regels met succes bijgewerkt", + "ruleErrorUpdate": "Bewerking mislukt", + "ruleErrorUpdateDescription": "Er is een fout opgetreden tijdens het opslaan", + "rulesPriority": "Prioriteit", + "rulesAction": "actie", + "rulesMatchType": "Wedstrijd Type", + "value": "Waarde", + "rulesAbout": "Over regels", + "rulesAboutDescription": "Regels stellen u in staat om de toegang tot uw bron te controleren op basis van een aantal criteria. U kunt regels maken om toegang te toestaan of weigeren op basis van IP-adres of URL pad.", + "rulesActions": "acties", + "rulesActionAlwaysAllow": "Altijd toegestaan: Omzeil alle authenticatiemethoden", + "rulesActionAlwaysDeny": "Altijd weigeren: Blokkeer alle aanvragen, er kan geen verificatie worden geprobeerd", + "rulesActionPassToAuth": "Doorgeven aan Auth: Toestaan dat authenticatiemethoden worden geprobeerd", + "rulesMatchCriteria": "Overeenkomende criteria", + "rulesMatchCriteriaIpAddress": "Overeenkomen met een specifiek IP-adres", + "rulesMatchCriteriaIpAddressRange": "Overeenkomen met een bereik van IP-adressen in de CIDR-notatie", + "rulesMatchCriteriaUrl": "Koppel een URL-pad of patroon", + "rulesEnable": "Regels inschakelen", + "rulesEnableDescription": "In- of uitschakelen van regelevaluatie voor deze bron", + "rulesResource": "Configuratie Resource Regels", + "rulesResourceDescription": "Regels instellen om toegang tot uw bron te beheren", + "ruleSubmit": "Regel toevoegen", + "rulesNoOne": "Geen regels. Voeg een regel toe via het formulier.", + "rulesOrder": "Regels worden in oplopende volgorde volgens prioriteit beoordeeld.", + "rulesSubmit": "Regels opslaan", + "resourceErrorCreate": "Fout bij maken document", + "resourceErrorCreateDescription": "Er is een fout opgetreden bij het maken van het document", + "resourceErrorCreateMessage": "Fout bij maken bron:", + "resourceErrorCreateMessageDescription": "Er is een onverwachte fout opgetreden", + "sitesErrorFetch": "Fout bij ophalen sites", + "sitesErrorFetchDescription": "Er is een fout opgetreden bij het ophalen van de sites", + "domainsErrorFetch": "Fout bij ophalen domeinen", + "domainsErrorFetchDescription": "Er is een fout opgetreden bij het ophalen van de domeinen", + "none": "geen", + "unknown": "onbekend", + "resources": "Hulpmiddelen", + "resourcesDescription": "Bronnen zijn proxies voor applicaties die op uw privénetwerk worden uitgevoerd. Maak een bron aan voor elke HTTP/HTTPS of onbewerkte TCP/UDP-service op uw privénetwerk. Elke bron moet verbonden zijn met een site om private, beveiligde verbinding mogelijk te maken via een versleutelde WireGuard tunnel.", + "resourcesWireGuardConnect": "Beveiligde verbinding met WireGuard versleuteling", + "resourcesMultipleAuthenticationMethods": "Meerdere verificatiemethoden configureren", + "resourcesUsersRolesAccess": "Gebruiker en rol-gebaseerde toegangsbeheer", + "resourcesErrorUpdate": "Bron wisselen mislukt", + "resourcesErrorUpdateDescription": "Er is een fout opgetreden tijdens het bijwerken van het document", + "access": "Toegangsrechten", + "shareLink": "{resource} Share link", + "resourceSelect": "Selecteer resource", + "shareLinks": "Links delen", + "share": "Deelbare links", + "shareDescription2": "Maak deelbare links naar uw bronnen. Links bieden tijdelijke of onbeperkte toegang tot uw bron. U kunt de vervalduur van de link configureren wanneer u er een aanmaakt.", + "shareEasyCreate": "Makkelijk te maken en te delen", + "shareConfigurableExpirationDuration": "Configureerbare vervalduur", + "shareSecureAndRevocable": "Veilig en herroepbaar", + "nameMin": "De naam moet minstens {len} tekens bevatten.", + "nameMax": "Naam mag niet langer zijn dan {len} tekens.", + "sitesConfirmCopy": "Bevestig dat u de configuratie hebt gekopieerd.", + "unknownCommand": "Onbekende opdracht", + "newtErrorFetchReleases": "Kan release-informatie niet ophalen: {err}", + "newtErrorFetchLatest": "Fout bij ophalen van laatste release: {err}", + "newtEndpoint": "Newt Eindoordeel", + "newtId": "Newt-ID", + "newtSecretKey": "Nieuwe geheime sleutel", + "architecture": "Architectuur", + "sites": "Werkruimtes", + "siteWgAnyClients": "Gebruik een willekeurige WireGuard client om verbinding te maken. Je moet je interne bronnen aanspreken met behulp van de peer IP.", + "siteWgCompatibleAllClients": "Compatibel met alle WireGuard clients", + "siteWgManualConfigurationRequired": "Handmatige configuratie vereist", + "userErrorNotAdminOrOwner": "Gebruiker is geen beheerder of eigenaar", + "pangolinSettings": "Instellingen - Pangolin", + "accessRoleYour": "Jouw rol:", + "accessRoleSelect2": "Selecteer lidmaatschap", + "accessUserSelect": "Selecteer een gebruiker", + "otpEmailEnter": "Voer e-mailadres in", + "otpEmailEnterDescription": "Druk op enter om een e-mail toe te voegen na het typen in het invoerveld.", + "otpEmailErrorInvalid": "Ongeldig e-mailadres. Wildcard (*) moet het hele lokale deel zijn.", + "otpEmailSmtpRequired": "SMTP vereist", + "otpEmailSmtpRequiredDescription": "SMTP moet ingeschakeld zijn op de server om eenmalige wachtwoordauthenticatie te gebruiken.", + "otpEmailTitle": "Eenmalige wachtwoorden", + "otpEmailTitleDescription": "Vereis e-mailgebaseerde authenticatie voor brontoegang", + "otpEmailWhitelist": "E-mail whitelist", + "otpEmailWhitelistList": "Toegestane e-mails", + "otpEmailWhitelistListDescription": "Alleen gebruikers met deze e-mailadressen hebben toegang tot dit document. Ze zullen worden gevraagd om een eenmalig wachtwoord in te voeren dat naar hun e-mail is verzonden. Wildcards (*@example.com) kunnen worden gebruikt om elk e-mailadres van een domein toe te staan.", + "otpEmailWhitelistSave": "Whitelist opslaan", + "passwordAdd": "Wachtwoord toevoegen", + "passwordRemove": "Wachtwoord verwijderen", + "pincodeAdd": "PIN-code toevoegen", + "pincodeRemove": "PIN-code verwijderen", + "resourceAuthMethods": "Authenticatie methoden", + "resourceAuthMethodsDescriptions": "Sta toegang tot de bron toe via extra autorisatiemethoden", + "resourceAuthSettingsSave": "Succesvol opgeslagen", + "resourceAuthSettingsSaveDescription": "Verificatie-instellingen zijn opgeslagen", + "resourceErrorAuthFetch": "Gegevens ophalen mislukt", + "resourceErrorAuthFetchDescription": "Er is een fout opgetreden bij het ophalen van de gegevens", + "resourceErrorPasswordRemove": "Fout bij verwijderen resource wachtwoord", + "resourceErrorPasswordRemoveDescription": "Er is een fout opgetreden tijdens het verwijderen van het bronwachtwoord", + "resourceErrorPasswordSetup": "Fout bij instellen resource wachtwoord", + "resourceErrorPasswordSetupDescription": "Er is een fout opgetreden bij het instellen van het wachtwoord bron", + "resourceErrorPincodeRemove": "Fout bij verwijderen resource pincode", + "resourceErrorPincodeRemoveDescription": "Er is een fout opgetreden tijdens het verwijderen van de bronpincode", + "resourceErrorPincodeSetup": "Fout bij instellen resource PIN code", + "resourceErrorPincodeSetupDescription": "Er is een fout opgetreden bij het instellen van de PIN-code van de bron", + "resourceErrorUsersRolesSave": "Kan rollen niet instellen", + "resourceErrorUsersRolesSaveDescription": "Er is een fout opgetreden tijdens het instellen van de rollen", + "resourceErrorWhitelistSave": "Kan whitelist niet opslaan", + "resourceErrorWhitelistSaveDescription": "Er is een fout opgetreden tijdens het opslaan van de whitelist", + "resourcePasswordSubmit": "Wachtwoordbescherming inschakelen", + "resourcePasswordProtection": "Wachtwoordbescherming {status}", + "resourcePasswordRemove": "Wachtwoord document verwijderd", + "resourcePasswordRemoveDescription": "Het wachtwoord van de resource is met succes verwijderd", + "resourcePasswordSetup": "Wachtwoord document ingesteld", + "resourcePasswordSetupDescription": "Het wachtwoord voor de bron is succesvol ingesteld", + "resourcePasswordSetupTitle": "Wachtwoord instellen", + "resourcePasswordSetupTitleDescription": "Stel een wachtwoord in om deze bron te beschermen", + "resourcePincode": "Pincode", + "resourcePincodeSubmit": "PIN-Code bescherming inschakelen", + "resourcePincodeProtection": "PIN Code bescherming {status}", + "resourcePincodeRemove": "Pijncode van resource verwijderd", + "resourcePincodeRemoveDescription": "Het wachtwoord van de resource is met succes verwijderd", + "resourcePincodeSetup": "PIN-code voor hulpbron ingesteld", + "resourcePincodeSetupDescription": "De bronpincode is succesvol ingesteld", + "resourcePincodeSetupTitle": "Pincode instellen", + "resourcePincodeSetupTitleDescription": "Stel een pincode in om deze hulpbron te beschermen", + "resourceRoleDescription": "Beheerders hebben altijd toegang tot deze bron.", + "resourceUsersRoles": "Gebruikers & Rollen", + "resourceUsersRolesDescription": "Configureer welke gebruikers en rollen deze pagina kunnen bezoeken", + "resourceUsersRolesSubmit": "Gebruikers opslaan & rollen", + "resourceWhitelistSave": "Succesvol opgeslagen", + "resourceWhitelistSaveDescription": "Whitelist instellingen zijn opgeslagen", + "ssoUse": "Gebruik Platform SSO", + "ssoUseDescription": "Bestaande gebruikers hoeven slechts eenmaal in te loggen voor alle bronnen die dit ingeschakeld hebben.", + "proxyErrorInvalidPort": "Ongeldig poortnummer", + "subdomainErrorInvalid": "Ongeldig subdomein", + "domainErrorFetch": "Fout bij ophalen domeinen", + "domainErrorFetchDescription": "Er is een fout opgetreden bij het ophalen van de domeinen", + "resourceErrorUpdate": "Bijwerken van resource mislukt", + "resourceErrorUpdateDescription": "Er is een fout opgetreden tijdens het bijwerken van het document", + "resourceUpdated": "Bron bijgewerkt", + "resourceUpdatedDescription": "Het document is met succes bijgewerkt", + "resourceErrorTransfer": "Mislukt om resource over te dragen", + "resourceErrorTransferDescription": "Er is een fout opgetreden tijdens het overzetten van het document", + "resourceTransferred": "Bron overgedragen", + "resourceTransferredDescription": "De bron is met succes overgedragen.", + "resourceErrorToggle": "Bron wisselen mislukt", + "resourceErrorToggleDescription": "Er is een fout opgetreden tijdens het bijwerken van het document", + "resourceVisibilityTitle": "Zichtbaarheid", + "resourceVisibilityTitleDescription": "Zichtbaarheid van bestanden volledig in- of uitschakelen", + "resourceGeneral": "Algemene instellingen", + "resourceGeneralDescription": "Configureer de algemene instellingen voor deze bron", + "resourceEnable": "Resource inschakelen", + "resourceTransfer": "Bronnen overdragen", + "resourceTransferDescription": "Verplaats dit document naar een andere site", + "resourceTransferSubmit": "Bronnen overdragen", + "siteDestination": "Bestemming site", + "searchSites": "Sites zoeken", + "accessRoleCreate": "Rol aanmaken", + "accessRoleCreateDescription": "Maak een nieuwe rol aan om gebruikers te groeperen en hun rechten te beheren.", + "accessRoleCreateSubmit": "Rol aanmaken", + "accessRoleCreated": "Rol aangemaakt", + "accessRoleCreatedDescription": "De rol is succesvol aangemaakt.", + "accessRoleErrorCreate": "Rol aanmaken mislukt", + "accessRoleErrorCreateDescription": "Fout opgetreden tijdens het aanmaken van de rol.", + "accessRoleErrorNewRequired": "Nieuwe rol is vereist", + "accessRoleErrorRemove": "Rol verwijderen mislukt", + "accessRoleErrorRemoveDescription": "Er is een fout opgetreden tijdens het verwijderen van de rol.", + "accessRoleName": "Rol naam", + "accessRoleQuestionRemove": "U staat op het punt de {name} rol te verwijderen. U kunt deze actie niet ongedaan maken.", + "accessRoleRemove": "Rol verwijderen", + "accessRoleRemoveDescription": "Verwijder een rol van de organisatie", + "accessRoleRemoveSubmit": "Rol verwijderen", + "accessRoleRemoved": "Rol verwijderd", + "accessRoleRemovedDescription": "De rol is succesvol verwijderd.", + "accessRoleRequiredRemove": "Voordat u deze rol verwijdert, selecteer een nieuwe rol om bestaande leden aan te dragen.", + "manage": "Beheren", + "sitesNotFound": "Geen sites gevonden.", + "pangolinServerAdmin": "Serverbeheer - Pangolin", + "licenseTierProfessional": "Professionele licentie", + "licenseTierEnterprise": "Enterprise Licentie", + "licenseTierCommercial": "Commerciële licentie", + "licensed": "Gelicentieerd", + "yes": "ja", + "no": "Neen", + "sitesAdditional": "Extra sites", + "licenseKeys": "Licentie Sleutels", + "sitestCountDecrease": "Verlaag het aantal sites", + "sitestCountIncrease": "Toename van site vergroten", + "idpManage": "Identiteitsaanbieders beheren", + "idpManageDescription": "Identiteitsaanbieders in het systeem bekijken en beheren", + "idpDeletedDescription": "Identity provider succesvol verwijderd", + "idpOidc": "OAuth2/OIDC", + "idpQuestionRemove": "Weet u zeker dat u de identiteitsprovider {name} permanent wilt verwijderen?", + "idpMessageRemove": "Dit zal de identiteitsprovider en alle bijbehorende configuraties verwijderen. Gebruikers die via deze provider authenticeren, kunnen niet langer inloggen.", + "idpMessageConfirm": "Om dit te bevestigen, typt u de naam van onderstaande identiteitsprovider.", + "idpConfirmDelete": "Bevestig verwijderen Identity Provider", + "idpDelete": "Identity Provider verwijderen", + "idp": "Identiteit aanbieders", + "idpSearch": "Identiteitsaanbieders zoeken...", + "idpAdd": "Identity Provider toevoegen", + "idpClientIdRequired": "Client-ID is vereist.", + "idpClientSecretRequired": "Clientgeheim is vereist.", + "idpErrorAuthUrlInvalid": "Authenticatie-URL moet een geldige URL zijn.", + "idpErrorTokenUrlInvalid": "Token-URL moet een geldige URL zijn.", + "idpPathRequired": "ID-pad is vereist.", + "idpScopeRequired": "Toepassingsgebieden zijn vereist.", + "idpOidcDescription": "Een OpenID Connect identity provider configureren", + "idpCreatedDescription": "Identity provider succesvol aangemaakt", + "idpCreate": "Identity Provider aanmaken", + "idpCreateDescription": "Een nieuwe identiteitsprovider voor gebruikersauthenticatie configureren", + "idpSeeAll": "Zie alle identiteitsaanbieders", + "idpSettingsDescription": "Configureer de basisinformatie voor uw identiteitsprovider", + "idpDisplayName": "Een weergavenaam voor deze identiteitsprovider", + "idpAutoProvisionUsers": "Auto Provisie Gebruikers", + "idpAutoProvisionUsersDescription": "Wanneer ingeschakeld, worden gebruikers automatisch in het systeem aangemaakt wanneer ze de eerste keer inloggen met de mogelijkheid om gebruikers toe te wijzen aan rollen en organisaties.", + "licenseBadge": "Professioneel", + "idpType": "Type provider", + "idpTypeDescription": "Selecteer het type identiteitsprovider dat u wilt configureren", + "idpOidcConfigure": "OAuth2/OIDC configuratie", + "idpOidcConfigureDescription": "Configureer de eindpunten van de OAuth2/OIDC provider en referenties", + "idpClientId": "Klant ID", + "idpClientIdDescription": "De OAuth2-client-ID van uw identiteitsprovider", + "idpClientSecret": "Clientgeheim", + "idpClientSecretDescription": "Het OAuth2-clientgeheim van je identiteitsprovider", + "idpAuthUrl": "URL autorisatie", + "idpAuthUrlDescription": "De URL voor autorisatie OAuth2", + "idpTokenUrl": "URL token", + "idpTokenUrlDescription": "De URL van het OAuth2 token eindpunt", + "idpOidcConfigureAlert": "Belangrijke informatie", + "idpOidcConfigureAlertDescription": "Na het aanmaken van de identity provider moet u de callback URL configureren in de instellingen van uw identity provider. De callback URL zal worden opgegeven na het succesvol aanmaken.", + "idpToken": "Token configuratie", + "idpTokenDescription": "Stel in hoe gebruikersgegevens uit het ID token uit te pakken", + "idpJmespathAbout": "Over JMESPath", + "idpJmespathAboutDescription": "De onderstaande paden gebruiken JMESPath syntaxis om waarden van de ID-token te extraheren.", + "idpJmespathAboutDescriptionLink": "Meer informatie over JMESPath", + "idpJmespathLabel": "ID pad", + "idpJmespathLabelDescription": "Het pad naar het gebruiker-id in het ID-token", + "idpJmespathEmailPathOptional": "E-mail pad (optioneel)", + "idpJmespathEmailPathOptionalDescription": "Het pad naar het e-mailadres van de gebruiker in het ID-token", + "idpJmespathNamePathOptional": "Naam pad (optioneel)", + "idpJmespathNamePathOptionalDescription": "Het pad naar de naam van de gebruiker in de ID-token", + "idpOidcConfigureScopes": "Toepassingsgebieden", + "idpOidcConfigureScopesDescription": "Te vragen ruimtescheiden lijst van OAuth2 toepassingsgebieden", + "idpSubmit": "Identity Provider aanmaken", + "orgPolicies": "Organisatie beleid", + "idpSettings": "{idpName} instellingen", + "idpCreateSettingsDescription": "Configureer de instellingen voor uw identiteitsprovider", + "roleMapping": "Rol Toewijzing", + "orgMapping": "Organisatie toewijzing", + "orgPoliciesSearch": "Zoek het organisatiebeleid...", + "orgPoliciesAdd": "Organisatiebeleid toevoegen", + "orgRequired": "Organisatie is vereist", + "error": "Foutmelding", + "success": "Geslaagd", + "orgPolicyAddedDescription": "Beleid succesvol toegevoegd", + "orgPolicyUpdatedDescription": "Beleid succesvol bijgewerkt", + "orgPolicyDeletedDescription": "Beleid succesvol verwijderd", + "defaultMappingsUpdatedDescription": "Standaard toewijzingen met succes bijgewerkt", + "orgPoliciesAbout": "Over organisatiebeleid", + "orgPoliciesAboutDescription": "Organisatiebeleid wordt gebruikt om toegang tot organisaties te beheren op basis van de gebruiker-ID-token. U kunt JMESPath expressies opgeven om rol en organisatie informatie van de ID-token te extraheren.", + "orgPoliciesAboutDescriptionLink": "Zie documentatie, voor meer informatie.", + "defaultMappingsOptional": "Standaard toewijzingen (optioneel)", + "defaultMappingsOptionalDescription": "De standaard toewijzingen worden gebruikt wanneer er geen organisatiebeleid is gedefinieerd voor een organisatie. Je kunt de standaard rol en organisatietoewijzingen opgeven waar je naar terug kunt vallen.", + "defaultMappingsRole": "Standaard Rol Toewijzing", + "defaultMappingsRoleDescription": "Het resultaat van deze uitdrukking moet de rolnaam zoals gedefinieerd in de organisatie als tekenreeks teruggeven.", + "defaultMappingsOrg": "Standaard organisatie mapping", + "defaultMappingsOrgDescription": "Deze expressie moet de org-ID teruggeven of waar om de gebruiker toegang te geven tot de organisatie.", + "defaultMappingsSubmit": "Standaard toewijzingen opslaan", + "orgPoliciesEdit": "Organisatie beleid bewerken", + "org": "Rekening", + "orgSelect": "Selecteer organisatie", + "orgSearch": "Zoek in org", + "orgNotFound": "Geen org gevonden.", + "roleMappingPathOptional": "Rol toewijzing pad (optioneel)", + "orgMappingPathOptional": "Organisatie mapping pad (optioneel)", + "orgPolicyUpdate": "Update beleid", + "orgPolicyAdd": "Beleid toevoegen", + "orgPolicyConfig": "Toegang voor een organisatie configureren", + "idpUpdatedDescription": "Identity provider succesvol bijgewerkt", + "redirectUrl": "Omleidings URL", + "redirectUrlAbout": "Over omleidings-URL", + "redirectUrlAboutDescription": "Dit is de URL waarnaar gebruikers worden doorverwezen na verificatie. U moet deze URL configureren in uw identiteitsprovider-instellingen.", + "pangolinAuth": "Authenticatie - Pangolin", + "verificationCodeLengthRequirements": "Je verificatiecode moet 8 tekens bevatten.", + "errorOccurred": "Er is een fout opgetreden", + "emailErrorVerify": "E-mail verifiëren is mislukt:", + "emailVerified": "E-mail met succes geverifieerd! Doorsturen naar u...", + "verificationCodeErrorResend": "Fout bij het opnieuw verzenden van de verificatiecode:", + "verificationCodeResend": "Verificatiecode opnieuw verzonden", + "verificationCodeResendDescription": "We hebben een verificatiecode opnieuw naar je e-mailadres gestuurd. Controleer je inbox.", + "emailVerify": "Bevestig e-mailadres", + "emailVerifyDescription": "Voer de verificatiecode in die naar uw e-mailadres is verzonden.", + "verificationCode": "Verificatie Code", + "verificationCodeEmailSent": "We hebben een verificatiecode naar je e-mailadres gestuurd.", + "submit": "Bevestigen", + "emailVerifyResendProgress": "Opnieuw verzenden...", + "emailVerifyResend": "Geen code ontvangen? Klik hier om opnieuw te verzenden", + "passwordNotMatch": "Wachtwoorden komen niet overeen", + "signupError": "Er is een fout opgetreden tijdens het aanmelden", + "pangolinLogoAlt": "Pangolin logo", + "inviteAlready": "Het lijkt erop dat je bent uitgenodigd!", + "inviteAlreadyDescription": "Om de uitnodiging te accepteren, moet je inloggen of een account aanmaken.", + "signupQuestion": "Heeft u al een account?", + "login": "Inloggen", + "resourceNotFound": "Bron niet gevonden", + "resourceNotFoundDescription": "De bron die u probeert te benaderen bestaat niet.", + "pincodeRequirementsLength": "Pincode moet precies 6 cijfers zijn", + "pincodeRequirementsChars": "Pincode mag alleen cijfers bevatten", + "passwordRequirementsLength": "Wachtwoord moet ten minste 1 teken lang zijn", + "passwordRequirementsTitle": "Wachtwoordvereisten:", + "passwordRequirementLength": "Minstens 8 tekens lang", + "passwordRequirementUppercase": "Minstens één hoofdletter", + "passwordRequirementLowercase": "Minstens één kleine letter", + "passwordRequirementNumber": "Minstens één cijfer", + "passwordRequirementSpecial": "Minstens één speciaal teken", + "passwordRequirementsMet": "✓ Wachtwoord voldoet aan alle vereisten", + "passwordStrength": "Wachtwoord sterkte", + "passwordStrengthWeak": "Zwak", + "passwordStrengthMedium": "Gemiddeld", + "passwordStrengthStrong": "Sterk", + "passwordRequirements": "Vereisten:", + "passwordRequirementLengthText": "8+ tekens", + "passwordRequirementUppercaseText": "Hoofdletter (A-Z)", + "passwordRequirementLowercaseText": "Kleine letter (a-z)", + "passwordRequirementNumberText": "Cijfer (0-9)", + "passwordRequirementSpecialText": "Speciaal teken (!@#$%...)", + "passwordsDoNotMatch": "Wachtwoorden komen niet overeen", + "otpEmailRequirementsLength": "OTP moet minstens 1 teken lang zijn", + "otpEmailSent": "OTP verzonden", + "otpEmailSentDescription": "Een OTP is naar uw e-mail verzonden", + "otpEmailErrorAuthenticate": "Authenticatie met e-mail mislukt", + "pincodeErrorAuthenticate": "Authenticatie met pincode mislukt", + "passwordErrorAuthenticate": "Authenticatie met wachtwoord mislukt", + "poweredBy": "Mogelijk gemaakt door", + "authenticationRequired": "Authenticatie vereist", + "authenticationMethodChoose": "Kies uw voorkeursmethode voor toegang tot {name}", + "authenticationRequest": "U moet zich aanmelden om {name} te kunnen gebruiken", + "user": "Gebruiker", + "pincodeInput": "6-cijferige PIN-Code", + "pincodeSubmit": "Inloggen met PIN", + "passwordSubmit": "Log in met wachtwoord", + "otpEmailDescription": "Een eenmalige code zal worden verzonden naar deze e-mail.", + "otpEmailSend": "Verstuur éénmalige code", + "otpEmail": "Eenmalig wachtwoord (OTP)", + "otpEmailSubmit": "OTP inzenden", + "backToEmail": "Terug naar E-mail", + "noSupportKey": "Server draait zonder een supporter sleutel. Overweeg het project te ondersteunen!", + "accessDenied": "Toegang geweigerd", + "accessDeniedDescription": "U heeft geen toegang tot deze resource. Als dit een vergissing is, neem dan contact op met de beheerder.", + "accessTokenError": "Fout bij controleren toegangstoken", + "accessGranted": "Toegang verleend", + "accessUrlInvalid": "URL ongeldig", + "accessGrantedDescription": "Er is u toegang verleend tot deze resource. U wordt doorgestuurd...", + "accessUrlInvalidDescription": "Deze URL voor gedeelde toegang is ongeldig. Neem contact op met de documenteigenaar voor een nieuwe URL.", + "tokenInvalid": "Ongeldig token", + "pincodeInvalid": "Ongeldige code", + "passwordErrorRequestReset": "Verzoek om resetten mislukt:", + "passwordErrorReset": "Wachtwoord opnieuw instellen mislukt:", + "passwordResetSuccess": "Wachtwoord succesvol gereset! Terug naar inloggen...", + "passwordReset": "Wachtwoord opnieuw instellen", + "passwordResetDescription": "Volg de stappen om uw wachtwoord opnieuw in te stellen", + "passwordResetSent": "We sturen een wachtwoord reset code naar dit e-mailadres.", + "passwordResetCode": "Resetcode", + "passwordResetCodeDescription": "Controleer je e-mail voor de reset code.", + "passwordNew": "Nieuw wachtwoord", + "passwordNewConfirm": "Bevestig nieuw wachtwoord", + "pincodeAuth": "Authenticatiecode", + "pincodeSubmit2": "Code indienen", + "passwordResetSubmit": "Opnieuw instellen aanvragen", + "passwordBack": "Terug naar wachtwoord", + "loginBack": "Ga terug naar login", + "signup": "Registreer nu", + "loginStart": "Log in om te beginnen", + "idpOidcTokenValidating": "Valideer OIDC-token", + "idpOidcTokenResponse": "Valideer OIDC token antwoord", + "idpErrorOidcTokenValidating": "Fout bij valideren OIDC-token", + "idpConnectingTo": "Verbinden met {name}", + "idpConnectingToDescription": "Uw identiteit bevestigen", + "idpConnectingToProcess": "Verbinden...", + "idpConnectingToFinished": "Verbonden", + "idpErrorConnectingTo": "Er was een probleem bij het verbinden met {name}. Neem contact op met uw beheerder.", + "idpErrorNotFound": "IdP niet gevonden", + "inviteInvalid": "Ongeldige uitnodiging", + "inviteInvalidDescription": "Uitnodigingslink is ongeldig.", + "inviteErrorWrongUser": "Uitnodiging is niet voor deze gebruiker", + "inviteErrorUserNotExists": "Gebruiker bestaat niet. Maak eerst een account aan.", + "inviteErrorLoginRequired": "Je moet ingelogd zijn om een uitnodiging te accepteren", + "inviteErrorExpired": "De uitnodiging is mogelijk verlopen", + "inviteErrorRevoked": "De uitnodiging is mogelijk ingetrokken", + "inviteErrorTypo": "Er kan een typefout zijn in de uitnodigingslink", + "pangolinSetup": "Setup - Pangolin", + "orgNameRequired": "Organisatienaam is vereist", + "orgIdRequired": "Organisatie-ID is vereist", + "orgErrorCreate": "Fout opgetreden tijdens het aanmaken org", + "pageNotFound": "Pagina niet gevonden", + "pageNotFoundDescription": "Oeps! De pagina die je zoekt bestaat niet.", + "overview": "Overzicht.", + "home": "Startpagina", + "accessControl": "Toegangs controle", + "settings": "Instellingen", + "usersAll": "Alle gebruikers", + "license": "Licentie", + "pangolinDashboard": "Dashboard - Pangolin", + "noResults": "Geen resultaten gevonden.", + "terabytes": "{count} TB", + "gigabytes": "{count} GB", + "megabytes": "{count} MB", + "tagsEntered": "Ingevoerde tags", + "tagsEnteredDescription": "Dit zijn de tags die u hebt ingevoerd.", + "tagsWarnCannotBeLessThanZero": "maxTags en minTags kunnen niet minder dan 0 zijn", + "tagsWarnNotAllowedAutocompleteOptions": "Tag niet toegestaan als per autocomplete opties", + "tagsWarnInvalid": "Ongeldige tag per validateTag", + "tagWarnTooShort": "Tag {tagText} is te kort", + "tagWarnTooLong": "Tag {tagText} is te lang", + "tagsWarnReachedMaxNumber": "Het maximum aantal toegestane tags bereikt", + "tagWarnDuplicate": "Dubbele tag {tagText} niet toegevoegd", + "supportKeyInvalid": "Ongeldige sleutel", + "supportKeyInvalidDescription": "Je supporter sleutel is ongeldig.", + "supportKeyValid": "Geldige sleutel", + "supportKeyValidDescription": "Uw supporter sleutel is gevalideerd. Bedankt voor uw steun!", + "supportKeyErrorValidationDescription": "Niet gelukt om de supportersleutel te valideren.", + "supportKey": "Ondersteun ontwikkeling en Adopt een Pangolin!", + "supportKeyDescription": "Koop een supporter sleutel om ons te helpen Pangolin voor de gemeenschap te blijven ontwikkelen. Je bijdrage geeft ons meer tijd om nieuwe functies te behouden en toe te voegen aan de applicatie voor iedereen. We zullen dit nooit gebruiken voor paywall-functies. Dit staat los van elke commerciële editie.", + "supportKeyPet": "U zult ook uw eigen huisdier Pangolin moeten adopteren en ontmoeten!", + "supportKeyPurchase": "Betalingen worden verwerkt via GitHub. Daarna kunt u de sleutel ophalen op", + "supportKeyPurchaseLink": "onze website", + "supportKeyPurchase2": "en verzilver het hier.", + "supportKeyLearnMore": "Meer informatie.", + "supportKeyOptions": "Selecteer de optie die het beste bij u past.", + "supportKetOptionFull": "Volledige supporter", + "forWholeServer": "Voor de hele server", + "lifetimePurchase": "Levenslange aankoop", + "supporterStatus": "Status supporter", + "buy": "Kopen", + "supportKeyOptionLimited": "Beperkte Supporter", + "forFiveUsers": "Voor 5 of minder gebruikers", + "supportKeyRedeem": "Supportersleutel inwisselen", + "supportKeyHideSevenDays": "Verbergen voor 7 dagen", + "supportKeyEnter": "Voer de supportersleutel in", + "supportKeyEnterDescription": "Ontmoet je eigen huisdier Pangolin!", + "githubUsername": "GitHub-gebruikersnaam", + "supportKeyInput": "Supporter Sleutel", + "supportKeyBuy": "Koop Supportersleutel", + "logoutError": "Fout bij uitloggen", + "signingAs": "Ingelogd als", + "serverAdmin": "Server Beheerder", + "managedSelfhosted": "Beheerde Self-Hosted", + "otpEnable": "Twee-factor inschakelen", + "otpDisable": "Tweestapsverificatie uitschakelen", + "logout": "Log uit", + "licenseTierProfessionalRequired": "Professionele editie vereist", + "licenseTierProfessionalRequiredDescription": "Deze functie is alleen beschikbaar in de Professional Edition.", + "actionGetOrg": "Krijg Organisatie", + "actionUpdateOrg": "Organisatie bijwerken", + "actionUpdateUser": "Gebruiker bijwerken", + "actionGetUser": "Gebruiker ophalen", + "actionGetOrgUser": "Krijg organisatie-gebruiker", + "actionListOrgDomains": "Lijst organisatie domeinen", + "actionCreateSite": "Site maken", + "actionDeleteSite": "Site verwijderen", + "actionGetSite": "Site ophalen", + "actionListSites": "Sites weergeven", + "setupToken": "Setup Token", + "setupTokenDescription": "Voer het setup-token in vanaf de serverconsole.", + "setupTokenRequired": "Setup-token is vereist", + "actionUpdateSite": "Site bijwerken", + "actionListSiteRoles": "Toon toegestane sitenollen", + "actionCreateResource": "Bron maken", + "actionDeleteResource": "Document verwijderen", + "actionGetResource": "Bron ophalen", + "actionListResource": "Bronnen weergeven", + "actionUpdateResource": "Document bijwerken", + "actionListResourceUsers": "Lijst van documentgebruikers", + "actionSetResourceUsers": "Stel document gebruikers in", + "actionSetAllowedResourceRoles": "Toegestane Resource Rollen instellen", + "actionListAllowedResourceRoles": "Lijst Toegestane Resource Rollen", + "actionSetResourcePassword": "Stel bronwachtwoord in", + "actionSetResourcePincode": "Stel Resource Pincode in", + "actionSetResourceEmailWhitelist": "Stel Resource e-mail whitelist in", + "actionGetResourceEmailWhitelist": "Verkrijg Resource E-mail Whitelist", + "actionCreateTarget": "Doelwit aanmaken", + "actionDeleteTarget": "Verwijder doel", + "actionGetTarget": "Verkrijg Doel", + "actionListTargets": "Doelstellingen weergeven", + "actionUpdateTarget": "Doelwit bijwerken", + "actionCreateRole": "Rol aanmaken", + "actionDeleteRole": "Verwijder rol", + "actionGetRole": "Krijg Rol", + "actionListRole": "Toon rollen", + "actionUpdateRole": "Rol bijwerken", + "actionListAllowedRoleResources": "Lijst toegestane rolbronnen", + "actionInviteUser": "Gebruiker uitnodigen", + "actionRemoveUser": "Gebruiker verwijderen", + "actionListUsers": "Gebruikers weergeven", + "actionAddUserRole": "Gebruikersrol toevoegen", + "actionGenerateAccessToken": "Genereer Toegangstoken", + "actionDeleteAccessToken": "Verwijder toegangstoken", + "actionListAccessTokens": "Lijst toegangstokens", + "actionCreateResourceRule": "Bronregel aanmaken", + "actionDeleteResourceRule": "Verwijder Resource Regel", + "actionListResourceRules": "Bron regels weergeven", + "actionUpdateResourceRule": "Bronregel bewerken", + "actionListOrgs": "Organisaties weergeven", + "actionCheckOrgId": "ID controleren", + "actionCreateOrg": "Nieuwe organisatie aanmaken", + "actionDeleteOrg": "Verwijder organisatie", + "actionListApiKeys": "API-sleutels weergeven", + "actionListApiKeyActions": "Lijst van API Key Acties", + "actionSetApiKeyActions": "Stel API Key Toegestane Acties", + "actionCreateApiKey": "API-sleutel aanmaken", + "actionDeleteApiKey": "API-sleutel verwijderen", + "actionCreateIdp": "IDP aanmaken", + "actionUpdateIdp": "IDP bijwerken", + "actionDeleteIdp": "Verwijder IDP", + "actionListIdps": "Toon IDP", + "actionGetIdp": "IDP ophalen", + "actionCreateIdpOrg": "Maak IDP Org Policy", + "actionDeleteIdpOrg": "Verwijder IDP Org Beleid", + "actionListIdpOrgs": "Toon IDP Orgs", + "actionUpdateIdpOrg": "IDP-org bijwerken", + "actionCreateClient": "Client aanmaken", + "actionDeleteClient": "Verwijder klant", + "actionUpdateClient": "Klant bijwerken", + "actionListClients": "Lijst klanten", + "actionGetClient": "Client ophalen", + "actionCreateSiteResource": "Sitebron maken", + "actionDeleteSiteResource": "Document verwijderen van site", + "actionGetSiteResource": "Bron van site ophalen", + "actionListSiteResources": "Bronnen van site weergeven", + "actionUpdateSiteResource": "Document bijwerken van site", + "actionListInvitations": "Toon uitnodigingen", + "noneSelected": "Niet geselecteerd", + "orgNotFound2": "Geen organisaties gevonden.", + "searchProgress": "Zoeken...", + "create": "Aanmaken", + "orgs": "Organisaties", + "loginError": "Er is een fout opgetreden tijdens het inloggen", + "passwordForgot": "Wachtwoord vergeten?", + "otpAuth": "Tweestapsverificatie verificatie", + "otpAuthDescription": "Voer de code van je authenticator-app of een van je reservekopiecodes voor het eenmalig gebruik in.", + "otpAuthSubmit": "Code indienen", + "idpContinue": "Of ga verder met", + "otpAuthBack": "Terug naar inloggen", + "navbar": "Navigatiemenu", + "navbarDescription": "Hoofd navigatie menu voor de applicatie", + "navbarDocsLink": "Documentatie", + "commercialEdition": "Commerciële editie", + "otpErrorEnable": "Kan 2FA niet inschakelen", + "otpErrorEnableDescription": "Er is een fout opgetreden tijdens het inschakelen van 2FA", + "otpSetupCheckCode": "Voer een 6-cijferige code in", + "otpSetupCheckCodeRetry": "Ongeldige code. Probeer het opnieuw.", + "otpSetup": "Tweestapsverificatie inschakelen", + "otpSetupDescription": "Beveilig je account met een extra beveiligingslaag", + "otpSetupScanQr": "Scan deze QR-code met je authenticator-app of voer de geheime sleutel handmatig in:", + "otpSetupSecretCode": "Authenticatiecode", + "otpSetupSuccess": "Tweestapsverificatie ingeschakeld", + "otpSetupSuccessStoreBackupCodes": "Uw account is nu veiliger. Vergeet niet uw back-upcodes op te slaan.", + "otpErrorDisable": "Kan 2FA niet uitschakelen", + "otpErrorDisableDescription": "Er is een fout opgetreden tijdens het uitschakelen van 2FA", + "otpRemove": "Tweestapsverificatie uitschakelen", + "otpRemoveDescription": "Tweestapsverificatie uitschakelen voor je account", + "otpRemoveSuccess": "Tweestapsverificatie uitgeschakeld", + "otpRemoveSuccessMessage": "Tweestapsverificatie is uitgeschakeld voor uw account. U kunt dit op elk gewenst moment opnieuw inschakelen.", + "otpRemoveSubmit": "2FA uitschakelen", + "paginator": "Pagina {current} van {last}", + "paginatorToFirst": "Ga naar eerste pagina", + "paginatorToPrevious": "Ga naar vorige pagina", + "paginatorToNext": "Ga naar de volgende pagina", + "paginatorToLast": "Ga naar de laatste pagina", + "copyText": "Tekst kopiëren", + "copyTextFailed": "Kan tekst niet kopiëren: ", + "copyTextClipboard": "Kopiëren naar klembord", + "inviteErrorInvalidConfirmation": "Ongeldige bevestiging", + "passwordRequired": "Wachtwoord is vereist", + "allowAll": "Alles toestaan", + "permissionsAllowAll": "Alle machtigingen toestaan", + "githubUsernameRequired": "GitHub gebruikersnaam is vereist", + "supportKeyRequired": "Supportersleutel is vereist", + "passwordRequirementsChars": "Wachtwoord moet ten minste 8 tekens bevatten", + "language": "Taal", + "verificationCodeRequired": "Code is vereist", + "userErrorNoUpdate": "Geen gebruiker om te updaten", + "siteErrorNoUpdate": "Geen site om bij te werken", + "resourceErrorNoUpdate": "Geen document om bij te werken", + "authErrorNoUpdate": "Geen authenticatie informatie om bij te werken", + "orgErrorNoUpdate": "Geen org om bij te werken", + "orgErrorNoProvided": "Geen org opgegeven", + "apiKeysErrorNoUpdate": "Geen API-sleutel om bij te werken", + "sidebarOverview": "Overzicht.", + "sidebarHome": "Startpagina", + "sidebarSites": "Werkruimtes", + "sidebarResources": "Hulpmiddelen", + "sidebarAccessControl": "Toegangs controle", + "sidebarUsers": "Gebruikers", + "sidebarInvitations": "Uitnodigingen", + "sidebarRoles": "Rollen", + "sidebarShareableLinks": "Deelbare links", + "sidebarApiKeys": "API sleutels", + "sidebarSettings": "Instellingen", + "sidebarAllUsers": "Alle gebruikers", + "sidebarIdentityProviders": "Identiteit aanbieders", + "sidebarLicense": "Licentie", + "sidebarClients": "Clients (Bèta)", + "sidebarDomains": "Domeinen", + "enableDockerSocket": "Docker Socket inschakelen", + "enableDockerSocketDescription": "Docker Socket-ontdekking inschakelen voor het invullen van containerinformatie. Socket-pad moet aan Newt worden verstrekt.", + "enableDockerSocketLink": "Meer informatie", + "viewDockerContainers": "Bekijk Docker containers", + "containersIn": "Containers in {siteName}", + "selectContainerDescription": "Selecteer een container om als hostnaam voor dit doel te gebruiken. Klik op een poort om een poort te gebruiken.", + "containerName": "naam", + "containerImage": "Afbeelding", + "containerState": "Provincie", + "containerNetworks": "Netwerken", + "containerHostnameIp": "Hostnaam/IP", + "containerLabels": "Labels", + "containerLabelsCount": "{count, plural, one {# label} other {# labels}}", + "containerLabelsTitle": "Container labels", + "containerLabelEmpty": "", + "containerPorts": "Poorten", + "containerPortsMore": "+{count} meer", + "containerActions": "acties", + "select": "Selecteren", + "noContainersMatchingFilters": "Geen containers gevonden die overeenkomen met de huidige filters.", + "showContainersWithoutPorts": "Toon containers zonder poorten", + "showStoppedContainers": "Toon gestopte containers", + "noContainersFound": "Geen containers gevonden. Zorg ervoor dat Docker containers draaien.", + "searchContainersPlaceholder": "Zoek tussen {count} containers...", + "searchResultsCount": "{count, plural, one {# resultaat} other {# resultaten}}", + "filters": "Filters", + "filterOptions": "Filter opties", + "filterPorts": "Poorten", + "filterStopped": "Gestopt", + "clearAllFilters": "Alle filters wissen", + "columns": "Kolommen", + "toggleColumns": "Kolommen omschakelen", + "refreshContainersList": "Vernieuw containers lijst", + "searching": "Zoeken...", + "noContainersFoundMatching": "Geen containers gevonden die overeenkomen met \"{filter}\".", + "light": "licht", + "dark": "donker", + "system": "systeem", + "theme": "Thema", + "subnetRequired": "Subnet is vereist", + "initialSetupTitle": "Initiële serverconfiguratie", + "initialSetupDescription": "Maak het eerste serverbeheeraccount aan. Er kan slechts één serverbeheerder bestaan. U kunt deze inloggegevens later altijd wijzigen.", + "createAdminAccount": "Maak een beheeraccount aan", + "setupErrorCreateAdmin": "Er is een fout opgetreden bij het maken van het serverbeheerdersaccount.", + "certificateStatus": "Certificaatstatus", + "loading": "Bezig met laden", + "restart": "Herstarten", + "domains": "Domeinen", + "domainsDescription": "Beheer domeinen voor je organisatie", + "domainsSearch": "Zoek domeinen...", + "domainAdd": "Domein toevoegen", + "domainAddDescription": "Registreer een nieuw domein bij je organisatie", + "domainCreate": "Domein aanmaken", + "domainCreatedDescription": "Domein succesvol aangemaakt", + "domainDeletedDescription": "Domein succesvol verwijderd", + "domainQuestionRemove": "Weet je zeker dat je het domein {domain} uit je account wilt verwijderen?", + "domainMessageRemove": "Na verwijdering zal het domein niet langer aan je account gekoppeld zijn.", + "domainMessageConfirm": "Om te bevestigen, typ hieronder de domeinnaam.", + "domainConfirmDelete": "Bevestig verwijdering van domein", + "domainDelete": "Domein verwijderen", + "domain": "Domein", + "selectDomainTypeNsName": "Domeindelegatie (NS)", + "selectDomainTypeNsDescription": "Dit domein en al zijn subdomeinen. Gebruik dit wanneer je een volledige domeinzone wilt beheersen.", + "selectDomainTypeCnameName": "Enkel domein (CNAME)", + "selectDomainTypeCnameDescription": "Alleen dit specifieke domein. Gebruik dit voor individuele subdomeinen of specifieke domeinvermeldingen.", + "selectDomainTypeWildcardName": "Wildcard Domein", + "selectDomainTypeWildcardDescription": "Dit domein en zijn subdomeinen.", + "domainDelegation": "Enkel domein", + "selectType": "Selecteer een type", + "actions": "acties", + "refresh": "Vernieuwen", + "refreshError": "Het vernieuwen van gegevens is mislukt", + "verified": "Gecontroleerd", + "pending": "In afwachting", + "sidebarBilling": "Facturering", + "billing": "Facturering", + "orgBillingDescription": "Beheer je factureringsgegevens en abonnementen", + "github": "GitHub", + "pangolinHosted": "Pangolin gehost", + "fossorial": "Fossorial", + "completeAccountSetup": "Voltooi accountinstelling", + "completeAccountSetupDescription": "Stel je wachtwoord in om te beginnen", + "accountSetupSent": "We sturen een accountinstellingscode naar dit e-mailadres.", + "accountSetupCode": "Instellingscode", + "accountSetupCodeDescription": "Controleer je e-mail voor de instellingscode.", + "passwordCreate": "Wachtwoord aanmaken", + "passwordCreateConfirm": "Bevestig wachtwoord", + "accountSetupSubmit": "Instellingscode verzenden", + "completeSetup": "Voltooi instellen", + "accountSetupSuccess": "Accountinstelling voltooid! Welkom bij Pangolin!", + "documentation": "Documentatie", + "saveAllSettings": "Alle instellingen opslaan", + "settingsUpdated": "Instellingen bijgewerkt", + "settingsUpdatedDescription": "Alle instellingen zijn succesvol bijgewerkt", + "settingsErrorUpdate": "Bijwerken van instellingen mislukt", + "settingsErrorUpdateDescription": "Er is een fout opgetreden bij het bijwerken van instellingen", + "sidebarCollapse": "Inklappen", + "sidebarExpand": "Uitklappen", + "newtUpdateAvailable": "Update beschikbaar", + "newtUpdateAvailableInfo": "Er is een nieuwe versie van Newt beschikbaar. Update naar de nieuwste versie voor de beste ervaring.", + "domainPickerEnterDomain": "Domein", + "domainPickerPlaceholder": "mijnapp.voorbeeld.com, api.v1.mijndomein.com, of gewoon mijnapp", + "domainPickerDescription": "Voer de volledige domein van de bron in om beschikbare opties te zien.", + "domainPickerDescriptionSaas": "Voer een volledig domein, subdomein of gewoon een naam in om beschikbare opties te zien", + "domainPickerTabAll": "Alles", + "domainPickerTabOrganization": "Organisatie", + "domainPickerTabProvided": "Aangeboden", + "domainPickerSortAsc": "A-Z", + "domainPickerSortDesc": "Z-A", + "domainPickerCheckingAvailability": "Beschikbaarheid controleren...", + "domainPickerNoMatchingDomains": "Geen overeenkomende domeinen gevonden. Probeer een ander domein of controleer de domeininstellingen van uw organisatie.", + "domainPickerOrganizationDomains": "Organisatiedomeinen", + "domainPickerProvidedDomains": "Aangeboden domeinen", + "domainPickerSubdomain": "Subdomein: {subdomain}", + "domainPickerNamespace": "Namespace: {namespace}", + "domainPickerShowMore": "Meer weergeven", + "domainNotFound": "Domein niet gevonden", + "domainNotFoundDescription": "Deze bron is uitgeschakeld omdat het domein niet langer in ons systeem bestaat. Stel een nieuw domein in voor deze bron.", + "failed": "Mislukt", + "createNewOrgDescription": "Maak een nieuwe organisatie", + "organization": "Organisatie", + "port": "Poort", + "securityKeyManage": "Beveiligingssleutels beheren", + "securityKeyDescription": "Voeg beveiligingssleutels toe of verwijder ze voor wachtwoordloze authenticatie", + "securityKeyRegister": "Nieuwe beveiligingssleutel registreren", + "securityKeyList": "Uw beveiligingssleutels", + "securityKeyNone": "Nog geen beveiligingssleutels geregistreerd", + "securityKeyNameRequired": "Naam is verplicht", + "securityKeyRemove": "Verwijderen", + "securityKeyLastUsed": "Laatst gebruikt: {date}", + "securityKeyNameLabel": "Naam", + "securityKeyRegisterSuccess": "Beveiligingssleutel succesvol geregistreerd", + "securityKeyRegisterError": "Fout bij registreren van beveiligingssleutel", + "securityKeyRemoveSuccess": "Beveiligingssleutel succesvol verwijderd", + "securityKeyRemoveError": "Fout bij verwijderen van beveiligingssleutel", + "securityKeyLoadError": "Fout bij laden van beveiligingssleutels", + "securityKeyLogin": "Doorgaan met beveiligingssleutel", + "securityKeyAuthError": "Fout bij authenticatie met beveiligingssleutel", + "securityKeyRecommendation": "Overweeg om een andere beveiligingssleutel te registreren op een ander apparaat om ervoor te zorgen dat u niet buitengesloten raakt van uw account.", + "registering": "Registreren...", + "securityKeyPrompt": "Verifieer je identiteit met je beveiligingssleutel. Zorg ervoor dat je beveiligingssleutel verbonden en klaar is.", + "securityKeyBrowserNotSupported": "Je browser ondersteunt geen beveiligingssleutels. Gebruik een moderne browser zoals Chrome, Firefox of Safari.", + "securityKeyPermissionDenied": "Verleen toegang tot je beveiligingssleutel om door te gaan met inloggen.", + "securityKeyRemovedTooQuickly": "Houd je beveiligingssleutel verbonden totdat het inlogproces is voltooid.", + "securityKeyNotSupported": "Je beveiligingssleutel is mogelijk niet compatibel. Probeer een andere beveiligingssleutel.", + "securityKeyUnknownError": "Er was een probleem met het gebruik van je beveiligingssleutel. Probeer het opnieuw.", + "twoFactorRequired": "Tweestapsverificatie is vereist om een beveiligingssleutel te registreren.", + "twoFactor": "Tweestapsverificatie", + "adminEnabled2FaOnYourAccount": "Je beheerder heeft tweestapsverificatie voor {email} ingeschakeld. Voltooi het instellingsproces om verder te gaan.", + "continueToApplication": "Doorgaan naar de applicatie", + "securityKeyAdd": "Beveiligingssleutel toevoegen", + "securityKeyRegisterTitle": "Nieuwe beveiligingssleutel registreren", + "securityKeyRegisterDescription": "Verbind je beveiligingssleutel en voer een naam in om deze te identificeren", + "securityKeyTwoFactorRequired": "Tweestapsverificatie vereist", + "securityKeyTwoFactorDescription": "Voer je tweestapsverificatiecode in om de beveiligingssleutel te registreren", + "securityKeyTwoFactorRemoveDescription": "Voer je tweestapsverificatiecode in om de beveiligingssleutel te verwijderen", + "securityKeyTwoFactorCode": "Tweestapsverificatiecode", + "securityKeyRemoveTitle": "Beveiligingssleutel verwijderen", + "securityKeyRemoveDescription": "Voer je wachtwoord in om de beveiligingssleutel \"{name}\" te verwijderen", + "securityKeyNoKeysRegistered": "Geen beveiligingssleutels geregistreerd", + "securityKeyNoKeysDescription": "Voeg een beveiligingssleutel toe om je accountbeveiliging te verbeteren", + "createDomainRequired": "Domein is vereist", + "createDomainAddDnsRecords": "DNS-records toevoegen", + "createDomainAddDnsRecordsDescription": "Voeg de volgende DNS-records toe aan je domeinprovider om het instellen te voltooien.", + "createDomainNsRecords": "NS-records", + "createDomainRecord": "Record", + "createDomainType": "Type:", + "createDomainName": "Naam:", + "createDomainValue": "Waarde:", + "createDomainCnameRecords": "CNAME-records", + "createDomainARecords": "A Records", + "createDomainRecordNumber": "Record {number}", + "createDomainTxtRecords": "TXT-records", + "createDomainSaveTheseRecords": "Deze records opslaan", + "createDomainSaveTheseRecordsDescription": "Zorg ervoor dat je deze DNS-records opslaat, want je zult ze niet opnieuw zien.", + "createDomainDnsPropagation": "DNS-propagatie", + "createDomainDnsPropagationDescription": "DNS-wijzigingen kunnen enige tijd duren om over het internet te worden verspreid. Dit kan enkele minuten tot 48 uur duren, afhankelijk van je DNS-provider en TTL-instellingen.", + "resourcePortRequired": "Poortnummer is vereist voor niet-HTTP-bronnen", + "resourcePortNotAllowed": "Poortnummer mag niet worden ingesteld voor HTTP-bronnen", + "signUpTerms": { + "IAgreeToThe": "Ik ga akkoord met de", + "termsOfService": "servicevoorwaarden", + "and": "en", + "privacyPolicy": "privacybeleid" + }, + "siteRequired": "Site is vereist.", + "olmTunnel": "Olm Tunnel", + "olmTunnelDescription": "Gebruik Olm voor clientconnectiviteit", + "errorCreatingClient": "Fout bij het aanmaken van de client", + "clientDefaultsNotFound": "Standaardinstellingen van klant niet gevonden", + "createClient": "Client aanmaken", + "createClientDescription": "Maak een nieuwe client aan om verbinding te maken met uw sites", + "seeAllClients": "Alle clients bekijken", + "clientInformation": "Klantinformatie", + "clientNamePlaceholder": "Clientnaam", + "address": "Adres", + "subnetPlaceholder": "Subnet", + "addressDescription": "Het adres dat deze client zal gebruiken voor connectiviteit", + "selectSites": "Selecteer sites", + "sitesDescription": "De client heeft connectiviteit met de geselecteerde sites", + "clientInstallOlm": "Installeer Olm", + "clientInstallOlmDescription": "Laat Olm draaien op uw systeem", + "clientOlmCredentials": "Olm inloggegevens", + "clientOlmCredentialsDescription": "Dit is hoe Olm zich bij de server zal verifiëren", + "olmEndpoint": "Olm Eindpunt", + "olmId": "Olm ID", + "olmSecretKey": "Olm Geheime Sleutel", + "clientCredentialsSave": "Uw referenties opslaan", + "clientCredentialsSaveDescription": "Je kunt dit slechts één keer zien. Kopieer het naar een beveiligde plek.", + "generalSettingsDescription": "Configureer de algemene instellingen voor deze client", + "clientUpdated": "Klant bijgewerkt ", + "clientUpdatedDescription": "De client is bijgewerkt.", + "clientUpdateFailed": "Het bijwerken van de client is mislukt", + "clientUpdateError": "Er is een fout opgetreden tijdens het bijwerken van de client.", + "sitesFetchFailed": "Het ophalen van sites is mislukt", + "sitesFetchError": "Er is een fout opgetreden bij het ophalen van sites.", + "olmErrorFetchReleases": "Er is een fout opgetreden bij het ophalen van Olm releases.", + "olmErrorFetchLatest": "Er is een fout opgetreden bij het ophalen van de nieuwste Olm release.", + "remoteSubnets": "Externe Subnets", + "enterCidrRange": "Voer CIDR-bereik in", + "remoteSubnetsDescription": "Voeg CIDR-bereiken toe die vanaf deze site op afstand toegankelijk zijn met behulp van clients. Gebruik een formaat zoals 10.0.0.0/24. Dit geldt ALLEEN voor VPN-clientconnectiviteit.", + "resourceEnableProxy": "Openbare proxy inschakelen", + "resourceEnableProxyDescription": "Schakel publieke proxy in voor deze resource. Dit maakt toegang tot de resource mogelijk vanuit het netwerk via de cloud met een open poort. Vereist Traefik-configuratie.", + "externalProxyEnabled": "Externe Proxy Ingeschakeld", + "addNewTarget": "Voeg nieuw doelwit toe", + "targetsList": "Lijst met doelen", + "targetErrorDuplicateTargetFound": "Dubbel doelwit gevonden", + "httpMethod": "HTTP-methode", + "selectHttpMethod": "Selecteer HTTP-methode", + "domainPickerSubdomainLabel": "Subdomein", + "domainPickerBaseDomainLabel": "Basisdomein", + "domainPickerSearchDomains": "Zoek domeinen...", + "domainPickerNoDomainsFound": "Geen domeinen gevonden", + "domainPickerLoadingDomains": "Domeinen laden...", + "domainPickerSelectBaseDomain": "Selecteer basisdomein...", + "domainPickerNotAvailableForCname": "Niet beschikbaar voor CNAME-domeinen", + "domainPickerEnterSubdomainOrLeaveBlank": "Voer een subdomein in of laat leeg om basisdomein te gebruiken.", + "domainPickerEnterSubdomainToSearch": "Voer een subdomein in om te zoeken en te selecteren uit beschikbare gratis domeinen.", + "domainPickerFreeDomains": "Gratis Domeinen", + "domainPickerSearchForAvailableDomains": "Zoek naar beschikbare domeinen", + "resourceDomain": "Domein", + "resourceEditDomain": "Domein bewerken", + "siteName": "Site Naam", + "proxyPort": "Poort", + "resourcesTableProxyResources": "Proxybronnen", + "resourcesTableClientResources": "Clientbronnen", + "resourcesTableNoProxyResourcesFound": "Geen proxybronnen gevonden.", + "resourcesTableNoInternalResourcesFound": "Geen interne bronnen gevonden.", + "resourcesTableDestination": "Bestemming", + "resourcesTableTheseResourcesForUseWith": "Deze bronnen zijn bedoeld voor gebruik met", + "resourcesTableClients": "Clienten", + "resourcesTableAndOnlyAccessibleInternally": "en zijn alleen intern toegankelijk wanneer verbonden met een client.", + "editInternalResourceDialogEditClientResource": "Bewerk clientbron", + "editInternalResourceDialogUpdateResourceProperties": "Werk de eigenschapen van de bron en doelconfiguratie bij voor {resourceName}.", + "editInternalResourceDialogResourceProperties": "Bron eigenschappen", + "editInternalResourceDialogName": "Naam", + "editInternalResourceDialogProtocol": "Protocol", + "editInternalResourceDialogSitePort": "Site Poort", + "editInternalResourceDialogTargetConfiguration": "Doelconfiguratie", + "editInternalResourceDialogDestinationIP": "Bestemming IP", + "editInternalResourceDialogDestinationPort": "Bestemmingspoort", + "editInternalResourceDialogCancel": "Annuleren", + "editInternalResourceDialogSaveResource": "Sla bron op", + "editInternalResourceDialogSuccess": "Succes", + "editInternalResourceDialogInternalResourceUpdatedSuccessfully": "Interne bron succesvol bijgewerkt", + "editInternalResourceDialogError": "Fout", + "editInternalResourceDialogFailedToUpdateInternalResource": "Het bijwerken van de interne bron is mislukt", + "editInternalResourceDialogNameRequired": "Naam is verplicht", + "editInternalResourceDialogNameMaxLength": "Naam mag niet langer zijn dan 255 tekens", + "editInternalResourceDialogProxyPortMin": "Proxy poort moet minstens 1 zijn", + "editInternalResourceDialogProxyPortMax": "Proxy poort moet minder dan 65536 zijn", + "editInternalResourceDialogInvalidIPAddressFormat": "Ongeldig IP-adresformaat", + "editInternalResourceDialogDestinationPortMin": "Bestemmingspoort moet minstens 1 zijn", + "editInternalResourceDialogDestinationPortMax": "Bestemmingspoort moet minder dan 65536 zijn", + "createInternalResourceDialogNoSitesAvailable": "Geen sites beschikbaar", + "createInternalResourceDialogNoSitesAvailableDescription": "U moet ten minste één Newt-site hebben met een geconfigureerd subnet om interne bronnen aan te maken.", + "createInternalResourceDialogClose": "Sluiten", + "createInternalResourceDialogCreateClientResource": "Maak clientbron", + "createInternalResourceDialogCreateClientResourceDescription": "Maak een nieuwe bron die toegankelijk zal zijn voor clients die verbonden zijn met de geselecteerde site.", + "createInternalResourceDialogResourceProperties": "Bron-eigenschappen", + "createInternalResourceDialogName": "Naam", + "createInternalResourceDialogSite": "Site", + "createInternalResourceDialogSelectSite": "Selecteer site...", + "createInternalResourceDialogSearchSites": "Zoek sites...", + "createInternalResourceDialogNoSitesFound": "Geen sites gevonden.", + "createInternalResourceDialogProtocol": "Protocol", + "createInternalResourceDialogTcp": "TCP", + "createInternalResourceDialogUdp": "UDP", + "createInternalResourceDialogSitePort": "Site Poort", + "createInternalResourceDialogSitePortDescription": "Gebruik deze poort om toegang te krijgen tot de bron op de site wanneer verbonden met een client.", + "createInternalResourceDialogTargetConfiguration": "Doelconfiguratie", + "createInternalResourceDialogDestinationIP": "Bestemming IP", + "createInternalResourceDialogDestinationIPDescription": "Het IP-adres van de bron op het netwerk van de site.", + "createInternalResourceDialogDestinationPort": "Bestemmingspoort", + "createInternalResourceDialogDestinationPortDescription": "De poort op het bestemmings-IP waar de bron toegankelijk is.", + "createInternalResourceDialogCancel": "Annuleren", + "createInternalResourceDialogCreateResource": "Bron aanmaken", + "createInternalResourceDialogSuccess": "Succes", + "createInternalResourceDialogInternalResourceCreatedSuccessfully": "Interne bron succesvol aangemaakt", + "createInternalResourceDialogError": "Fout", + "createInternalResourceDialogFailedToCreateInternalResource": "Het aanmaken van de interne bron is mislukt", + "createInternalResourceDialogNameRequired": "Naam is verplicht", + "createInternalResourceDialogNameMaxLength": "Naam mag niet langer zijn dan 255 tekens", + "createInternalResourceDialogPleaseSelectSite": "Selecteer alstublieft een site", + "createInternalResourceDialogProxyPortMin": "Proxy poort moet minstens 1 zijn", + "createInternalResourceDialogProxyPortMax": "Proxy poort moet minder dan 65536 zijn", + "createInternalResourceDialogInvalidIPAddressFormat": "Ongeldig IP-adresformaat", + "createInternalResourceDialogDestinationPortMin": "Bestemmingspoort moet minstens 1 zijn", + "createInternalResourceDialogDestinationPortMax": "Bestemmingspoort moet minder dan 65536 zijn", + "siteConfiguration": "Configuratie", + "siteAcceptClientConnections": "Accepteer clientverbindingen", + "siteAcceptClientConnectionsDescription": "Sta toe dat andere apparaten verbinding maken via deze Newt-instantie als een gateway met behulp van clients.", + "siteAddress": "Siteadres", + "siteAddressDescription": "Specificeren het IP-adres van de host voor clients om verbinding mee te maken. Dit is het interne adres van de site in het Pangolin netwerk voor clients om te adresseren. Moet binnen het Organisatienetwerk vallen.", + "autoLoginExternalIdp": "Auto Login met Externe IDP", + "autoLoginExternalIdpDescription": "De gebruiker onmiddellijk doorsturen naar de externe IDP voor authenticatie.", + "selectIdp": "Selecteer IDP", + "selectIdpPlaceholder": "Kies een IDP...", + "selectIdpRequired": "Selecteer alstublieft een IDP wanneer automatisch inloggen is ingeschakeld.", + "autoLoginTitle": "Omleiden", + "autoLoginDescription": "Je wordt doorverwezen naar de externe identity provider voor authenticatie.", + "autoLoginProcessing": "Authenticatie voorbereiden...", + "autoLoginRedirecting": "Redirecting naar inloggen...", + "autoLoginError": "Auto Login Fout", + "autoLoginErrorNoRedirectUrl": "Geen redirect URL ontvangen van de identity provider.", + "autoLoginErrorGeneratingUrl": "Genereren van authenticatie-URL mislukt.", + "managedSelfHosted": { + "title": "Beheerde Self-Hosted", + "description": "betrouwbaardere en slecht onderhouden Pangolin server met extra klokken en klokkenluiders", + "introTitle": "Beheerde zelfgehoste pangolin", + "introDescription": "is een implementatieoptie ontworpen voor mensen die eenvoud en extra betrouwbaarheid willen, terwijl hun gegevens privé en zelf georganiseerd blijven.", + "introDetail": "Met deze optie beheert u nog steeds uw eigen Pangolin node - uw tunnels, SSL-verbinding en verkeer alles op uw server. Het verschil is dat beheer en monitoring worden behandeld via onze cloud dashboard, wat een aantal voordelen oplevert:", + "benefitSimplerOperations": { + "title": "Simpler operaties", + "description": "Je hoeft geen eigen mailserver te draaien of complexe waarschuwingen in te stellen. Je krijgt gezondheidscontroles en downtime meldingen uit de box." + }, + "benefitAutomaticUpdates": { + "title": "Automatische updates", + "description": "Het cloud dashboard evolueert snel, zodat u nieuwe functies en bug fixes krijgt zonder elke keer handmatig nieuwe containers te moeten trekken." + }, + "benefitLessMaintenance": { + "title": "Minder onderhoud", + "description": "Geen database migratie, back-ups of extra infrastructuur om te beheren. Dat behandelen we in de cloud." + }, + "benefitCloudFailover": { + "title": "Cloud fout", + "description": "Als uw node omlaag gaat, kunnen uw tunnels tijdelijk niet meer naar onze aanwezigheidspunten gaan totdat u hem weer online brengt." + }, + "benefitHighAvailability": { + "title": "Hoge beschikbaarheid (PoPs)", + "description": "U kunt ook meerdere nodes koppelen aan uw account voor ontslag en betere prestaties." + }, + "benefitFutureEnhancements": { + "title": "Toekomstige verbeteringen", + "description": "We zijn van plan om meer analytica, waarschuwing en beheerhulpmiddelen toe te voegen om uw implementatie nog steviger te maken." + }, + "docsAlert": { + "text": "Meer informatie over de optie voor zelf-verzorging in onze", + "documentation": "documentatie" + }, + "convertButton": "Converteer deze node naar Beheerde Zelf-Hosted" + }, + "internationaldomaindetected": "Internationaal Domein Gedetecteerd", + "willbestoredas": "Zal worden opgeslagen als:" +} diff --git a/messages/pl-PL.json b/messages/pl-PL.json new file mode 100644 index 00000000..1aee50f2 --- /dev/null +++ b/messages/pl-PL.json @@ -0,0 +1,1500 @@ +{ + "setupCreate": "Utwórz swoją organizację, witrynę i zasoby", + "setupNewOrg": "Nowa organizacja", + "setupCreateOrg": "Utwórz organizację", + "setupCreateResources": "Utwórz Zasoby", + "setupOrgName": "Nazwa organizacji", + "orgDisplayName": "To jest wyświetlana nazwa Twojej organizacji.", + "orgId": "Identyfikator organizacji", + "setupIdentifierMessage": "To jest unikalny identyfikator Twojej organizacji. Jest to oddzielone od nazwy wyświetlanej.", + "setupErrorIdentifier": "Identyfikator organizacji jest już zajęty. Wybierz inny.", + "componentsErrorNoMemberCreate": "Nie jesteś obecnie członkiem żadnej organizacji. Aby rozpocząć, utwórz organizację.", + "componentsErrorNoMember": "Nie jesteś obecnie członkiem żadnej organizacji.", + "welcome": "Witaj w Pangolinie", + "welcomeTo": "Witaj w", + "componentsCreateOrg": "Utwórz organizację", + "componentsMember": "Jesteś członkiem {count, plural, =0 {żadna organizacja} one {jedna organizacja} few {# organizacje} many {# organizacji} other {# organizacji}}.", + "componentsInvalidKey": "Wykryto nieprawidłowe lub wygasłe klucze licencyjne. Postępuj zgodnie z warunkami licencji, aby kontynuować korzystanie ze wszystkich funkcji.", + "dismiss": "Odrzuć", + "componentsLicenseViolation": "Naruszenie licencji: Ten serwer używa stron {usedSites} , które przekraczają limit licencyjny stron {maxSites} . Postępuj zgodnie z warunkami licencji, aby kontynuować korzystanie ze wszystkich funkcji.", + "componentsSupporterMessage": "Dziękujemy za wsparcie Pangolina jako {tier}!", + "inviteErrorNotValid": "Przykro nam, ale wygląda na to, że zaproszenie, do którego próbujesz uzyskać dostęp, nie zostało zaakceptowane lub jest już nieważne.", + "inviteErrorUser": "Przykro nam, ale wygląda na to, że zaproszenie, do którego próbujesz uzyskać dostęp, nie jest dla tego użytkownika.", + "inviteLoginUser": "Upewnij się, że jesteś zalogowany jako właściwy użytkownik.", + "inviteErrorNoUser": "Przykro nam, ale wygląda na to, że zaproszenie, do którego próbujesz uzyskać dostęp, nie jest dla użytkownika, który istnieje.", + "inviteCreateUser": "Proszę najpierw utworzyć konto.", + "goHome": "Przejdź do strony głównej", + "inviteLogInOtherUser": "Zaloguj się jako inny użytkownik", + "createAnAccount": "Utwórz konto", + "inviteNotAccepted": "Zaproszenie nie zaakceptowane", + "authCreateAccount": "Utwórz konto, aby rozpocząć", + "authNoAccount": "Nie masz konta?", + "email": "E-mail", + "password": "Hasło", + "confirmPassword": "Potwierdź hasło", + "createAccount": "Utwórz konto", + "viewSettings": "Pokaż ustawienia", + "delete": "Usuń", + "name": "Nazwa", + "online": "Dostępny", + "offline": "Offline", + "site": "Witryna", + "dataIn": "Dane w", + "dataOut": "Dane niedostępne", + "connectionType": "Typ połączenia", + "tunnelType": "Typ tunelu", + "local": "Lokalny", + "edit": "Edytuj", + "siteConfirmDelete": "Potwierdź usunięcie witryny", + "siteDelete": "Usuń witrynę", + "siteMessageRemove": "Po usunięciu, witryna nie będzie już dostępna. Wszystkie zasoby i cele związane z witryną zostaną również usunięte.", + "siteMessageConfirm": "Aby potwierdzić, wpisz nazwę witryny poniżej.", + "siteQuestionRemove": "Czy na pewno chcesz usunąć stronę {selectedSite} z organizacji?", + "siteManageSites": "Zarządzaj stronami", + "siteDescription": "Zezwalaj na połączenie z siecią przez bezpieczne tunele", + "siteCreate": "Utwórz witrynę", + "siteCreateDescription2": "Wykonaj poniższe kroki, aby utworzyć i połączyć nową witrynę", + "siteCreateDescription": "Utwórz nową witrynę, aby rozpocząć łączenie zasobów", + "close": "Zamknij", + "siteErrorCreate": "Błąd podczas tworzenia witryny", + "siteErrorCreateKeyPair": "Nie znaleziono pary kluczy lub domyślnych ustawień witryny", + "siteErrorCreateDefaults": "Nie znaleziono domyślnych ustawień witryny", + "method": "Metoda", + "siteMethodDescription": "W ten sposób ujawnisz połączenia.", + "siteLearnNewt": "Dowiedz się, jak zainstalować Newt w systemie", + "siteSeeConfigOnce": "Możesz zobaczyć konfigurację tylko raz.", + "siteLoadWGConfig": "Ładowanie konfiguracji WireGuard...", + "siteDocker": "Rozwiń o szczegóły wdrożenia dokera", + "toggle": "Przełącz", + "dockerCompose": "Kompozytor dokujący", + "dockerRun": "Uruchom Docker", + "siteLearnLocal": "Lokalne witryny nie tunelowają, dowiedz się więcej", + "siteConfirmCopy": "Skopiowałem konfigurację", + "searchSitesProgress": "Szukaj witryn...", + "siteAdd": "Dodaj witrynę", + "siteInstallNewt": "Zainstaluj Newt", + "siteInstallNewtDescription": "Uruchom Newt w swoim systemie", + "WgConfiguration": "Konfiguracja WireGuard", + "WgConfigurationDescription": "Użyj następującej konfiguracji, aby połączyć się z siecią", + "operatingSystem": "System operacyjny", + "commands": "Polecenia", + "recommended": "Rekomendowane", + "siteNewtDescription": "Aby uzyskać najlepsze doświadczenia użytkownika, użyj Newt. Używa WireGuard pod zapleczem i pozwala na przekierowanie twoich prywatnych zasobów przez ich adres LAN w sieci prywatnej z panelu Pangolin.", + "siteRunsInDocker": "Uruchamia w Docke'u", + "siteRunsInShell": "Uruchamia w skorupce na macOS, Linux i Windows", + "siteErrorDelete": "Błąd podczas usuwania witryny", + "siteErrorUpdate": "Nie udało się zaktualizować witryny", + "siteErrorUpdateDescription": "Wystąpił błąd podczas aktualizacji witryny.", + "siteUpdated": "Strona zaktualizowana", + "siteUpdatedDescription": "Strona została zaktualizowana.", + "siteGeneralDescription": "Skonfiguruj ustawienia ogólne dla tej witryny", + "siteSettingDescription": "Skonfiguruj ustawienia na swojej stronie", + "siteSetting": "Ustawienia {siteName}", + "siteNewtTunnel": "Newt Tunnel (Zalecane)", + "siteNewtTunnelDescription": "Łatwiejszy sposób na stworzenie punktu wejścia w sieci. Nie ma dodatkowej konfiguracji.", + "siteWg": "Podstawowy WireGuard", + "siteWgDescription": "Użyj dowolnego klienta WireGuard do utworzenia tunelu. Wymagana jest ręczna konfiguracja NAT.", + "siteWgDescriptionSaas": "Użyj dowolnego klienta WireGuard do utworzenia tunelu. Wymagana ręczna konfiguracja NAT. DZIAŁA TYLKO NA SAMODZIELNIE HOSTOWANYCH WĘZŁACH", + "siteLocalDescription": "Tylko lokalne zasoby. Brak tunelu.", + "siteLocalDescriptionSaas": "Tylko zasoby lokalne. Brak tunelowania. DZIAŁA TYLKO NA SAMODZIELNIE HOSTOWANYCH WĘZŁACH", + "siteSeeAll": "Zobacz wszystkie witryny", + "siteTunnelDescription": "Określ jak chcesz połączyć się ze swoją stroną", + "siteNewtCredentials": "Aktualne dane logowania", + "siteNewtCredentialsDescription": "Oto jak Newt będzie uwierzytelniał się z serwerem", + "siteCredentialsSave": "Zapisz swoje poświadczenia", + "siteCredentialsSaveDescription": "Możesz to zobaczyć tylko raz. Upewnij się, że skopiuj je do bezpiecznego miejsca.", + "siteInfo": "Informacje o witrynie", + "status": "Status", + "shareTitle": "Zarządzaj linkami udostępniania", + "shareDescription": "Utwórz linki, które można udostępnić, aby przyznać tymczasowy lub stały dostęp do Twoich zasobów", + "shareSearch": "Szukaj linków udostępnienia...", + "shareCreate": "Utwórz link udostępniania", + "shareErrorDelete": "Nie udało się usunąć linku", + "shareErrorDeleteMessage": "Wystąpił błąd podczas usuwania linku", + "shareDeleted": "Link usunięty", + "shareDeletedDescription": "Link został usunięty", + "shareTokenDescription": "Twój token dostępu może być przekazywany na dwa sposoby: jako parametr zapytania lub w nagłówkach żądania. Muszą być przekazywane z klienta na każde żądanie uwierzytelnionego dostępu.", + "accessToken": "Token dostępu", + "usageExamples": "Przykłady użycia", + "tokenId": "Identyfikator tokena", + "requestHeades": "Nagłówki żądania", + "queryParameter": "Parametr zapytania", + "importantNote": "Ważna uwaga", + "shareImportantDescription": "Ze względów bezpieczeństwa zaleca się użycie nagłówków nad parametrami zapytania, jeśli to możliwe, ponieważ parametry zapytania mogą być zalogowane w dziennikach serwera lub historii przeglądarki.", + "token": "Token", + "shareTokenSecurety": "Chroń swój token dostępu. Nie udostępniaj go w publicznie dostępnych miejscach ani w kodzie po stronie klienta.", + "shareErrorFetchResource": "Nie udało się pobrać zasobów", + "shareErrorFetchResourceDescription": "Wystąpił błąd podczas pobierania zasobów", + "shareErrorCreate": "Nie udało się utworzyć linku udostępniania", + "shareErrorCreateDescription": "Wystąpił błąd podczas tworzenia linku udostępniania", + "shareCreateDescription": "Każdy z tym linkiem może uzyskać dostęp do zasobu", + "shareTitleOptional": "Tytuł (opcjonalnie)", + "expireIn": "Wygasa za", + "neverExpire": "Nigdy nie wygasa", + "shareExpireDescription": "Czas wygaśnięcia to jak długo link będzie mógł być użyty i zapewni dostęp do zasobu. Po tym czasie link nie będzie już działał, a użytkownicy, którzy użyli tego linku, utracą dostęp do zasobu.", + "shareSeeOnce": "Możesz zobaczyć tylko ten link. Upewnij się, że go skopiowało.", + "shareAccessHint": "Każdy z tym linkiem może uzyskać dostęp do zasobu. Podziel się nim ostrożnie.", + "shareTokenUsage": "Zobacz użycie tokenu dostępu", + "createLink": "Utwórz link", + "resourcesNotFound": "Nie znaleziono zasobów", + "resourceSearch": "Szukaj zasobów", + "openMenu": "Otwórz menu", + "resource": "Zasoby", + "title": "Tytuł", + "created": "Utworzono", + "expires": "Wygasa", + "never": "Nigdy", + "shareErrorSelectResource": "Wybierz zasób", + "resourceTitle": "Zarządzaj zasobami", + "resourceDescription": "Utwórz bezpieczne proxy do prywatnych aplikacji", + "resourcesSearch": "Szukaj zasobów...", + "resourceAdd": "Dodaj zasób", + "resourceErrorDelte": "Błąd podczas usuwania zasobu", + "authentication": "Uwierzytelnianie", + "protected": "Chronione", + "notProtected": "Niechronione", + "resourceMessageRemove": "Po usunięciu, zasób nie będzie już dostępny. Wszystkie cele związane z zasobem zostaną również usunięte.", + "resourceMessageConfirm": "Aby potwierdzić, wpisz nazwę zasobu poniżej.", + "resourceQuestionRemove": "Czy na pewno chcesz usunąć zasób {selectedResource} z organizacji?", + "resourceHTTP": "Zasób HTTPS", + "resourceHTTPDescription": "Proxy do Twojej aplikacji przez HTTPS, przy użyciu poddomeny lub domeny bazowej.", + "resourceRaw": "Surowy zasób TCP/UDP", + "resourceRawDescription": "Proxy do aplikacji przez TCP/UDP przy użyciu numeru portu.", + "resourceCreate": "Utwórz zasób", + "resourceCreateDescription": "Wykonaj poniższe kroki, aby utworzyć nowy zasób", + "resourceSeeAll": "Zobacz wszystkie zasoby", + "resourceInfo": "Informacje o zasobach", + "resourceNameDescription": "To jest wyświetlana nazwa zasobu.", + "siteSelect": "Wybierz witrynę", + "siteSearch": "Szukaj witryny", + "siteNotFound": "Nie znaleziono witryny.", + "siteSelectionDescription": "Ta strona zapewni połączenie z celem.", + "resourceType": "Typ zasobu", + "resourceTypeDescription": "Określ jak chcesz uzyskać dostęp do swojego zasobu", + "resourceHTTPSSettings": "Ustawienia HTTPS", + "resourceHTTPSSettingsDescription": "Skonfiguruj jak twój zasób będzie dostępny przez HTTPS", + "domainType": "Typ domeny", + "subdomain": "Poddomena", + "baseDomain": "Bazowa domena", + "subdomnainDescription": "Poddomena, w której twój zasób będzie dostępny.", + "resourceRawSettings": "Ustawienia TCP/UDP", + "resourceRawSettingsDescription": "Skonfiguruj jak twój zasób będzie dostępny przez TCP/UDP", + "protocol": "Protokół", + "protocolSelect": "Wybierz protokół", + "resourcePortNumber": "Numer portu", + "resourcePortNumberDescription": "Numer portu zewnętrznego do żądań proxy.", + "cancel": "Anuluj", + "resourceConfig": "Snippety konfiguracji", + "resourceConfigDescription": "Skopiuj i wklej te fragmenty konfiguracji, aby skonfigurować swój zasób TCP/UDP", + "resourceAddEntrypoints": "Traefik: Dodaj punkty wejścia", + "resourceExposePorts": "Gerbil: Podnieś porty w Komponencie Dockera", + "resourceLearnRaw": "Dowiedz się, jak skonfigurować zasoby TCP/UDP", + "resourceBack": "Powrót do zasobów", + "resourceGoTo": "Przejdź do zasobu", + "resourceDelete": "Usuń zasób", + "resourceDeleteConfirm": "Potwierdź usunięcie zasobu", + "visibility": "Widoczność", + "enabled": "Włączone", + "disabled": "Wyłączone", + "general": "Ogólny", + "generalSettings": "Ustawienia ogólne", + "proxy": "Serwer pośredniczący", + "internal": "Wewętrzny", + "rules": "Regulamin", + "resourceSettingDescription": "Skonfiguruj ustawienia zasobu", + "resourceSetting": "Ustawienia {resourceName}", + "alwaysAllow": "Zawsze zezwalaj", + "alwaysDeny": "Zawsze odmawiaj", + "passToAuth": "Przekaż do Autoryzacji", + "orgSettingsDescription": "Skonfiguruj ustawienia ogólne swojej organizacji", + "orgGeneralSettings": "Ustawienia organizacji", + "orgGeneralSettingsDescription": "Zarządzaj szczegółami swojej organizacji i konfiguracją", + "saveGeneralSettings": "Zapisz ustawienia ogólne", + "saveSettings": "Zapisz ustawienia", + "orgDangerZone": "Strefa zagrożenia", + "orgDangerZoneDescription": "Po usunięciu tego organa nie ma odwrotu. Upewnij się.", + "orgDelete": "Usuń organizację", + "orgDeleteConfirm": "Potwierdź usunięcie organizacji", + "orgMessageRemove": "Ta akcja jest nieodwracalna i usunie wszystkie powiązane dane.", + "orgMessageConfirm": "Aby potwierdzić, wpisz nazwę organizacji poniżej.", + "orgQuestionRemove": "Czy na pewno chcesz usunąć organizację {selectedOrg}?", + "orgUpdated": "Organizacja zaktualizowana", + "orgUpdatedDescription": "Organizacja została zaktualizowana.", + "orgErrorUpdate": "Nie udało się zaktualizować organizacji", + "orgErrorUpdateMessage": "Wystąpił błąd podczas aktualizacji organizacji.", + "orgErrorFetch": "Nie udało się pobrać organizacji", + "orgErrorFetchMessage": "Wystąpił błąd podczas wyświetlania Twoich organizacji", + "orgErrorDelete": "Nie udało się usunąć organizacji", + "orgErrorDeleteMessage": "Wystąpił błąd podczas usuwania organizacji.", + "orgDeleted": "Organizacja usunięta", + "orgDeletedMessage": "Organizacja i jej dane zostały usunięte.", + "orgMissing": "Brak ID organizacji", + "orgMissingMessage": "Nie można ponownie wygenerować zaproszenia bez ID organizacji.", + "accessUsersManage": "Zarządzaj użytkownikami", + "accessUsersDescription": "Zaproś użytkowników i dodaj je do ról do zarządzania dostępem do Twojej organizacji", + "accessUsersSearch": "Szukaj użytkowników...", + "accessUserCreate": "Utwórz użytkownika", + "accessUserRemove": "Usuń użytkownika", + "username": "Nazwa użytkownika", + "identityProvider": "Dostawca tożsamości", + "role": "Rola", + "nameRequired": "Nazwa jest wymagana", + "accessRolesManage": "Zarządzaj rolami", + "accessRolesDescription": "Skonfiguruj role do zarządzania dostępem do Twojej organizacji", + "accessRolesSearch": "Szukaj ról...", + "accessRolesAdd": "Dodaj rolę", + "accessRoleDelete": "Usuń rolę", + "description": "Opis", + "inviteTitle": "Otwórz zaproszenia", + "inviteDescription": "Zarządzaj zaproszeniami dla innych użytkowników", + "inviteSearch": "Szukaj zaproszeń...", + "minutes": "Protokoły", + "hours": "Godziny", + "days": "Dni", + "weeks": "Tygodnie", + "months": "Miesiące", + "years": "Lata", + "day": "{count, plural, one {# dzień} few {# dni} many {# dni} other {# dni}}", + "apiKeysTitle": "Informacje o kluczu API", + "apiKeysConfirmCopy2": "Musisz potwierdzić, że skopiowałeś klucz API.", + "apiKeysErrorCreate": "Błąd podczas tworzenia klucza API", + "apiKeysErrorSetPermission": "Błąd podczas ustawiania uprawnień", + "apiKeysCreate": "Generuj klucz API", + "apiKeysCreateDescription": "Wygeneruj nowy klucz API dla swojej organizacji", + "apiKeysGeneralSettings": "Uprawnienia", + "apiKeysGeneralSettingsDescription": "Określ, co ten klucz API może zrobić", + "apiKeysList": "Twój klucz API", + "apiKeysSave": "Zapisz swój klucz API", + "apiKeysSaveDescription": "Będziesz mógł zobaczyć to tylko raz. Upewnij się, że skopiujesz go w bezpieczne miejsce.", + "apiKeysInfo": "Twój klucz API to:", + "apiKeysConfirmCopy": "Skopiowałem klucz API", + "generate": "Generuj", + "done": "Gotowe", + "apiKeysSeeAll": "Zobacz wszystkie klucze API", + "apiKeysPermissionsErrorLoadingActions": "Błąd podczas ładowania akcji klucza API", + "apiKeysPermissionsErrorUpdate": "Błąd podczas ustawiania uprawnień", + "apiKeysPermissionsUpdated": "Uprawnienia zaktualizowane", + "apiKeysPermissionsUpdatedDescription": "Uprawnienia zostały zaktualizowane.", + "apiKeysPermissionsGeneralSettings": "Uprawnienia", + "apiKeysPermissionsGeneralSettingsDescription": "Określ, co ten klucz API może zrobić", + "apiKeysPermissionsSave": "Zapisz uprawnienia", + "apiKeysPermissionsTitle": "Uprawnienia", + "apiKeys": "Klucze API", + "searchApiKeys": "Szukaj kluczy API...", + "apiKeysAdd": "Generuj klucz API", + "apiKeysErrorDelete": "Błąd podczas usuwania klucza API", + "apiKeysErrorDeleteMessage": "Błąd podczas usuwania klucza API", + "apiKeysQuestionRemove": "Czy na pewno chcesz usunąć klucz API {selectedApiKey} z organizacji?", + "apiKeysMessageRemove": "Po usunięciu klucz API nie będzie już mógł być używany.", + "apiKeysMessageConfirm": "Aby potwierdzić, wpisz nazwę klucza API poniżej.", + "apiKeysDeleteConfirm": "Potwierdź usunięcie klucza API", + "apiKeysDelete": "Usuń klucz API", + "apiKeysManage": "Zarządzaj kluczami API", + "apiKeysDescription": "Klucze API służą do uwierzytelniania z API integracji", + "apiKeysSettings": "Ustawienia {apiKeyName}", + "userTitle": "Zarządzaj wszystkimi użytkownikami", + "userDescription": "Zobacz i zarządzaj wszystkimi użytkownikami w systemie", + "userAbount": "O zarządzaniu użytkownikami", + "userAbountDescription": "Ta tabela wyświetla wszystkie obiekty użytkownika root w systemie. Każdy użytkownik może należeć do wielu organizacji. Usunięcie użytkownika z organizacji nie usuwa ich głównego obiektu użytkownika - pozostanie on w systemie. Aby całkowicie usunąć użytkownika z systemu, musisz usunąć jego obiekt root użytkownika za pomocą akcji usuwania z tej tabeli.", + "userServer": "Użytkownicy serwera", + "userSearch": "Szukaj użytkowników serwera...", + "userErrorDelete": "Błąd podczas usuwania użytkownika", + "userDeleteConfirm": "Potwierdź usunięcie użytkownika", + "userDeleteServer": "Usuń użytkownika z serwera", + "userMessageRemove": "Użytkownik zostanie usunięty ze wszystkich organizacji i całkowicie usunięty z serwera.", + "userMessageConfirm": "Aby potwierdzić, wpisz nazwę użytkownika poniżej.", + "userQuestionRemove": "Czy na pewno chcesz trwale usunąć {selectedUser} z serwera?", + "licenseKey": "Klucz licencyjny", + "valid": "Prawidłowy", + "numberOfSites": "Liczba witryn", + "licenseKeySearch": "Szukaj kluczy licencyjnych...", + "licenseKeyAdd": "Dodaj klucz licencyjny", + "type": "Typ", + "licenseKeyRequired": "Klucz licencyjny jest wymagany", + "licenseTermsAgree": "Musisz wyrazić zgodę na warunki licencji", + "licenseErrorKeyLoad": "Nie udało się załadować kluczy licencyjnych", + "licenseErrorKeyLoadDescription": "Wystąpił błąd podczas ładowania kluczy licencyjnych.", + "licenseErrorKeyDelete": "Nie udało się usunąć klucza licencyjnego", + "licenseErrorKeyDeleteDescription": "Wystąpił błąd podczas usuwania klucza licencyjnego.", + "licenseKeyDeleted": "Klucz licencji został usunięty", + "licenseKeyDeletedDescription": "Klucz licencyjny został usunięty.", + "licenseErrorKeyActivate": "Nie udało się aktywować klucza licencji", + "licenseErrorKeyActivateDescription": "Wystąpił błąd podczas aktywacji klucza licencyjnego.", + "licenseAbout": "O licencjonowaniu", + "communityEdition": "Edycja Społeczności", + "licenseAboutDescription": "Dotyczy to przedsiębiorstw i przedsiębiorstw, którzy stosują Pangolin w środowisku handlowym. Jeśli używasz Pangolin do użytku osobistego, możesz zignorować tę sekcję.", + "licenseKeyActivated": "Klucz licencyjny aktywowany", + "licenseKeyActivatedDescription": "Klucz licencyjny został pomyślnie aktywowany.", + "licenseErrorKeyRecheck": "Nie udało się ponownie sprawdzić kluczy licencyjnych", + "licenseErrorKeyRecheckDescription": "Wystąpił błąd podczas ponownego sprawdzania kluczy licencyjnych.", + "licenseErrorKeyRechecked": "Klucze licencyjne ponownie sprawdzone", + "licenseErrorKeyRecheckedDescription": "Wszystkie klucze licencyjne zostały ponownie sprawdzone", + "licenseActivateKey": "Aktywuj klucz licencyjny", + "licenseActivateKeyDescription": "Wprowadź klucz licencyjny, aby go aktywować.", + "licenseActivate": "Aktywuj licencję", + "licenseAgreement": "Zaznaczając to pole, potwierdzasz, że przeczytałeś i zgadzasz się na warunki licencji odpowiadające poziomowi powiązanemu z kluczem licencyjnym.", + "fossorialLicense": "Zobacz Fossorial Commercial License & Subskrypcja", + "licenseMessageRemove": "Spowoduje to usunięcie klucza licencyjnego i wszystkich przypisanych przez niego uprawnień.", + "licenseMessageConfirm": "Aby potwierdzić, wpisz klucz licencyjny poniżej.", + "licenseQuestionRemove": "Czy na pewno chcesz usunąć klucz licencyjny {selectedKey}?", + "licenseKeyDelete": "Usuń klucz licencyjny", + "licenseKeyDeleteConfirm": "Potwierdź usunięcie klucza licencyjnego", + "licenseTitle": "Zarządzaj statusem licencji", + "licenseTitleDescription": "Wyświetl i zarządzaj kluczami licencyjnymi w systemie", + "licenseHost": "Licencja hosta", + "licenseHostDescription": "Zarządzaj głównym kluczem licencyjnym hosta.", + "licensedNot": "Brak licencji", + "hostId": "ID hosta", + "licenseReckeckAll": "Sprawdź ponownie wszystkie klucze", + "licenseSiteUsage": "Użycie witryn", + "licenseSiteUsageDecsription": "Zobacz liczbę witryn korzystających z tej licencji.", + "licenseNoSiteLimit": "Nie ma limitu liczby witryn używających nielicencjonowanego hosta.", + "licensePurchase": "Kup licencję", + "licensePurchaseSites": "Kup dodatkowe witryny", + "licenseSitesUsedMax": "Użyte strony {usedSites} z {maxSites}", + "licenseSitesUsed": "{count, plural, =0 {# witryn} one {# witryna} few {# witryny} many {# witryn} other {# witryn}} w systemie.", + "licensePurchaseDescription": "Wybierz ile witryn chcesz {selectedMode, select, license {kupić licencję. Zawsze możesz dodać więcej witryn później.} other {dodaj do swojej istniejącej licencji.}}", + "licenseFee": "Opłata licencyjna", + "licensePriceSite": "Cena za witrynę", + "total": "Łącznie", + "licenseContinuePayment": "Przejdź do płatności", + "pricingPage": "strona cenowa", + "pricingPortal": "Zobacz portal zakupu", + "licensePricingPage": "Aby uzyskać najnowsze ceny i rabaty, odwiedź ", + "invite": "Zaproszenia", + "inviteRegenerate": "Wygeneruj ponownie zaproszenie", + "inviteRegenerateDescription": "Unieważnij poprzednie zaproszenie i utwórz nowe", + "inviteRemove": "Usuń zaproszenie", + "inviteRemoveError": "Nie udało się usunąć zaproszenia", + "inviteRemoveErrorDescription": "Wystąpił błąd podczas usuwania zaproszenia.", + "inviteRemoved": "Zaproszenie usunięte", + "inviteRemovedDescription": "Zaproszenie dla {email} zostało usunięte.", + "inviteQuestionRemove": "Czy na pewno chcesz usunąć zaproszenie {email}?", + "inviteMessageRemove": "Po usunięciu to zaproszenie nie będzie już ważne. Zawsze możesz ponownie zaprosić użytkownika później.", + "inviteMessageConfirm": "Aby potwierdzić, wpisz poniżej adres email zaproszenia.", + "inviteQuestionRegenerate": "Czy na pewno chcesz ponownie wygenerować zaproszenie {email}? Spowoduje to unieważnienie poprzedniego zaproszenia.", + "inviteRemoveConfirm": "Potwierdź usunięcie zaproszenia", + "inviteRegenerated": "Zaproszenie wygenerowane ponownie", + "inviteSent": "Nowe zaproszenie zostało wysłane do {email}.", + "inviteSentEmail": "Wyślij powiadomienie email do użytkownika", + "inviteGenerate": "Nowe zaproszenie zostało wygenerowane dla {email}.", + "inviteDuplicateError": "Zduplikowane zaproszenie", + "inviteDuplicateErrorDescription": "Zaproszenie dla tego użytkownika już istnieje.", + "inviteRateLimitError": "Przekroczono limit żądań", + "inviteRateLimitErrorDescription": "Przekroczyłeś limit 3 regeneracji na godzinę. Spróbuj ponownie później.", + "inviteRegenerateError": "Nie udało się ponownie wygenerować zaproszenia", + "inviteRegenerateErrorDescription": "Wystąpił błąd podczas ponownego generowania zaproszenia.", + "inviteValidityPeriod": "Okres ważności", + "inviteValidityPeriodSelect": "Wybierz okres ważności", + "inviteRegenerateMessage": "Zaproszenie zostało ponownie wygenerowane. Użytkownik musi uzyskać dostęp do poniższego linku, aby zaakceptować zaproszenie.", + "inviteRegenerateButton": "Wygeneruj ponownie", + "expiresAt": "Wygasa w dniu", + "accessRoleUnknown": "Nieznana rola", + "placeholder": "Symbol zastępczy", + "userErrorOrgRemove": "Nie udało się usunąć użytkownika", + "userErrorOrgRemoveDescription": "Wystąpił błąd podczas usuwania użytkownika.", + "userOrgRemoved": "Użytkownik usunięty", + "userOrgRemovedDescription": "Użytkownik {email} został usunięty z organizacji.", + "userQuestionOrgRemove": "Czy na pewno chcesz usunąć {email} z organizacji?", + "userMessageOrgRemove": "Po usunięciu ten użytkownik nie będzie miał już dostępu do organizacji. Zawsze możesz ponownie go zaprosić później, ale będzie musiał ponownie zaakceptować zaproszenie.", + "userMessageOrgConfirm": "Aby potwierdzić, wpisz nazwę użytkownika poniżej.", + "userRemoveOrgConfirm": "Potwierdź usunięcie użytkownika", + "userRemoveOrg": "Usuń użytkownika z organizacji", + "users": "Użytkownicy", + "accessRoleMember": "Członek", + "accessRoleOwner": "Właściciel", + "userConfirmed": "Potwierdzony", + "idpNameInternal": "Wewnętrzny", + "emailInvalid": "Nieprawidłowy adres e-mail", + "inviteValidityDuration": "Proszę wybrać okres ważności", + "accessRoleSelectPlease": "Proszę wybrać rolę", + "usernameRequired": "Nazwa użytkownika jest wymagana", + "idpSelectPlease": "Proszę wybrać dostawcę tożsamości", + "idpGenericOidc": "Ogólny dostawca OAuth2/OIDC.", + "accessRoleErrorFetch": "Nie udało się pobrać ról", + "accessRoleErrorFetchDescription": "Wystąpił błąd podczas pobierania ról", + "idpErrorFetch": "Nie udało się pobrać dostawców tożsamości", + "idpErrorFetchDescription": "Wystąpił błąd podczas pobierania dostawców tożsamości", + "userErrorExists": "Użytkownik już istnieje", + "userErrorExistsDescription": "Ten użytkownik jest już członkiem organizacji.", + "inviteError": "Nie udało się zaprosić użytkownika", + "inviteErrorDescription": "Wystąpił błąd podczas zapraszania użytkownika", + "userInvited": "Użytkownik zaproszony", + "userInvitedDescription": "Użytkownik został pomyślnie zaproszony.", + "userErrorCreate": "Nie udało się utworzyć użytkownika", + "userErrorCreateDescription": "Wystąpił błąd podczas tworzenia użytkownika", + "userCreated": "Utworzono użytkownika", + "userCreatedDescription": "Użytkownik został pomyślnie utworzony.", + "userTypeInternal": "Użytkownik wewnętrzny", + "userTypeInternalDescription": "Zaproś użytkownika do bezpośredniego dołączenia do Twojej organizacji.", + "userTypeExternal": "Użytkownik zewnętrzny", + "userTypeExternalDescription": "Utwórz użytkownika z zewnętrznym dostawcą tożsamości.", + "accessUserCreateDescription": "Wykonaj poniższe kroki, aby utworzyć nowego użytkownika", + "userSeeAll": "Zobacz wszystkich użytkowników", + "userTypeTitle": "Typ użytkownika", + "userTypeDescription": "Określ, jak chcesz utworzyć użytkownika", + "userSettings": "Informacje o użytkowniku", + "userSettingsDescription": "Wprowadź dane nowego użytkownika", + "inviteEmailSent": "Wyślij email z zaproszeniem do użytkownika", + "inviteValid": "Ważne przez", + "selectDuration": "Wybierz okres", + "accessRoleSelect": "Wybierz rolę", + "inviteEmailSentDescription": "Email został wysłany do użytkownika z linkiem dostępu poniżej. Musi on uzyskać dostęp do linku, aby zaakceptować zaproszenie.", + "inviteSentDescription": "Użytkownik został zaproszony. Musi uzyskać dostęp do poniższego linku, aby zaakceptować zaproszenie.", + "inviteExpiresIn": "Zaproszenie wygaśnie za {days, plural, one {# dzień} few {# dni} many {# dni} other {# dni}}.", + "idpTitle": "Informacje ogólne", + "idpSelect": "Wybierz dostawcę tożsamości dla użytkownika zewnętrznego", + "idpNotConfigured": "Nie skonfigurowano żadnych dostawców tożsamości. Skonfiguruj dostawcę tożsamości przed utworzeniem użytkowników zewnętrznych.", + "usernameUniq": "Musi to odpowiadać unikalnej nazwie użytkownika istniejącej u wybranego dostawcy tożsamości.", + "emailOptional": "Email (Opcjonalnie)", + "nameOptional": "Nazwa (Opcjonalnie)", + "accessControls": "Kontrola dostępu", + "userDescription2": "Zarządzaj ustawieniami tego użytkownika", + "accessRoleErrorAdd": "Nie udało się dodać użytkownika do roli", + "accessRoleErrorAddDescription": "Wystąpił błąd podczas dodawania użytkownika do roli.", + "userSaved": "Użytkownik zapisany", + "userSavedDescription": "Użytkownik został zaktualizowany.", + "accessControlsDescription": "Zarządzaj tym, do czego użytkownik ma dostęp i co może robić w organizacji", + "accessControlsSubmit": "Zapisz kontrole dostępu", + "roles": "Role", + "accessUsersRoles": "Zarządzaj użytkownikami i rolami", + "accessUsersRolesDescription": "Zapraszaj użytkowników i dodawaj ich do ról, aby zarządzać dostępem do Twojej organizacji", + "key": "Klucz", + "createdAt": "Utworzono", + "proxyErrorInvalidHeader": "Nieprawidłowa wartość niestandardowego nagłówka hosta. Użyj formatu nazwy domeny lub zapisz pusty, aby usunąć niestandardowy nagłówek hosta.", + "proxyErrorTls": "Nieprawidłowa nazwa serwera TLS. Użyj formatu nazwy domeny lub zapisz pusty, aby usunąć nazwę serwera TLS.", + "proxyEnableSSL": "Włącz SSL (https)", + "targetErrorFetch": "Nie udało się pobrać celów", + "targetErrorFetchDescription": "Wystąpił błąd podczas pobierania celów", + "siteErrorFetch": "Nie udało się pobrać zasobu", + "siteErrorFetchDescription": "Wystąpił błąd podczas pobierania zasobu", + "targetErrorDuplicate": "Duplikat celu", + "targetErrorDuplicateDescription": "Cel o tych ustawieniach już istnieje", + "targetWireGuardErrorInvalidIp": "Nieprawidłowy adres IP celu", + "targetWireGuardErrorInvalidIpDescription": "Adres IP celu musi znajdować się w podsieci witryny", + "targetsUpdated": "Cele zaktualizowane", + "targetsUpdatedDescription": "Cele i ustawienia zostały pomyślnie zaktualizowane", + "targetsErrorUpdate": "Nie udało się zaktualizować celów", + "targetsErrorUpdateDescription": "Wystąpił błąd podczas aktualizacji celów", + "targetTlsUpdate": "Ustawienia TLS zaktualizowane", + "targetTlsUpdateDescription": "Twoje ustawienia TLS zostały pomyślnie zaktualizowane", + "targetErrorTlsUpdate": "Nie udało się zaktualizować ustawień TLS", + "targetErrorTlsUpdateDescription": "Wystąpił błąd podczas aktualizacji ustawień TLS", + "proxyUpdated": "Ustawienia proxy zaktualizowane", + "proxyUpdatedDescription": "Twoje ustawienia proxy zostały pomyślnie zaktualizowane", + "proxyErrorUpdate": "Nie udało się zaktualizować ustawień proxy", + "proxyErrorUpdateDescription": "Wystąpił błąd podczas aktualizacji ustawień proxy", + "targetAddr": "IP / Nazwa hosta", + "targetPort": "Port", + "targetProtocol": "Protokół", + "targetTlsSettings": "Konfiguracja bezpiecznego połączenia", + "targetTlsSettingsDescription": "Skonfiguruj ustawienia SSL/TLS dla twojego zasobu", + "targetTlsSettingsAdvanced": "Zaawansowane ustawienia TLS", + "targetTlsSni": "Nazwa serwera TLS (SNI)", + "targetTlsSniDescription": "Nazwa serwera TLS do użycia dla SNI. Pozostaw puste, aby użyć domyślnej.", + "targetTlsSubmit": "Zapisz ustawienia", + "targets": "Konfiguracja celów", + "targetsDescription": "Skonfiguruj cele do kierowania ruchu do usług zaplecza", + "targetStickySessions": "Włącz sesje trwałe", + "targetStickySessionsDescription": "Utrzymuj połączenia na tym samym celu backendowym przez całą sesję.", + "methodSelect": "Wybierz metodę", + "targetSubmit": "Dodaj cel", + "targetNoOne": "Brak celów. Dodaj cel używając formularza.", + "targetNoOneDescription": "Dodanie więcej niż jednego celu powyżej włączy równoważenie obciążenia.", + "targetsSubmit": "Zapisz cele", + "proxyAdditional": "Dodatkowe ustawienia proxy", + "proxyAdditionalDescription": "Skonfiguruj jak twój zasób obsługuje ustawienia proxy", + "proxyCustomHeader": "Niestandardowy nagłówek hosta", + "proxyCustomHeaderDescription": "Nagłówek hosta do ustawienia podczas proxy żądań. Pozostaw puste, aby użyć domyślnego.", + "proxyAdditionalSubmit": "Zapisz ustawienia proxy", + "subnetMaskErrorInvalid": "Nieprawidłowa maska podsieci. Musi być między 0 a 32.", + "ipAddressErrorInvalidFormat": "Nieprawidłowy format adresu IP", + "ipAddressErrorInvalidOctet": "Nieprawidłowy oktet adresu IP", + "path": "Ścieżka", + "ipAddressRange": "Zakres IP", + "rulesErrorFetch": "Nie udało się pobrać reguł", + "rulesErrorFetchDescription": "Wystąpił błąd podczas pobierania reguł", + "rulesErrorDuplicate": "Duplikat reguły", + "rulesErrorDuplicateDescription": "Reguła o tych ustawieniach już istnieje", + "rulesErrorInvalidIpAddressRange": "Nieprawidłowy CIDR", + "rulesErrorInvalidIpAddressRangeDescription": "Wprowadź prawidłową wartość CIDR", + "rulesErrorInvalidUrl": "Nieprawidłowa ścieżka URL", + "rulesErrorInvalidUrlDescription": "Wprowadź prawidłową wartość ścieżki URL", + "rulesErrorInvalidIpAddress": "Nieprawidłowe IP", + "rulesErrorInvalidIpAddressDescription": "Wprowadź prawidłowy adres IP", + "rulesErrorUpdate": "Nie udało się zaktualizować reguł", + "rulesErrorUpdateDescription": "Wystąpił błąd podczas aktualizacji reguł", + "rulesUpdated": "Włącz reguły", + "rulesUpdatedDescription": "Ocena reguł została zaktualizowana", + "rulesMatchIpAddressRangeDescription": "Wprowadź adres w formacie CIDR (np. 103.21.244.0/22)", + "rulesMatchIpAddress": "Wprowadź adres IP (np. 103.21.244.12)", + "rulesMatchUrl": "Wprowadź ścieżkę URL lub wzorzec (np. /api/v1/todos lub /api/v1/*)", + "rulesErrorInvalidPriority": "Nieprawidłowy priorytet", + "rulesErrorInvalidPriorityDescription": "Wprowadź prawidłowy priorytet", + "rulesErrorDuplicatePriority": "Zduplikowane priorytety", + "rulesErrorDuplicatePriorityDescription": "Wprowadź unikalne priorytety", + "ruleUpdated": "Reguły zaktualizowane", + "ruleUpdatedDescription": "Reguły zostały pomyślnie zaktualizowane", + "ruleErrorUpdate": "Operacja nie powiodła się", + "ruleErrorUpdateDescription": "Wystąpił błąd podczas operacji zapisu", + "rulesPriority": "Priorytet", + "rulesAction": "Akcja", + "rulesMatchType": "Typ dopasowania", + "value": "Wartość", + "rulesAbout": "O regułach", + "rulesAboutDescription": "Reguły pozwalają kontrolować dostęp do zasobu na podstawie zestawu kryteriów. Możesz tworzyć reguły zezwalające lub odmawiające dostępu na podstawie adresu IP lub ścieżki URL.", + "rulesActions": "Akcje", + "rulesActionAlwaysAllow": "Zawsze zezwalaj: Pomiń wszystkie metody uwierzytelniania", + "rulesActionAlwaysDeny": "Zawsze odmawiaj: Blokuj wszystkie żądania; nie można próbować uwierzytelniania", + "rulesActionPassToAuth": "Przekaż do Autoryzacji: Zezwól na próby metod uwierzytelniania", + "rulesMatchCriteria": "Kryteria dopasowania", + "rulesMatchCriteriaIpAddress": "Dopasuj konkretny adres IP", + "rulesMatchCriteriaIpAddressRange": "Dopasuj zakres adresów IP w notacji CIDR", + "rulesMatchCriteriaUrl": "Dopasuj ścieżkę URL lub wzorzec", + "rulesEnable": "Włącz reguły", + "rulesEnableDescription": "Włącz lub wyłącz ocenę reguł dla tego zasobu", + "rulesResource": "Konfiguracja reguł zasobu", + "rulesResourceDescription": "Skonfiguruj reguły kontroli dostępu do zasobu", + "ruleSubmit": "Dodaj regułę", + "rulesNoOne": "Brak reguł. Dodaj regułę używając formularza.", + "rulesOrder": "Reguły są oceniane według priorytetu w kolejności rosnącej.", + "rulesSubmit": "Zapisz reguły", + "resourceErrorCreate": "Błąd podczas tworzenia zasobu", + "resourceErrorCreateDescription": "Wystąpił błąd podczas tworzenia zasobu", + "resourceErrorCreateMessage": "Błąd podczas tworzenia zasobu:", + "resourceErrorCreateMessageDescription": "Wystąpił nieoczekiwany błąd", + "sitesErrorFetch": "Błąd podczas pobierania witryn", + "sitesErrorFetchDescription": "Wystąpił błąd podczas pobierania witryn", + "domainsErrorFetch": "Błąd podczas pobierania domen", + "domainsErrorFetchDescription": "Wystąpił błąd podczas pobierania domen", + "none": "Brak", + "unknown": "Nieznany", + "resources": "Zasoby", + "resourcesDescription": "Zasoby są proxy do aplikacji działających w Twojej sieci prywatnej. Utwórz zasób dla dowolnej usługi HTTP/HTTPS lub surowej TCP/UDP w Twojej sieci prywatnej. Każdy zasób musi być połączony z witryną, aby umożliwić prywatne, bezpieczne połączenie przez zaszyfrowany tunel WireGuard.", + "resourcesWireGuardConnect": "Bezpieczne połączenie z szyfrowaniem WireGuard", + "resourcesMultipleAuthenticationMethods": "Skonfiguruj wiele metod uwierzytelniania", + "resourcesUsersRolesAccess": "Kontrola dostępu oparta na użytkownikach i rolach", + "resourcesErrorUpdate": "Nie udało się przełączyć zasobu", + "resourcesErrorUpdateDescription": "Wystąpił błąd podczas aktualizacji zasobu", + "access": "Dostęp", + "shareLink": "Link udostępniania {resource}", + "resourceSelect": "Wybierz zasób", + "shareLinks": "Linki udostępniania", + "share": "Linki do udostępniania", + "shareDescription2": "Twórz linki do udostępniania swoich zasobów. Linki zapewniają tymczasowy lub nieograniczony dostęp do zasobu. Podczas tworzenia linku możesz skonfigurować okres jego ważności.", + "shareEasyCreate": "Łatwe tworzenie i udostępnianie", + "shareConfigurableExpirationDuration": "Konfigurowalny okres ważności", + "shareSecureAndRevocable": "Bezpieczne i odwoływalne", + "nameMin": "Nazwa musi mieć co najmniej {len} znaków.", + "nameMax": "Nazwa nie może być dłuższa niż {len} znaków.", + "sitesConfirmCopy": "Potwierdź, że skopiowałeś konfigurację.", + "unknownCommand": "Nieznane polecenie", + "newtErrorFetchReleases": "Nie udało się pobrać informacji o wydaniu: {err}", + "newtErrorFetchLatest": "Błąd podczas pobierania najnowszego wydania: {err}", + "newtEndpoint": "Punkt końcowy Newt", + "newtId": "ID Newt", + "newtSecretKey": "Klucz tajny Newt", + "architecture": "Architektura", + "sites": "Witryny", + "siteWgAnyClients": "Użyj dowolnego klienta WireGuard do połączenia. Będziesz musiał adresować swoje zasoby wewnętrzne używając IP peera.", + "siteWgCompatibleAllClients": "Kompatybilny ze wszystkimi klientami WireGuard", + "siteWgManualConfigurationRequired": "Wymagana konfiguracja ręczna", + "userErrorNotAdminOrOwner": "Użytkownik nie jest administratorem ani właścicielem", + "pangolinSettings": "Ustawienia - Pangolin", + "accessRoleYour": "Twoja rola:", + "accessRoleSelect2": "Wybierz rolę", + "accessUserSelect": "Wybierz użytkownika", + "otpEmailEnter": "Wprowadź adres e-mail", + "otpEmailEnterDescription": "Naciśnij enter, aby dodać adres e-mail po wpisaniu go w polu.", + "otpEmailErrorInvalid": "Nieprawidłowy adres e-mail. Znak wieloznaczny (*) musi być całą częścią lokalną.", + "otpEmailSmtpRequired": "Wymagany SMTP", + "otpEmailSmtpRequiredDescription": "SMTP musi być włączony na serwerze, aby korzystać z uwierzytelniania jednorazowym hasłem.", + "otpEmailTitle": "Hasła jednorazowe", + "otpEmailTitleDescription": "Wymagaj uwierzytelniania opartego na e-mail dla dostępu do zasobu", + "otpEmailWhitelist": "Biała lista e-mail", + "otpEmailWhitelistList": "Dozwolone adresy e-mail", + "otpEmailWhitelistListDescription": "Tylko użytkownicy z tymi adresami e-mail będą mieli dostęp do tego zasobu. Otrzymają prośbę o wprowadzenie jednorazowego hasła wysłanego na ich e-mail. Można użyć znaków wieloznacznych (*@example.com), aby zezwolić na dowolny adres e-mail z domeny.", + "otpEmailWhitelistSave": "Zapisz białą listę", + "passwordAdd": "Dodaj hasło", + "passwordRemove": "Usuń hasło", + "pincodeAdd": "Dodaj kod PIN", + "pincodeRemove": "Usuń kod PIN", + "resourceAuthMethods": "Metody uwierzytelniania", + "resourceAuthMethodsDescriptions": "Zezwól na dostęp do zasobu przez dodatkowe metody uwierzytelniania", + "resourceAuthSettingsSave": "Zapisano pomyślnie", + "resourceAuthSettingsSaveDescription": "Ustawienia uwierzytelniania zostały zapisane", + "resourceErrorAuthFetch": "Nie udało się pobrać danych", + "resourceErrorAuthFetchDescription": "Wystąpił błąd podczas pobierania danych", + "resourceErrorPasswordRemove": "Błąd podczas usuwania hasła zasobu", + "resourceErrorPasswordRemoveDescription": "Wystąpił błąd podczas usuwania hasła zasobu", + "resourceErrorPasswordSetup": "Błąd podczas ustawiania hasła zasobu", + "resourceErrorPasswordSetupDescription": "Wystąpił błąd podczas ustawiania hasła zasobu", + "resourceErrorPincodeRemove": "Błąd podczas usuwania kodu PIN zasobu", + "resourceErrorPincodeRemoveDescription": "Wystąpił błąd podczas usuwania kodu PIN zasobu", + "resourceErrorPincodeSetup": "Błąd podczas ustawiania kodu PIN zasobu", + "resourceErrorPincodeSetupDescription": "Wystąpił błąd podczas ustawiania kodu PIN zasobu", + "resourceErrorUsersRolesSave": "Nie udało się ustawić ról", + "resourceErrorUsersRolesSaveDescription": "Wystąpił błąd podczas ustawiania ról", + "resourceErrorWhitelistSave": "Nie udało się zapisać białej listy", + "resourceErrorWhitelistSaveDescription": "Wystąpił błąd podczas zapisywania białej listy", + "resourcePasswordSubmit": "Włącz ochronę hasłem", + "resourcePasswordProtection": "Ochrona haseł {status}", + "resourcePasswordRemove": "Hasło zasobu zostało usunięte", + "resourcePasswordRemoveDescription": "Hasło zasobu zostało pomyślnie usunięte", + "resourcePasswordSetup": "Ustawiono hasło zasobu", + "resourcePasswordSetupDescription": "Hasło zasobu zostało pomyślnie ustawione", + "resourcePasswordSetupTitle": "Ustaw hasło", + "resourcePasswordSetupTitleDescription": "Ustaw hasło, aby chronić ten zasób", + "resourcePincode": "Kod PIN", + "resourcePincodeSubmit": "Włącz ochronę kodem PIN", + "resourcePincodeProtection": "Ochrona kodem PIN {status}", + "resourcePincodeRemove": "Usunięto kod PIN zasobu", + "resourcePincodeRemoveDescription": "Kod PIN zasobu został pomyślnie usunięty", + "resourcePincodeSetup": "Ustawiono kod PIN zasobu", + "resourcePincodeSetupDescription": "Kod PIN zasobu został pomyślnie ustawiony", + "resourcePincodeSetupTitle": "Ustaw kod PIN", + "resourcePincodeSetupTitleDescription": "Ustaw kod PIN, aby chronić ten zasób", + "resourceRoleDescription": "Administratorzy zawsze mają dostęp do tego zasobu.", + "resourceUsersRoles": "Użytkownicy i role", + "resourceUsersRolesDescription": "Skonfiguruj, którzy użytkownicy i role mogą odwiedzać ten zasób", + "resourceUsersRolesSubmit": "Zapisz użytkowników i role", + "resourceWhitelistSave": "Zapisano pomyślnie", + "resourceWhitelistSaveDescription": "Ustawienia białej listy zostały zapisane", + "ssoUse": "Użyj platformy SSO", + "ssoUseDescription": "Istniejący użytkownicy będą musieli zalogować się tylko raz dla wszystkich zasobów, które mają to włączone.", + "proxyErrorInvalidPort": "Nieprawidłowy numer portu", + "subdomainErrorInvalid": "Nieprawidłowa poddomena", + "domainErrorFetch": "Błąd podczas pobierania domen", + "domainErrorFetchDescription": "Wystąpił błąd podczas pobierania domen", + "resourceErrorUpdate": "Nie udało się zaktualizować zasobu", + "resourceErrorUpdateDescription": "Wystąpił błąd podczas aktualizacji zasobu", + "resourceUpdated": "Zasób zaktualizowany", + "resourceUpdatedDescription": "Zasób został pomyślnie zaktualizowany", + "resourceErrorTransfer": "Nie udało się przenieść zasobu", + "resourceErrorTransferDescription": "Wystąpił błąd podczas przenoszenia zasobu", + "resourceTransferred": "Zasób przeniesiony", + "resourceTransferredDescription": "Zasób został pomyślnie przeniesiony", + "resourceErrorToggle": "Nie udało się przełączyć zasobu", + "resourceErrorToggleDescription": "Wystąpił błąd podczas aktualizacji zasobu", + "resourceVisibilityTitle": "Widoczność", + "resourceVisibilityTitleDescription": "Całkowicie włącz lub wyłącz widoczność zasobu", + "resourceGeneral": "Ustawienia ogólne", + "resourceGeneralDescription": "Skonfiguruj ustawienia ogólne dla tego zasobu", + "resourceEnable": "Włącz zasób", + "resourceTransfer": "Przenieś zasób", + "resourceTransferDescription": "Przenieś ten zasób do innej witryny", + "resourceTransferSubmit": "Przenieś zasób", + "siteDestination": "Witryna docelowa", + "searchSites": "Szukaj witryn", + "accessRoleCreate": "Utwórz rolę", + "accessRoleCreateDescription": "Utwórz nową rolę aby zgrupować użytkowników i zarządzać ich uprawnieniami.", + "accessRoleCreateSubmit": "Utwórz rolę", + "accessRoleCreated": "Rola utworzona", + "accessRoleCreatedDescription": "Rola została pomyślnie utworzona.", + "accessRoleErrorCreate": "Nie udało się utworzyć roli", + "accessRoleErrorCreateDescription": "Wystąpił błąd podczas tworzenia roli.", + "accessRoleErrorNewRequired": "Nowa rola jest wymagana", + "accessRoleErrorRemove": "Nie udało się usunąć roli", + "accessRoleErrorRemoveDescription": "Wystąpił błąd podczas usuwania roli.", + "accessRoleName": "Nazwa roli", + "accessRoleQuestionRemove": "Zamierzasz usunąć rolę {name}. Tej akcji nie można cofnąć.", + "accessRoleRemove": "Usuń rolę", + "accessRoleRemoveDescription": "Usuń rolę z organizacji", + "accessRoleRemoveSubmit": "Usuń rolę", + "accessRoleRemoved": "Rola usunięta", + "accessRoleRemovedDescription": "Rola została pomyślnie usunięta.", + "accessRoleRequiredRemove": "Przed usunięciem tej roli, wybierz nową rolę do której zostaną przeniesieni obecni członkowie.", + "manage": "Zarządzaj", + "sitesNotFound": "Nie znaleziono witryn.", + "pangolinServerAdmin": "Administrator serwera - Pangolin", + "licenseTierProfessional": "Licencja Professional", + "licenseTierEnterprise": "Licencja Enterprise", + "licenseTierCommercial": "Licencja handlowa", + "licensed": "Licencjonowany", + "yes": "Tak", + "no": "Nie", + "sitesAdditional": "Dodatkowe witryny", + "licenseKeys": "Klucze licencyjne", + "sitestCountDecrease": "Zmniejsz liczbę witryn", + "sitestCountIncrease": "Zwiększ liczbę witryn", + "idpManage": "Zarządzaj dostawcami tożsamości", + "idpManageDescription": "Wyświetl i zarządzaj dostawcami tożsamości w systemie", + "idpDeletedDescription": "Dostawca tożsamości został pomyślnie usunięty", + "idpOidc": "OAuth2/OIDC", + "idpQuestionRemove": "Czy na pewno chcesz trwale usunąć dostawcę tożsamości {name}?", + "idpMessageRemove": "Spowoduje to usunięcie dostawcy tożsamości i wszystkich powiązanych konfiguracji. Użytkownicy uwierzytelniający się przez tego dostawcę nie będą mogli się już zalogować.", + "idpMessageConfirm": "Aby potwierdzić, wpisz nazwę dostawcy tożsamości poniżej.", + "idpConfirmDelete": "Potwierdź usunięcie dostawcy tożsamości", + "idpDelete": "Usuń dostawcę tożsamości", + "idp": "Dostawcy tożsamości", + "idpSearch": "Szukaj dostawców tożsamości...", + "idpAdd": "Dodaj dostawcę tożsamości", + "idpClientIdRequired": "Identyfikator klienta jest wymagany.", + "idpClientSecretRequired": "Sekret klienta jest wymagany.", + "idpErrorAuthUrlInvalid": "URL autoryzacji musi być prawidłowym adresem URL.", + "idpErrorTokenUrlInvalid": "URL tokena musi być prawidłowym adresem URL.", + "idpPathRequired": "Ścieżka identyfikatora jest wymagana.", + "idpScopeRequired": "Zakresy są wymagane.", + "idpOidcDescription": "Skonfiguruj dostawcę tożsamości OpenID Connect", + "idpCreatedDescription": "Dostawca tożsamości został pomyślnie utworzony", + "idpCreate": "Utwórz dostawcę tożsamości", + "idpCreateDescription": "Skonfiguruj nowego dostawcę tożsamości do uwierzytelniania użytkowników", + "idpSeeAll": "Zobacz wszystkich dostawców tożsamości", + "idpSettingsDescription": "Skonfiguruj podstawowe informacje dla swojego dostawcy tożsamości", + "idpDisplayName": "Nazwa wyświetlana dla tego dostawcy tożsamości", + "idpAutoProvisionUsers": "Automatyczne tworzenie użytkowników", + "idpAutoProvisionUsersDescription": "Gdy włączone, użytkownicy będą automatycznie tworzeni w systemie przy pierwszym logowaniu z możliwością mapowania użytkowników do ról i organizacji.", + "licenseBadge": "Profesjonalny", + "idpType": "Typ dostawcy", + "idpTypeDescription": "Wybierz typ dostawcy tożsamości, który chcesz skonfigurować", + "idpOidcConfigure": "Konfiguracja OAuth2/OIDC", + "idpOidcConfigureDescription": "Skonfiguruj punkty końcowe i poświadczenia dostawcy OAuth2/OIDC", + "idpClientId": "ID klienta", + "idpClientIdDescription": "ID klienta OAuth2 od twojego dostawcy tożsamości", + "idpClientSecret": "Sekret klienta", + "idpClientSecretDescription": "Sekret klienta OAuth2 od twojego dostawcy tożsamości", + "idpAuthUrl": "URL autoryzacji", + "idpAuthUrlDescription": "URL punktu końcowego autoryzacji OAuth2", + "idpTokenUrl": "URL tokena", + "idpTokenUrlDescription": "URL punktu końcowego tokena OAuth2", + "idpOidcConfigureAlert": "Ważna informacja", + "idpOidcConfigureAlertDescription": "Po utworzeniu dostawcy tożsamości, będziesz musiał skonfigurować URL wywołania zwrotnego w ustawieniach swojego dostawcy tożsamości. URL wywołania zwrotnego zostanie podany po pomyślnym utworzeniu.", + "idpToken": "Konfiguracja tokena", + "idpTokenDescription": "Skonfiguruj jak wydobywać informacje o użytkowniku z tokena ID", + "idpJmespathAbout": "O JMESPath", + "idpJmespathAboutDescription": "Poniższe ścieżki używają składni JMESPath do wydobywania wartości z tokena ID.", + "idpJmespathAboutDescriptionLink": "Dowiedz się więcej o JMESPath", + "idpJmespathLabel": "Ścieżka identyfikatora", + "idpJmespathLabelDescription": "JMESPath do identyfikatora użytkownika w tokenie ID", + "idpJmespathEmailPathOptional": "Ścieżka email (Opcjonalnie)", + "idpJmespathEmailPathOptionalDescription": "JMESPath do emaila użytkownika w tokenie ID", + "idpJmespathNamePathOptional": "Ścieżka nazwy (Opcjonalnie)", + "idpJmespathNamePathOptionalDescription": "JMESPath do nazwy użytkownika w tokenie ID", + "idpOidcConfigureScopes": "Zakresy", + "idpOidcConfigureScopesDescription": "Lista zakresów OAuth2 oddzielonych spacjami do żądania", + "idpSubmit": "Utwórz dostawcę tożsamości", + "orgPolicies": "Polityki organizacji", + "idpSettings": "Ustawienia {idpName}", + "idpCreateSettingsDescription": "Skonfiguruj ustawienia dla swojego dostawcy tożsamości", + "roleMapping": "Mapowanie ról", + "orgMapping": "Mapowanie organizacji", + "orgPoliciesSearch": "Szukaj polityk organizacji...", + "orgPoliciesAdd": "Dodaj politykę organizacji", + "orgRequired": "Organizacja jest wymagana", + "error": "Błąd", + "success": "Sukces", + "orgPolicyAddedDescription": "Polityka została pomyślnie dodana", + "orgPolicyUpdatedDescription": "Polityka została pomyślnie zaktualizowana", + "orgPolicyDeletedDescription": "Polityka została pomyślnie usunięta", + "defaultMappingsUpdatedDescription": "Domyślne mapowania zostały pomyślnie zaktualizowane", + "orgPoliciesAbout": "O politykach organizacji", + "orgPoliciesAboutDescription": "Polityki organizacji służą do kontroli dostępu do organizacji na podstawie tokena ID użytkownika. Możesz określić wyrażenia JMESPath do wydobywania informacji o roli i organizacji z tokena ID. Aby dowiedzieć się więcej, zobacz", + "orgPoliciesAboutDescriptionLink": "dokumentację", + "defaultMappingsOptional": "Domyślne mapowania (Opcjonalne)", + "defaultMappingsOptionalDescription": "Domyślne mapowania są używane, gdy nie ma zdefiniowanej polityki organizacji dla organizacji. Możesz tutaj określić domyślne mapowania ról i organizacji.", + "defaultMappingsRole": "Domyślne mapowanie roli", + "defaultMappingsRoleDescription": "JMESPath do wydobycia informacji o roli z tokena ID. Wynik tego wyrażenia musi zwrócić nazwę roli zdefiniowaną w organizacji jako ciąg znaków.", + "defaultMappingsOrg": "Domyślne mapowanie organizacji", + "defaultMappingsOrgDescription": "JMESPath do wydobycia informacji o organizacji z tokena ID. To wyrażenie musi zwrócić ID organizacji lub true, aby użytkownik mógł uzyskać dostęp do organizacji.", + "defaultMappingsSubmit": "Zapisz domyślne mapowania", + "orgPoliciesEdit": "Edytuj politykę organizacji", + "org": "Organizacja", + "orgSelect": "Wybierz organizację", + "orgSearch": "Szukaj organizacji", + "orgNotFound": "Nie znaleziono organizacji.", + "roleMappingPathOptional": "Ścieżka mapowania roli (Opcjonalnie)", + "orgMappingPathOptional": "Ścieżka mapowania organizacji (Opcjonalnie)", + "orgPolicyUpdate": "Aktualizuj politykę", + "orgPolicyAdd": "Dodaj politykę", + "orgPolicyConfig": "Skonfiguruj dostęp dla organizacji", + "idpUpdatedDescription": "Dostawca tożsamości został pomyślnie zaktualizowany", + "redirectUrl": "URL przekierowania", + "redirectUrlAbout": "O URL przekierowania", + "redirectUrlAboutDescription": "Jest to URL, na który użytkownicy zostaną przekierowani po uwierzytelnieniu. Musisz skonfigurować ten URL w ustawieniach swojego dostawcy tożsamości.", + "pangolinAuth": "Autoryzacja - Pangolin", + "verificationCodeLengthRequirements": "Twój kod weryfikacyjny musi mieć 8 znaków.", + "errorOccurred": "Wystąpił błąd", + "emailErrorVerify": "Nie udało się zweryfikować adresu e-mail:", + "emailVerified": "E-mail został pomyślnie zweryfikowany! Przekierowywanie...", + "verificationCodeErrorResend": "Nie udało się ponownie wysłać kodu weryfikacyjnego:", + "verificationCodeResend": "Kod weryfikacyjny wysłany ponownie", + "verificationCodeResendDescription": "Wysłaliśmy ponownie kod weryfikacyjny na Twój adres e-mail. Sprawdź swoją skrzynkę odbiorczą.", + "emailVerify": "Zweryfikuj e-mail", + "emailVerifyDescription": "Wprowadź kod weryfikacyjny wysłany na Twój adres e-mail.", + "verificationCode": "Kod weryfikacyjny", + "verificationCodeEmailSent": "Wysłaliśmy kod weryfikacyjny na Twój adres e-mail.", + "submit": "Wyślij", + "emailVerifyResendProgress": "Ponowne wysyłanie...", + "emailVerifyResend": "Nie otrzymałeś kodu? Kliknij tutaj, aby wysłać ponownie", + "passwordNotMatch": "Hasła nie są zgodne", + "signupError": "Wystąpił błąd podczas rejestracji", + "pangolinLogoAlt": "Logo Pangolin", + "inviteAlready": "Wygląda na to, że zostałeś już zaproszony!", + "inviteAlreadyDescription": "Aby zaakceptować zaproszenie, musisz się zalogować lub utworzyć konto.", + "signupQuestion": "Masz już konto?", + "login": "Zaloguj się", + "resourceNotFound": "Nie znaleziono zasobu", + "resourceNotFoundDescription": "Zasób, do którego próbujesz uzyskać dostęp, nie istnieje.", + "pincodeRequirementsLength": "PIN musi składać się dokładnie z 6 cyfr", + "pincodeRequirementsChars": "PIN może zawierać tylko cyfry", + "passwordRequirementsLength": "Hasło musi mieć co najmniej 1 znak", + "passwordRequirementsTitle": "Wymagania dotyczące hasła:", + "passwordRequirementLength": "Przynajmniej 8 znaków długości", + "passwordRequirementUppercase": "Przynajmniej jedna wielka litera", + "passwordRequirementLowercase": "Przynajmniej jedna mała litera", + "passwordRequirementNumber": "Przynajmniej jedna cyfra", + "passwordRequirementSpecial": "Przynajmniej jeden znak specjalny", + "passwordRequirementsMet": "✓ Hasło spełnia wszystkie wymagania", + "passwordStrength": "Siła hasła", + "passwordStrengthWeak": "Słabe", + "passwordStrengthMedium": "Średnie", + "passwordStrengthStrong": "Silne", + "passwordRequirements": "Wymagania:", + "passwordRequirementLengthText": "8+ znaków", + "passwordRequirementUppercaseText": "Wielka litera (A-Z)", + "passwordRequirementLowercaseText": "Mała litera (a-z)", + "passwordRequirementNumberText": "Cyfra (0-9)", + "passwordRequirementSpecialText": "Znak specjalny (!@#$%...)", + "passwordsDoNotMatch": "Hasła nie są zgodne", + "otpEmailRequirementsLength": "Kod jednorazowy musi mieć co najmniej 1 znak", + "otpEmailSent": "Kod jednorazowy wysłany", + "otpEmailSentDescription": "Kod jednorazowy został wysłany na Twój e-mail", + "otpEmailErrorAuthenticate": "Nie udało się uwierzytelnić za pomocą e-maila", + "pincodeErrorAuthenticate": "Nie udało się uwierzytelnić za pomocą kodu PIN", + "passwordErrorAuthenticate": "Nie udało się uwierzytelnić za pomocą hasła", + "poweredBy": "Obsługiwane przez", + "authenticationRequired": "Wymagane uwierzytelnienie", + "authenticationMethodChoose": "Wybierz preferowaną metodę dostępu do {name}", + "authenticationRequest": "Musisz się uwierzytelnić, aby uzyskać dostęp do {name}", + "user": "Użytkownik", + "pincodeInput": "6-cyfrowy kod PIN", + "pincodeSubmit": "Zaloguj się kodem PIN", + "passwordSubmit": "Zaloguj się hasłem", + "otpEmailDescription": "Kod jednorazowy zostanie wysłany na ten adres e-mail.", + "otpEmailSend": "Wyślij kod jednorazowy", + "otpEmail": "Hasło jednorazowe (OTP)", + "otpEmailSubmit": "Wyślij OTP", + "backToEmail": "Powrót do e-maila", + "noSupportKey": "Serwer działa bez klucza wspierającego. Rozważ wsparcie projektu!", + "accessDenied": "Odmowa dostępu", + "accessDeniedDescription": "Nie masz uprawnień dostępu do tego zasobu. Jeśli to pomyłka, skontaktuj się z administratorem.", + "accessTokenError": "Błąd sprawdzania tokena dostępu", + "accessGranted": "Dostęp przyznany", + "accessUrlInvalid": "Nieprawidłowy URL dostępu", + "accessGrantedDescription": "Otrzymałeś dostęp do tego zasobu. Przekierowywanie...", + "accessUrlInvalidDescription": "Ten udostępniony URL dostępu jest nieprawidłowy. Skontaktuj się z właścicielem zasobu, aby otrzymać nowy URL.", + "tokenInvalid": "Nieprawidłowy token", + "pincodeInvalid": "Nieprawidłowy kod", + "passwordErrorRequestReset": "Nie udało się zażądać resetowania:", + "passwordErrorReset": "Nie udało się zresetować hasła:", + "passwordResetSuccess": "Hasło zostało pomyślnie zresetowane! Powrót do logowania...", + "passwordReset": "Zresetuj hasło", + "passwordResetDescription": "Wykonaj kroki, aby zresetować hasło", + "passwordResetSent": "Wyślemy kod resetowania hasła na ten adres e-mail.", + "passwordResetCode": "Kod resetowania", + "passwordResetCodeDescription": "Sprawdź swój e-mail, aby znaleźć kod resetowania.", + "passwordNew": "Nowe hasło", + "passwordNewConfirm": "Potwierdź nowe hasło", + "pincodeAuth": "Kod uwierzytelniający", + "pincodeSubmit2": "Wyślij kod", + "passwordResetSubmit": "Zażądaj resetowania", + "passwordBack": "Powrót do hasła", + "loginBack": "Wróć do logowania", + "signup": "Zarejestruj się", + "loginStart": "Zaloguj się, aby rozpocząć", + "idpOidcTokenValidating": "Walidacja tokena OIDC", + "idpOidcTokenResponse": "Zweryfikuj odpowiedź tokena OIDC", + "idpErrorOidcTokenValidating": "Błąd walidacji tokena OIDC", + "idpConnectingTo": "Łączenie z {name}", + "idpConnectingToDescription": "Weryfikacja tożsamości", + "idpConnectingToProcess": "Łączenie...", + "idpConnectingToFinished": "Połączono", + "idpErrorConnectingTo": "Wystąpił problem z połączeniem z {name}. Skontaktuj się z administratorem.", + "idpErrorNotFound": "Nie znaleziono IdP", + "inviteInvalid": "Nieprawidłowe zaproszenie", + "inviteInvalidDescription": "Link zapraszający jest nieprawidłowy.", + "inviteErrorWrongUser": "Zaproszenie nie jest dla tego użytkownika", + "inviteErrorUserNotExists": "Użytkownik nie istnieje. Najpierw utwórz konto.", + "inviteErrorLoginRequired": "Musisz być zalogowany, aby zaakceptować zaproszenie", + "inviteErrorExpired": "Zaproszenie mogło wygasnąć", + "inviteErrorRevoked": "Zaproszenie mogło zostać odwołane", + "inviteErrorTypo": "W linku zapraszającym może być literówka", + "pangolinSetup": "Konfiguracja - Pangolin", + "orgNameRequired": "Nazwa organizacji jest wymagana", + "orgIdRequired": "ID organizacji jest wymagane", + "orgErrorCreate": "Wystąpił błąd podczas tworzenia organizacji", + "pageNotFound": "Nie znaleziono strony", + "pageNotFoundDescription": "Ups! Strona, której szukasz, nie istnieje.", + "overview": "Przegląd", + "home": "Strona główna", + "accessControl": "Kontrola dostępu", + "settings": "Ustawienia", + "usersAll": "Wszyscy użytkownicy", + "license": "Licencja", + "pangolinDashboard": "Panel - Pangolin", + "noResults": "Nie znaleziono wyników.", + "terabytes": "{count} TB", + "gigabytes": "{count} GB", + "megabytes": "{count} MB", + "tagsEntered": "Wprowadzone tagi", + "tagsEnteredDescription": "To są wprowadzone przez ciebie tagi.", + "tagsWarnCannotBeLessThanZero": "maxTags i minTags nie mogą być mniejsze od 0", + "tagsWarnNotAllowedAutocompleteOptions": "Tag niedozwolony zgodnie z opcjami autouzupełniania", + "tagsWarnInvalid": "Nieprawidłowy tag według validateTag", + "tagWarnTooShort": "Tag {tagText} jest za krótki", + "tagWarnTooLong": "Tag {tagText} jest za długi", + "tagsWarnReachedMaxNumber": "Osiągnięto maksymalną dozwoloną liczbę tagów", + "tagWarnDuplicate": "Zduplikowany tag {tagText} nie został dodany", + "supportKeyInvalid": "Nieprawidłowy klucz", + "supportKeyInvalidDescription": "Twój klucz wspierający jest nieprawidłowy.", + "supportKeyValid": "Prawidłowy klucz", + "supportKeyValidDescription": "Twój klucz wspierający został zweryfikowany. Dziękujemy za wsparcie!", + "supportKeyErrorValidationDescription": "Nie udało się zweryfikować klucza wspierającego.", + "supportKey": "Wesprzyj rozwój i adoptuj Pangolina!", + "supportKeyDescription": "Kup klucz wspierający, aby pomóc nam w dalszym rozwijaniu Pangolina dla społeczności. Twój wkład pozwala nam poświęcić więcej czasu na utrzymanie i dodawanie nowych funkcji do aplikacji dla wszystkich. Nigdy nie wykorzystamy tego do blokowania funkcji za paywallem. Jest to oddzielne od wydania komercyjnego.", + "supportKeyPet": "Będziesz mógł także zaadoptować i poznać swojego własnego zwierzaka Pangolina!", + "supportKeyPurchase": "Płatności są przetwarzane przez GitHub. Następnie możesz pobrać swój klucz na", + "supportKeyPurchaseLink": "naszej stronie", + "supportKeyPurchase2": "i wykorzystać go tutaj.", + "supportKeyLearnMore": "Dowiedz się więcej.", + "supportKeyOptions": "Wybierz opcję, która najbardziej ci odpowiada.", + "supportKetOptionFull": "Pełne wsparcie", + "forWholeServer": "Dla całego serwera", + "lifetimePurchase": "Zakup dożywotni", + "supporterStatus": "Status wspierającego", + "buy": "Kup", + "supportKeyOptionLimited": "Ograniczone wsparcie", + "forFiveUsers": "Dla 5 lub mniej użytkowników", + "supportKeyRedeem": "Wykorzystaj klucz wspierający", + "supportKeyHideSevenDays": "Ukryj na 7 dni", + "supportKeyEnter": "Wprowadź klucz wspierający", + "supportKeyEnterDescription": "Poznaj swojego własnego zwierzaka Pangolina!", + "githubUsername": "Nazwa użytkownika GitHub", + "supportKeyInput": "Klucz wspierający", + "supportKeyBuy": "Kup klucz wspierający", + "logoutError": "Błąd podczas wylogowywania", + "signingAs": "Zalogowany jako", + "serverAdmin": "Administrator serwera", + "managedSelfhosted": "Zarządzane Samodzielnie-Hostingowane", + "otpEnable": "Włącz uwierzytelnianie dwuskładnikowe", + "otpDisable": "Wyłącz uwierzytelnianie dwuskładnikowe", + "logout": "Wyloguj się", + "licenseTierProfessionalRequired": "Wymagana edycja Professional", + "licenseTierProfessionalRequiredDescription": "Ta funkcja jest dostępna tylko w edycji Professional.", + "actionGetOrg": "Pobierz organizację", + "actionUpdateOrg": "Aktualizuj organizację", + "actionUpdateUser": "Zaktualizuj użytkownika", + "actionGetUser": "Pobierz użytkownika", + "actionGetOrgUser": "Pobierz użytkownika organizacji", + "actionListOrgDomains": "Lista domen organizacji", + "actionCreateSite": "Utwórz witrynę", + "actionDeleteSite": "Usuń witrynę", + "actionGetSite": "Pobierz witrynę", + "actionListSites": "Lista witryn", + "setupToken": "Skonfiguruj token", + "setupTokenDescription": "Wprowadź token konfiguracji z konsoli serwera.", + "setupTokenRequired": "Wymagany jest token konfiguracji", + "actionUpdateSite": "Aktualizuj witrynę", + "actionListSiteRoles": "Lista dozwolonych ról witryny", + "actionCreateResource": "Utwórz zasób", + "actionDeleteResource": "Usuń zasób", + "actionGetResource": "Pobierz zasób", + "actionListResource": "Lista zasobów", + "actionUpdateResource": "Aktualizuj zasób", + "actionListResourceUsers": "Lista użytkowników zasobu", + "actionSetResourceUsers": "Ustaw użytkowników zasobu", + "actionSetAllowedResourceRoles": "Ustaw dozwolone role zasobu", + "actionListAllowedResourceRoles": "Lista dozwolonych ról zasobu", + "actionSetResourcePassword": "Ustaw hasło zasobu", + "actionSetResourcePincode": "Ustaw kod PIN zasobu", + "actionSetResourceEmailWhitelist": "Ustaw białą listę email zasobu", + "actionGetResourceEmailWhitelist": "Pobierz białą listę email zasobu", + "actionCreateTarget": "Utwórz cel", + "actionDeleteTarget": "Usuń cel", + "actionGetTarget": "Pobierz cel", + "actionListTargets": "Lista celów", + "actionUpdateTarget": "Aktualizuj cel", + "actionCreateRole": "Utwórz rolę", + "actionDeleteRole": "Usuń rolę", + "actionGetRole": "Pobierz rolę", + "actionListRole": "Lista ról", + "actionUpdateRole": "Aktualizuj rolę", + "actionListAllowedRoleResources": "Lista dozwolonych zasobów roli", + "actionInviteUser": "Zaproś użytkownika", + "actionRemoveUser": "Usuń użytkownika", + "actionListUsers": "Lista użytkowników", + "actionAddUserRole": "Dodaj rolę użytkownika", + "actionGenerateAccessToken": "Wygeneruj token dostępu", + "actionDeleteAccessToken": "Usuń token dostępu", + "actionListAccessTokens": "Lista tokenów dostępu", + "actionCreateResourceRule": "Utwórz regułę zasobu", + "actionDeleteResourceRule": "Usuń regułę zasobu", + "actionListResourceRules": "Lista reguł zasobu", + "actionUpdateResourceRule": "Aktualizuj regułę zasobu", + "actionListOrgs": "Lista organizacji", + "actionCheckOrgId": "Sprawdź ID", + "actionCreateOrg": "Utwórz organizację", + "actionDeleteOrg": "Usuń organizację", + "actionListApiKeys": "Lista kluczy API", + "actionListApiKeyActions": "Lista akcji klucza API", + "actionSetApiKeyActions": "Ustaw dozwolone akcje klucza API", + "actionCreateApiKey": "Utwórz klucz API", + "actionDeleteApiKey": "Usuń klucz API", + "actionCreateIdp": "Utwórz IDP", + "actionUpdateIdp": "Aktualizuj IDP", + "actionDeleteIdp": "Usuń IDP", + "actionListIdps": "Lista IDP", + "actionGetIdp": "Pobierz IDP", + "actionCreateIdpOrg": "Utwórz politykę organizacji IDP", + "actionDeleteIdpOrg": "Usuń politykę organizacji IDP", + "actionListIdpOrgs": "Lista organizacji IDP", + "actionUpdateIdpOrg": "Aktualizuj organizację IDP", + "actionCreateClient": "Utwórz klienta", + "actionDeleteClient": "Usuń klienta", + "actionUpdateClient": "Aktualizuj klienta", + "actionListClients": "Lista klientów", + "actionGetClient": "Pobierz klienta", + "actionCreateSiteResource": "Utwórz zasób witryny", + "actionDeleteSiteResource": "Usuń zasób strony", + "actionGetSiteResource": "Pobierz zasób strony", + "actionListSiteResources": "Lista zasobów strony", + "actionUpdateSiteResource": "Aktualizuj zasób strony", + "actionListInvitations": "Lista zaproszeń", + "noneSelected": "Nie wybrano", + "orgNotFound2": "Nie znaleziono organizacji.", + "searchProgress": "Szukaj...", + "create": "Utwórz", + "orgs": "Organizacje", + "loginError": "Wystąpił błąd podczas logowania", + "passwordForgot": "Zapomniałeś hasła?", + "otpAuth": "Uwierzytelnianie dwuskładnikowe", + "otpAuthDescription": "Wprowadź kod z aplikacji uwierzytelniającej lub jeden z jednorazowych kodów zapasowych.", + "otpAuthSubmit": "Wyślij kod", + "idpContinue": "Lub kontynuuj z", + "otpAuthBack": "Powrót do logowania", + "navbar": "Menu nawigacyjne", + "navbarDescription": "Główne menu nawigacyjne aplikacji", + "navbarDocsLink": "Dokumentacja", + "commercialEdition": "Edycja komercyjna", + "otpErrorEnable": "Nie można włączyć 2FA", + "otpErrorEnableDescription": "Wystąpił błąd podczas włączania 2FA", + "otpSetupCheckCode": "Wprowadź 6-cyfrowy kod", + "otpSetupCheckCodeRetry": "Nieprawidłowy kod. Spróbuj ponownie.", + "otpSetup": "Włącz uwierzytelnianie dwuskładnikowe", + "otpSetupDescription": "Zabezpiecz swoje konto dodatkową warstwą ochrony", + "otpSetupScanQr": "Zeskanuj ten kod QR za pomocą aplikacji uwierzytelniającej lub wprowadź klucz tajny ręcznie:", + "otpSetupSecretCode": "Kod uwierzytelniający", + "otpSetupSuccess": "Włączono uwierzytelnianie dwuskładnikowe", + "otpSetupSuccessStoreBackupCodes": "Twoje konto jest teraz bezpieczniejsze. Nie zapomnij zapisać kodów zapasowych.", + "otpErrorDisable": "Nie można wyłączyć 2FA", + "otpErrorDisableDescription": "Wystąpił błąd podczas wyłączania 2FA", + "otpRemove": "Wyłącz uwierzytelnianie dwuskładnikowe", + "otpRemoveDescription": "Wyłącz uwierzytelnianie dwuskładnikowe dla swojego konta", + "otpRemoveSuccess": "Wyłączono uwierzytelnianie dwuskładnikowe", + "otpRemoveSuccessMessage": "Uwierzytelnianie dwuskładnikowe zostało wyłączone dla Twojego konta. Możesz je włączyć ponownie w dowolnym momencie.", + "otpRemoveSubmit": "Wyłącz 2FA", + "paginator": "Strona {current} z {last}", + "paginatorToFirst": "Przejdź do pierwszej strony", + "paginatorToPrevious": "Przejdź do poprzedniej strony", + "paginatorToNext": "Przejdź do następnej strony", + "paginatorToLast": "Przejdź do ostatniej strony", + "copyText": "Kopiuj tekst", + "copyTextFailed": "Nie udało się skopiować tekstu: ", + "copyTextClipboard": "Kopiuj do schowka", + "inviteErrorInvalidConfirmation": "Nieprawidłowe potwierdzenie", + "passwordRequired": "Hasło jest wymagane", + "allowAll": "Zezwól wszystkim", + "permissionsAllowAll": "Zezwól na wszystkie uprawnienia", + "githubUsernameRequired": "Nazwa użytkownika GitHub jest wymagana", + "supportKeyRequired": "Klucz wspierający jest wymagany", + "passwordRequirementsChars": "Hasło musi mieć co najmniej 8 znaków", + "language": "Język", + "verificationCodeRequired": "Kod jest wymagany", + "userErrorNoUpdate": "Brak użytkownika do aktualizacji", + "siteErrorNoUpdate": "Brak witryny do aktualizacji", + "resourceErrorNoUpdate": "Brak zasobu do aktualizacji", + "authErrorNoUpdate": "Brak danych uwierzytelniania do aktualizacji", + "orgErrorNoUpdate": "Brak organizacji do aktualizacji", + "orgErrorNoProvided": "Nie podano organizacji", + "apiKeysErrorNoUpdate": "Brak klucza API do aktualizacji", + "sidebarOverview": "Przegląd", + "sidebarHome": "Strona główna", + "sidebarSites": "Witryny", + "sidebarResources": "Zasoby", + "sidebarAccessControl": "Kontrola dostępu", + "sidebarUsers": "Użytkownicy", + "sidebarInvitations": "Zaproszenia", + "sidebarRoles": "Role", + "sidebarShareableLinks": "Linki do udostępnienia", + "sidebarApiKeys": "Klucze API", + "sidebarSettings": "Ustawienia", + "sidebarAllUsers": "Wszyscy użytkownicy", + "sidebarIdentityProviders": "Dostawcy tożsamości", + "sidebarLicense": "Licencja", + "sidebarClients": "Klienci (Beta)", + "sidebarDomains": "Domeny", + "enableDockerSocket": "Włącz gniazdo dokera", + "enableDockerSocketDescription": "Włącz wykrywanie Docker Socket w celu wypełnienia informacji o kontenerach. Ścieżka gniazda musi być dostarczona do Newt.", + "enableDockerSocketLink": "Dowiedz się więcej", + "viewDockerContainers": "Zobacz kontenery dokujące", + "containersIn": "Pojemniki w {siteName}", + "selectContainerDescription": "Wybierz dowolny kontener do użycia jako nazwa hosta dla tego celu. Kliknij port, aby użyć portu.", + "containerName": "Nazwa", + "containerImage": "Obraz", + "containerState": "Stan", + "containerNetworks": "Sieci", + "containerHostnameIp": "Nazwa hosta/IP", + "containerLabels": "Etykiety", + "containerLabelsCount": "{count, plural, one {# etykieta} few {# etykiety} many {# etykiet} other {# etykiet}}", + "containerLabelsTitle": "Etykiety kontenera", + "containerLabelEmpty": "", + "containerPorts": "Porty", + "containerPortsMore": "+{count} więcej", + "containerActions": "Akcje", + "select": "Wybierz", + "noContainersMatchingFilters": "Nie znaleziono kontenerów pasujących do obecnych filtrów.", + "showContainersWithoutPorts": "Pokaż kontenery bez portów", + "showStoppedContainers": "Pokaż zatrzymane kontenery", + "noContainersFound": "Nie znaleziono kontenerów. Upewnij się, że kontenery dokujące są uruchomione.", + "searchContainersPlaceholder": "Szukaj w {count} kontenerach...", + "searchResultsCount": "{count, plural, one {# wynik} few {# wyniki} many {# wyników} other {# wyników}}", + "filters": "Filtry", + "filterOptions": "Opcje filtru", + "filterPorts": "Porty", + "filterStopped": "Zatrzymano", + "clearAllFilters": "Wyczyść wszystkie filtry", + "columns": "Kwota, którą należy zgłosić w kolumnie 060 tego wiersza: pierwotne odliczenie, art. 36 ust. 1 lit. b) CRR.", + "toggleColumns": "Przełącz kolumny", + "refreshContainersList": "Odśwież listę kontenerów", + "searching": "Wyszukiwanie...", + "noContainersFoundMatching": "Nie znaleziono kontenerów pasujących do \"{filter}\".", + "light": "jasny", + "dark": "ciemny", + "system": "System", + "theme": "Motyw", + "subnetRequired": "Podsieć jest wymagana", + "initialSetupTitle": "Wstępna konfiguracja serwera", + "initialSetupDescription": "Utwórz początkowe konto administratora serwera. Może istnieć tylko jeden administrator serwera. Zawsze można zmienić te dane uwierzytelniające.", + "createAdminAccount": "Utwórz konto administratora", + "setupErrorCreateAdmin": "Wystąpił błąd podczas tworzenia konta administratora serwera.", + "certificateStatus": "Status certyfikatu", + "loading": "Ładowanie", + "restart": "Uruchom ponownie", + "domains": "Domeny", + "domainsDescription": "Zarządzaj domenami swojej organizacji", + "domainsSearch": "Szukaj domen...", + "domainAdd": "Dodaj domenę", + "domainAddDescription": "Zarejestruj nową domenę w swojej organizacji", + "domainCreate": "Utwórz domenę", + "domainCreatedDescription": "Domena utworzona pomyślnie", + "domainDeletedDescription": "Domena usunięta pomyślnie", + "domainQuestionRemove": "Czy na pewno chcesz usunąć domenę {domain} ze swojego konta?", + "domainMessageRemove": "Po usunięciu domena nie będzie już powiązana z twoim kontem.", + "domainMessageConfirm": "Aby potwierdzić, wpisz nazwę domeny poniżej.", + "domainConfirmDelete": "Potwierdź usunięcie domeny", + "domainDelete": "Usuń domenę", + "domain": "Domena", + "selectDomainTypeNsName": "Delegacja domeny (NS)", + "selectDomainTypeNsDescription": "Ta domena i wszystkie jej subdomeny. Użyj tego, gdy chcesz kontrolować całą strefę domeny.", + "selectDomainTypeCnameName": "Pojedyncza domena (CNAME)", + "selectDomainTypeCnameDescription": "Tylko ta pojedyncza domena. Użyj tego dla poszczególnych subdomen lub wpisów specyficznych dla domeny.", + "selectDomainTypeWildcardName": "Domena wieloznaczna", + "selectDomainTypeWildcardDescription": "Ta domena i jej subdomeny.", + "domainDelegation": "Pojedyncza domena", + "selectType": "Wybierz typ", + "actions": "Akcje", + "refresh": "Odśwież", + "refreshError": "Nie udało się odświeżyć danych", + "verified": "Zatwierdzony", + "pending": "Oczekuje", + "sidebarBilling": "Fakturowanie", + "billing": "Fakturowanie", + "orgBillingDescription": "Zarządzaj swoimi informacjami rozliczeniowymi i subskrypcjami", + "github": "GitHub", + "pangolinHosted": "Logo Pangolin", + "fossorial": "Fossorial", + "completeAccountSetup": "Zakończ konfigurację konta", + "completeAccountSetupDescription": "Ustaw swoje hasło, aby rozpocząć", + "accountSetupSent": "Wyślemy kod konfiguracji konta na ten adres e-mail.", + "accountSetupCode": "Kod konfiguracji", + "accountSetupCodeDescription": "Sprawdź swój e-mail, aby znaleźć kod konfiguracji.", + "passwordCreate": "Utwórz hasło", + "passwordCreateConfirm": "Potwierdź hasło", + "accountSetupSubmit": "Wyślij kod konfiguracji", + "completeSetup": "Zakończ konfigurację", + "accountSetupSuccess": "Konfiguracja konta zakończona! Witaj w Pangolin!", + "documentation": "Dokumentacja", + "saveAllSettings": "Zapisz wszystkie ustawienia", + "settingsUpdated": "Ustawienia zaktualizowane", + "settingsUpdatedDescription": "Wszystkie ustawienia zostały pomyślnie zaktualizowane", + "settingsErrorUpdate": "Nie udało się zaktualizować ustawień", + "settingsErrorUpdateDescription": "Wystąpił błąd podczas aktualizacji ustawień", + "sidebarCollapse": "Zwiń", + "sidebarExpand": "Rozwiń", + "newtUpdateAvailable": "Dostępna aktualizacja", + "newtUpdateAvailableInfo": "Nowa wersja Newt jest dostępna. Prosimy o aktualizację do najnowszej wersji dla najlepszej pracy.", + "domainPickerEnterDomain": "Domena", + "domainPickerPlaceholder": "myapp.example.com, api.v1.mydomain.com lub po prostu myapp", + "domainPickerDescription": "Wpisz pełną domenę zasobu, aby zobaczyć dostępne opcje.", + "domainPickerDescriptionSaas": "Wprowadź pełną domenę, subdomenę lub po prostu nazwę, aby zobaczyć dostępne opcje", + "domainPickerTabAll": "Wszystko", + "domainPickerTabOrganization": "Organizacja", + "domainPickerTabProvided": "Dostarczona", + "domainPickerSortAsc": "A-Z", + "domainPickerSortDesc": "Z-A", + "domainPickerCheckingAvailability": "Sprawdzanie dostępności...", + "domainPickerNoMatchingDomains": "Nie znaleziono pasujących domen. Spróbuj innej domeny lub sprawdź ustawienia domeny swojej organizacji.", + "domainPickerOrganizationDomains": "Domeny organizacji", + "domainPickerProvidedDomains": "Dostarczone domeny", + "domainPickerSubdomain": "Subdomena: {subdomain}", + "domainPickerNamespace": "Przestrzeń nazw: {namespace}", + "domainPickerShowMore": "Pokaż więcej", + "domainNotFound": "Nie znaleziono domeny", + "domainNotFoundDescription": "Zasób jest wyłączony, ponieważ domena nie istnieje już w naszym systemie. Proszę ustawić nową domenę dla tego zasobu.", + "failed": "Niepowodzenie", + "createNewOrgDescription": "Utwórz nową organizację", + "organization": "Organizacja", + "port": "Port", + "securityKeyManage": "Zarządzaj kluczami bezpieczeństwa", + "securityKeyDescription": "Dodaj lub usuń klucze bezpieczeństwa do uwierzytelniania bez hasła", + "securityKeyRegister": "Zarejestruj nowy klucz bezpieczeństwa", + "securityKeyList": "Twoje klucze bezpieczeństwa", + "securityKeyNone": "Brak zarejestrowanych kluczy bezpieczeństwa", + "securityKeyNameRequired": "Nazwa jest wymagana", + "securityKeyRemove": "Usuń", + "securityKeyLastUsed": "Ostatnio używany: {date}", + "securityKeyNameLabel": "Nazwa", + "securityKeyRegisterSuccess": "Klucz bezpieczeństwa został pomyślnie zarejestrowany", + "securityKeyRegisterError": "Błąd podczas rejestracji klucza bezpieczeństwa", + "securityKeyRemoveSuccess": "Klucz bezpieczeństwa został pomyślnie usunięty", + "securityKeyRemoveError": "Błąd podczas usuwania klucza bezpieczeństwa", + "securityKeyLoadError": "Błąd podczas ładowania kluczy bezpieczeństwa", + "securityKeyLogin": "Zaloguj się kluczem bezpieczeństwa", + "securityKeyAuthError": "Błąd podczas uwierzytelniania kluczem bezpieczeństwa", + "securityKeyRecommendation": "Rozważ zarejestrowanie innego klucza bezpieczeństwa na innym urządzeniu, aby upewnić się, że nie zostaniesz zablokowany z dostępu do swojego konta.", + "registering": "Rejestracja...", + "securityKeyPrompt": "Proszę zweryfikować swoją tożsamość, używając klucza bezpieczeństwa. Upewnij się, że twój klucz bezpieczeństwa jest podłączony i gotowy.", + "securityKeyBrowserNotSupported": "Twoja przeglądarka nie obsługuje kluczy bezpieczeństwa. Proszę użyć nowoczesnej przeglądarki, takiej jak Chrome, Firefox lub Safari.", + "securityKeyPermissionDenied": "Proszę umożliwić dostęp do klucza bezpieczeństwa, aby kontynuować logowanie.", + "securityKeyRemovedTooQuickly": "Proszę utrzymać klucz bezpieczeństwa podłączony, dopóki proces logowania się nie zakończy.", + "securityKeyNotSupported": "Twój klucz bezpieczeństwa może być niekompatybilny. Proszę spróbować innego klucza bezpieczeństwa.", + "securityKeyUnknownError": "Wystąpił problem z używaniem klucza bezpieczeństwa. Proszę spróbować ponownie.", + "twoFactorRequired": "Uwierzytelnianie dwuskładnikowe jest wymagane do zarejestrowania klucza bezpieczeństwa.", + "twoFactor": "Uwierzytelnianie dwuskładnikowe", + "adminEnabled2FaOnYourAccount": "Twój administrator włączył uwierzytelnianie dwuskładnikowe dla {email}. Proszę ukończyć proces konfiguracji, aby kontynuować.", + "continueToApplication": "Kontynuuj do aplikacji", + "securityKeyAdd": "Dodaj klucz bezpieczeństwa", + "securityKeyRegisterTitle": "Zarejestruj nowy klucz bezpieczeństwa", + "securityKeyRegisterDescription": "Podłącz swój klucz bezpieczeństwa i wprowadź nazwę, aby go zidentyfikować", + "securityKeyTwoFactorRequired": "Wymagane uwierzytelnianie dwuskładnikowe", + "securityKeyTwoFactorDescription": "Proszę wprowadzić kod uwierzytelnienia dwuskładnikowego, aby zarejestrować klucz bezpieczeństwa", + "securityKeyTwoFactorRemoveDescription": "Proszę wprowadzić kod uwierzytelnienia dwuskładnikowego, aby usunąć klucz bezpieczeństwa", + "securityKeyTwoFactorCode": "Kod dwuskładnikowy", + "securityKeyRemoveTitle": "Usuń klucz bezpieczeństwa", + "securityKeyRemoveDescription": "Wprowadź hasło, aby usunąć klucz bezpieczeństwa \"{name}\"", + "securityKeyNoKeysRegistered": "Nie zarejestrowano kluczy bezpieczeństwa", + "securityKeyNoKeysDescription": "Dodaj klucz bezpieczeństwa, aby zwiększyć swoje zabezpieczenia konta", + "createDomainRequired": "Domena jest wymagana", + "createDomainAddDnsRecords": "Dodaj rekordy DNS", + "createDomainAddDnsRecordsDescription": "Dodaj poniższe rekordy DNS do swojego dostawcy domeny, aby zakończyć konfigurację.", + "createDomainNsRecords": "Rekordy NS", + "createDomainRecord": "Rekord", + "createDomainType": "Typ:", + "createDomainName": "Nazwa:", + "createDomainValue": "Wartość:", + "createDomainCnameRecords": "Rekordy CNAME", + "createDomainARecords": "Rekordy A", + "createDomainRecordNumber": "Rekord {number}", + "createDomainTxtRecords": "Rekordy TXT", + "createDomainSaveTheseRecords": "Zapisz te rekordy", + "createDomainSaveTheseRecordsDescription": "Upewnij się, że zapiszesz te rekordy DNS, ponieważ nie będziesz mieć ich ponownie na ekranie.", + "createDomainDnsPropagation": "Propagacja DNS", + "createDomainDnsPropagationDescription": "Zmiany DNS mogą zająć trochę czasu na rozpropagowanie się w Internecie. Może to potrwać od kilku minut do 48 godzin, w zależności od dostawcy DNS i ustawień TTL.", + "resourcePortRequired": "Numer portu jest wymagany dla zasobów non-HTTP", + "resourcePortNotAllowed": "Numer portu nie powinien być ustawiony dla zasobów HTTP", + "signUpTerms": { + "IAgreeToThe": "Zgadzam się z", + "termsOfService": "warunkami usługi", + "and": "oraz", + "privacyPolicy": "polityką prywatności" + }, + "siteRequired": "Strona jest wymagana.", + "olmTunnel": "Tunel Olm", + "olmTunnelDescription": "Użyj Olm do łączności klienta", + "errorCreatingClient": "Błąd podczas tworzenia klienta", + "clientDefaultsNotFound": "Nie znaleziono domyślnych ustawień klienta", + "createClient": "Utwórz Klienta", + "createClientDescription": "Utwórz nowego klienta do łączenia się z Twoimi witrynami", + "seeAllClients": "Zobacz Wszystkich Klientów", + "clientInformation": "Informacje o Kliencie", + "clientNamePlaceholder": "Nazwa klienta", + "address": "Adres", + "subnetPlaceholder": "Podsieć", + "addressDescription": "Adres, którego ten klient będzie używać do łączności", + "selectSites": "Wybierz witryny", + "sitesDescription": "Klient będzie miał łączność z wybranymi witrynami", + "clientInstallOlm": "Zainstaluj Olm", + "clientInstallOlmDescription": "Uruchom Olm na swoim systemie", + "clientOlmCredentials": "Poświadczenia Olm", + "clientOlmCredentialsDescription": "To jest sposób, w jaki Olm będzie się uwierzytelniać z serwerem", + "olmEndpoint": "Punkt Końcowy Olm", + "olmId": "Identyfikator Olm", + "olmSecretKey": "Tajny Klucz Olm", + "clientCredentialsSave": "Zapisz swoje poświadczenia", + "clientCredentialsSaveDescription": "Będziesz mógł zobaczyć to tylko raz. Upewnij się, że skopiujesz go w bezpieczne miejsce.", + "generalSettingsDescription": "Skonfiguruj ogólne ustawienia dla tego klienta", + "clientUpdated": "Klient zaktualizowany", + "clientUpdatedDescription": "Klient został zaktualizowany.", + "clientUpdateFailed": "Nie udało się zaktualizować klienta", + "clientUpdateError": "Wystąpił błąd podczas aktualizacji klienta.", + "sitesFetchFailed": "Nie udało się pobrać witryn", + "sitesFetchError": "Wystąpił błąd podczas pobierania witryn.", + "olmErrorFetchReleases": "Wystąpił błąd podczas pobierania wydań Olm.", + "olmErrorFetchLatest": "Wystąpił błąd podczas pobierania najnowszego wydania Olm.", + "remoteSubnets": "Zdalne Podsieci", + "enterCidrRange": "Wprowadź zakres CIDR", + "remoteSubnetsDescription": "Dodaj zakresy CIDR, które można uzyskać zdalnie z tej strony za pomocą klientów. Użyj formatu jak 10.0.0.0/24. Dotyczy to WYŁĄCZNIE łączności klienta VPN.", + "resourceEnableProxy": "Włącz publiczny proxy", + "resourceEnableProxyDescription": "Włącz publiczne proxy dla tego zasobu. To umożliwia dostęp do zasobu spoza sieci przez chmurę na otwartym porcie. Wymaga konfiguracji Traefik.", + "externalProxyEnabled": "Zewnętrzny Proxy Włączony", + "addNewTarget": "Dodaj nowy cel", + "targetsList": "Lista celów", + "targetErrorDuplicateTargetFound": "Znaleziono duplikat celu", + "httpMethod": "Metoda HTTP", + "selectHttpMethod": "Wybierz metodę HTTP", + "domainPickerSubdomainLabel": "Poddomena", + "domainPickerBaseDomainLabel": "Domen bazowa", + "domainPickerSearchDomains": "Szukaj domen...", + "domainPickerNoDomainsFound": "Nie znaleziono domen", + "domainPickerLoadingDomains": "Ładowanie domen...", + "domainPickerSelectBaseDomain": "Wybierz domenę bazową...", + "domainPickerNotAvailableForCname": "Niedostępne dla domen CNAME", + "domainPickerEnterSubdomainOrLeaveBlank": "Wprowadź poddomenę lub pozostaw puste, aby użyć domeny bazowej.", + "domainPickerEnterSubdomainToSearch": "Wprowadź poddomenę, aby wyszukać i wybrać z dostępnych darmowych domen.", + "domainPickerFreeDomains": "Darmowe domeny", + "domainPickerSearchForAvailableDomains": "Szukaj dostępnych domen", + "resourceDomain": "Domena", + "resourceEditDomain": "Edytuj domenę", + "siteName": "Nazwa strony", + "proxyPort": "Port", + "resourcesTableProxyResources": "Zasoby proxy", + "resourcesTableClientResources": "Zasoby klienta", + "resourcesTableNoProxyResourcesFound": "Nie znaleziono zasobów proxy.", + "resourcesTableNoInternalResourcesFound": "Nie znaleziono wewnętrznych zasobów.", + "resourcesTableDestination": "Miejsce docelowe", + "resourcesTableTheseResourcesForUseWith": "Te zasoby są do użytku z", + "resourcesTableClients": "Klientami", + "resourcesTableAndOnlyAccessibleInternally": "i są dostępne tylko wewnętrznie po połączeniu z klientem.", + "editInternalResourceDialogEditClientResource": "Edytuj zasób klienta", + "editInternalResourceDialogUpdateResourceProperties": "Zaktualizuj właściwości zasobu i konfigurację celu dla {resourceName}.", + "editInternalResourceDialogResourceProperties": "Właściwości zasobów", + "editInternalResourceDialogName": "Nazwa", + "editInternalResourceDialogProtocol": "Protokół", + "editInternalResourceDialogSitePort": "Port witryny", + "editInternalResourceDialogTargetConfiguration": "Konfiguracja celu", + "editInternalResourceDialogDestinationIP": "IP docelowe", + "editInternalResourceDialogDestinationPort": "Port docelowy", + "editInternalResourceDialogCancel": "Anuluj", + "editInternalResourceDialogSaveResource": "Zapisz zasób", + "editInternalResourceDialogSuccess": "Sukces", + "editInternalResourceDialogInternalResourceUpdatedSuccessfully": "Wewnętrzny zasób zaktualizowany pomyślnie", + "editInternalResourceDialogError": "Błąd", + "editInternalResourceDialogFailedToUpdateInternalResource": "Nie udało się zaktualizować wewnętrznego zasobu", + "editInternalResourceDialogNameRequired": "Nazwa jest wymagana", + "editInternalResourceDialogNameMaxLength": "Nazwa nie może mieć więcej niż 255 znaków", + "editInternalResourceDialogProxyPortMin": "Port proxy musi wynosić przynajmniej 1", + "editInternalResourceDialogProxyPortMax": "Port proxy nie może być większy niż 65536", + "editInternalResourceDialogInvalidIPAddressFormat": "Nieprawidłowy format adresu IP", + "editInternalResourceDialogDestinationPortMin": "Port docelowy musi wynosić przynajmniej 1", + "editInternalResourceDialogDestinationPortMax": "Port docelowy nie może być większy niż 65536", + "createInternalResourceDialogNoSitesAvailable": "Brak dostępnych stron", + "createInternalResourceDialogNoSitesAvailableDescription": "Musisz mieć co najmniej jedną stronę Newt z skonfigurowanym podsiecią, aby tworzyć wewnętrzne zasoby.", + "createInternalResourceDialogClose": "Zamknij", + "createInternalResourceDialogCreateClientResource": "Utwórz zasób klienta", + "createInternalResourceDialogCreateClientResourceDescription": "Utwórz nowy zasób, który będzie dostępny dla klientów połączonych z wybraną stroną.", + "createInternalResourceDialogResourceProperties": "Właściwości zasobów", + "createInternalResourceDialogName": "Nazwa", + "createInternalResourceDialogSite": "Witryna", + "createInternalResourceDialogSelectSite": "Wybierz stronę...", + "createInternalResourceDialogSearchSites": "Szukaj stron...", + "createInternalResourceDialogNoSitesFound": "Nie znaleziono stron.", + "createInternalResourceDialogProtocol": "Protokół", + "createInternalResourceDialogTcp": "TCP", + "createInternalResourceDialogUdp": "UDP", + "createInternalResourceDialogSitePort": "Port witryny", + "createInternalResourceDialogSitePortDescription": "Użyj tego portu, aby uzyskać dostęp do zasobu na stronie, gdy połączony z klientem.", + "createInternalResourceDialogTargetConfiguration": "Konfiguracja celu", + "createInternalResourceDialogDestinationIP": "IP docelowe", + "createInternalResourceDialogDestinationIPDescription": "Adres IP zasobu w sieci strony.", + "createInternalResourceDialogDestinationPort": "Port docelowy", + "createInternalResourceDialogDestinationPortDescription": "Port na docelowym IP, gdzie zasób jest dostępny.", + "createInternalResourceDialogCancel": "Anuluj", + "createInternalResourceDialogCreateResource": "Utwórz zasób", + "createInternalResourceDialogSuccess": "Sukces", + "createInternalResourceDialogInternalResourceCreatedSuccessfully": "Wewnętrzny zasób utworzony pomyślnie", + "createInternalResourceDialogError": "Błąd", + "createInternalResourceDialogFailedToCreateInternalResource": "Nie udało się utworzyć wewnętrznego zasobu", + "createInternalResourceDialogNameRequired": "Nazwa jest wymagana", + "createInternalResourceDialogNameMaxLength": "Nazwa nie może mieć więcej niż 255 znaków", + "createInternalResourceDialogPleaseSelectSite": "Proszę wybrać stronę", + "createInternalResourceDialogProxyPortMin": "Port proxy musi wynosić przynajmniej 1", + "createInternalResourceDialogProxyPortMax": "Port proxy nie może być większy niż 65536", + "createInternalResourceDialogInvalidIPAddressFormat": "Nieprawidłowy format adresu IP", + "createInternalResourceDialogDestinationPortMin": "Port docelowy musi wynosić przynajmniej 1", + "createInternalResourceDialogDestinationPortMax": "Port docelowy nie może być większy niż 65536", + "siteConfiguration": "Konfiguracja", + "siteAcceptClientConnections": "Akceptuj połączenia klienta", + "siteAcceptClientConnectionsDescription": "Pozwól innym urządzeniom połączyć się przez tę instancję Newt jako bramę za pomocą klientów.", + "siteAddress": "Adres strony", + "siteAddressDescription": "Podaj adres IP hosta, do którego klienci będą się łączyć. Jest to wewnętrzny adres strony w sieci Pangolin dla klientów do adresowania. Musi zawierać się w podsieci organizacji.", + "autoLoginExternalIdp": "Automatyczny login z zewnętrznym IDP", + "autoLoginExternalIdpDescription": "Natychmiastowe przekierowanie użytkownika do zewnętrznego IDP w celu uwierzytelnienia.", + "selectIdp": "Wybierz IDP", + "selectIdpPlaceholder": "Wybierz IDP...", + "selectIdpRequired": "Proszę wybrać IDP, gdy aktywne jest automatyczne logowanie.", + "autoLoginTitle": "Przekierowywanie", + "autoLoginDescription": "Przekierowanie do zewnętrznego dostawcy tożsamości w celu uwierzytelnienia.", + "autoLoginProcessing": "Przygotowywanie uwierzytelniania...", + "autoLoginRedirecting": "Przekierowanie do logowania...", + "autoLoginError": "Błąd automatycznego logowania", + "autoLoginErrorNoRedirectUrl": "Nie otrzymano URL przekierowania od dostawcy tożsamości.", + "autoLoginErrorGeneratingUrl": "Nie udało się wygenerować URL uwierzytelniania.", + "managedSelfHosted": { + "title": "Zarządzane Samodzielnie-Hostingowane", + "description": "Większa niezawodność i niska konserwacja serwera Pangolin z dodatkowymi dzwonkami i sygnałami", + "introTitle": "Zarządzany samowystarczalny Pangolin", + "introDescription": "jest opcją wdrażania zaprojektowaną dla osób, które chcą prostoty i dodatkowej niezawodności, przy jednoczesnym utrzymaniu swoich danych prywatnych i samodzielnych.", + "introDetail": "Z tą opcją nadal obsługujesz swój własny węzeł Pangolin — tunele, zakończenie SSL i ruch na Twoim serwerze. Różnica polega na tym, że zarządzanie i monitorowanie odbywa się za pomocą naszej tablicy rozdzielczej, która odblokowuje szereg korzyści:", + "benefitSimplerOperations": { + "title": "Uproszczone operacje", + "description": "Nie ma potrzeby uruchamiania własnego serwera pocztowego lub ustawiania skomplikowanych powiadomień. Będziesz mieć kontrolę zdrowia i powiadomienia o przestoju." + }, + "benefitAutomaticUpdates": { + "title": "Automatyczne aktualizacje", + "description": "Panel chmury rozwija się szybko, więc otrzymujesz nowe funkcje i poprawki błędów bez konieczności ręcznego ciągnięcia nowych kontenerów za każdym razem." + }, + "benefitLessMaintenance": { + "title": "Mniej konserwacji", + "description": "Brak migracji bazy danych, kopii zapasowych lub dodatkowej infrastruktury do zarządzania. Obsługujemy to w chmurze." + }, + "benefitCloudFailover": { + "title": "Przegrywanie w chmurze", + "description": "Jeśli Twój węzeł zostanie wyłączony, tunele mogą tymczasowo zawieść do naszych punktów w chmurze, dopóki nie przyniesiesz go z powrotem do trybu online." + }, + "benefitHighAvailability": { + "title": "Wysoka dostępność (PoPs)", + "description": "Możesz również dołączyć wiele węzłów do swojego konta w celu nadmiarowości i lepszej wydajności." + }, + "benefitFutureEnhancements": { + "title": "Przyszłe ulepszenia", + "description": "Planujemy dodać więcej narzędzi analitycznych, ostrzegawczych i zarządzania, aby zwiększyć odporność wdrożenia." + }, + "docsAlert": { + "text": "Dowiedz się więcej o opcji zarządzania samodzielnym hostingiem w naszym", + "documentation": "dokumentacja" + }, + "convertButton": "Konwertuj ten węzeł do zarządzanego samodzielnie" + }, + "internationaldomaindetected": "Wykryto międzynarodową domenę", + "willbestoredas": "Będą przechowywane jako:" +} diff --git a/messages/pt-PT.json b/messages/pt-PT.json new file mode 100644 index 00000000..84afb6aa --- /dev/null +++ b/messages/pt-PT.json @@ -0,0 +1,1500 @@ +{ + "setupCreate": "Crie sua organização, site e recursos", + "setupNewOrg": "Nova organização", + "setupCreateOrg": "Criar Organização", + "setupCreateResources": "Criar recursos", + "setupOrgName": "Nome Da Organização", + "orgDisplayName": "Este é o nome de exibição da sua organização.", + "orgId": "ID da organização", + "setupIdentifierMessage": "Este é o identificador exclusivo para sua organização. Isso é separado do nome de exibição.", + "setupErrorIdentifier": "O ID da organização já existe. Por favor, escolha um diferente.", + "componentsErrorNoMemberCreate": "Você não é atualmente um membro de nenhuma organização. Crie uma organização para começar.", + "componentsErrorNoMember": "Você não é atualmente um membro de nenhuma organização.", + "welcome": "Bem-vindo ao Pangolin", + "welcomeTo": "Bem-vindo ao", + "componentsCreateOrg": "Criar uma organização", + "componentsMember": "Você é membro de {count, plural, =0 {nenhuma organização} one {uma organização} other {# organizações}}.", + "componentsInvalidKey": "Chaves de licença inválidas ou expiradas detectadas. Siga os termos da licença para continuar usando todos os recursos.", + "dismiss": "Descartar", + "componentsLicenseViolation": "Violação de Licença: Este servidor está usando sites {usedSites} que excedem o limite licenciado de sites {maxSites} . Siga os termos da licença para continuar usando todos os recursos.", + "componentsSupporterMessage": "Obrigado por apoiar o Pangolin como um {tier}!", + "inviteErrorNotValid": "Desculpe, mas parece que o convite que você está tentando acessar não foi aceito ou não é mais válido.", + "inviteErrorUser": "Lamentamos, mas parece que o convite que você está tentando acessar não é para este usuário.", + "inviteLoginUser": "Verifique se você está logado como o usuário correto.", + "inviteErrorNoUser": "Desculpe, mas parece que o convite que você está tentando acessar não é para um usuário que existe.", + "inviteCreateUser": "Por favor, crie uma conta primeiro.", + "goHome": "Ir para casa", + "inviteLogInOtherUser": "Fazer login como um usuário diferente", + "createAnAccount": "Crie uma conta", + "inviteNotAccepted": "Convite não aceito", + "authCreateAccount": "Crie uma conta para começar", + "authNoAccount": "Não possui uma conta?", + "email": "e-mail", + "password": "Palavra-passe", + "confirmPassword": "Confirmar senha", + "createAccount": "Criar conta", + "viewSettings": "Visualizar configurações", + "delete": "excluir", + "name": "Nome:", + "online": "Disponível", + "offline": "Desconectado", + "site": "site", + "dataIn": "Dados em", + "dataOut": "Dados de saída", + "connectionType": "Tipo de conexão", + "tunnelType": "Tipo de túnel", + "local": "Localização", + "edit": "Alterar", + "siteConfirmDelete": "Confirmar exclusão do site", + "siteDelete": "Excluir site", + "siteMessageRemove": "Uma vez removido, o site não estará mais acessível. Todos os recursos e alvos associados ao site também serão removidos.", + "siteMessageConfirm": "Para confirmar, por favor, digite o nome do site abaixo.", + "siteQuestionRemove": "Você tem certeza que deseja remover o site {selectedSite} da organização?", + "siteManageSites": "Gerenciar sites", + "siteDescription": "Permitir conectividade à sua rede através de túneis seguros", + "siteCreate": "Criar site", + "siteCreateDescription2": "Siga os passos abaixo para criar e conectar um novo site", + "siteCreateDescription": "Crie um novo site para começar a conectar seus recursos", + "close": "FECHAR", + "siteErrorCreate": "Erro ao criar site", + "siteErrorCreateKeyPair": "Par de chaves ou padrões do site não encontrados", + "siteErrorCreateDefaults": "Padrão do site não encontrado", + "method": "Método", + "siteMethodDescription": "É assim que você irá expor as conexões.", + "siteLearnNewt": "Saiba como instalar o Newt no seu sistema", + "siteSeeConfigOnce": "Você só poderá ver a configuração uma vez.", + "siteLoadWGConfig": "Carregando configuração do WireGuarde...", + "siteDocker": "Expandir para detalhes da implantação Docker", + "toggle": "Alternador", + "dockerCompose": "Composição do Docker", + "dockerRun": "Execução do Docker", + "siteLearnLocal": "Os sites locais não são túneis, saiba mais", + "siteConfirmCopy": "Eu copiei a configuração", + "searchSitesProgress": "Procurar sites...", + "siteAdd": "Adicionar Site", + "siteInstallNewt": "Instalar Novo", + "siteInstallNewtDescription": "Novo item em execução no seu sistema", + "WgConfiguration": "Configuração do WireGuard", + "WgConfigurationDescription": "Use a seguinte configuração para conectar-se à sua rede", + "operatingSystem": "Sistema operacional", + "commands": "Comandos", + "recommended": "Recomendados", + "siteNewtDescription": "Para a melhor experiência do usuário, utilize Novo. Ele usa o WireGuard sob o capuz e permite que você aborde seus recursos privados através dos endereços LAN em sua rede privada do painel do Pangolin.", + "siteRunsInDocker": "Executa no Docker", + "siteRunsInShell": "Executa na shell no macOS, Linux e Windows", + "siteErrorDelete": "Erro ao excluir site", + "siteErrorUpdate": "Falha ao atualizar site", + "siteErrorUpdateDescription": "Ocorreu um erro ao atualizar o site.", + "siteUpdated": "Site atualizado", + "siteUpdatedDescription": "O site foi atualizado.", + "siteGeneralDescription": "Configurar as configurações gerais para este site", + "siteSettingDescription": "Configure as configurações no seu site", + "siteSetting": "Configurações do {siteName}", + "siteNewtTunnel": "Novo túnel (recomendado)", + "siteNewtTunnelDescription": "A maneira mais fácil de criar um ponto de entrada na sua rede. Nenhuma configuração extra.", + "siteWg": "WireGuard Básico", + "siteWgDescription": "Use qualquer cliente do WireGuard para estabelecer um túnel. Configuração manual NAT é necessária.", + "siteWgDescriptionSaas": "Use qualquer cliente WireGuard para estabelecer um túnel. Configuração manual NAT necessária. SOMENTE FUNCIONA EM NODES AUTO-HOSPEDADOS", + "siteLocalDescription": "Recursos locais apenas. Sem túneis.", + "siteLocalDescriptionSaas": "Apenas recursos locais. Sem tunelamento. SOMENTE FUNCIONA EM NODES AUTO-HOSPEDADOS", + "siteSeeAll": "Ver todos os sites", + "siteTunnelDescription": "Determine como você deseja se conectar ao seu site", + "siteNewtCredentials": "Credenciais Novas", + "siteNewtCredentialsDescription": "É assim que o novo sistema se autenticará com o servidor", + "siteCredentialsSave": "Salve suas credenciais", + "siteCredentialsSaveDescription": "Você só será capaz de ver esta vez. Certifique-se de copiá-lo para um lugar seguro.", + "siteInfo": "Informações do Site", + "status": "SItuação", + "shareTitle": "Gerenciar links de compartilhamento", + "shareDescription": "Criar links compartilháveis para conceder acesso temporário ou permanente aos seus recursos", + "shareSearch": "Pesquisar links de compartilhamento...", + "shareCreate": "Criar Link de Compartilhamento", + "shareErrorDelete": "Falha ao excluir o link", + "shareErrorDeleteMessage": "Ocorreu um erro ao excluir o link", + "shareDeleted": "Link excluído", + "shareDeletedDescription": "O link foi eliminado", + "shareTokenDescription": "Seu token de acesso pode ser passado de duas maneiras: como um parâmetro de consulta ou nos cabeçalhos da solicitação. Estes devem ser passados do cliente em todas as solicitações para acesso autenticado.", + "accessToken": "Token de acesso", + "usageExamples": "Exemplos de uso", + "tokenId": "ID do Token", + "requestHeades": "Cabeçalhos de solicitação", + "queryParameter": "Parâmetro de consulta", + "importantNote": "Nota importante", + "shareImportantDescription": "Por razões de segurança, o uso de cabeçalhos é recomendado através dos parâmetros de consulta quando possível, já que os parâmetros de consulta podem estar logados nos logs do servidor ou no histórico do navegador.", + "token": "Identificador", + "shareTokenSecurety": "Mantenha seu token de acesso seguro. Não o compartilhe em áreas de acesso público ou código do lado do cliente.", + "shareErrorFetchResource": "Falha ao buscar recursos", + "shareErrorFetchResourceDescription": "Ocorreu um erro ao obter os recursos", + "shareErrorCreate": "Falha ao criar link de compartilhamento", + "shareErrorCreateDescription": "Ocorreu um erro ao criar o link de compartilhamento", + "shareCreateDescription": "Qualquer um com este link pode acessar o recurso", + "shareTitleOptional": "Título (opcional)", + "expireIn": "Expira em", + "neverExpire": "Nunca expirar", + "shareExpireDescription": "Tempo de expiração é quanto tempo o link será utilizável e oferecerá acesso ao recurso. Após este tempo, o link não funcionará mais, e os usuários que usaram este link perderão acesso ao recurso.", + "shareSeeOnce": "Você só poderá ver este link uma vez. Certifique-se de copiá-lo.", + "shareAccessHint": "Qualquer um com este link pode acessar o recurso. Compartilhe com cuidado.", + "shareTokenUsage": "Ver Uso do Token de Acesso", + "createLink": "Criar Link", + "resourcesNotFound": "Nenhum recurso encontrado", + "resourceSearch": "Recursos de pesquisa", + "openMenu": "Abrir menu", + "resource": "Recurso", + "title": "Título", + "created": "Criado", + "expires": "Expira", + "never": "nunca", + "shareErrorSelectResource": "Por favor, selecione um recurso", + "resourceTitle": "Gerenciar Recursos", + "resourceDescription": "Crie proxies seguros para seus aplicativos privados", + "resourcesSearch": "Procurar recursos...", + "resourceAdd": "Adicionar Recurso", + "resourceErrorDelte": "Erro ao excluir recurso", + "authentication": "Autenticação", + "protected": "Protegido", + "notProtected": "Não Protegido", + "resourceMessageRemove": "Uma vez removido, o recurso não estará mais acessível. Todos os alvos associados ao recurso também serão removidos.", + "resourceMessageConfirm": "Para confirmar, por favor, digite o nome do recurso abaixo.", + "resourceQuestionRemove": "Tem certeza que deseja remover o recurso {selectedResource} da organização?", + "resourceHTTP": "Recurso HTTPS", + "resourceHTTPDescription": "O proxy solicita ao seu aplicativo via HTTPS usando um subdomínio ou domínio base.", + "resourceRaw": "Recurso TCP/UDP bruto", + "resourceRawDescription": "O proxy solicita ao seu aplicativo sobre TCP/UDP usando um número de porta.", + "resourceCreate": "Criar Recurso", + "resourceCreateDescription": "Siga os passos abaixo para criar um novo recurso", + "resourceSeeAll": "Ver todos os recursos", + "resourceInfo": "Informação do recurso", + "resourceNameDescription": "Este é o nome de exibição para o recurso.", + "siteSelect": "Selecionar site", + "siteSearch": "Procurar no site", + "siteNotFound": "Nenhum site encontrado.", + "siteSelectionDescription": "Este site fornecerá conectividade ao destino.", + "resourceType": "Tipo de Recurso", + "resourceTypeDescription": "Determine como você deseja acessar seu recurso", + "resourceHTTPSSettings": "Configurações de HTTPS", + "resourceHTTPSSettingsDescription": "Configure como seu recurso será acessado por HTTPS", + "domainType": "Tipo de domínio", + "subdomain": "Subdomínio", + "baseDomain": "Domínio Base", + "subdomnainDescription": "O subdomínio onde seu recurso estará acessível.", + "resourceRawSettings": "Configurações TCP/UDP", + "resourceRawSettingsDescription": "Configure como seu recurso será acessado sobre TCP/UDP", + "protocol": "Protocolo", + "protocolSelect": "Selecione um protocolo", + "resourcePortNumber": "Número da Porta", + "resourcePortNumberDescription": "O número da porta externa para requisições de proxy.", + "cancel": "cancelar", + "resourceConfig": "Snippets de Configuração", + "resourceConfigDescription": "Copie e cole estes snippets de configuração para configurar o seu recurso TCP/UDP", + "resourceAddEntrypoints": "Traefik: Adicionar pontos de entrada", + "resourceExposePorts": "Gerbil: Expor Portas no Docker Compose", + "resourceLearnRaw": "Aprenda como configurar os recursos TCP/UDP", + "resourceBack": "Voltar aos recursos", + "resourceGoTo": "Ir para o Recurso", + "resourceDelete": "Excluir Recurso", + "resourceDeleteConfirm": "Confirmar exclusão de recurso", + "visibility": "Visibilidade", + "enabled": "Ativado", + "disabled": "Desabilitado", + "general": "Gerais", + "generalSettings": "Configurações Gerais", + "proxy": "Proxy", + "internal": "Interno", + "rules": "Regras", + "resourceSettingDescription": "Configure as configurações do seu recurso", + "resourceSetting": "Configurações do {resourceName}", + "alwaysAllow": "Sempre permitir", + "alwaysDeny": "Sempre negar", + "passToAuth": "Passar para Autenticação", + "orgSettingsDescription": "Configurar as configurações gerais da sua organização", + "orgGeneralSettings": "Configurações da organização", + "orgGeneralSettingsDescription": "Gerencie os detalhes e a configuração da sua organização", + "saveGeneralSettings": "Salvar configurações gerais", + "saveSettings": "Salvar Configurações", + "orgDangerZone": "Zona de Perigo", + "orgDangerZoneDescription": "Uma vez que você exclui esta organização, não há volta. Por favor, tenha certeza.", + "orgDelete": "Excluir Organização", + "orgDeleteConfirm": "Confirmar exclusão da organização", + "orgMessageRemove": "Esta ação é irreversível e excluirá todos os dados associados.", + "orgMessageConfirm": "Para confirmar, digite o nome da organização abaixo.", + "orgQuestionRemove": "Tem certeza que deseja remover a organização {selectedOrg}?", + "orgUpdated": "Organização atualizada", + "orgUpdatedDescription": "A organização foi atualizada.", + "orgErrorUpdate": "Falha ao atualizar organização", + "orgErrorUpdateMessage": "Ocorreu um erro ao atualizar a organização.", + "orgErrorFetch": "Falha ao buscar organizações", + "orgErrorFetchMessage": "Ocorreu um erro ao listar suas organizações", + "orgErrorDelete": "Falha ao excluir organização", + "orgErrorDeleteMessage": "Ocorreu um erro ao excluir a organização.", + "orgDeleted": "Organização excluída", + "orgDeletedMessage": "A organização e seus dados foram excluídos.", + "orgMissing": "ID da Organização Ausente", + "orgMissingMessage": "Não é possível regenerar o convite sem um ID de organização.", + "accessUsersManage": "Gerenciar Usuários", + "accessUsersDescription": "Convidar usuários e adicioná-los a funções para gerenciar o acesso à sua organização", + "accessUsersSearch": "Procurar usuários...", + "accessUserCreate": "Criar Usuário", + "accessUserRemove": "Remover usuário", + "username": "Usuário:", + "identityProvider": "Provedor de Identidade", + "role": "Funções", + "nameRequired": "O nome é obrigatório", + "accessRolesManage": "Gerenciar Funções", + "accessRolesDescription": "Configurar funções para gerenciar o acesso à sua organização", + "accessRolesSearch": "Pesquisar funções...", + "accessRolesAdd": "Adicionar função", + "accessRoleDelete": "Excluir Papel", + "description": "Descrição:", + "inviteTitle": "Convites Abertos", + "inviteDescription": "Gerencie seus convites para outros usuários", + "inviteSearch": "Procurar convites...", + "minutes": "minutos", + "hours": "horas", + "days": "dias", + "weeks": "semanas", + "months": "Meses", + "years": "anos", + "day": "{count, plural, one {# dia} other {# dias}}", + "apiKeysTitle": "Informações da Chave API", + "apiKeysConfirmCopy2": "Você deve confirmar que copiou a chave API.", + "apiKeysErrorCreate": "Erro ao criar chave API", + "apiKeysErrorSetPermission": "Erro ao definir permissões", + "apiKeysCreate": "Gerar Chave API", + "apiKeysCreateDescription": "Gerar uma nova chave API para sua organização", + "apiKeysGeneralSettings": "Permissões", + "apiKeysGeneralSettingsDescription": "Determine o que esta chave API pode fazer", + "apiKeysList": "Sua Chave API", + "apiKeysSave": "Salvar Sua Chave API", + "apiKeysSaveDescription": "Você só poderá ver isto uma vez. Certifique-se de copiá-la para um local seguro.", + "apiKeysInfo": "Sua chave API é:", + "apiKeysConfirmCopy": "Eu copiei a chave API", + "generate": "Gerar", + "done": "Concluído", + "apiKeysSeeAll": "Ver Todas as Chaves API", + "apiKeysPermissionsErrorLoadingActions": "Erro ao carregar ações da chave API", + "apiKeysPermissionsErrorUpdate": "Erro ao definir permissões", + "apiKeysPermissionsUpdated": "Permissões atualizadas", + "apiKeysPermissionsUpdatedDescription": "As permissões foram atualizadas.", + "apiKeysPermissionsGeneralSettings": "Permissões", + "apiKeysPermissionsGeneralSettingsDescription": "Determine o que esta chave API pode fazer", + "apiKeysPermissionsSave": "Salvar Permissões", + "apiKeysPermissionsTitle": "Permissões", + "apiKeys": "Chaves API", + "searchApiKeys": "Pesquisar chaves API...", + "apiKeysAdd": "Gerar Chave API", + "apiKeysErrorDelete": "Erro ao excluir chave API", + "apiKeysErrorDeleteMessage": "Erro ao excluir chave API", + "apiKeysQuestionRemove": "Tem certeza que deseja remover a chave API {selectedApiKey} da organização?", + "apiKeysMessageRemove": "Uma vez removida, a chave API não poderá mais ser utilizada.", + "apiKeysMessageConfirm": "Para confirmar, por favor digite o nome da chave API abaixo.", + "apiKeysDeleteConfirm": "Confirmar Exclusão da Chave API", + "apiKeysDelete": "Excluir Chave API", + "apiKeysManage": "Gerenciar Chaves API", + "apiKeysDescription": "As chaves API são usadas para autenticar com a API de integração", + "apiKeysSettings": "Configurações de {apiKeyName}", + "userTitle": "Gerenciar Todos os Usuários", + "userDescription": "Visualizar e gerenciar todos os usuários no sistema", + "userAbount": "Sobre a Gestão de Usuário", + "userAbountDescription": "Esta tabela exibe todos os objetos root do usuário. Cada usuário pode pertencer a várias organizações. Remover um usuário de uma organização não exclui seu objeto de usuário raiz - ele permanecerá no sistema. Para remover completamente um usuário do sistema, você deve excluir seu objeto raiz usando a ação de excluir nesta tabela.", + "userServer": "Usuários do Servidor", + "userSearch": "Pesquisar usuários do servidor...", + "userErrorDelete": "Erro ao excluir usuário", + "userDeleteConfirm": "Confirmar Exclusão do Usuário", + "userDeleteServer": "Excluir usuário do servidor", + "userMessageRemove": "O usuário será removido de todas as organizações e será completamente removido do servidor.", + "userMessageConfirm": "Para confirmar, por favor digite o nome do usuário abaixo.", + "userQuestionRemove": "Tem certeza que deseja excluir o {selectedUser} permanentemente do servidor?", + "licenseKey": "Chave de Licença", + "valid": "Válido", + "numberOfSites": "Número de sites", + "licenseKeySearch": "Pesquisar chaves da licença...", + "licenseKeyAdd": "Adicionar chave de licença", + "type": "tipo", + "licenseKeyRequired": "A chave da licença é necessária", + "licenseTermsAgree": "Você deve concordar com os termos da licença", + "licenseErrorKeyLoad": "Falha ao carregar chaves de licença", + "licenseErrorKeyLoadDescription": "Ocorreu um erro ao carregar a chave da licença.", + "licenseErrorKeyDelete": "Falha ao excluir chave de licença", + "licenseErrorKeyDeleteDescription": "Ocorreu um erro ao excluir a chave de licença.", + "licenseKeyDeleted": "Chave da licença excluída", + "licenseKeyDeletedDescription": "A chave da licença foi excluída.", + "licenseErrorKeyActivate": "Falha ao ativar a chave de licença", + "licenseErrorKeyActivateDescription": "Ocorreu um erro ao ativar a chave da licença.", + "licenseAbout": "Sobre Licenciamento", + "communityEdition": "Edição da Comunidade", + "licenseAboutDescription": "Isto destina-se aos utilizadores empresariais e empresariais que estão a usar o Pangolin num ambiente comercial. Se você estiver usando o Pangolin para uso pessoal, você pode ignorar esta seção.", + "licenseKeyActivated": "Chave de licença ativada", + "licenseKeyActivatedDescription": "A chave de licença foi ativada com sucesso.", + "licenseErrorKeyRecheck": "Falha ao verificar novamente as chaves de licença", + "licenseErrorKeyRecheckDescription": "Ocorreu um erro ao reverificar a chave de licença.", + "licenseErrorKeyRechecked": "Chaves de licença reverificadas", + "licenseErrorKeyRecheckedDescription": "Todas as chaves de licença foram remarcadas", + "licenseActivateKey": "Ativar Chave de Licença", + "licenseActivateKeyDescription": "Insira uma chave de licença para ativá-la.", + "licenseActivate": "Ativar Licença", + "licenseAgreement": "Ao marcar esta caixa, você confirma que leu e concorda com os termos de licença correspondentes ao nível associado à sua chave de licença.", + "fossorialLicense": "Ver Termos e Condições de Assinatura e Licença Fossorial", + "licenseMessageRemove": "Isto irá remover a chave da licença e todas as permissões associadas concedidas por ela.", + "licenseMessageConfirm": "Para confirmar, por favor, digite a chave de licença abaixo.", + "licenseQuestionRemove": "Tem certeza que deseja excluir a chave de licença {selectedKey}?", + "licenseKeyDelete": "Excluir Chave de Licença", + "licenseKeyDeleteConfirm": "Confirmar exclusão da chave de licença", + "licenseTitle": "Gerenciar Status da Licença", + "licenseTitleDescription": "Visualizar e gerenciar chaves de licença no sistema", + "licenseHost": "Licença do host", + "licenseHostDescription": "Gerenciar a chave de licença principal do host.", + "licensedNot": "Não Licenciado", + "hostId": "ID do host", + "licenseReckeckAll": "Verifique novamente todas as chaves", + "licenseSiteUsage": "Uso de Sites", + "licenseSiteUsageDecsription": "Exibir o número de sites utilizando esta licença.", + "licenseNoSiteLimit": "Não há limite para o número de sites utilizando um host não licenciado.", + "licensePurchase": "Comprar Licença", + "licensePurchaseSites": "Comprar Sites Adicionais", + "licenseSitesUsedMax": "{usedSites} de {maxSites} utilizados", + "licenseSitesUsed": "{count, plural, =0 {# sites} one {# site} other {# sites}} no sistema.", + "licensePurchaseDescription": "Escolha quantos sites você quer {selectedMode, select, license {Compre uma licença. Você sempre pode adicionar mais sites depois.} other {adicione à sua licença existente.}}", + "licenseFee": "Taxa de licença", + "licensePriceSite": "Preço por site", + "total": "Total:", + "licenseContinuePayment": "Continuar para o pagamento", + "pricingPage": "Página de preços", + "pricingPortal": "Ver Portal de Compra", + "licensePricingPage": "Para os preços e descontos mais atualizados, por favor, visite ", + "invite": "Convites", + "inviteRegenerate": "Regenerar Convite", + "inviteRegenerateDescription": "Revogar convite anterior e criar um novo", + "inviteRemove": "Remover Convite", + "inviteRemoveError": "Falha ao remover convite", + "inviteRemoveErrorDescription": "Ocorreu um erro ao remover o convite.", + "inviteRemoved": "Convite removido", + "inviteRemovedDescription": "O convite para {email} foi removido.", + "inviteQuestionRemove": "Tem certeza de que deseja remover o convite {email}?", + "inviteMessageRemove": "Uma vez removido, este convite não será mais válido. Você sempre pode convidar o usuário novamente mais tarde.", + "inviteMessageConfirm": "Para confirmar, digite o endereço de e-mail do convite abaixo.", + "inviteQuestionRegenerate": "Tem certeza que deseja regenerar o convite{email, plural, ='' {}, other { para #}}? Isso irá revogar o convite anterior.", + "inviteRemoveConfirm": "Confirmar Remoção do Convite", + "inviteRegenerated": "Convite Regenerado", + "inviteSent": "Um novo convite foi enviado para {email}.", + "inviteSentEmail": "Enviar notificação por e-mail ao usuário", + "inviteGenerate": "Um novo convite foi gerado para {email}.", + "inviteDuplicateError": "Convite Duplicado", + "inviteDuplicateErrorDescription": "Já existe um convite para este usuário.", + "inviteRateLimitError": "Limite de Taxa Excedido", + "inviteRateLimitErrorDescription": "Você excedeu o limite de 3 regenerações por hora. Por favor, tente novamente mais tarde.", + "inviteRegenerateError": "Falha ao Regenerar Convite", + "inviteRegenerateErrorDescription": "Ocorreu um erro ao regenerar o convite.", + "inviteValidityPeriod": "Período de Validade", + "inviteValidityPeriodSelect": "Selecione o período de validade", + "inviteRegenerateMessage": "O convite foi regenerado. O usuário deve acessar o link abaixo para aceitar o convite.", + "inviteRegenerateButton": "Regenerar", + "expiresAt": "Expira em", + "accessRoleUnknown": "Função Desconhecida", + "placeholder": "Espaço reservado", + "userErrorOrgRemove": "Falha ao remover usuário", + "userErrorOrgRemoveDescription": "Ocorreu um erro ao remover o usuário.", + "userOrgRemoved": "Usuário removido", + "userOrgRemovedDescription": "O usuário {email} foi removido da organização.", + "userQuestionOrgRemove": "Tem certeza que deseja remover {email} da organização?", + "userMessageOrgRemove": "Uma vez removido, este usuário não terá mais acesso à organização. Você sempre pode reconvidá-lo depois, mas eles precisarão aceitar o convite novamente.", + "userMessageOrgConfirm": "Para confirmar, digite o nome do usuário abaixo.", + "userRemoveOrgConfirm": "Confirmar Remoção do Usuário", + "userRemoveOrg": "Remover Usuário da Organização", + "users": "Usuários", + "accessRoleMember": "Membro", + "accessRoleOwner": "Proprietário", + "userConfirmed": "Confirmado", + "idpNameInternal": "Interno", + "emailInvalid": "Endereço de email inválido", + "inviteValidityDuration": "Por favor, selecione uma duração", + "accessRoleSelectPlease": "Por favor, selecione uma função", + "usernameRequired": "Nome de usuário é obrigatório", + "idpSelectPlease": "Por favor, selecione um provedor de identidade", + "idpGenericOidc": "Provedor genérico OAuth2/OIDC.", + "accessRoleErrorFetch": "Falha ao buscar funções", + "accessRoleErrorFetchDescription": "Ocorreu um erro ao buscar as funções", + "idpErrorFetch": "Falha ao buscar provedores de identidade", + "idpErrorFetchDescription": "Ocorreu um erro ao buscar provedores de identidade", + "userErrorExists": "Usuário já existe", + "userErrorExistsDescription": "Este usuário já é membro da organização.", + "inviteError": "Falha ao convidar usuário", + "inviteErrorDescription": "Ocorreu um erro ao convidar o usuário", + "userInvited": "Usuário convidado", + "userInvitedDescription": "O usuário foi convidado com sucesso.", + "userErrorCreate": "Falha ao criar usuário", + "userErrorCreateDescription": "Ocorreu um erro ao criar o usuário", + "userCreated": "Usuário criado", + "userCreatedDescription": "O usuário foi criado com sucesso.", + "userTypeInternal": "Usuário Interno", + "userTypeInternalDescription": "Convidar um usuário para se juntar à sua organização diretamente.", + "userTypeExternal": "Usuário Externo", + "userTypeExternalDescription": "Criar um usuário com um provedor de identidade externo.", + "accessUserCreateDescription": "Siga os passos abaixo para criar um novo usuário", + "userSeeAll": "Ver Todos os Usuários", + "userTypeTitle": "Tipo de Usuário", + "userTypeDescription": "Determine como você deseja criar o usuário", + "userSettings": "Informações do Usuário", + "userSettingsDescription": "Insira os detalhes para o novo usuário", + "inviteEmailSent": "Enviar e-mail de convite para o usuário", + "inviteValid": "Válido Por", + "selectDuration": "Selecionar duração", + "accessRoleSelect": "Selecionar função", + "inviteEmailSentDescription": "Um e-mail foi enviado ao usuário com o link de acesso abaixo. Eles devem acessar o link para aceitar o convite.", + "inviteSentDescription": "O usuário foi convidado. Eles devem acessar o link abaixo para aceitar o convite.", + "inviteExpiresIn": "O convite expirará em {days, plural, one {# dia} other {# dias}}.", + "idpTitle": "Informações Gerais", + "idpSelect": "Selecione o provedor de identidade para o usuário externo", + "idpNotConfigured": "Nenhum provedor de identidade está configurado. Configure um provedor de identidade antes de criar usuários externos.", + "usernameUniq": "Isto deve corresponder ao nome de usuário único que existe no provedor de identidade selecionado.", + "emailOptional": "E-mail (Opcional)", + "nameOptional": "Nome (Opcional)", + "accessControls": "Controles de Acesso", + "userDescription2": "Gerenciar as configurações deste usuário", + "accessRoleErrorAdd": "Falha ao adicionar usuário à função", + "accessRoleErrorAddDescription": "Ocorreu um erro ao adicionar usuário à função.", + "userSaved": "Usuário salvo", + "userSavedDescription": "O usuário foi atualizado.", + "accessControlsDescription": "Gerencie o que este usuário pode acessar e fazer na organização", + "accessControlsSubmit": "Salvar Controles de Acesso", + "roles": "Funções", + "accessUsersRoles": "Gerenciar Usuários e Funções", + "accessUsersRolesDescription": "Convide usuários e adicione-os a funções para gerenciar o acesso à sua organização", + "key": "Chave", + "createdAt": "Criado Em", + "proxyErrorInvalidHeader": "Valor do cabeçalho Host personalizado inválido. Use o formato de nome de domínio ou salve vazio para remover o cabeçalho Host personalizado.", + "proxyErrorTls": "Nome do Servidor TLS inválido. Use o formato de nome de domínio ou salve vazio para remover o Nome do Servidor TLS.", + "proxyEnableSSL": "Habilitar SSL (https)", + "targetErrorFetch": "Falha ao buscar alvos", + "targetErrorFetchDescription": "Ocorreu um erro ao buscar alvos", + "siteErrorFetch": "Falha ao buscar recurso", + "siteErrorFetchDescription": "Ocorreu um erro ao buscar recurso", + "targetErrorDuplicate": "Alvo duplicado", + "targetErrorDuplicateDescription": "Um alvo com estas configurações já existe", + "targetWireGuardErrorInvalidIp": "IP do alvo inválido", + "targetWireGuardErrorInvalidIpDescription": "O IP do alvo deve estar dentro da subnet do site", + "targetsUpdated": "Alvos atualizados", + "targetsUpdatedDescription": "Alvos e configurações atualizados com sucesso", + "targetsErrorUpdate": "Falha ao atualizar alvos", + "targetsErrorUpdateDescription": "Ocorreu um erro ao atualizar alvos", + "targetTlsUpdate": "Configurações TLS atualizadas", + "targetTlsUpdateDescription": "Suas configurações TLS foram atualizadas com sucesso", + "targetErrorTlsUpdate": "Falha ao atualizar configurações TLS", + "targetErrorTlsUpdateDescription": "Ocorreu um erro ao atualizar as configurações TLS", + "proxyUpdated": "Configurações de proxy atualizadas", + "proxyUpdatedDescription": "Suas configurações de proxy foram atualizadas com sucesso", + "proxyErrorUpdate": "Falha ao atualizar configurações de proxy", + "proxyErrorUpdateDescription": "Ocorreu um erro ao atualizar as configurações de proxy", + "targetAddr": "IP / Nome do Host", + "targetPort": "Porta", + "targetProtocol": "Protocolo", + "targetTlsSettings": "Configuração de conexão segura", + "targetTlsSettingsDescription": "Configurar configurações SSL/TLS para seu recurso", + "targetTlsSettingsAdvanced": "Configurações TLS Avançadas", + "targetTlsSni": "Nome do Servidor TLS (SNI)", + "targetTlsSniDescription": "O Nome do Servidor TLS para usar para SNI. Deixe vazio para usar o padrão.", + "targetTlsSubmit": "Salvar Configurações", + "targets": "Configuração de Alvos", + "targetsDescription": "Configure alvos para rotear tráfego para seus serviços de backend", + "targetStickySessions": "Ativar Sessões Persistentes", + "targetStickySessionsDescription": "Manter conexões no mesmo alvo backend durante toda a sessão.", + "methodSelect": "Selecionar método", + "targetSubmit": "Adicionar Alvo", + "targetNoOne": "Sem alvos. Adicione um alvo usando o formulário.", + "targetNoOneDescription": "Adicionar mais de um alvo acima habilitará o balanceamento de carga.", + "targetsSubmit": "Salvar Alvos", + "proxyAdditional": "Configurações Adicionais de Proxy", + "proxyAdditionalDescription": "Configure como seu recurso lida com configurações de proxy", + "proxyCustomHeader": "Cabeçalho Host Personalizado", + "proxyCustomHeaderDescription": "O cabeçalho host para definir ao fazer proxy de requisições. Deixe vazio para usar o padrão.", + "proxyAdditionalSubmit": "Salvar Configurações de Proxy", + "subnetMaskErrorInvalid": "Máscara de subnet inválida. Deve estar entre 0 e 32.", + "ipAddressErrorInvalidFormat": "Formato de endereço IP inválido", + "ipAddressErrorInvalidOctet": "Octeto de endereço IP inválido", + "path": "Caminho", + "ipAddressRange": "Faixa de IP", + "rulesErrorFetch": "Falha ao buscar regras", + "rulesErrorFetchDescription": "Ocorreu um erro ao buscar regras", + "rulesErrorDuplicate": "Regra duplicada", + "rulesErrorDuplicateDescription": "Uma regra com estas configurações já existe", + "rulesErrorInvalidIpAddressRange": "CIDR inválido", + "rulesErrorInvalidIpAddressRangeDescription": "Por favor, insira um valor CIDR válido", + "rulesErrorInvalidUrl": "Caminho URL inválido", + "rulesErrorInvalidUrlDescription": "Por favor, insira um valor de caminho URL válido", + "rulesErrorInvalidIpAddress": "IP inválido", + "rulesErrorInvalidIpAddressDescription": "Por favor, insira um endereço IP válido", + "rulesErrorUpdate": "Falha ao atualizar regras", + "rulesErrorUpdateDescription": "Ocorreu um erro ao atualizar regras", + "rulesUpdated": "Ativar Regras", + "rulesUpdatedDescription": "A avaliação de regras foi atualizada", + "rulesMatchIpAddressRangeDescription": "Insira um endereço no formato CIDR (ex: 103.21.244.0/22)", + "rulesMatchIpAddress": "Insira um endereço IP (ex: 103.21.244.12)", + "rulesMatchUrl": "Insira um caminho URL ou padrão (ex: /api/v1/todos ou /api/v1/*)", + "rulesErrorInvalidPriority": "Prioridade Inválida", + "rulesErrorInvalidPriorityDescription": "Por favor, insira uma prioridade válida", + "rulesErrorDuplicatePriority": "Prioridades Duplicadas", + "rulesErrorDuplicatePriorityDescription": "Por favor, insira prioridades únicas", + "ruleUpdated": "Regras atualizadas", + "ruleUpdatedDescription": "Regras atualizadas com sucesso", + "ruleErrorUpdate": "Operação falhou", + "ruleErrorUpdateDescription": "Ocorreu um erro durante a operação de salvamento", + "rulesPriority": "Prioridade", + "rulesAction": "Ação", + "rulesMatchType": "Tipo de Correspondência", + "value": "Valor", + "rulesAbout": "Sobre Regras", + "rulesAboutDescription": "As regras permitem controlar o acesso ao seu recurso com base em um conjunto de critérios. Você pode criar regras para permitir ou negar acesso com base no endereço IP ou caminho URL.", + "rulesActions": "Ações", + "rulesActionAlwaysAllow": "Sempre Permitir: Ignorar todos os métodos de autenticação", + "rulesActionAlwaysDeny": "Sempre Negar: Bloquear todas as requisições; nenhuma autenticação pode ser tentada", + "rulesActionPassToAuth": "Passar para Autenticação: Permitir que métodos de autenticação sejam tentados", + "rulesMatchCriteria": "Critérios de Correspondência", + "rulesMatchCriteriaIpAddress": "Corresponder a um endereço IP específico", + "rulesMatchCriteriaIpAddressRange": "Corresponder a uma faixa de endereços IP em notação CIDR", + "rulesMatchCriteriaUrl": "Corresponder a um caminho URL ou padrão", + "rulesEnable": "Ativar Regras", + "rulesEnableDescription": "Ativar ou desativar avaliação de regras para este recurso", + "rulesResource": "Configuração de Regras do Recurso", + "rulesResourceDescription": "Configure regras para controlar o acesso ao seu recurso", + "ruleSubmit": "Adicionar Regra", + "rulesNoOne": "Sem regras. Adicione uma regra usando o formulário.", + "rulesOrder": "As regras são avaliadas por prioridade em ordem ascendente.", + "rulesSubmit": "Salvar Regras", + "resourceErrorCreate": "Erro ao criar recurso", + "resourceErrorCreateDescription": "Ocorreu um erro ao criar o recurso", + "resourceErrorCreateMessage": "Erro ao criar recurso:", + "resourceErrorCreateMessageDescription": "Ocorreu um erro inesperado", + "sitesErrorFetch": "Erro ao buscar sites", + "sitesErrorFetchDescription": "Ocorreu um erro ao buscar os sites", + "domainsErrorFetch": "Erro ao buscar domínios", + "domainsErrorFetchDescription": "Ocorreu um erro ao buscar os domínios", + "none": "Nenhum", + "unknown": "Desconhecido", + "resources": "Recursos", + "resourcesDescription": "Recursos são proxies para aplicações executando em sua rede privada. Crie um recurso para qualquer serviço HTTP/HTTPS ou TCP/UDP bruto em sua rede privada. Cada recurso deve estar conectado a um site para habilitar conectividade privada e segura através de um túnel WireGuard criptografado.", + "resourcesWireGuardConnect": "Conectividade segura com criptografia WireGuard", + "resourcesMultipleAuthenticationMethods": "Configure múltiplos métodos de autenticação", + "resourcesUsersRolesAccess": "Controle de acesso baseado em usuários e funções", + "resourcesErrorUpdate": "Falha ao alternar recurso", + "resourcesErrorUpdateDescription": "Ocorreu um erro ao atualizar o recurso", + "access": "Acesso", + "shareLink": "Link de Compartilhamento {resource}", + "resourceSelect": "Selecionar recurso", + "shareLinks": "Links de Compartilhamento", + "share": "Links Compartilháveis", + "shareDescription2": "Crie links compartilháveis para seus recursos. Os links fornecem acesso temporário ou ilimitado ao seu recurso. Você pode configurar a duração da expiração do link quando o criar.", + "shareEasyCreate": "Fácil de criar e compartilhar", + "shareConfigurableExpirationDuration": "Duração de expiração configurável", + "shareSecureAndRevocable": "Seguro e revogável", + "nameMin": "O nome deve ter pelo menos {len} caracteres.", + "nameMax": "O nome não deve ter mais de {len} caracteres.", + "sitesConfirmCopy": "Por favor, confirme que você copiou a configuração.", + "unknownCommand": "Comando desconhecido", + "newtErrorFetchReleases": "Falha ao buscar informações da versão: {err}", + "newtErrorFetchLatest": "Erro ao buscar última versão: {err}", + "newtEndpoint": "Endpoint Newt", + "newtId": "ID Newt", + "newtSecretKey": "Chave Secreta Newt", + "architecture": "Arquitetura", + "sites": "sites", + "siteWgAnyClients": "Use qualquer cliente WireGuard para conectar. Você terá que endereçar seus recursos internos usando o IP do par.", + "siteWgCompatibleAllClients": "Compatível com todos os clientes WireGuard", + "siteWgManualConfigurationRequired": "Configuração manual necessária", + "userErrorNotAdminOrOwner": "Usuário não é administrador ou proprietário", + "pangolinSettings": "Configurações - Pangolin", + "accessRoleYour": "Sua função:", + "accessRoleSelect2": "Selecionar uma função", + "accessUserSelect": "Selecionar um usuário", + "otpEmailEnter": "Digite um e-mail", + "otpEmailEnterDescription": "Pressione enter para adicionar um e-mail após digitá-lo no campo de entrada.", + "otpEmailErrorInvalid": "Endereço de e-mail inválido. O caractere curinga (*) deve ser a parte local inteira.", + "otpEmailSmtpRequired": "SMTP Necessário", + "otpEmailSmtpRequiredDescription": "O SMTP deve estar habilitado no servidor para usar a autenticação de senha única.", + "otpEmailTitle": "Senhas Únicas", + "otpEmailTitleDescription": "Requer autenticação baseada em e-mail para acesso ao recurso", + "otpEmailWhitelist": "Lista de E-mails Permitidos", + "otpEmailWhitelistList": "E-mails na Lista Permitida", + "otpEmailWhitelistListDescription": "Apenas usuários com estes endereços de e-mail poderão acessar este recurso. Eles serão solicitados a inserir uma senha única enviada para seu e-mail. Caracteres curinga (*@example.com) podem ser usados para permitir qualquer endereço de e-mail de um domínio.", + "otpEmailWhitelistSave": "Salvar Lista Permitida", + "passwordAdd": "Adicionar Senha", + "passwordRemove": "Remover Senha", + "pincodeAdd": "Adicionar Código PIN", + "pincodeRemove": "Remover Código PIN", + "resourceAuthMethods": "Métodos de Autenticação", + "resourceAuthMethodsDescriptions": "Permitir acesso ao recurso via métodos de autenticação adicionais", + "resourceAuthSettingsSave": "Salvo com sucesso", + "resourceAuthSettingsSaveDescription": "As configurações de autenticação foram salvas", + "resourceErrorAuthFetch": "Falha ao buscar dados", + "resourceErrorAuthFetchDescription": "Ocorreu um erro ao buscar os dados", + "resourceErrorPasswordRemove": "Erro ao remover senha do recurso", + "resourceErrorPasswordRemoveDescription": "Ocorreu um erro ao remover a senha do recurso", + "resourceErrorPasswordSetup": "Erro ao definir senha do recurso", + "resourceErrorPasswordSetupDescription": "Ocorreu um erro ao definir a senha do recurso", + "resourceErrorPincodeRemove": "Erro ao remover código PIN do recurso", + "resourceErrorPincodeRemoveDescription": "Ocorreu um erro ao remover o código PIN do recurso", + "resourceErrorPincodeSetup": "Erro ao definir código PIN do recurso", + "resourceErrorPincodeSetupDescription": "Ocorreu um erro ao definir o código PIN do recurso", + "resourceErrorUsersRolesSave": "Falha ao definir funções", + "resourceErrorUsersRolesSaveDescription": "Ocorreu um erro ao definir as funções", + "resourceErrorWhitelistSave": "Falha ao salvar lista permitida", + "resourceErrorWhitelistSaveDescription": "Ocorreu um erro ao salvar a lista permitida", + "resourcePasswordSubmit": "Habilitar Proteção por Senha", + "resourcePasswordProtection": "Proteção com senha {status}", + "resourcePasswordRemove": "Senha do recurso removida", + "resourcePasswordRemoveDescription": "A senha do recurso foi removida com sucesso", + "resourcePasswordSetup": "Senha do recurso definida", + "resourcePasswordSetupDescription": "A senha do recurso foi definida com sucesso", + "resourcePasswordSetupTitle": "Definir Senha", + "resourcePasswordSetupTitleDescription": "Defina uma senha para proteger este recurso", + "resourcePincode": "Código PIN", + "resourcePincodeSubmit": "Habilitar Proteção por Código PIN", + "resourcePincodeProtection": "Proteção por Código PIN {status}", + "resourcePincodeRemove": "Código PIN do recurso removido", + "resourcePincodeRemoveDescription": "O código PIN do recurso foi removido com sucesso", + "resourcePincodeSetup": "Código PIN do recurso definido", + "resourcePincodeSetupDescription": "O código PIN do recurso foi definido com sucesso", + "resourcePincodeSetupTitle": "Definir Código PIN", + "resourcePincodeSetupTitleDescription": "Defina um código PIN para proteger este recurso", + "resourceRoleDescription": "Administradores sempre podem acessar este recurso.", + "resourceUsersRoles": "Usuários e Funções", + "resourceUsersRolesDescription": "Configure quais usuários e funções podem visitar este recurso", + "resourceUsersRolesSubmit": "Salvar Usuários e Funções", + "resourceWhitelistSave": "Salvo com sucesso", + "resourceWhitelistSaveDescription": "As configurações da lista permitida foram salvas", + "ssoUse": "Usar SSO da Plataforma", + "ssoUseDescription": "Os usuários existentes só precisarão fazer login uma vez para todos os recursos que tiverem isso habilitado.", + "proxyErrorInvalidPort": "Número da porta inválido", + "subdomainErrorInvalid": "Subdomínio inválido", + "domainErrorFetch": "Erro ao buscar domínios", + "domainErrorFetchDescription": "Ocorreu um erro ao buscar os domínios", + "resourceErrorUpdate": "Falha ao atualizar recurso", + "resourceErrorUpdateDescription": "Ocorreu um erro ao atualizar o recurso", + "resourceUpdated": "Recurso atualizado", + "resourceUpdatedDescription": "O recurso foi atualizado com sucesso", + "resourceErrorTransfer": "Falha ao transferir recurso", + "resourceErrorTransferDescription": "Ocorreu um erro ao transferir o recurso", + "resourceTransferred": "Recurso transferido", + "resourceTransferredDescription": "O recurso foi transferido com sucesso", + "resourceErrorToggle": "Falha ao alternar recurso", + "resourceErrorToggleDescription": "Ocorreu um erro ao atualizar o recurso", + "resourceVisibilityTitle": "Visibilidade", + "resourceVisibilityTitleDescription": "Ativar ou desativar completamente a visibilidade do recurso", + "resourceGeneral": "Configurações Gerais", + "resourceGeneralDescription": "Configure as configurações gerais para este recurso", + "resourceEnable": "Ativar Recurso", + "resourceTransfer": "Transferir Recurso", + "resourceTransferDescription": "Transferir este recurso para um site diferente", + "resourceTransferSubmit": "Transferir Recurso", + "siteDestination": "Site de Destino", + "searchSites": "Pesquisar sites", + "accessRoleCreate": "Criar Função", + "accessRoleCreateDescription": "Crie uma nova função para agrupar usuários e gerenciar suas permissões.", + "accessRoleCreateSubmit": "Criar Função", + "accessRoleCreated": "Função criada", + "accessRoleCreatedDescription": "A função foi criada com sucesso.", + "accessRoleErrorCreate": "Falha ao criar função", + "accessRoleErrorCreateDescription": "Ocorreu um erro ao criar a função.", + "accessRoleErrorNewRequired": "Nova função é necessária", + "accessRoleErrorRemove": "Falha ao remover função", + "accessRoleErrorRemoveDescription": "Ocorreu um erro ao remover a função.", + "accessRoleName": "Nome da Função", + "accessRoleQuestionRemove": "Você está prestes a excluir a função {name}. Você não pode desfazer esta ação.", + "accessRoleRemove": "Remover Função", + "accessRoleRemoveDescription": "Remover uma função da organização", + "accessRoleRemoveSubmit": "Remover Função", + "accessRoleRemoved": "Função removida", + "accessRoleRemovedDescription": "A função foi removida com sucesso.", + "accessRoleRequiredRemove": "Antes de excluir esta função, selecione uma nova função para transferir os membros existentes.", + "manage": "Gerir", + "sitesNotFound": "Nenhum site encontrado.", + "pangolinServerAdmin": "Administrador do Servidor - Pangolin", + "licenseTierProfessional": "Licença Profissional", + "licenseTierEnterprise": "Licença Empresarial", + "licenseTierCommercial": "Licença comercial", + "licensed": "Licenciado", + "yes": "Sim", + "no": "Não", + "sitesAdditional": "Sites Adicionais", + "licenseKeys": "Chaves de Licença", + "sitestCountDecrease": "Diminuir contagem de sites", + "sitestCountIncrease": "Aumentar contagem de sites", + "idpManage": "Gerir Provedores de Identidade", + "idpManageDescription": "Visualizar e gerir provedores de identidade no sistema", + "idpDeletedDescription": "Provedor de identidade eliminado com sucesso", + "idpOidc": "OAuth2/OIDC", + "idpQuestionRemove": "Tem certeza que deseja eliminar permanentemente o provedor de identidade {name}?", + "idpMessageRemove": "Isto irá remover o provedor de identidade e todas as configurações associadas. Os utilizadores que se autenticam através deste provedor não poderão mais fazer login.", + "idpMessageConfirm": "Para confirmar, por favor digite o nome do provedor de identidade abaixo.", + "idpConfirmDelete": "Confirmar Eliminação do Provedor de Identidade", + "idpDelete": "Eliminar Provedor de Identidade", + "idp": "Provedores de Identidade", + "idpSearch": "Pesquisar provedores de identidade...", + "idpAdd": "Adicionar Provedor de Identidade", + "idpClientIdRequired": "O ID do Cliente é obrigatório.", + "idpClientSecretRequired": "O Segredo do Cliente é obrigatório.", + "idpErrorAuthUrlInvalid": "O URL de Autenticação deve ser um URL válido.", + "idpErrorTokenUrlInvalid": "O URL do Token deve ser um URL válido.", + "idpPathRequired": "O Caminho do Identificador é obrigatório.", + "idpScopeRequired": "Os Escopos são obrigatórios.", + "idpOidcDescription": "Configurar um provedor de identidade OpenID Connect", + "idpCreatedDescription": "Provedor de identidade criado com sucesso", + "idpCreate": "Criar Provedor de Identidade", + "idpCreateDescription": "Configurar um novo provedor de identidade para autenticação de utilizadores", + "idpSeeAll": "Ver Todos os Provedores de Identidade", + "idpSettingsDescription": "Configurar as informações básicas para o seu provedor de identidade", + "idpDisplayName": "Um nome de exibição para este provedor de identidade", + "idpAutoProvisionUsers": "Provisionamento Automático de Utilizadores", + "idpAutoProvisionUsersDescription": "Quando ativado, os utilizadores serão criados automaticamente no sistema no primeiro login com a capacidade de mapear utilizadores para funções e organizações.", + "licenseBadge": "Profissional", + "idpType": "Tipo de Provedor", + "idpTypeDescription": "Selecione o tipo de provedor de identidade que deseja configurar", + "idpOidcConfigure": "Configuração OAuth2/OIDC", + "idpOidcConfigureDescription": "Configurar os endpoints e credenciais do provedor OAuth2/OIDC", + "idpClientId": "ID do Cliente", + "idpClientIdDescription": "O ID do cliente OAuth2 do seu provedor de identidade", + "idpClientSecret": "Segredo do Cliente", + "idpClientSecretDescription": "O segredo do cliente OAuth2 do seu provedor de identidade", + "idpAuthUrl": "URL de Autorização", + "idpAuthUrlDescription": "O URL do endpoint de autorização OAuth2", + "idpTokenUrl": "URL do Token", + "idpTokenUrlDescription": "O URL do endpoint do token OAuth2", + "idpOidcConfigureAlert": "Informação Importante", + "idpOidcConfigureAlertDescription": "Após criar o provedor de identidade, será necessário configurar o URL de retorno nas configurações do seu provedor de identidade. O URL de retorno será fornecido após a criação bem-sucedida.", + "idpToken": "Configuração do Token", + "idpTokenDescription": "Configurar como extrair informações do utilizador do token ID", + "idpJmespathAbout": "Sobre JMESPath", + "idpJmespathAboutDescription": "Os caminhos abaixo usam a sintaxe JMESPath para extrair valores do token ID.", + "idpJmespathAboutDescriptionLink": "Saiba mais sobre JMESPath", + "idpJmespathLabel": "Caminho do Identificador", + "idpJmespathLabelDescription": "O JMESPath para o identificador do utilizador no token ID", + "idpJmespathEmailPathOptional": "Caminho do Email (Opcional)", + "idpJmespathEmailPathOptionalDescription": "O JMESPath para o email do utilizador no token ID", + "idpJmespathNamePathOptional": "Caminho do Nome (Opcional)", + "idpJmespathNamePathOptionalDescription": "O JMESPath para o nome do utilizador no token ID", + "idpOidcConfigureScopes": "Escopos", + "idpOidcConfigureScopesDescription": "Lista de escopos OAuth2 separados por espaço para solicitar", + "idpSubmit": "Criar Provedor de Identidade", + "orgPolicies": "Políticas da Organização", + "idpSettings": "Configurações de {idpName}", + "idpCreateSettingsDescription": "Configurar as definições para o seu provedor de identidade", + "roleMapping": "Mapeamento de Funções", + "orgMapping": "Mapeamento da Organização", + "orgPoliciesSearch": "Pesquisar políticas da organização...", + "orgPoliciesAdd": "Adicionar Política da Organização", + "orgRequired": "A organização é obrigatória", + "error": "Erro", + "success": "Sucesso", + "orgPolicyAddedDescription": "Política adicionada com sucesso", + "orgPolicyUpdatedDescription": "Política atualizada com sucesso", + "orgPolicyDeletedDescription": "Política eliminada com sucesso", + "defaultMappingsUpdatedDescription": "Mapeamentos padrão atualizados com sucesso", + "orgPoliciesAbout": "Sobre Políticas da Organização", + "orgPoliciesAboutDescription": "As políticas da organização são usadas para controlar o acesso às organizações com base no token ID do utilizador. Pode especificar expressões JMESPath para extrair informações de função e organização do token ID. Para mais informações, consulte", + "orgPoliciesAboutDescriptionLink": "a documentação", + "defaultMappingsOptional": "Mapeamentos Padrão (Opcional)", + "defaultMappingsOptionalDescription": "Os mapeamentos padrão são usados quando não há uma política de organização definida para uma organização. Pode especificar aqui os mapeamentos padrão de função e organização para recorrer.", + "defaultMappingsRole": "Mapeamento de Função Padrão", + "defaultMappingsRoleDescription": "JMESPath para extrair informações de função do token ID. O resultado desta expressão deve retornar o nome da função como definido na organização como uma string.", + "defaultMappingsOrg": "Mapeamento de Organização Padrão", + "defaultMappingsOrgDescription": "JMESPath para extrair informações da organização do token ID. Esta expressão deve retornar o ID da organização ou verdadeiro para que o utilizador tenha permissão para aceder à organização.", + "defaultMappingsSubmit": "Guardar Mapeamentos Padrão", + "orgPoliciesEdit": "Editar Política da Organização", + "org": "Organização", + "orgSelect": "Selecionar organização", + "orgSearch": "Pesquisar organização", + "orgNotFound": "Nenhuma organização encontrada.", + "roleMappingPathOptional": "Caminho de Mapeamento de Função (Opcional)", + "orgMappingPathOptional": "Caminho de Mapeamento da Organização (Opcional)", + "orgPolicyUpdate": "Atualizar Política", + "orgPolicyAdd": "Adicionar Política", + "orgPolicyConfig": "Configurar acesso para uma organização", + "idpUpdatedDescription": "Provedor de identidade atualizado com sucesso", + "redirectUrl": "URL de Redirecionamento", + "redirectUrlAbout": "Sobre o URL de Redirecionamento", + "redirectUrlAboutDescription": "Este é o URL para o qual os utilizadores serão redirecionados após a autenticação. Precisa configurar este URL nas configurações do seu provedor de identidade.", + "pangolinAuth": "Autenticação - Pangolin", + "verificationCodeLengthRequirements": "O seu código de verificação deve ter 8 caracteres.", + "errorOccurred": "Ocorreu um erro", + "emailErrorVerify": "Falha ao verificar o email:", + "emailVerified": "Email verificado com sucesso! Redirecionando...", + "verificationCodeErrorResend": "Falha ao reenviar o código de verificação:", + "verificationCodeResend": "Código de verificação reenviado", + "verificationCodeResendDescription": "Reenviámos um código de verificação para o seu email. Por favor, verifique a sua caixa de entrada.", + "emailVerify": "Verificar Email", + "emailVerifyDescription": "Insira o código de verificação enviado para o seu email.", + "verificationCode": "Código de Verificação", + "verificationCodeEmailSent": "Enviámos um código de verificação para o seu email.", + "submit": "Submeter", + "emailVerifyResendProgress": "A reenviar...", + "emailVerifyResend": "Não recebeu um código? Clique aqui para reenviar", + "passwordNotMatch": "As palavras-passe não correspondem", + "signupError": "Ocorreu um erro durante o registo", + "pangolinLogoAlt": "Logótipo Pangolin", + "inviteAlready": "Parece que já foi convidado!", + "inviteAlreadyDescription": "Para aceitar o convite, deve iniciar sessão ou criar uma conta.", + "signupQuestion": "Já tem uma conta?", + "login": "Iniciar sessão", + "resourceNotFound": "Recurso Não Encontrado", + "resourceNotFoundDescription": "O recurso que está a tentar aceder não existe.", + "pincodeRequirementsLength": "O PIN deve ter exatamente 6 dígitos", + "pincodeRequirementsChars": "O PIN deve conter apenas números", + "passwordRequirementsLength": "A palavra-passe deve ter pelo menos 1 caractere", + "passwordRequirementsTitle": "Requisitos de senha:", + "passwordRequirementLength": "Pelo menos 8 caracteres de comprimento", + "passwordRequirementUppercase": "Pelo menos uma letra maiúscula", + "passwordRequirementLowercase": "Pelo menos uma letra minúscula", + "passwordRequirementNumber": "Pelo menos um número", + "passwordRequirementSpecial": "Pelo menos um caractere especial", + "passwordRequirementsMet": "✓ Senha atende a todos os requisitos", + "passwordStrength": "Força da senha", + "passwordStrengthWeak": "Fraca", + "passwordStrengthMedium": "Média", + "passwordStrengthStrong": "Forte", + "passwordRequirements": "Requisitos:", + "passwordRequirementLengthText": "8+ caracteres", + "passwordRequirementUppercaseText": "Letra maiúscula (A-Z)", + "passwordRequirementLowercaseText": "Letra minúscula (a-z)", + "passwordRequirementNumberText": "Número (0-9)", + "passwordRequirementSpecialText": "Caractere especial (!@#$%...)", + "passwordsDoNotMatch": "As palavras-passe não correspondem", + "otpEmailRequirementsLength": "O OTP deve ter pelo menos 1 caractere", + "otpEmailSent": "OTP Enviado", + "otpEmailSentDescription": "Um OTP foi enviado para o seu email", + "otpEmailErrorAuthenticate": "Falha na autenticação por email", + "pincodeErrorAuthenticate": "Falha na autenticação com PIN", + "passwordErrorAuthenticate": "Falha na autenticação com palavra-passe", + "poweredBy": "Desenvolvido por", + "authenticationRequired": "Autenticação Necessária", + "authenticationMethodChoose": "Escolha o seu método preferido para aceder a {name}", + "authenticationRequest": "Deve autenticar-se para aceder a {name}", + "user": "Utilizador", + "pincodeInput": "Código PIN de 6 dígitos", + "pincodeSubmit": "Iniciar sessão com PIN", + "passwordSubmit": "Iniciar Sessão com Palavra-passe", + "otpEmailDescription": "Um código único será enviado para este email.", + "otpEmailSend": "Enviar Código Único", + "otpEmail": "Palavra-passe Única (OTP)", + "otpEmailSubmit": "Submeter OTP", + "backToEmail": "Voltar ao Email", + "noSupportKey": "O servidor está rodando sem uma chave de suporte. Considere apoiar o projeto!", + "accessDenied": "Acesso Negado", + "accessDeniedDescription": "Não tem permissão para aceder a este recurso. Se isto for um erro, contacte o administrador.", + "accessTokenError": "Erro ao verificar o token de acesso", + "accessGranted": "Acesso Concedido", + "accessUrlInvalid": "URL de Acesso Inválido", + "accessGrantedDescription": "Foi-lhe concedido acesso a este recurso. A redirecionar...", + "accessUrlInvalidDescription": "Este URL de acesso partilhado é inválido. Por favor, contacte o proprietário do recurso para obter um novo URL.", + "tokenInvalid": "Token inválido", + "pincodeInvalid": "Código inválido", + "passwordErrorRequestReset": "Falha ao solicitar redefinição:", + "passwordErrorReset": "Falha ao redefinir palavra-passe:", + "passwordResetSuccess": "Palavra-passe redefinida com sucesso! Voltar ao início de sessão...", + "passwordReset": "Redefinir Palavra-passe", + "passwordResetDescription": "Siga os passos para redefinir a sua palavra-passe", + "passwordResetSent": "Enviaremos um código de redefinição de palavra-passe para este email.", + "passwordResetCode": "Código de Redefinição", + "passwordResetCodeDescription": "Verifique o seu email para obter o código de redefinição.", + "passwordNew": "Nova Palavra-passe", + "passwordNewConfirm": "Confirmar Nova Palavra-passe", + "pincodeAuth": "Código do Autenticador", + "pincodeSubmit2": "Submeter Código", + "passwordResetSubmit": "Solicitar Redefinição", + "passwordBack": "Voltar à Palavra-passe", + "loginBack": "Voltar ao início de sessão", + "signup": "Registar", + "loginStart": "Inicie sessão para começar", + "idpOidcTokenValidating": "A validar token OIDC", + "idpOidcTokenResponse": "Validar resposta do token OIDC", + "idpErrorOidcTokenValidating": "Erro ao validar token OIDC", + "idpConnectingTo": "A ligar a {name}", + "idpConnectingToDescription": "A validar a sua identidade", + "idpConnectingToProcess": "A conectar...", + "idpConnectingToFinished": "Conectado", + "idpErrorConnectingTo": "Ocorreu um problema ao ligar a {name}. Por favor, contacte o seu administrador.", + "idpErrorNotFound": "IdP não encontrado", + "inviteInvalid": "Convite Inválido", + "inviteInvalidDescription": "O link do convite é inválido.", + "inviteErrorWrongUser": "O convite não é para este usuário", + "inviteErrorUserNotExists": "O usuário não existe. Por favor, crie uma conta primeiro.", + "inviteErrorLoginRequired": "Você deve estar logado para aceitar um convite", + "inviteErrorExpired": "O convite pode ter expirado", + "inviteErrorRevoked": "O convite pode ter sido revogado", + "inviteErrorTypo": "Pode haver um erro de digitação no link do convite", + "pangolinSetup": "Configuração - Pangolin", + "orgNameRequired": "O nome da organização é obrigatório", + "orgIdRequired": "O ID da organização é obrigatório", + "orgErrorCreate": "Ocorreu um erro ao criar a organização", + "pageNotFound": "Página Não Encontrada", + "pageNotFoundDescription": "Ops! A página que você está procurando não existe.", + "overview": "Visão Geral", + "home": "Início", + "accessControl": "Controle de Acesso", + "settings": "Configurações", + "usersAll": "Todos os Usuários", + "license": "Licença", + "pangolinDashboard": "Painel - Pangolin", + "noResults": "Nenhum resultado encontrado.", + "terabytes": "{count} TB", + "gigabytes": "{count} GB", + "megabytes": "{count} MB", + "tagsEntered": "Tags Inseridas", + "tagsEnteredDescription": "Estas são as tags que você inseriu.", + "tagsWarnCannotBeLessThanZero": "maxTags e minTags não podem ser menores que 0", + "tagsWarnNotAllowedAutocompleteOptions": "Tag não permitida conforme as opções de autocompletar", + "tagsWarnInvalid": "Tag inválida conforme validateTag", + "tagWarnTooShort": "A tag {tagText} é muito curta", + "tagWarnTooLong": "A tag {tagText} é muito longa", + "tagsWarnReachedMaxNumber": "Atingido o número máximo de tags permitidas", + "tagWarnDuplicate": "Tag duplicada {tagText} não adicionada", + "supportKeyInvalid": "Chave Inválida", + "supportKeyInvalidDescription": "A sua chave de suporte é inválida.", + "supportKeyValid": "Chave Válida", + "supportKeyValidDescription": "A sua chave de suporte foi validada. Obrigado pelo seu apoio!", + "supportKeyErrorValidationDescription": "Falha ao validar a chave de suporte.", + "supportKey": "Apoie o Desenvolvimento e Adote um Pangolim!", + "supportKeyDescription": "Compre uma chave de suporte para nos ajudar a continuar desenvolvendo o Pangolin para a comunidade. A sua contribuição permite-nos dedicar mais tempo para manter e adicionar novos recursos à aplicação para todos. Nunca usaremos isto para restringir recursos. Isto é separado de qualquer Edição Comercial.", + "supportKeyPet": "Também poderá adotar e conhecer o seu próprio Pangolim de estimação!", + "supportKeyPurchase": "Os pagamentos são processados via GitHub. Depois, pode obter a sua chave em", + "supportKeyPurchaseLink": "nosso site", + "supportKeyPurchase2": "e resgatá-la aqui.", + "supportKeyLearnMore": "Saiba mais.", + "supportKeyOptions": "Por favor, selecione a opção que melhor se adequa a si.", + "supportKetOptionFull": "Apoiante Completo", + "forWholeServer": "Para todo o servidor", + "lifetimePurchase": "Compra vitalícia", + "supporterStatus": "Estado de apoiante", + "buy": "Comprar", + "supportKeyOptionLimited": "Apoiante Limitado", + "forFiveUsers": "Para 5 ou menos utilizadores", + "supportKeyRedeem": "Resgatar Chave de Apoiante", + "supportKeyHideSevenDays": "Ocultar por 7 dias", + "supportKeyEnter": "Inserir Chave de Apoiante", + "supportKeyEnterDescription": "Conheça o seu próprio Pangolim de estimação!", + "githubUsername": "Nome de Utilizador GitHub", + "supportKeyInput": "Chave de Apoiante", + "supportKeyBuy": "Comprar Chave de Apoiante", + "logoutError": "Erro ao terminar sessão", + "signingAs": "Sessão iniciada como", + "serverAdmin": "Administrador do Servidor", + "managedSelfhosted": "Gerenciado Auto-Hospedado", + "otpEnable": "Ativar Autenticação de Dois Fatores", + "otpDisable": "Desativar Autenticação de Dois Fatores", + "logout": "Terminar Sessão", + "licenseTierProfessionalRequired": "Edição Profissional Necessária", + "licenseTierProfessionalRequiredDescription": "Esta funcionalidade só está disponível na Edição Profissional.", + "actionGetOrg": "Obter Organização", + "actionUpdateOrg": "Atualizar Organização", + "actionUpdateUser": "Atualizar Usuário", + "actionGetUser": "Obter Usuário", + "actionGetOrgUser": "Obter Utilizador da Organização", + "actionListOrgDomains": "Listar Domínios da Organização", + "actionCreateSite": "Criar Site", + "actionDeleteSite": "Eliminar Site", + "actionGetSite": "Obter Site", + "actionListSites": "Listar Sites", + "setupToken": "Configuração do Token", + "setupTokenDescription": "Digite o token de configuração do console do servidor.", + "setupTokenRequired": "Token de configuração é necessário", + "actionUpdateSite": "Atualizar Site", + "actionListSiteRoles": "Listar Funções Permitidas do Site", + "actionCreateResource": "Criar Recurso", + "actionDeleteResource": "Eliminar Recurso", + "actionGetResource": "Obter Recurso", + "actionListResource": "Listar Recursos", + "actionUpdateResource": "Atualizar Recurso", + "actionListResourceUsers": "Listar Utilizadores do Recurso", + "actionSetResourceUsers": "Definir Utilizadores do Recurso", + "actionSetAllowedResourceRoles": "Definir Funções Permitidas do Recurso", + "actionListAllowedResourceRoles": "Listar Funções Permitidas do Recurso", + "actionSetResourcePassword": "Definir Palavra-passe do Recurso", + "actionSetResourcePincode": "Definir Código PIN do Recurso", + "actionSetResourceEmailWhitelist": "Definir Lista Permitida de Emails do Recurso", + "actionGetResourceEmailWhitelist": "Obter Lista Permitida de Emails do Recurso", + "actionCreateTarget": "Criar Alvo", + "actionDeleteTarget": "Eliminar Alvo", + "actionGetTarget": "Obter Alvo", + "actionListTargets": "Listar Alvos", + "actionUpdateTarget": "Atualizar Alvo", + "actionCreateRole": "Criar Função", + "actionDeleteRole": "Eliminar Função", + "actionGetRole": "Obter Função", + "actionListRole": "Listar Funções", + "actionUpdateRole": "Atualizar Função", + "actionListAllowedRoleResources": "Listar Recursos Permitidos da Função", + "actionInviteUser": "Convidar Utilizador", + "actionRemoveUser": "Remover Utilizador", + "actionListUsers": "Listar Utilizadores", + "actionAddUserRole": "Adicionar Função ao Utilizador", + "actionGenerateAccessToken": "Gerar Token de Acesso", + "actionDeleteAccessToken": "Eliminar Token de Acesso", + "actionListAccessTokens": "Listar Tokens de Acesso", + "actionCreateResourceRule": "Criar Regra de Recurso", + "actionDeleteResourceRule": "Eliminar Regra de Recurso", + "actionListResourceRules": "Listar Regras de Recurso", + "actionUpdateResourceRule": "Atualizar Regra de Recurso", + "actionListOrgs": "Listar Organizações", + "actionCheckOrgId": "Verificar ID", + "actionCreateOrg": "Criar Organização", + "actionDeleteOrg": "Eliminar Organização", + "actionListApiKeys": "Listar Chaves API", + "actionListApiKeyActions": "Listar Ações da Chave API", + "actionSetApiKeyActions": "Definir Ações Permitidas da Chave API", + "actionCreateApiKey": "Criar Chave API", + "actionDeleteApiKey": "Eliminar Chave API", + "actionCreateIdp": "Criar IDP", + "actionUpdateIdp": "Atualizar IDP", + "actionDeleteIdp": "Eliminar IDP", + "actionListIdps": "Listar IDP", + "actionGetIdp": "Obter IDP", + "actionCreateIdpOrg": "Criar Política de Organização IDP", + "actionDeleteIdpOrg": "Eliminar Política de Organização IDP", + "actionListIdpOrgs": "Listar Organizações IDP", + "actionUpdateIdpOrg": "Atualizar Organização IDP", + "actionCreateClient": "Criar Cliente", + "actionDeleteClient": "Excluir Cliente", + "actionUpdateClient": "Atualizar Cliente", + "actionListClients": "Listar Clientes", + "actionGetClient": "Obter Cliente", + "actionCreateSiteResource": "Criar Recurso do Site", + "actionDeleteSiteResource": "Eliminar Recurso do Site", + "actionGetSiteResource": "Obter Recurso do Site", + "actionListSiteResources": "Listar Recursos do Site", + "actionUpdateSiteResource": "Atualizar Recurso do Site", + "actionListInvitations": "Listar Convites", + "noneSelected": "Nenhum selecionado", + "orgNotFound2": "Nenhuma organização encontrada.", + "searchProgress": "Pesquisar...", + "create": "Criar", + "orgs": "Organizações", + "loginError": "Ocorreu um erro ao iniciar sessão", + "passwordForgot": "Esqueceu a sua palavra-passe?", + "otpAuth": "Autenticação de Dois Fatores", + "otpAuthDescription": "Insira o código da sua aplicação de autenticação ou um dos seus códigos de backup de uso único.", + "otpAuthSubmit": "Submeter Código", + "idpContinue": "Ou continuar com", + "otpAuthBack": "Voltar ao Início de Sessão", + "navbar": "Menu de Navegação", + "navbarDescription": "Menu de navegação principal da aplicação", + "navbarDocsLink": "Documentação", + "commercialEdition": "Edição Comercial", + "otpErrorEnable": "Não foi possível ativar 2FA", + "otpErrorEnableDescription": "Ocorreu um erro ao ativar 2FA", + "otpSetupCheckCode": "Por favor, insira um código de 6 dígitos", + "otpSetupCheckCodeRetry": "Código inválido. Por favor, tente novamente.", + "otpSetup": "Ativar Autenticação de Dois Fatores", + "otpSetupDescription": "Proteja a sua conta com uma camada extra de proteção", + "otpSetupScanQr": "Digitalize este código QR com a sua aplicação de autenticação ou insira a chave secreta manualmente:", + "otpSetupSecretCode": "Código de Autenticação", + "otpSetupSuccess": "Autenticação de Dois Fatores Ativada", + "otpSetupSuccessStoreBackupCodes": "A sua conta está agora mais segura. Não se esqueça de guardar os seus códigos de backup.", + "otpErrorDisable": "Não foi possível desativar 2FA", + "otpErrorDisableDescription": "Ocorreu um erro ao desativar 2FA", + "otpRemove": "Desativar Autenticação de Dois Fatores", + "otpRemoveDescription": "Desativar a autenticação de dois fatores para a sua conta", + "otpRemoveSuccess": "Autenticação de Dois Fatores Desativada", + "otpRemoveSuccessMessage": "A autenticação de dois fatores foi desativada para a sua conta. Pode ativá-la novamente a qualquer momento.", + "otpRemoveSubmit": "Desativar 2FA", + "paginator": "Página {current} de {last}", + "paginatorToFirst": "Ir para a primeira página", + "paginatorToPrevious": "Ir para a página anterior", + "paginatorToNext": "Ir para a próxima página", + "paginatorToLast": "Ir para a última página", + "copyText": "Copiar texto", + "copyTextFailed": "Falha ao copiar texto: ", + "copyTextClipboard": "Copiar para a área de transferência", + "inviteErrorInvalidConfirmation": "Confirmação inválida", + "passwordRequired": "A senha é obrigatória", + "allowAll": "Permitir todos", + "permissionsAllowAll": "Permitir Todas as Permissões", + "githubUsernameRequired": "O nome de utilizador GitHub é obrigatório", + "supportKeyRequired": "A chave de apoiante é obrigatória", + "passwordRequirementsChars": "A palavra-passe deve ter pelo menos 8 caracteres", + "language": "Idioma", + "verificationCodeRequired": "O código é obrigatório", + "userErrorNoUpdate": "Não existe utilizador para atualizar", + "siteErrorNoUpdate": "Não existe site para atualizar", + "resourceErrorNoUpdate": "Não existe recurso para atualizar", + "authErrorNoUpdate": "Não existem informações de autenticação para atualizar", + "orgErrorNoUpdate": "Não existe organização para atualizar", + "orgErrorNoProvided": "Nenhuma organização fornecida", + "apiKeysErrorNoUpdate": "Não existe chave API para atualizar", + "sidebarOverview": "Geral", + "sidebarHome": "Residencial", + "sidebarSites": "sites", + "sidebarResources": "Recursos", + "sidebarAccessControl": "Controle de Acesso", + "sidebarUsers": "Utilizadores", + "sidebarInvitations": "Convites", + "sidebarRoles": "Papéis", + "sidebarShareableLinks": "Links compartilháveis", + "sidebarApiKeys": "Chaves API", + "sidebarSettings": "Confirgurações", + "sidebarAllUsers": "Todos os usuários", + "sidebarIdentityProviders": "Provedores de identidade", + "sidebarLicense": "Tipo:", + "sidebarClients": "Clientes (Beta)", + "sidebarDomains": "Domínios", + "enableDockerSocket": "Habilitar Docker Socket", + "enableDockerSocketDescription": "Ativar a descoberta do Docker Socket para preencher informações do contêiner. O caminho do socket deve ser fornecido ao Newt.", + "enableDockerSocketLink": "Saiba mais", + "viewDockerContainers": "Ver contêineres Docker", + "containersIn": "Contêineres em {siteName}", + "selectContainerDescription": "Selecione qualquer contêiner para usar como hostname para este alvo. Clique em uma porta para usar uma porta.", + "containerName": "Nome:", + "containerImage": "Imagem:", + "containerState": "Estado:", + "containerNetworks": "Redes", + "containerHostnameIp": "Hostname/IP", + "containerLabels": "Marcadores", + "containerLabelsCount": "{count, plural, one {# rótulo} other {# rótulos}}", + "containerLabelsTitle": "Etiquetas do Contêiner", + "containerLabelEmpty": "", + "containerPorts": "Portas", + "containerPortsMore": "+ Mais{count}", + "containerActions": "Ações.", + "select": "Selecionar", + "noContainersMatchingFilters": "Nenhum contêiner encontrado corresponde aos filtros atuais.", + "showContainersWithoutPorts": "Mostrar contêineres sem portas", + "showStoppedContainers": "Mostrar contêineres parados", + "noContainersFound": "Nenhum contêiner encontrado. Certifique-se de que os contêineres Docker estão em execução.", + "searchContainersPlaceholder": "Pesquisar entre os contêineres {count}...", + "searchResultsCount": "{count, plural, one {# resultado} other {# resultados}}", + "filters": "Filtros", + "filterOptions": "Opções de Filtro", + "filterPorts": "Portas", + "filterStopped": "Parado", + "clearAllFilters": "Limpar todos os filtros", + "columns": "Colunas", + "toggleColumns": "Alternar Colunas", + "refreshContainersList": "Atualizar lista de contêineres", + "searching": "Buscando...", + "noContainersFoundMatching": "Nenhum recipiente encontrado \"{filter}\".", + "light": "claro", + "dark": "escuro", + "system": "sistema", + "theme": "Tema", + "subnetRequired": "Sub-rede é obrigatória", + "initialSetupTitle": "Configuração Inicial do Servidor", + "initialSetupDescription": "Crie a conta de administrador inicial do servidor. Apenas um administrador do servidor pode existir. Você sempre pode alterar essas credenciais posteriormente.", + "createAdminAccount": "Criar Conta de Administrador", + "setupErrorCreateAdmin": "Ocorreu um erro ao criar a conta de administrador do servidor.", + "certificateStatus": "Status do Certificado", + "loading": "Carregando", + "restart": "Reiniciar", + "domains": "Domínios", + "domainsDescription": "Gerencie domínios para sua organização", + "domainsSearch": "Pesquisar domínios...", + "domainAdd": "Adicionar Domínio", + "domainAddDescription": "Registre um novo domínio com sua organização", + "domainCreate": "Criar Domínio", + "domainCreatedDescription": "Domínio criado com sucesso", + "domainDeletedDescription": "Domínio deletado com sucesso", + "domainQuestionRemove": "Tem certeza de que deseja remover o domínio {domain} da sua conta?", + "domainMessageRemove": "Uma vez removido, o domínio não estará mais associado à sua conta.", + "domainMessageConfirm": "Para confirmar, digite o nome do domínio abaixo.", + "domainConfirmDelete": "Confirmar Exclusão de Domínio", + "domainDelete": "Excluir Domínio", + "domain": "Domínio", + "selectDomainTypeNsName": "Delegação de Domínio (NS)", + "selectDomainTypeNsDescription": "Este domínio e todos os seus subdomínios. Use isso quando quiser controlar uma zona de domínio inteira.", + "selectDomainTypeCnameName": "Domínio Único (CNAME)", + "selectDomainTypeCnameDescription": "Apenas este domínio específico. Use isso para subdomínios individuais ou entradas de domínio específicas.", + "selectDomainTypeWildcardName": "Domínio Coringa", + "selectDomainTypeWildcardDescription": "Este domínio e seus subdomínios.", + "domainDelegation": "Domínio Único", + "selectType": "Selecione um tipo", + "actions": "Ações", + "refresh": "Atualizar", + "refreshError": "Falha ao atualizar dados", + "verified": "Verificado", + "pending": "Pendente", + "sidebarBilling": "Faturamento", + "billing": "Faturamento", + "orgBillingDescription": "Gerencie suas informações de faturamento e assinaturas", + "github": "GitHub", + "pangolinHosted": "Hospedagem Pangolin", + "fossorial": "Fossorial", + "completeAccountSetup": "Completar Configuração da Conta", + "completeAccountSetupDescription": "Defina sua senha para começar", + "accountSetupSent": "Enviaremos um código de ativação da conta para este endereço de e-mail.", + "accountSetupCode": "Código de Ativação", + "accountSetupCodeDescription": "Verifique seu e-mail para obter o código de ativação.", + "passwordCreate": "Criar Senha", + "passwordCreateConfirm": "Confirmar Senha", + "accountSetupSubmit": "Enviar Código de Ativação", + "completeSetup": "Configuração Completa", + "accountSetupSuccess": "Configuração da conta concluída! Bem-vindo ao Pangolin!", + "documentation": "Documentação", + "saveAllSettings": "Salvar Todas as Configurações", + "settingsUpdated": "Configurações atualizadas", + "settingsUpdatedDescription": "Todas as configurações foram atualizadas com sucesso", + "settingsErrorUpdate": "Falha ao atualizar configurações", + "settingsErrorUpdateDescription": "Ocorreu um erro ao atualizar configurações", + "sidebarCollapse": "Recolher", + "sidebarExpand": "Expandir", + "newtUpdateAvailable": "Nova Atualização Disponível", + "newtUpdateAvailableInfo": "Uma nova versão do Newt está disponível. Atualize para a versão mais recente para uma melhor experiência.", + "domainPickerEnterDomain": "Domínio", + "domainPickerPlaceholder": "meuapp.exemplo.com, api.v1.meudominio.com, ou apenas meuapp", + "domainPickerDescription": "Insira o domínio completo do recurso para ver as opções disponíveis.", + "domainPickerDescriptionSaas": "Insira um domínio completo, subdomínio ou apenas um nome para ver as opções disponíveis", + "domainPickerTabAll": "Todos", + "domainPickerTabOrganization": "Organização", + "domainPickerTabProvided": "Fornecido", + "domainPickerSortAsc": "A-Z", + "domainPickerSortDesc": "Z-A", + "domainPickerCheckingAvailability": "Verificando disponibilidade...", + "domainPickerNoMatchingDomains": "Nenhum domínio correspondente encontrado. Tente um domínio diferente ou verifique as configurações do domínio da sua organização.", + "domainPickerOrganizationDomains": "Domínios da Organização", + "domainPickerProvidedDomains": "Domínios Fornecidos", + "domainPickerSubdomain": "Subdomínio: {subdomain}", + "domainPickerNamespace": "Namespace: {namespace}", + "domainPickerShowMore": "Mostrar Mais", + "domainNotFound": "Domínio Não Encontrado", + "domainNotFoundDescription": "Este recurso está desativado porque o domínio não existe mais em nosso sistema. Defina um novo domínio para este recurso.", + "failed": "Falhou", + "createNewOrgDescription": "Crie uma nova organização", + "organization": "Organização", + "port": "Porta", + "securityKeyManage": "Gerenciar chaves de segurança", + "securityKeyDescription": "Adicionar ou remover chaves de segurança para autenticação sem senha", + "securityKeyRegister": "Registrar nova chave de segurança", + "securityKeyList": "Suas chaves de segurança", + "securityKeyNone": "Nenhuma chave de segurança registrada", + "securityKeyNameRequired": "Nome é obrigatório", + "securityKeyRemove": "Remover", + "securityKeyLastUsed": "Último uso: {date}", + "securityKeyNameLabel": "Nome", + "securityKeyRegisterSuccess": "Chave de segurança registrada com sucesso", + "securityKeyRegisterError": "Erro ao registrar chave de segurança", + "securityKeyRemoveSuccess": "Chave de segurança removida com sucesso", + "securityKeyRemoveError": "Erro ao remover chave de segurança", + "securityKeyLoadError": "Erro ao carregar chaves de segurança", + "securityKeyLogin": "Continuar com a chave de segurança", + "securityKeyAuthError": "Erro ao autenticar com chave de segurança", + "securityKeyRecommendation": "Considere registrar outra chave de segurança em um dispositivo diferente para garantir que você não fique bloqueado da sua conta.", + "registering": "Registrando...", + "securityKeyPrompt": "Verifique sua identidade usando sua chave de segurança. Certifique-se de que sua chave de segurança está conectada e pronta.", + "securityKeyBrowserNotSupported": "Seu navegador não suporta chaves de segurança. Use um navegador moderno como Chrome, Firefox ou Safari.", + "securityKeyPermissionDenied": "Permita o acesso à sua chave de segurança para continuar o login.", + "securityKeyRemovedTooQuickly": "Mantenha sua chave de segurança conectada até que o processo de login seja concluído.", + "securityKeyNotSupported": "Sua chave de segurança pode não ser compatível. Tente uma chave de segurança diferente.", + "securityKeyUnknownError": "Houve um problema ao usar sua chave de segurança. Tente novamente.", + "twoFactorRequired": "A autenticação de dois fatores é necessária para registrar uma chave de segurança.", + "twoFactor": "Autenticação de Dois Fatores", + "adminEnabled2FaOnYourAccount": "Seu administrador ativou a autenticação de dois fatores para {email}. Complete o processo de configuração para continuar.", + "continueToApplication": "Continuar para Aplicativo", + "securityKeyAdd": "Adicionar Chave de Segurança", + "securityKeyRegisterTitle": "Registrar Nova Chave de Segurança", + "securityKeyRegisterDescription": "Conecte sua chave de segurança e insira um nome para identificá-la", + "securityKeyTwoFactorRequired": "Autenticação de Dois Fatores Obrigatória", + "securityKeyTwoFactorDescription": "Insira seu código de autenticação de dois fatores para registrar a chave de segurança", + "securityKeyTwoFactorRemoveDescription": "Insira seu código de autenticação de dois fatores para remover a chave de segurança", + "securityKeyTwoFactorCode": "Código de Dois Fatores", + "securityKeyRemoveTitle": "Remover Chave de Segurança", + "securityKeyRemoveDescription": "Insira sua senha para remover a chave de segurança \"{name}\"", + "securityKeyNoKeysRegistered": "Nenhuma chave de segurança registrada", + "securityKeyNoKeysDescription": "Adicione uma chave de segurança para melhorar a segurança da sua conta", + "createDomainRequired": "Domínio é obrigatório", + "createDomainAddDnsRecords": "Adicionar Registros DNS", + "createDomainAddDnsRecordsDescription": "Adicione os seguintes registros DNS ao seu provedor de domínio para completar a configuração.", + "createDomainNsRecords": "Registros NS", + "createDomainRecord": "Registrar", + "createDomainType": "Tipo:", + "createDomainName": "Nome:", + "createDomainValue": "Valor:", + "createDomainCnameRecords": "Registros CNAME", + "createDomainARecords": "Registros A", + "createDomainRecordNumber": "Registrar {number}", + "createDomainTxtRecords": "Registros TXT", + "createDomainSaveTheseRecords": "Salvar Esses Registros", + "createDomainSaveTheseRecordsDescription": "Certifique-se de salvar esses registros DNS, pois você não os verá novamente.", + "createDomainDnsPropagation": "Propagação DNS", + "createDomainDnsPropagationDescription": "Alterações no DNS podem levar algum tempo para se propagar pela internet. Pode levar de alguns minutos a 48 horas, dependendo do seu provedor de DNS e das configurações de TTL.", + "resourcePortRequired": "Número da porta é obrigatório para recursos não-HTTP", + "resourcePortNotAllowed": "Número da porta não deve ser definido para recursos HTTP", + "signUpTerms": { + "IAgreeToThe": "Concordo com", + "termsOfService": "os termos de serviço", + "and": "e", + "privacyPolicy": "política de privacidade" + }, + "siteRequired": "Site é obrigatório.", + "olmTunnel": "Olm Tunnel", + "olmTunnelDescription": "Use Olm para conectividade do cliente", + "errorCreatingClient": "Erro ao criar cliente", + "clientDefaultsNotFound": "Padrões do cliente não encontrados", + "createClient": "Criar Cliente", + "createClientDescription": "Crie um novo cliente para conectar aos seus sites", + "seeAllClients": "Ver Todos os Clientes", + "clientInformation": "Informações do Cliente", + "clientNamePlaceholder": "Nome do cliente", + "address": "Endereço", + "subnetPlaceholder": "Sub-rede", + "addressDescription": "O endereço que este cliente usará para conectividade", + "selectSites": "Selecionar sites", + "sitesDescription": "O cliente terá conectividade com os sites selecionados", + "clientInstallOlm": "Instalar Olm", + "clientInstallOlmDescription": "Execute o Olm em seu sistema", + "clientOlmCredentials": "Credenciais Olm", + "clientOlmCredentialsDescription": "É assim que Olm se autenticará com o servidor", + "olmEndpoint": "Endpoint Olm", + "olmId": "ID Olm", + "olmSecretKey": "Chave Secreta Olm", + "clientCredentialsSave": "Salve suas Credenciais", + "clientCredentialsSaveDescription": "Você só poderá ver isto uma vez. Certifique-se de copiá-las para um local seguro.", + "generalSettingsDescription": "Configure as configurações gerais para este cliente", + "clientUpdated": "Cliente atualizado", + "clientUpdatedDescription": "O cliente foi atualizado.", + "clientUpdateFailed": "Falha ao atualizar cliente", + "clientUpdateError": "Ocorreu um erro ao atualizar o cliente.", + "sitesFetchFailed": "Falha ao buscar sites", + "sitesFetchError": "Ocorreu um erro ao buscar sites.", + "olmErrorFetchReleases": "Ocorreu um erro ao buscar lançamentos do Olm.", + "olmErrorFetchLatest": "Ocorreu um erro ao buscar o lançamento mais recente do Olm.", + "remoteSubnets": "Sub-redes Remotas", + "enterCidrRange": "Insira o intervalo CIDR", + "remoteSubnetsDescription": "Adicionar intervalos CIDR que podem ser acessados deste site remotamente usando clientes. Use um formato como 10.0.0.0/24. Isso SOMENTE se aplica à conectividade do cliente VPN.", + "resourceEnableProxy": "Ativar Proxy Público", + "resourceEnableProxyDescription": "Permite proxy público para este recurso. Isso permite o acesso ao recurso de fora da rede através da nuvem em uma porta aberta. Requer configuração do Traefik.", + "externalProxyEnabled": "Proxy Externo Habilitado", + "addNewTarget": "Adicionar Novo Alvo", + "targetsList": "Lista de Alvos", + "targetErrorDuplicateTargetFound": "Alvo duplicado encontrado", + "httpMethod": "Método HTTP", + "selectHttpMethod": "Selecionar método HTTP", + "domainPickerSubdomainLabel": "Subdomínio", + "domainPickerBaseDomainLabel": "Domínio Base", + "domainPickerSearchDomains": "Buscar domínios...", + "domainPickerNoDomainsFound": "Nenhum domínio encontrado", + "domainPickerLoadingDomains": "Carregando domínios...", + "domainPickerSelectBaseDomain": "Selecione o domínio base...", + "domainPickerNotAvailableForCname": "Não disponível para domínios CNAME", + "domainPickerEnterSubdomainOrLeaveBlank": "Digite um subdomínio ou deixe em branco para usar o domínio base.", + "domainPickerEnterSubdomainToSearch": "Digite um subdomínio para buscar e selecionar entre os domínios gratuitos disponíveis.", + "domainPickerFreeDomains": "Domínios Gratuitos", + "domainPickerSearchForAvailableDomains": "Pesquise por domínios disponíveis", + "resourceDomain": "Domínio", + "resourceEditDomain": "Editar Domínio", + "siteName": "Nome do Site", + "proxyPort": "Porta", + "resourcesTableProxyResources": "Recursos de Proxy", + "resourcesTableClientResources": "Recursos do Cliente", + "resourcesTableNoProxyResourcesFound": "Nenhum recurso de proxy encontrado.", + "resourcesTableNoInternalResourcesFound": "Nenhum recurso interno encontrado.", + "resourcesTableDestination": "Destino", + "resourcesTableTheseResourcesForUseWith": "Esses recursos são para uso com", + "resourcesTableClients": "Clientes", + "resourcesTableAndOnlyAccessibleInternally": "e são acessíveis apenas internamente quando conectados com um cliente.", + "editInternalResourceDialogEditClientResource": "Editar Recurso do Cliente", + "editInternalResourceDialogUpdateResourceProperties": "Atualize as propriedades do recurso e a configuração do alvo para {resourceName}.", + "editInternalResourceDialogResourceProperties": "Propriedades do Recurso", + "editInternalResourceDialogName": "Nome", + "editInternalResourceDialogProtocol": "Protocolo", + "editInternalResourceDialogSitePort": "Porta do Site", + "editInternalResourceDialogTargetConfiguration": "Configuração do Alvo", + "editInternalResourceDialogDestinationIP": "IP de Destino", + "editInternalResourceDialogDestinationPort": "Porta de Destino", + "editInternalResourceDialogCancel": "Cancelar", + "editInternalResourceDialogSaveResource": "Salvar Recurso", + "editInternalResourceDialogSuccess": "Sucesso", + "editInternalResourceDialogInternalResourceUpdatedSuccessfully": "Recurso interno atualizado com sucesso", + "editInternalResourceDialogError": "Erro", + "editInternalResourceDialogFailedToUpdateInternalResource": "Falha ao atualizar recurso interno", + "editInternalResourceDialogNameRequired": "Nome é obrigatório", + "editInternalResourceDialogNameMaxLength": "Nome deve ser inferior a 255 caracteres", + "editInternalResourceDialogProxyPortMin": "Porta de proxy deve ser pelo menos 1", + "editInternalResourceDialogProxyPortMax": "Porta de proxy deve ser inferior a 65536", + "editInternalResourceDialogInvalidIPAddressFormat": "Formato de endereço IP inválido", + "editInternalResourceDialogDestinationPortMin": "Porta de destino deve ser pelo menos 1", + "editInternalResourceDialogDestinationPortMax": "Porta de destino deve ser inferior a 65536", + "createInternalResourceDialogNoSitesAvailable": "Nenhum Site Disponível", + "createInternalResourceDialogNoSitesAvailableDescription": "Você precisa ter pelo menos um site Newt com uma sub-rede configurada para criar recursos internos.", + "createInternalResourceDialogClose": "Fechar", + "createInternalResourceDialogCreateClientResource": "Criar Recurso do Cliente", + "createInternalResourceDialogCreateClientResourceDescription": "Crie um novo recurso que estará acessível aos clientes conectados ao site selecionado.", + "createInternalResourceDialogResourceProperties": "Propriedades do Recurso", + "createInternalResourceDialogName": "Nome", + "createInternalResourceDialogSite": "Site", + "createInternalResourceDialogSelectSite": "Selecionar site...", + "createInternalResourceDialogSearchSites": "Procurar sites...", + "createInternalResourceDialogNoSitesFound": "Nenhum site encontrado.", + "createInternalResourceDialogProtocol": "Protocolo", + "createInternalResourceDialogTcp": "TCP", + "createInternalResourceDialogUdp": "UDP", + "createInternalResourceDialogSitePort": "Porta do Site", + "createInternalResourceDialogSitePortDescription": "Use esta porta para acessar o recurso no site quando conectado com um cliente.", + "createInternalResourceDialogTargetConfiguration": "Configuração do Alvo", + "createInternalResourceDialogDestinationIP": "IP de Destino", + "createInternalResourceDialogDestinationIPDescription": "O endereço IP do recurso na rede do site.", + "createInternalResourceDialogDestinationPort": "Porta de Destino", + "createInternalResourceDialogDestinationPortDescription": "A porta no IP de destino onde o recurso está acessível.", + "createInternalResourceDialogCancel": "Cancelar", + "createInternalResourceDialogCreateResource": "Criar Recurso", + "createInternalResourceDialogSuccess": "Sucesso", + "createInternalResourceDialogInternalResourceCreatedSuccessfully": "Recurso interno criado com sucesso", + "createInternalResourceDialogError": "Erro", + "createInternalResourceDialogFailedToCreateInternalResource": "Falha ao criar recurso interno", + "createInternalResourceDialogNameRequired": "Nome é obrigatório", + "createInternalResourceDialogNameMaxLength": "Nome deve ser inferior a 255 caracteres", + "createInternalResourceDialogPleaseSelectSite": "Por favor, selecione um site", + "createInternalResourceDialogProxyPortMin": "Porta de proxy deve ser pelo menos 1", + "createInternalResourceDialogProxyPortMax": "Porta de proxy deve ser inferior a 65536", + "createInternalResourceDialogInvalidIPAddressFormat": "Formato de endereço IP inválido", + "createInternalResourceDialogDestinationPortMin": "Porta de destino deve ser pelo menos 1", + "createInternalResourceDialogDestinationPortMax": "Porta de destino deve ser inferior a 65536", + "siteConfiguration": "Configuração", + "siteAcceptClientConnections": "Aceitar Conexões de Clientes", + "siteAcceptClientConnectionsDescription": "Permitir que outros dispositivos se conectem através desta instância Newt como um gateway usando clientes.", + "siteAddress": "Endereço do Site", + "siteAddressDescription": "Especificar o endereço IP do host para que os clientes se conectem. Este é o endereço interno do site na rede Pangolin para os clientes endereçarem. Deve estar dentro da sub-rede da Organização.", + "autoLoginExternalIdp": "Login Automático com IDP Externo", + "autoLoginExternalIdpDescription": "Redirecionar imediatamente o usuário para o IDP externo para autenticação.", + "selectIdp": "Selecionar IDP", + "selectIdpPlaceholder": "Escolher um IDP...", + "selectIdpRequired": "Por favor, selecione um IDP quando o login automático estiver ativado.", + "autoLoginTitle": "Redirecionando", + "autoLoginDescription": "Redirecionando você para o provedor de identidade externo para autenticação.", + "autoLoginProcessing": "Preparando autenticação...", + "autoLoginRedirecting": "Redirecionando para login...", + "autoLoginError": "Erro de Login Automático", + "autoLoginErrorNoRedirectUrl": "Nenhum URL de redirecionamento recebido do provedor de identidade.", + "autoLoginErrorGeneratingUrl": "Falha ao gerar URL de autenticação.", + "managedSelfHosted": { + "title": "Gerenciado Auto-Hospedado", + "description": "Servidor Pangolin auto-hospedado mais confiável e com baixa manutenção com sinos extras e assobiamentos", + "introTitle": "Pangolin Auto-Hospedado Gerenciado", + "introDescription": "é uma opção de implantação projetada para pessoas que querem simplicidade e confiança adicional, mantendo os seus dados privados e auto-hospedados.", + "introDetail": "Com esta opção, você ainda roda seu próprio nó Pangolin — seus túneis, terminação SSL e tráfego todos permanecem no seu servidor. A diferença é que a gestão e a monitorização são geridos através do nosso painel de nuvem, que desbloqueia vários benefícios:", + "benefitSimplerOperations": { + "title": "Operações simples", + "description": "Não é necessário executar o seu próprio servidor de e-mail ou configurar um alerta complexo. Você receberá fora de caixa verificações de saúde e alertas de tempo de inatividade." + }, + "benefitAutomaticUpdates": { + "title": "Atualizações automáticas", + "description": "O painel em nuvem evolui rapidamente, para que você obtenha novos recursos e correções de bugs sem ter de puxar manualmente novos contêineres toda vez." + }, + "benefitLessMaintenance": { + "title": "Menos manutenção", + "description": "Sem migrações, backups ou infraestrutura extra para gerenciar. Lidamos com isso na nuvem." + }, + "benefitCloudFailover": { + "title": "Falha na nuvem", + "description": "Se o seu nó descer, seus túneis podem falhar temporariamente nos nossos pontos de presença na nuvem até que você o traga online." + }, + "benefitHighAvailability": { + "title": "Alta disponibilidade (Ppos)", + "description": "Você também pode anexar vários nós à sua conta para um melhor desempenho." + }, + "benefitFutureEnhancements": { + "title": "Aprimoramentos futuros", + "description": "Estamos planejando adicionar mais análises, alertas e ferramentas de gerenciamento para tornar sua implantação ainda mais robusta." + }, + "docsAlert": { + "text": "Saiba mais sobre a opção Hospedagem Auto-Gerenciada no nosso", + "documentation": "documentação" + }, + "convertButton": "Converter este nó para Auto-Hospedado Gerenciado" + }, + "internationaldomaindetected": "Domínio Internacional Detectado", + "willbestoredas": "Será armazenado como:" +} diff --git a/messages/ru-RU.json b/messages/ru-RU.json new file mode 100644 index 00000000..ffcbe8dc --- /dev/null +++ b/messages/ru-RU.json @@ -0,0 +1,1500 @@ +{ + "setupCreate": "Создайте свою организацию, сайт и ресурсы", + "setupNewOrg": "Новая организация", + "setupCreateOrg": "Создать организацию", + "setupCreateResources": "Создать ресурсы", + "setupOrgName": "Название организации", + "orgDisplayName": "Это отображаемое имя вашей организации.", + "orgId": "ID организации", + "setupIdentifierMessage": "Уникальный идентификатор вашей организации. Он задаётся отдельно от отображаемого имени.", + "setupErrorIdentifier": "ID организации уже занят. Выберите другой.", + "componentsErrorNoMemberCreate": "Вы пока не состоите ни в одной организации. Создайте организацию для начала работы.", + "componentsErrorNoMember": "Вы пока не состоите ни в одной организации.", + "welcome": "Добро пожаловать!", + "welcomeTo": "Добро пожаловать в", + "componentsCreateOrg": "Создать организацию", + "componentsMember": "Вы состоите в {count, plural, =0 {0 организациях} one {# организации} few {# организациях} many {# организациях} other {# организациях}}.", + "componentsInvalidKey": "Обнаружены недействительные или просроченные лицензионные ключи. Соблюдайте условия лицензии для использования всех функций.", + "dismiss": "Отменить", + "componentsLicenseViolation": "Нарушение лицензии: Сервер использует {usedSites} сайтов, что превышает лицензионный лимит в {maxSites} сайтов. Соблюдайте условия лицензии для использования всех функций.", + "componentsSupporterMessage": "Спасибо за поддержку Pangolin в качестве {tier}!", + "inviteErrorNotValid": "Извините, но это приглашение не было принято или срок его действия истёк.", + "inviteErrorUser": "Извините, но приглашение, к которому вы пытаетесь получить доступ, предназначено не для этого пользователя.", + "inviteLoginUser": "Убедитесь, что вы вошли под правильным пользователем.", + "inviteErrorNoUser": "Извините, но похоже, что приглашение, к которому вы пытаетесь получить доступ, предназначено для несуществующего пользователя.", + "inviteCreateUser": "Сначала создайте аккаунт.", + "goHome": "На главную", + "inviteLogInOtherUser": "Войти под другим пользователем", + "createAnAccount": "Создать учётную запись", + "inviteNotAccepted": "Приглашение не принято", + "authCreateAccount": "Создайте учётную запись для начала работы", + "authNoAccount": "Нет учётной записи?", + "email": "Email", + "password": "Пароль", + "confirmPassword": "Подтвердите пароль", + "createAccount": "Создать учётную запись", + "viewSettings": "Посмотреть настройки", + "delete": "Удалить", + "name": "Имя", + "online": "Онлайн", + "offline": "Офлайн", + "site": "Сайт", + "dataIn": "Входящий трафик", + "dataOut": "Исходящий трафик", + "connectionType": "Тип соединения", + "tunnelType": "Тип туннеля", + "local": "Локальный", + "edit": "Редактировать", + "siteConfirmDelete": "Подтвердить удаление сайта", + "siteDelete": "Удалить сайт", + "siteMessageRemove": "После удаления сайт больше не будет доступен. Все ресурсы и целевые узлы, связанные с сайтом, также будут удалены.", + "siteMessageConfirm": "Для подтверждения введите название сайта ниже.", + "siteQuestionRemove": "Вы уверены, что хотите удалить сайт {selectedSite} из организации?", + "siteManageSites": "Управление сайтами", + "siteDescription": "Обеспечьте подключение к вашей сети через защищённые туннели", + "siteCreate": "Создать сайт", + "siteCreateDescription2": "Следуйте инструкциям ниже для создания и подключения нового сайта", + "siteCreateDescription": "Создайте новый сайт для подключения ваших ресурсов", + "close": "Закрыть", + "siteErrorCreate": "Ошибка при создании сайта", + "siteErrorCreateKeyPair": "Пара ключей или настройки сайта по умолчанию не найдены", + "siteErrorCreateDefaults": "Настройки сайта по умолчанию не найдены", + "method": "Метод", + "siteMethodDescription": "Это способ, которым вы будете открывать соединения.", + "siteLearnNewt": "Узнайте, как установить Newt в вашей системе", + "siteSeeConfigOnce": "Вы сможете увидеть конфигурацию только один раз.", + "siteLoadWGConfig": "Загрузка конфигурации WireGuard...", + "siteDocker": "Развернуть для просмотра деталей развертывания Docker", + "toggle": "Переключить", + "dockerCompose": "Docker Compose", + "dockerRun": "Docker Run", + "siteLearnLocal": "Локальные сайты не создают туннели, узнать больше", + "siteConfirmCopy": "Я скопировал(а) конфигурацию", + "searchSitesProgress": "Поиск сайтов...", + "siteAdd": "Добавить сайт", + "siteInstallNewt": "Установить Newt", + "siteInstallNewtDescription": "Запустите Newt в вашей системе", + "WgConfiguration": "Конфигурация WireGuard", + "WgConfigurationDescription": "Используйте следующую конфигурацию для подключения к вашей сети", + "operatingSystem": "Операционная система", + "commands": "Команды", + "recommended": "Рекомендуется", + "siteNewtDescription": "Для лучшего пользовательского опыта используйте Newt. Он использует WireGuard под капотом и позволяет обращаться к вашим приватным ресурсам по их LAN-адресу в вашей частной сети прямо из панели управления Pangolin.", + "siteRunsInDocker": "Работает в Docker", + "siteRunsInShell": "Работает в оболочке на macOS, Linux и Windows", + "siteErrorDelete": "Ошибка при удалении сайта", + "siteErrorUpdate": "Не удалось обновить сайт", + "siteErrorUpdateDescription": "Произошла ошибка при обновлении сайта.", + "siteUpdated": "Сайт обновлён", + "siteUpdatedDescription": "Сайт был успешно обновлён.", + "siteGeneralDescription": "Настройте общие параметры для этого сайта", + "siteSettingDescription": "Настройте параметры вашего сайта", + "siteSetting": "Настройки {siteName}", + "siteNewtTunnel": "Туннель Newt (Рекомендуется)", + "siteNewtTunnelDescription": "Простейший способ создать точку входа в вашу сеть. Дополнительная настройка не требуется.", + "siteWg": "Базовый WireGuard", + "siteWgDescription": "Используйте любой клиент WireGuard для открытия туннеля. Требуется ручная настройка NAT.", + "siteWgDescriptionSaas": "Используйте любой клиент WireGuard для создания туннеля. Требуется ручная настройка NAT. РАБОТАЕТ ТОЛЬКО НА САМОСТОЯТЕЛЬНО РАЗМЕЩЕННЫХ УЗЛАХ", + "siteLocalDescription": "Только локальные ресурсы. Без туннелирования.", + "siteLocalDescriptionSaas": "Только локальные ресурсы. Без туннелирования. РАБОТАЕТ ТОЛЬКО НА САМОСТОЯТЕЛЬНО РАЗМЕЩЕННЫХ УЗЛАХ", + "siteSeeAll": "Просмотреть все сайты", + "siteTunnelDescription": "Выберите способ подключения к вашему сайту", + "siteNewtCredentials": "Учётные данные Newt", + "siteNewtCredentialsDescription": "Так Newt будет выполнять аутентификацию на сервере", + "siteCredentialsSave": "Сохраните ваши учётные данные", + "siteCredentialsSaveDescription": "Вы сможете увидеть эти данные только один раз. Обязательно скопируйте их в безопасное место.", + "siteInfo": "Информация о сайте", + "status": "Статус", + "shareTitle": "Управление общими ссылками", + "shareDescription": "Создавайте общие ссылки для предоставления временного или постоянного доступа к вашим ресурсам", + "shareSearch": "Поиск общих ссылок...", + "shareCreate": "Создать общую ссылку", + "shareErrorDelete": "Не удалось удалить ссылку", + "shareErrorDeleteMessage": "Произошла ошибка при удалении ссылки", + "shareDeleted": "Ссылка удалена", + "shareDeletedDescription": "Ссылка была успешно удалена", + "shareTokenDescription": "Ваш токен доступа может быть передан двумя способами: как параметр запроса или в заголовках запроса. Он должен передаваться клиентом при каждом запросе для аутентификации.", + "accessToken": "Токен доступа", + "usageExamples": "Примеры использования", + "tokenId": "ID токена", + "requestHeades": "Заголовки запроса", + "queryParameter": "Параметр запроса", + "importantNote": "Важное примечание", + "shareImportantDescription": "Из соображений безопасности рекомендуется использовать заголовки вместо параметров запроса, когда это возможно, так как параметры запроса могут сохраняться в логах сервера или истории браузера.", + "token": "Токен", + "shareTokenSecurety": "Храните ваш токен доступа в безопасности. Не делитесь им в общедоступных местах или клиентском коде.", + "shareErrorFetchResource": "Не удалось получить ресурсы", + "shareErrorFetchResourceDescription": "Произошла ошибка при получении ресурсов", + "shareErrorCreate": "Не удалось создать общую ссылку", + "shareErrorCreateDescription": "Произошла ошибка при создании общей ссылки", + "shareCreateDescription": "Любой, у кого есть эта ссылка, может получить доступ к ресурсу", + "shareTitleOptional": "Заголовок (необязательно)", + "expireIn": "Срок действия", + "neverExpire": "Бессрочный доступ", + "shareExpireDescription": "Срок действия - это период, в течение которого ссылка будет работать и предоставлять доступ к ресурсу. После этого времени ссылка перестанет работать, и пользователи, использовавшие эту ссылку, потеряют доступ к ресурсу.", + "shareSeeOnce": "Вы сможете увидеть эту ссылку только один раз. Обязательно скопируйте её.", + "shareAccessHint": "Любой, у кого есть эта ссылка, может получить доступ к ресурсу. Делитесь ею с осторожностью.", + "shareTokenUsage": "Посмотреть использование токена доступа", + "createLink": "Создать ссылку", + "resourcesNotFound": "Ресурсы не найдены", + "resourceSearch": "Поиск ресурсов", + "openMenu": "Открыть меню", + "resource": "Ресурс", + "title": "Заголовок", + "created": "Создан", + "expires": "Истекает", + "never": "Никогда", + "shareErrorSelectResource": "Пожалуйста, выберите ресурс", + "resourceTitle": "Управление ресурсами", + "resourceDescription": "Создавайте защищённые прокси к вашим приватным приложениям", + "resourcesSearch": "Поиск ресурсов...", + "resourceAdd": "Добавить ресурс", + "resourceErrorDelte": "Ошибка при удалении ресурса", + "authentication": "Аутентификация", + "protected": "Защищён", + "notProtected": "Не защищён", + "resourceMessageRemove": "После удаления ресурс больше не будет доступен. Все целевые узлы, связанные с ресурсом, также будут удалены.", + "resourceMessageConfirm": "Для подтверждения введите название ресурса ниже.", + "resourceQuestionRemove": "Вы действительно хотите удалить ресурс {selectedResource} из организации?", + "resourceHTTP": "HTTPS-ресурс", + "resourceHTTPDescription": "Проксирование запросов к вашему приложению через HTTPS с использованием поддомена или базового домена.", + "resourceRaw": "Сырой TCP/UDP-ресурс", + "resourceRawDescription": "Проксирование запросов к вашему приложению через TCP/UDP с использованием по номеру порта.", + "resourceCreate": "Создание ресурса", + "resourceCreateDescription": "Следуйте инструкциям ниже для создания нового ресурса", + "resourceSeeAll": "Посмотреть все ресурсы", + "resourceInfo": "Информация о ресурсе", + "resourceNameDescription": "Отображаемое имя ресурса.", + "siteSelect": "Выберите сайт", + "siteSearch": "Поиск сайта", + "siteNotFound": "Сайт не найден.", + "siteSelectionDescription": "Этот сайт предоставит подключение к цели.", + "resourceType": "Тип ресурса", + "resourceTypeDescription": "Определите, как вы хотите получать доступ к вашему ресурсу", + "resourceHTTPSSettings": "Настройки HTTPS", + "resourceHTTPSSettingsDescription": "Настройте, как будет осуществляться доступ к вашему ресурсу через HTTPS", + "domainType": "Тип домена", + "subdomain": "Поддомен", + "baseDomain": "Базовый домен", + "subdomnainDescription": "Поддомен, на котором будет доступен ресурс.", + "resourceRawSettings": "Настройки TCP/UDP", + "resourceRawSettingsDescription": "Настройте, как будет осуществляться доступ к вашему ресурсу через TCP/UDP", + "protocol": "Протокол", + "protocolSelect": "Выберите протокол", + "resourcePortNumber": "Номер порта", + "resourcePortNumberDescription": "Внешний номер порта для проксирования запросов.", + "cancel": "Отмена", + "resourceConfig": "Фрагменты конфигурации", + "resourceConfigDescription": "Скопируйте и вставьте эти фрагменты конфигурации для настройки вашего TCP/UDP-ресурса", + "resourceAddEntrypoints": "Traefik: Добавить точки входа", + "resourceExposePorts": "Gerbil: Открыть порты в Docker Compose", + "resourceLearnRaw": "Узнайте, как настроить TCP/UDP-ресурсы", + "resourceBack": "Назад к ресурсам", + "resourceGoTo": "Перейти к ресурсу", + "resourceDelete": "Удалить ресурс", + "resourceDeleteConfirm": "Подтвердить удаление", + "visibility": "Видимость", + "enabled": "Включено", + "disabled": "Отключено", + "general": "Общие", + "generalSettings": "Общие настройки", + "proxy": "Прокси", + "internal": "Внутренний", + "rules": "Правила", + "resourceSettingDescription": "Настройте параметры вашего ресурса", + "resourceSetting": "Настройки {resourceName}", + "alwaysAllow": "Всегда разрешать", + "alwaysDeny": "Всегда запрещать", + "passToAuth": "Переход к аутентификации", + "orgSettingsDescription": "Настройте общие параметры вашей организации", + "orgGeneralSettings": "Настройки организации", + "orgGeneralSettingsDescription": "Управляйте данными и конфигурацией вашей организации", + "saveGeneralSettings": "Сохранить общие настройки", + "saveSettings": "Сохранить настройки", + "orgDangerZone": "Опасная зона", + "orgDangerZoneDescription": "Будьте осторожны: удалив организацию, вы не сможете восстановить её.", + "orgDelete": "Удалить организацию", + "orgDeleteConfirm": "Подтвердить удаление", + "orgMessageRemove": "Это действие необратимо и удалит все связанные данные.", + "orgMessageConfirm": "Для подтверждения введите название организации ниже.", + "orgQuestionRemove": "Вы действительно хотите удалить организацию {selectedOrg}?", + "orgUpdated": "Организация обновлена", + "orgUpdatedDescription": "Организация была успешно обновлена.", + "orgErrorUpdate": "Не удалось обновить организацию", + "orgErrorUpdateMessage": "Произошла ошибка при обновлении организации.", + "orgErrorFetch": "Не удалось получить организации", + "orgErrorFetchMessage": "Произошла ошибка при получении списка ваших организаций", + "orgErrorDelete": "Не удалось удалить организацию", + "orgErrorDeleteMessage": "Произошла ошибка при удалении организации.", + "orgDeleted": "Организация удалена", + "orgDeletedMessage": "Организация и её данные были удалены.", + "orgMissing": "Отсутствует ID организации", + "orgMissingMessage": "Невозможно восстановить приглашение без ID организации.", + "accessUsersManage": "Управление пользователями", + "accessUsersDescription": "Приглашайте пользователей и назначайте им роли для управления доступом к вашей организации", + "accessUsersSearch": "Поиск пользователей...", + "accessUserCreate": "Создать пользователя", + "accessUserRemove": "Удалить пользователя", + "username": "Имя пользователя", + "identityProvider": "Identity Provider", + "role": "Роль", + "nameRequired": "Имя обязательно", + "accessRolesManage": "Управление ролями", + "accessRolesDescription": "Настройте роли для управления доступом к вашей организации", + "accessRolesSearch": "Поиск ролей...", + "accessRolesAdd": "Добавить роль", + "accessRoleDelete": "Удалить роль", + "description": "Описание", + "inviteTitle": "Открытые приглашения", + "inviteDescription": "Управляйте вашими приглашениями для других пользователей", + "inviteSearch": "Поиск приглашений...", + "minutes": "мин.", + "hours": "ч.", + "days": "д.", + "weeks": "нед.", + "months": "мес.", + "years": "г.", + "day": "{count, plural, one {# день} few {# дня} many {# дней} other {# дней}}", + "apiKeysTitle": "Информация о ключе API", + "apiKeysConfirmCopy2": "Подтверидте, что вы скопировали ключ API.", + "apiKeysErrorCreate": "Ошибка при создании ключа API", + "apiKeysErrorSetPermission": "Ошибка при установке разрешений", + "apiKeysCreate": "Сгенерировать ключ API", + "apiKeysCreateDescription": "Сгенерируйте новый ключ API для вашей организации", + "apiKeysGeneralSettings": "Разрешения", + "apiKeysGeneralSettingsDescription": "Определите, что может делать этот ключ API", + "apiKeysList": "Ваш ключ API", + "apiKeysSave": "Сохраните ваш ключ API", + "apiKeysSaveDescription": "Вы сможете увидеть этот ключ только один раз. Обязательно скопируйте его в безопасное место.", + "apiKeysInfo": "Ваш ключ API:", + "apiKeysConfirmCopy": "Я скопировал(а) ключ API", + "generate": "Сгенерировать", + "done": "Готово", + "apiKeysSeeAll": "Посмотреть все ключи API", + "apiKeysPermissionsErrorLoadingActions": "Ошибка загрузки действий ключа API", + "apiKeysPermissionsErrorUpdate": "Ошибка установки разрешений", + "apiKeysPermissionsUpdated": "Разрешения обновлены", + "apiKeysPermissionsUpdatedDescription": "Разрешения были успешно обновлены.", + "apiKeysPermissionsGeneralSettings": "Разрешения", + "apiKeysPermissionsGeneralSettingsDescription": "Определите, что может делать этот ключ API", + "apiKeysPermissionsSave": "Сохранить разрешения", + "apiKeysPermissionsTitle": "Разрешения", + "apiKeys": "Ключи API", + "searchApiKeys": "Поиск ключей API...", + "apiKeysAdd": "Сгенерировать ключ API", + "apiKeysErrorDelete": "Ошибка при удалении ключа API", + "apiKeysErrorDeleteMessage": "Не удалось удалить ключ API", + "apiKeysQuestionRemove": "Вы действительно хотите удалить ключ API {selectedApiKey} из организации?", + "apiKeysMessageRemove": "После удаления ключ API больше сможет быть использован.", + "apiKeysMessageConfirm": "Для подтверждения введите название ключа API ниже.", + "apiKeysDeleteConfirm": "Подтвердить удаление", + "apiKeysDelete": "Удаление ключа API", + "apiKeysManage": "Управление ключами API", + "apiKeysDescription": "Ключи API используются для аутентификации в интеграционном API", + "apiKeysSettings": "Настройки {apiKeyName}", + "userTitle": "Управление всеми пользователями", + "userDescription": "Просмотр и управление всеми пользователями в системе", + "userAbount": "Об управлении пользователями", + "userAbountDescription": "В этой таблице отображаются все корневые объекты пользователей в системе. Каждый пользователь может принадлежать нескольким организациям. Удаление пользователя из организации не удаляет его корневой объект - он останется в системе. Чтобы полностью удалить пользователя из системы, вы должны удалить его корневой объект, используя действие удаления в этой таблице.", + "userServer": "Пользователи сервера", + "userSearch": "Поиск пользователей сервера...", + "userErrorDelete": "Ошибка при удалении пользователя", + "userDeleteConfirm": "Подтвердить удаление", + "userDeleteServer": "Удаление пользователя с сервера", + "userMessageRemove": "Пользователь будет удалён из всех организаций и полностью удалён с сервера.", + "userMessageConfirm": "Для подтверждения введите имя пользователя ниже.", + "userQuestionRemove": "Вы действительно хотите навсегда удалить {selectedUser} с сервера?", + "licenseKey": "Лицензионный ключ", + "valid": "Действителен", + "numberOfSites": "Количество сайтов", + "licenseKeySearch": "Поиск лицензионных ключей...", + "licenseKeyAdd": "Добавить лицензионный ключ", + "type": "Тип", + "licenseKeyRequired": "Лицензионный ключ обязателен", + "licenseTermsAgree": "Вы должны согласиться с условиями лицензии", + "licenseErrorKeyLoad": "Не удалось загрузить лицензионные ключи", + "licenseErrorKeyLoadDescription": "Произошла ошибка при загрузке лицензионных ключей.", + "licenseErrorKeyDelete": "Не удалось удалить лицензионный ключ", + "licenseErrorKeyDeleteDescription": "Произошла ошибка при удалении лицензионного ключа.", + "licenseKeyDeleted": "Лицензионный ключ удалён", + "licenseKeyDeletedDescription": "Лицензионный ключ был удалён.", + "licenseErrorKeyActivate": "Не удалось активировать лицензионный ключ", + "licenseErrorKeyActivateDescription": "Произошла ошибка при активации лицензионного ключа.", + "licenseAbout": "О лицензировании", + "communityEdition": "Community Edition", + "licenseAboutDescription": "Это для бизнес и корпоративных пользователей, использующих Pangolin в коммерческой среде. Если вы используете Pangolin для личного использования, вы можете игнорировать этот раздел.", + "licenseKeyActivated": "Лицензионный ключ активирован", + "licenseKeyActivatedDescription": "Лицензионный ключ был успешно активирован.", + "licenseErrorKeyRecheck": "Не удалось перепроверить лицензионные ключи", + "licenseErrorKeyRecheckDescription": "Произошла ошибка при перепроверке лицензионных ключей.", + "licenseErrorKeyRechecked": "Лицензионные ключи перепроверены", + "licenseErrorKeyRecheckedDescription": "Все лицензионные ключи были перепроверены", + "licenseActivateKey": "Активировать лицензионный ключ", + "licenseActivateKeyDescription": "Введите лицензионный ключ для его активации.", + "licenseActivate": "Активировать лицензию", + "licenseAgreement": "Установив этот флажок, вы подтверждаете, что прочитали и согласны с условиями лицензии, соответствующими уровню, связанному с вашим лицензионным ключом.", + "fossorialLicense": "Просмотреть коммерческую лицензию Fossorial и условия подписки", + "licenseMessageRemove": "Это удалит лицензионный ключ и все связанные с ним разрешения.", + "licenseMessageConfirm": "Для подтверждения введите лицензионный ключ ниже.", + "licenseQuestionRemove": "Вы уверены, что хотите удалить лицензионный ключ {selectedKey}?", + "licenseKeyDelete": "Удалить лицензионный ключ", + "licenseKeyDeleteConfirm": "Подтвердить удаление лицензионного ключа", + "licenseTitle": "Управление статусом лицензии", + "licenseTitleDescription": "Просмотр и управление лицензионными ключами в системе", + "licenseHost": "Лицензия хоста", + "licenseHostDescription": "Управление основным лицензионным ключом для хоста.", + "licensedNot": "Не лицензировано", + "hostId": "ID хоста", + "licenseReckeckAll": "Перепроверить все ключи", + "licenseSiteUsage": "Использование сайтов", + "licenseSiteUsageDecsription": "Просмотр количества сайтов, использующих эту лицензию.", + "licenseNoSiteLimit": "Нет ограничения на количество сайтов при использовании нелицензированного хоста.", + "licensePurchase": "Приобрести лицензию", + "licensePurchaseSites": "Приобрести дополнительные сайты", + "licenseSitesUsedMax": "Использовано сайтов: {usedSites} из {maxSites}", + "licenseSitesUsed": "{count, plural, =0 {0 сайтов} one {# сайт} few {# сайта} many {# сайтов} other {# сайтов}} в системе.", + "licensePurchaseDescription": "Выберите, для скольких сайтов вы хотите {selectedMode, select, license {приобрести лицензию. Вы всегда можете добавить больше сайтов позже.} other {добавить к существующей лицензии.}}", + "licenseFee": "Лицензионный сбор", + "licensePriceSite": "Цена за сайт", + "total": "Итого", + "licenseContinuePayment": "Перейти к оплате", + "pricingPage": "страница цен", + "pricingPortal": "Посмотреть портал покупок", + "licensePricingPage": "Для актуальных цен и скидок посетите ", + "invite": "Приглашения", + "inviteRegenerate": "Пересоздать приглашение", + "inviteRegenerateDescription": "Отозвать предыдущее приглашение и создать новое", + "inviteRemove": "Удалить приглашение", + "inviteRemoveError": "Не удалось удалить приглашение", + "inviteRemoveErrorDescription": "Произошла ошибка при удалении приглашения.", + "inviteRemoved": "Приглашение удалено", + "inviteRemovedDescription": "Приглашение для {email} было удалено.", + "inviteQuestionRemove": "Вы уверены, что хотите удалить приглашение {email}?", + "inviteMessageRemove": "После удаления это приглашение больше не будет действительным. Вы всегда можете пригласить пользователя заново.", + "inviteMessageConfirm": "Для подтверждения введите email адрес приглашения ниже.", + "inviteQuestionRegenerate": "Вы уверены, что хотите пересоздать приглашение для {email}? Это отзовёт предыдущее приглашение.", + "inviteRemoveConfirm": "Подтвердить удаление приглашения", + "inviteRegenerated": "Приглашение пересоздано", + "inviteSent": "Новое приглашение отправлено {email}.", + "inviteSentEmail": "Отправить email уведомление пользователю", + "inviteGenerate": "Новое приглашение создано для {email}.", + "inviteDuplicateError": "Дублирующее приглашение", + "inviteDuplicateErrorDescription": "Приглашение для этого пользователя уже существует.", + "inviteRateLimitError": "Превышен лимит запросов", + "inviteRateLimitErrorDescription": "Вы превысили лимит в 3 пересоздания в час. Попробуйте позже.", + "inviteRegenerateError": "Не удалось пересоздать приглашение", + "inviteRegenerateErrorDescription": "Произошла ошибка при пересоздании приглашения.", + "inviteValidityPeriod": "Период действия", + "inviteValidityPeriodSelect": "Выберите период действия", + "inviteRegenerateMessage": "Приглашение было пересоздано. Пользователь должен перейти по ссылке ниже для принятия приглашения.", + "inviteRegenerateButton": "Пересоздать", + "expiresAt": "Истекает", + "accessRoleUnknown": "Неизвестная роль", + "placeholder": "Заполнитель", + "userErrorOrgRemove": "Не удалось удалить пользователя", + "userErrorOrgRemoveDescription": "Произошла ошибка при удалении пользователя.", + "userOrgRemoved": "Пользователь удалён", + "userOrgRemovedDescription": "Пользователь {email} был удалён из организации.", + "userQuestionOrgRemove": "Вы уверены, что хотите удалить {email} из организации?", + "userMessageOrgRemove": "После удаления этот пользователь больше не будет иметь доступ к организации. Вы всегда можете пригласить его заново, но ему нужно будет снова принять приглашение.", + "userMessageOrgConfirm": "Для подтверждения введите имя пользователя ниже.", + "userRemoveOrgConfirm": "Подтвердить удаление пользователя", + "userRemoveOrg": "Удалить пользователя из организации", + "users": "Пользователи", + "accessRoleMember": "Участник", + "accessRoleOwner": "Владелец", + "userConfirmed": "Подтверждён", + "idpNameInternal": "Внутренний", + "emailInvalid": "Неверный адрес Email", + "inviteValidityDuration": "Пожалуйста, выберите продолжительность", + "accessRoleSelectPlease": "Пожалуйста, выберите роль", + "usernameRequired": "Имя пользователя обязательно", + "idpSelectPlease": "Пожалуйста, выберите Identity Provider", + "idpGenericOidc": "Обычный OAuth2/OIDC provider.", + "accessRoleErrorFetch": "Не удалось получить роли", + "accessRoleErrorFetchDescription": "Произошла ошибка при получении ролей", + "idpErrorFetch": "Не удалось получить идентификатор провайдера", + "idpErrorFetchDescription": "Произошла ошибка при получении поставщиков удостоверений", + "userErrorExists": "Пользователь уже существует", + "userErrorExistsDescription": "Этот пользователь уже является участником организации.", + "inviteError": "Не удалось пригласить пользователя", + "inviteErrorDescription": "Произошла ошибка при приглашении пользователя", + "userInvited": "Пользователь приглашён", + "userInvitedDescription": "Пользователь был успешно приглашён.", + "userErrorCreate": "Не удалось создать пользователя", + "userErrorCreateDescription": "Произошла ошибка при создании пользователя", + "userCreated": "Пользователь создан", + "userCreatedDescription": "Пользователь был успешно создан.", + "userTypeInternal": "Внутренний пользователь", + "userTypeInternalDescription": "Пригласите пользователя напрямую в вашу организацию.", + "userTypeExternal": "Внешний пользователь", + "userTypeExternalDescription": "Создайте пользователя через внешний Identity Provider.", + "accessUserCreateDescription": "Следуйте инструкциям ниже для создания нового пользователя", + "userSeeAll": "Просмотр всех пользователей", + "userTypeTitle": "Тип пользователя", + "userTypeDescription": "Выберите способ создание пользователя", + "userSettings": "Информация о пользователе", + "userSettingsDescription": "Введите сведения о новом пользователе", + "inviteEmailSent": "Отправить приглашение по Email", + "inviteValid": "Действительно", + "selectDuration": "Укажите срок действия", + "accessRoleSelect": "Выберите роль", + "inviteEmailSentDescription": "Email был отправлен пользователю со ссылкой доступа ниже. Он должен перейти по ссылке для принятия приглашения.", + "inviteSentDescription": "Пользователь был приглашён. Он должен перейти по ссылке ниже для принятия приглашения.", + "inviteExpiresIn": "Приглашение истечёт через {days, plural, one {# день} few {# дня} many {# дней} other {# дней}}.", + "idpTitle": "Поставщик удостоверений", + "idpSelect": "Выберите поставщика удостоверений для внешнего пользователя", + "idpNotConfigured": "Поставщики удостоверений не настроены. Пожалуйста, настройте поставщика удостоверений перед созданием внешних пользователей.", + "usernameUniq": "Это должно соответствовать уникальному имени пользователя, существующему в выбранном поставщике удостоверений.", + "emailOptional": "Email (необязательно)", + "nameOptional": "Имя (необязательно)", + "accessControls": "Контроль доступа", + "userDescription2": "Управление настройками этого пользователя", + "accessRoleErrorAdd": "Не удалось добавить пользователя в роль", + "accessRoleErrorAddDescription": "Произошла ошибка при добавлении пользователя в роль.", + "userSaved": "Пользователь сохранён", + "userSavedDescription": "Пользователь был обновлён.", + "accessControlsDescription": "Управляйте тем, к чему этот пользователь может получить доступ и что делать в организации", + "accessControlsSubmit": "Сохранить контроль доступа", + "roles": "Роли", + "accessUsersRoles": "Управление пользователями и ролями", + "accessUsersRolesDescription": "Приглашайте пользователей и добавляйте их в роли для управления доступом к вашей организации", + "key": "Ключ", + "createdAt": "Создано в", + "proxyErrorInvalidHeader": "Неверное значение пользовательского заголовка Host. Используйте формат доменного имени или оставьте пустым для сброса пользовательского заголовка Host.", + "proxyErrorTls": "Неверное имя TLS сервера. Используйте формат доменного имени или оставьте пустым для удаления имени TLS сервера.", + "proxyEnableSSL": "Включить SSL (https)", + "targetErrorFetch": "Не удалось получить цели", + "targetErrorFetchDescription": "Произошла ошибка при получении целей", + "siteErrorFetch": "Не удалось получить ресурс", + "siteErrorFetchDescription": "Произошла ошибка при получении ресурса", + "targetErrorDuplicate": "Дублирующая цель", + "targetErrorDuplicateDescription": "Цель с такими настройками уже существует", + "targetWireGuardErrorInvalidIp": "Неверный IP цели", + "targetWireGuardErrorInvalidIpDescription": "IP цели должен быть в пределах подсети сайта", + "targetsUpdated": "Цели обновлены", + "targetsUpdatedDescription": "Цели и настройки успешно обновлены", + "targetsErrorUpdate": "Не удалось обновить цели", + "targetsErrorUpdateDescription": "Произошла ошибка при обновлении целей", + "targetTlsUpdate": "Настройки TLS обновлены", + "targetTlsUpdateDescription": "Ваши настройки TLS были успешно обновлены", + "targetErrorTlsUpdate": "Не удалось обновить настройки TLS", + "targetErrorTlsUpdateDescription": "Произошла ошибка при обновлении настроек TLS", + "proxyUpdated": "Настройки прокси обновлены", + "proxyUpdatedDescription": "Ваши настройки прокси были успешно обновлены", + "proxyErrorUpdate": "Не удалось обновить настройки прокси", + "proxyErrorUpdateDescription": "Произошла ошибка при обновлении настроек прокси", + "targetAddr": "IP / Имя хоста", + "targetPort": "Порт", + "targetProtocol": "Протокол", + "targetTlsSettings": "Конфигурация безопасного соединения", + "targetTlsSettingsDescription": "Настройте параметры SSL/TLS для вашего ресурса", + "targetTlsSettingsAdvanced": "Расширенные настройки TLS", + "targetTlsSni": "Имя TLS сервера (SNI)", + "targetTlsSniDescription": "Имя TLS сервера для использования в SNI. Оставьте пустым для использования по умолчанию.", + "targetTlsSubmit": "Сохранить настройки", + "targets": "Конфигурация целей", + "targetsDescription": "Настройте цели для маршрутизации трафика к вашим бэкэнд сервисам", + "targetStickySessions": "Включить фиксированные сессии", + "targetStickySessionsDescription": "Сохранять соединения на одной и той же целевой точке в течение всей сессии.", + "methodSelect": "Выберите метод", + "targetSubmit": "Добавить цель", + "targetNoOne": "Нет целей. Добавьте цель с помощью формы.", + "targetNoOneDescription": "Добавление более одной цели выше включит балансировку нагрузки.", + "targetsSubmit": "Сохранить цели", + "proxyAdditional": "Дополнительные настройки прокси", + "proxyAdditionalDescription": "Настройте, как ваш ресурс обрабатывает настройки прокси", + "proxyCustomHeader": "Пользовательский заголовок Host", + "proxyCustomHeaderDescription": "Заголовок host для установки при проксировании запросов. Оставьте пустым для использования по умолчанию.", + "proxyAdditionalSubmit": "Сохранить настройки прокси", + "subnetMaskErrorInvalid": "Неверная маска подсети. Должна быть между 0 и 32.", + "ipAddressErrorInvalidFormat": "Неверный формат IP адреса", + "ipAddressErrorInvalidOctet": "Неверный октет IP адреса", + "path": "Путь", + "ipAddressRange": "Диапазон IP", + "rulesErrorFetch": "Не удалось получить правила", + "rulesErrorFetchDescription": "Произошла ошибка при получении правил", + "rulesErrorDuplicate": "Дублирующее правило", + "rulesErrorDuplicateDescription": "Правило с такими настройками уже существует", + "rulesErrorInvalidIpAddressRange": "Неверный CIDR", + "rulesErrorInvalidIpAddressRangeDescription": "Пожалуйста, введите корректное значение CIDR", + "rulesErrorInvalidUrl": "Неверный URL путь", + "rulesErrorInvalidUrlDescription": "Пожалуйста, введите корректное значение URL пути", + "rulesErrorInvalidIpAddress": "Неверный IP", + "rulesErrorInvalidIpAddressDescription": "Пожалуйста, введите корректный IP адрес", + "rulesErrorUpdate": "Не удалось обновить правила", + "rulesErrorUpdateDescription": "Произошла ошибка при обновлении правил", + "rulesUpdated": "Включить правила", + "rulesUpdatedDescription": "Оценка правил была обновлена", + "rulesMatchIpAddressRangeDescription": "Введите адрес в формате CIDR (например, 103.21.244.0/22)", + "rulesMatchIpAddress": "Введите IP адрес (например, 103.21.244.12)", + "rulesMatchUrl": "Введите URL путь или шаблон (например, /api/v1/todos или /api/v1/*)", + "rulesErrorInvalidPriority": "Неверный приоритет", + "rulesErrorInvalidPriorityDescription": "Пожалуйста, введите корректный приоритет", + "rulesErrorDuplicatePriority": "Дублирующие приоритеты", + "rulesErrorDuplicatePriorityDescription": "Пожалуйста, введите уникальные приоритеты", + "ruleUpdated": "Правила обновлены", + "ruleUpdatedDescription": "Правила успешно обновлены", + "ruleErrorUpdate": "Операция не удалась", + "ruleErrorUpdateDescription": "Произошла ошибка во время операции сохранения", + "rulesPriority": "Приоритет", + "rulesAction": "Действие", + "rulesMatchType": "Тип совпадения", + "value": "Значение", + "rulesAbout": "О правилах", + "rulesAboutDescription": "Правила позволяют контролировать доступ к вашему ресурсу на основе набора критериев. Вы можете создавать правила для разрешения или запрета доступа на основе IP адреса или URL пути.", + "rulesActions": "Действия", + "rulesActionAlwaysAllow": "Всегда разрешать: Обойти все методы аутентификации", + "rulesActionAlwaysDeny": "Всегда запрещать: Блокировать все запросы; аутентификация не может быть выполнена", + "rulesActionPassToAuth": "Переход к аутентификации: Разрешить попытки методов аутентификации", + "rulesMatchCriteria": "Критерии совпадения", + "rulesMatchCriteriaIpAddress": "Совпадение с конкретным IP адресом", + "rulesMatchCriteriaIpAddressRange": "Совпадение с диапазоном IP адресов в нотации CIDR", + "rulesMatchCriteriaUrl": "Совпадение с URL путём или шаблоном", + "rulesEnable": "Включить правила", + "rulesEnableDescription": "Включить или отключить проверку правил для этого ресурса", + "rulesResource": "Конфигурация правил ресурса", + "rulesResourceDescription": "Настройте правила для контроля доступа к вашему ресурсу", + "ruleSubmit": "Добавить правило", + "rulesNoOne": "Нет правил. Добавьте правило с помощью формы.", + "rulesOrder": "Правила оцениваются по приоритету в возрастающем порядке.", + "rulesSubmit": "Сохранить правила", + "resourceErrorCreate": "Ошибка при создании ресурса", + "resourceErrorCreateDescription": "Произошла ошибка при создании ресурса", + "resourceErrorCreateMessage": "Ошибка создания ресурса:", + "resourceErrorCreateMessageDescription": "Произошла неизвестная ошибка.", + "sitesErrorFetch": "Ошибка при получении сайтов", + "sitesErrorFetchDescription": "Произошла ошибка при получении сайтов", + "domainsErrorFetch": "Ошибка при получении доменов", + "domainsErrorFetchDescription": "Произошла ошибка при получении доменов", + "none": "Нет", + "unknown": "Неизвестно", + "resources": "Ресурсы", + "resourcesDescription": "Ресурсы - это прокси к приложениям, работающим в вашей частной сети. Создайте ресурс для любого HTTP/HTTPS или сырого TCP/UDP сервиса в вашей частной сети. Каждый ресурс должен быть подключен к сайту для обеспечения приватного, безопасного соединения через зашифрованный туннель WireGuard.", + "resourcesWireGuardConnect": "Безопасное соединение с шифрованием WireGuard", + "resourcesMultipleAuthenticationMethods": "Настройка нескольких методов аутентификации", + "resourcesUsersRolesAccess": "Контроль доступа на основе пользователей и ролей", + "resourcesErrorUpdate": "Не удалось переключить ресурс", + "resourcesErrorUpdateDescription": "Произошла ошибка при обновлении ресурса", + "access": "Доступ", + "shareLink": "Общая ссылка {resource}", + "resourceSelect": "Выберите ресурс", + "shareLinks": "Общие ссылки", + "share": "Общие ссылки", + "shareDescription2": "Создавайте общие ссылки к вашим ресурсам. Ссылки предоставляют временный или неограниченный доступ к вашему ресурсу. Вы можете настроить время истечения ссылки при её создании.", + "shareEasyCreate": "Легко создавать и делиться", + "shareConfigurableExpirationDuration": "Настраиваемая продолжительность истечения", + "shareSecureAndRevocable": "Безопасные и отзываемые", + "nameMin": "Имя должно быть не менее {len} символов.", + "nameMax": "Имя не должно быть длиннее {len} символов.", + "sitesConfirmCopy": "Пожалуйста, подтвердите, что вы скопировали конфигурацию.", + "unknownCommand": "Неизвестная команда", + "newtErrorFetchReleases": "Не удалось получить информацию о релизе: {err}", + "newtErrorFetchLatest": "Ошибка при получении последнего релиза: {err}", + "newtEndpoint": "Конечная точка Newt", + "newtId": "Newt ID", + "newtSecretKey": "Секретный ключ Newt", + "architecture": "Архитектура", + "sites": "Сайты", + "siteWgAnyClients": "Используйте любой клиент WireGuard для подключения. Вам придётся обращаться к вашим внутренним ресурсам, используя IP узла.", + "siteWgCompatibleAllClients": "Совместим со всеми клиентами WireGuard", + "siteWgManualConfigurationRequired": "Требуется ручная настройка", + "userErrorNotAdminOrOwner": "Пользователь не является администратором или владельцем", + "pangolinSettings": "Настройки - Pangolin", + "accessRoleYour": "Ваша роль:", + "accessRoleSelect2": "Выберите роль", + "accessUserSelect": "Выберите пользователя", + "otpEmailEnter": "Введите email", + "otpEmailEnterDescription": "Нажмите enter для добавления email после ввода в поле.", + "otpEmailErrorInvalid": "Неверный email адрес. Подстановочный знак (*) должен быть всей локальной частью.", + "otpEmailSmtpRequired": "Требуется SMTP", + "otpEmailSmtpRequiredDescription": "SMTP должен быть включён на сервере для использования аутентификации с одноразовым паролем.", + "otpEmailTitle": "Одноразовые пароли", + "otpEmailTitleDescription": "Требовать аутентификацию на основе email для доступа к ресурсу", + "otpEmailWhitelist": "Белый список email", + "otpEmailWhitelistList": "Email адреса в белом списке", + "otpEmailWhitelistListDescription": "Только пользователи с этими email адресами смогут получить доступ к этому ресурсу. Им будет предложено ввести одноразовый пароль, отправленный на их email. Можно использовать подстановочные знаки (*@example.com) для разрешения любого email адреса с домена.", + "otpEmailWhitelistSave": "Сохранить белый список", + "passwordAdd": "Добавить пароль", + "passwordRemove": "Удалить пароль", + "pincodeAdd": "Добавить PIN-код", + "pincodeRemove": "Удалить PIN-код", + "resourceAuthMethods": "Методы аутентификации", + "resourceAuthMethodsDescriptions": "Разрешить доступ к ресурсу через дополнительные методы аутентификации", + "resourceAuthSettingsSave": "Успешно сохранено", + "resourceAuthSettingsSaveDescription": "Настройки аутентификации сохранены", + "resourceErrorAuthFetch": "Не удалось получить данные", + "resourceErrorAuthFetchDescription": "Произошла ошибка при получении данных", + "resourceErrorPasswordRemove": "Ошибка при удалении пароля ресурса", + "resourceErrorPasswordRemoveDescription": "Произошла ошибка при удалении пароля ресурса", + "resourceErrorPasswordSetup": "Ошибка при установке пароля ресурса", + "resourceErrorPasswordSetupDescription": "Произошла ошибка при установке пароля ресурса", + "resourceErrorPincodeRemove": "Ошибка при удалении PIN-кода ресурса", + "resourceErrorPincodeRemoveDescription": "Произошла ошибка при удалении PIN-кода ресурса", + "resourceErrorPincodeSetup": "Ошибка при установке PIN-кода ресурса", + "resourceErrorPincodeSetupDescription": "Произошла ошибка при установке PIN-кода ресурса", + "resourceErrorUsersRolesSave": "Не удалось установить роли", + "resourceErrorUsersRolesSaveDescription": "Произошла ошибка при установке ролей", + "resourceErrorWhitelistSave": "Не удалось сохранить белый список", + "resourceErrorWhitelistSaveDescription": "Произошла ошибка при сохранении белого списка", + "resourcePasswordSubmit": "Включить защиту паролем", + "resourcePasswordProtection": "Защита паролем {status}", + "resourcePasswordRemove": "Пароль ресурса удалён", + "resourcePasswordRemoveDescription": "Пароль ресурса был успешно удалён", + "resourcePasswordSetup": "Пароль ресурса установлен", + "resourcePasswordSetupDescription": "Пароль ресурса был успешно установлен", + "resourcePasswordSetupTitle": "Установить пароль", + "resourcePasswordSetupTitleDescription": "Установите пароль для защиты этого ресурса", + "resourcePincode": "PIN-код", + "resourcePincodeSubmit": "Включить защиту PIN-кодом", + "resourcePincodeProtection": "Защита PIN-кодом {status}", + "resourcePincodeRemove": "PIN-код ресурса удалён", + "resourcePincodeRemoveDescription": "PIN-код ресурса был успешно удалён", + "resourcePincodeSetup": "PIN-код ресурса установлен", + "resourcePincodeSetupDescription": "PIN-код ресурса был успешно установлен", + "resourcePincodeSetupTitle": "Установить PIN-код", + "resourcePincodeSetupTitleDescription": "Установите PIN-код для защиты этого ресурса", + "resourceRoleDescription": "Администраторы всегда имеют доступ к этому ресурсу.", + "resourceUsersRoles": "Пользователи и роли", + "resourceUsersRolesDescription": "Выберите пользователей и роли с доступом к этому ресурсу", + "resourceUsersRolesSubmit": "Сохранить пользователей и роли", + "resourceWhitelistSave": "Успешно сохранено", + "resourceWhitelistSaveDescription": "Настройки белого списка были сохранены", + "ssoUse": "Использовать Platform SSO", + "ssoUseDescription": "Существующим пользователям нужно будет войти только один раз для всех ресурсов с включенной этой опцией.", + "proxyErrorInvalidPort": "Неверный номер порта", + "subdomainErrorInvalid": "Неверный поддомен", + "domainErrorFetch": "Ошибка при получении доменов", + "domainErrorFetchDescription": "Произошла ошибка при получении доменов", + "resourceErrorUpdate": "Не удалось обновить ресурс", + "resourceErrorUpdateDescription": "Произошла ошибка при обновлении ресурса", + "resourceUpdated": "Ресурс обновлён", + "resourceUpdatedDescription": "Ресурс был успешно обновлён", + "resourceErrorTransfer": "Не удалось перенести ресурс", + "resourceErrorTransferDescription": "Произошла ошибка при переносе ресурса", + "resourceTransferred": "Ресурс перенесён", + "resourceTransferredDescription": "Ресурс был успешно перенесён", + "resourceErrorToggle": "Не удалось переключить ресурс", + "resourceErrorToggleDescription": "Произошла ошибка при обновлении ресурса", + "resourceVisibilityTitle": "Видимость", + "resourceVisibilityTitleDescription": "Включите или отключите видимость ресурса", + "resourceGeneral": "Общие настройки", + "resourceGeneralDescription": "Настройте общие параметры этого ресурса", + "resourceEnable": "Ресурс активен", + "resourceTransfer": "Перенести ресурс", + "resourceTransferDescription": "Перенесите этот ресурс на другой сайт", + "resourceTransferSubmit": "Перенести ресурс", + "siteDestination": "Новый сайт для ресурса", + "searchSites": "Поиск сайтов", + "accessRoleCreate": "Создание роли", + "accessRoleCreateDescription": "Создайте новую роль для группы пользователей и выдавайте им разрешения.", + "accessRoleCreateSubmit": "Создать роль", + "accessRoleCreated": "Роль создана", + "accessRoleCreatedDescription": "Роль была успешно создана.", + "accessRoleErrorCreate": "Не удалось создать роль", + "accessRoleErrorCreateDescription": "Произошла ошибка при создании роли.", + "accessRoleErrorNewRequired": "Новая роль обязательна", + "accessRoleErrorRemove": "Не удалось удалить роль", + "accessRoleErrorRemoveDescription": "Произошла ошибка при удалении роли.", + "accessRoleName": "Название роли", + "accessRoleQuestionRemove": "Вы собираетесь удалить роль {name}. Это действие нельзя отменить.", + "accessRoleRemove": "Удалить роль", + "accessRoleRemoveDescription": "Удалить роль из организации", + "accessRoleRemoveSubmit": "Удалить роль", + "accessRoleRemoved": "Роль удалена", + "accessRoleRemovedDescription": "Роль была успешно удалена.", + "accessRoleRequiredRemove": "Перед удалением этой роли выберите новую роль для переноса существующих участников.", + "manage": "Управление", + "sitesNotFound": "Сайты не найдены.", + "pangolinServerAdmin": "Администратор сервера - Pangolin", + "licenseTierProfessional": "Профессиональная лицензия", + "licenseTierEnterprise": "Корпоративная лицензия", + "licenseTierCommercial": "Коммерческая лицензия", + "licensed": "Лицензировано", + "yes": "Да", + "no": "Нет", + "sitesAdditional": "Дополнительные сайты", + "licenseKeys": "Лицензионные ключи", + "sitestCountDecrease": "Уменьшить количество сайтов", + "sitestCountIncrease": "Увеличить количество сайтов", + "idpManage": "Управление поставщиками удостоверений", + "idpManageDescription": "Просмотр и управление поставщиками удостоверений в системе", + "idpDeletedDescription": "Поставщик удостоверений успешно удалён", + "idpOidc": "OAuth2/OIDC", + "idpQuestionRemove": "Вы уверены, что хотите навсегда удалить поставщика удостоверений {name}?", + "idpMessageRemove": "Это удалит поставщика удостоверений и все связанные конфигурации. Пользователи, которые аутентифицируются через этого поставщика, больше не смогут войти.", + "idpMessageConfirm": "Для подтверждения введите имя поставщика удостоверений ниже.", + "idpConfirmDelete": "Подтвердить удаление поставщика удостоверений", + "idpDelete": "Удалить поставщика удостоверений", + "idp": "Поставщики удостоверений", + "idpSearch": "Поиск поставщиков удостоверений...", + "idpAdd": "Добавить поставщика удостоверений", + "idpClientIdRequired": "ID клиента обязателен.", + "idpClientSecretRequired": "Требуется секретный пароль клиента.", + "idpErrorAuthUrlInvalid": "URL авторизации должен быть корректным URL.", + "idpErrorTokenUrlInvalid": "URL токена должен быть корректным URL.", + "idpPathRequired": "Путь идентификатора обязателен.", + "idpScopeRequired": "Области действия обязательны.", + "idpOidcDescription": "Настройте поставщика удостоверений OpenID Connect", + "idpCreatedDescription": "Поставщик удостоверений успешно создан", + "idpCreate": "Создать поставщика удостоверений", + "idpCreateDescription": "Настройте нового поставщика удостоверений для аутентификации пользователей", + "idpSeeAll": "Посмотреть всех поставщиков удостоверений", + "idpSettingsDescription": "Настройте базовую информацию для вашего поставщика удостоверений", + "idpDisplayName": "Отображаемое имя для этого поставщика удостоверений", + "idpAutoProvisionUsers": "Автоматическое создание пользователей", + "idpAutoProvisionUsersDescription": "При включении пользователи будут автоматически создаваться в системе при первом входе с возможностью сопоставления пользователей с ролями и организациями.", + "licenseBadge": "Профессиональная", + "idpType": "Тип поставщика", + "idpTypeDescription": "Выберите тип поставщика удостоверений, который вы хотите настроить", + "idpOidcConfigure": "Конфигурация OAuth2/OIDC", + "idpOidcConfigureDescription": "Настройте конечные точки и учётные данные поставщика OAuth2/OIDC", + "idpClientId": "ID клиента", + "idpClientIdDescription": "OAuth2 ID клиента от вашего поставщика удостоверений", + "idpClientSecret": "Секрет клиента", + "idpClientSecretDescription": "OAuth2 секрет клиента от вашего поставщика удостоверений", + "idpAuthUrl": "URL авторизации", + "idpAuthUrlDescription": "URL конечной точки авторизации OAuth2", + "idpTokenUrl": "URL токена", + "idpTokenUrlDescription": "URL конечной точки токена OAuth2", + "idpOidcConfigureAlert": "Важная информация", + "idpOidcConfigureAlertDescription": "После создания поставщика удостоверений вам нужно будет настроить URL обратного вызова в настройках вашего поставщика удостоверений. URL обратного вызова будет предоставлен после успешного создания.", + "idpToken": "Конфигурация токена", + "idpTokenDescription": "Настройте, как извлекать информацию о пользователе из ID токена", + "idpJmespathAbout": "О JMESPath", + "idpJmespathAboutDescription": "Пути ниже используют синтаксис JMESPath для извлечения значений из ID токена.", + "idpJmespathAboutDescriptionLink": "Узнать больше о JMESPath", + "idpJmespathLabel": "Путь идентификатора", + "idpJmespathLabelDescription": "Путь к идентификатору пользователя в ID токене", + "idpJmespathEmailPathOptional": "Путь к email (необязательно)", + "idpJmespathEmailPathOptionalDescription": "Путь к email пользователя в ID токене", + "idpJmespathNamePathOptional": "Путь к имени (необязательно)", + "idpJmespathNamePathOptionalDescription": "Путь к имени пользователя в ID токене", + "idpOidcConfigureScopes": "Области действия", + "idpOidcConfigureScopesDescription": "Список областей OAuth2, разделённых пробелами", + "idpSubmit": "Создать поставщика удостоверений", + "orgPolicies": "Политики организации", + "idpSettings": "Настройки {idpName}", + "idpCreateSettingsDescription": "Настройте параметры для вашего поставщика удостоверений", + "roleMapping": "Сопоставление ролей", + "orgMapping": "Сопоставление организаций", + "orgPoliciesSearch": "Поиск политик организации...", + "orgPoliciesAdd": "Добавить политику организации", + "orgRequired": "Организация обязательна", + "error": "Ошибка", + "success": "Успешно", + "orgPolicyAddedDescription": "Политика успешно добавлена", + "orgPolicyUpdatedDescription": "Политика успешно обновлена", + "orgPolicyDeletedDescription": "Политика успешно удалена", + "defaultMappingsUpdatedDescription": "Сопоставления по умолчанию успешно обновлены", + "orgPoliciesAbout": "О политиках организации", + "orgPoliciesAboutDescription": "Политики организации используются для контроля доступа к организациям на основе ID токена пользователя. Вы можете указать выражения JMESPath для извлечения информации о роли и организации из ID токена.", + "orgPoliciesAboutDescriptionLink": "См. документацию для получения дополнительной информации.", + "defaultMappingsOptional": "Сопоставления по умолчанию (необязательно)", + "defaultMappingsOptionalDescription": "Сопоставления по умолчанию используются, когда для организации не определена политика организации. Здесь вы можете указать сопоставления ролей и организаций по умолчанию.", + "defaultMappingsRole": "Сопоставление ролей по умолчанию", + "defaultMappingsRoleDescription": "Результат этого выражения должен возвращать имя роли, как определено в организации, в виде строки.", + "defaultMappingsOrg": "Сопоставление организаций по умолчанию", + "defaultMappingsOrgDescription": "Это выражение должно возвращать ID организации или true для разрешения доступа пользователя к организации.", + "defaultMappingsSubmit": "Сохранить сопоставления по умолчанию", + "orgPoliciesEdit": "Редактировать политику организации", + "org": "Организация", + "orgSelect": "Выберите организацию", + "orgSearch": "Поиск организации", + "orgNotFound": "Организация не найдена.", + "roleMappingPathOptional": "Путь сопоставления ролей (необязательно)", + "orgMappingPathOptional": "Путь сопоставления организаций (необязательно)", + "orgPolicyUpdate": "Обновить политику", + "orgPolicyAdd": "Добавить политику", + "orgPolicyConfig": "Настроить доступ для организации", + "idpUpdatedDescription": "Поставщик удостоверений успешно обновлён", + "redirectUrl": "URL редиректа", + "redirectUrlAbout": "О редиректе URL", + "redirectUrlAboutDescription": "Это URL, на который пользователи будут перенаправлены после аутентификации. Вам нужно настроить этот URL в настройках вашего поставщика удостоверений.", + "pangolinAuth": "Аутентификация - Pangolin", + "verificationCodeLengthRequirements": "Ваш код подтверждения должен состоять из 8 символов.", + "errorOccurred": "Произошла ошибка", + "emailErrorVerify": "Не удалось подтвердить email:", + "emailVerified": "Email успешно подтверждён! Перенаправляем вас...", + "verificationCodeErrorResend": "Не удалось повторно отправить код подтверждения:", + "verificationCodeResend": "Код подтверждения отправлен повторно", + "verificationCodeResendDescription": "Мы повторно отправили код подтверждения на ваш email адрес. Пожалуйста, проверьте вашу почту.", + "emailVerify": "Подтвердить email", + "emailVerifyDescription": "Введите код подтверждения, отправленный на ваш email адрес.", + "verificationCode": "Код подтверждения", + "verificationCodeEmailSent": "Мы отправили код подтверждения на ваш email адрес.", + "submit": "Отправить", + "emailVerifyResendProgress": "Отправка повторно...", + "emailVerifyResend": "Не получили код? Нажмите здесь для повторной отправки", + "passwordNotMatch": "Пароли не совпадают", + "signupError": "Произошла ошибка при регистрации", + "pangolinLogoAlt": "Логотип Pangolin", + "inviteAlready": "Похоже, вы были приглашены!", + "inviteAlreadyDescription": "Чтобы принять приглашение, вы должны войти или создать учётную запись.", + "signupQuestion": "Уже есть учётная запись?", + "login": "Войти", + "resourceNotFound": "Ресурс не найден", + "resourceNotFoundDescription": "Ресурс, к которому вы пытаетесь получить доступ, не существует.", + "pincodeRequirementsLength": "PIN должен состоять ровно из 6 цифр", + "pincodeRequirementsChars": "PIN должен содержать только цифры", + "passwordRequirementsLength": "Пароль должен быть не менее 1 символа", + "passwordRequirementsTitle": "Требования к паролю:", + "passwordRequirementLength": "Не менее 8 символов", + "passwordRequirementUppercase": "По крайней мере, одна заглавная буква", + "passwordRequirementLowercase": "По крайней мере, одна строчная буква", + "passwordRequirementNumber": "По крайней мере, одна цифра", + "passwordRequirementSpecial": "По крайней мере, один специальный символ", + "passwordRequirementsMet": "✓ Пароль соответствует всем требованиям", + "passwordStrength": "Сила пароля", + "passwordStrengthWeak": "Слабый", + "passwordStrengthMedium": "Средний", + "passwordStrengthStrong": "Сильный", + "passwordRequirements": "Требования:", + "passwordRequirementLengthText": "8+ символов", + "passwordRequirementUppercaseText": "Заглавная буква (A-Z)", + "passwordRequirementLowercaseText": "Строчная буква (a-z)", + "passwordRequirementNumberText": "Цифра (0-9)", + "passwordRequirementSpecialText": "Специальный символ (!@#$%...)", + "passwordsDoNotMatch": "Пароли не совпадают", + "otpEmailRequirementsLength": "OTP должен быть не менее 1 символа", + "otpEmailSent": "OTP отправлен", + "otpEmailSentDescription": "OTP был отправлен на ваш email", + "otpEmailErrorAuthenticate": "Не удалось аутентифицироваться с email", + "pincodeErrorAuthenticate": "Не удалось аутентифицироваться с PIN-кодом", + "passwordErrorAuthenticate": "Не удалось аутентифицироваться с паролем", + "poweredBy": "Разработано", + "authenticationRequired": "Требуется аутентификация", + "authenticationMethodChoose": "Выберите предпочтительный метод для доступа к {name}", + "authenticationRequest": "Вы должны аутентифицироваться для доступа к {name}", + "user": "Пользователь", + "pincodeInput": "6-значный PIN-код", + "pincodeSubmit": "Войти с PIN-кодом", + "passwordSubmit": "Войти с паролем", + "otpEmailDescription": "Одноразовый код будет отправлен на этот email.", + "otpEmailSend": "Отправить одноразовый код", + "otpEmail": "Одноразовый пароль (OTP)", + "otpEmailSubmit": "Отправить OTP", + "backToEmail": "Назад к email", + "noSupportKey": "Сервер работает без ключа поддержки. Подумайте о поддержке проекта!", + "accessDenied": "Доступ запрещён", + "accessDeniedDescription": "Вам не разрешён доступ к этому ресурсу. Если это ошибка, пожалуйста, свяжитесь с администратором.", + "accessTokenError": "Ошибка проверки токена доступа", + "accessGranted": "Доступ предоставлен", + "accessUrlInvalid": "Неверный URL доступа", + "accessGrantedDescription": "Вам был предоставлен доступ к этому ресурсу. Перенаправляем вас...", + "accessUrlInvalidDescription": "Этот общий URL доступа недействителен. Пожалуйста, свяжитесь с владельцем ресурса для получения нового URL.", + "tokenInvalid": "Неверный токен", + "pincodeInvalid": "Неверный код", + "passwordErrorRequestReset": "Не удалось запросить сброс:", + "passwordErrorReset": "Не удалось сбросить пароль:", + "passwordResetSuccess": "Пароль успешно сброшен! Вернуться к входу...", + "passwordReset": "Сброс пароля", + "passwordResetDescription": "Следуйте инструкциям для сброса вашего пароля", + "passwordResetSent": "Мы отправим код сброса пароля на этот email адрес.", + "passwordResetCode": "Код сброса пароля", + "passwordResetCodeDescription": "Проверьте вашу почту для получения кода сброса пароля.", + "passwordNew": "Новый пароль", + "passwordNewConfirm": "Подтвердите новый пароль", + "pincodeAuth": "Код аутентификатора", + "pincodeSubmit2": "Отправить код", + "passwordResetSubmit": "Запросить сброс", + "passwordBack": "Назад к паролю", + "loginBack": "Вернуться к входу", + "signup": "Регистрация", + "loginStart": "Войдите для начала работы", + "idpOidcTokenValidating": "Проверка OIDC токена", + "idpOidcTokenResponse": "Проверить ответ OIDC токена", + "idpErrorOidcTokenValidating": "Ошибка проверки OIDC токена", + "idpConnectingTo": "Подключение к {name}", + "idpConnectingToDescription": "Проверка вашей личности", + "idpConnectingToProcess": "Подключение...", + "idpConnectingToFinished": "Подключено", + "idpErrorConnectingTo": "Возникла проблема при подключении к {name}. Пожалуйста, свяжитесь с вашим администратором.", + "idpErrorNotFound": "IdP не найден", + "inviteInvalid": "Недействительное приглашение", + "inviteInvalidDescription": "Ссылка на приглашение недействительна.", + "inviteErrorWrongUser": "Приглашение не для этого пользователя", + "inviteErrorUserNotExists": "Пользователь не существует. Пожалуйста, сначала создайте учетную запись.", + "inviteErrorLoginRequired": "Вы должны войти, чтобы принять приглашение", + "inviteErrorExpired": "Срок действия приглашения истек", + "inviteErrorRevoked": "Возможно, приглашение было отозвано", + "inviteErrorTypo": "В пригласительной ссылке может быть опечатка", + "pangolinSetup": "Настройка - Pangolin", + "orgNameRequired": "Название организации обязательно", + "orgIdRequired": "ID организации обязателен", + "orgErrorCreate": "Произошла ошибка при создании организации", + "pageNotFound": "Страница не найдена", + "pageNotFoundDescription": "Упс! Страница, которую вы ищете, не существует.", + "overview": "Обзор", + "home": "Главная", + "accessControl": "Контроль доступа", + "settings": "Настройки", + "usersAll": "Все пользователи", + "license": "Лицензия", + "pangolinDashboard": "Дашборд - Pangolin", + "noResults": "Результаты не найдены.", + "terabytes": "{count} ТБ", + "gigabytes": "{count} ГБ", + "megabytes": "{count} МБ", + "tagsEntered": "Введённые теги", + "tagsEnteredDescription": "Это теги, которые вы ввели.", + "tagsWarnCannotBeLessThanZero": "maxTags и minTags не могут быть меньше 0", + "tagsWarnNotAllowedAutocompleteOptions": "Тег не разрешён согласно опциям автозаполнения", + "tagsWarnInvalid": "Недействительный тег согласно validateTag", + "tagWarnTooShort": "Тег {tagText} слишком короткий", + "tagWarnTooLong": "Тег {tagText} слишком длинный", + "tagsWarnReachedMaxNumber": "Достигнуто максимальное количество разрешённых тегов", + "tagWarnDuplicate": "Дублирующий тег {tagText} не добавлен", + "supportKeyInvalid": "Недействительный ключ", + "supportKeyInvalidDescription": "Ваш ключ поддержки недействителен.", + "supportKeyValid": "Действительный ключ", + "supportKeyValidDescription": "Ваш ключ поддержки был проверен. Спасибо за поддержку!", + "supportKeyErrorValidationDescription": "Не удалось проверить ключ поддержки.", + "supportKey": "Поддержите разработку и усыновите Панголина!", + "supportKeyDescription": "Приобретите ключ поддержки, чтобы помочь нам продолжать разработку Pangolin для сообщества. Ваш вклад позволяет нам уделять больше времени поддержке и добавлению новых функций в приложение для всех. Мы никогда не будем использовать это для платного доступа к функциям. Это отдельно от любой коммерческой версии.", + "supportKeyPet": "Вы также сможете усыновить и встретить вашего собственного питомца Панголина!", + "supportKeyPurchase": "Платежи обрабатываются через GitHub. После этого вы сможете получить свой ключ на", + "supportKeyPurchaseLink": "нашем сайте", + "supportKeyPurchase2": "и активировать его здесь.", + "supportKeyLearnMore": "Узнать больше.", + "supportKeyOptions": "Пожалуйста, выберите подходящий вам вариант.", + "supportKetOptionFull": "Полная поддержка", + "forWholeServer": "За весь сервер", + "lifetimePurchase": "Пожизненная покупка", + "supporterStatus": "Статус поддержки", + "buy": "Купить", + "supportKeyOptionLimited": "Лимитированная поддержка", + "forFiveUsers": "За 5 или меньше пользователей", + "supportKeyRedeem": "Использовать ключ Поддержки", + "supportKeyHideSevenDays": "Скрыть на 7 дней", + "supportKeyEnter": "Введите ключ поддержки", + "supportKeyEnterDescription": "Встречайте своего питомца Панголина!", + "githubUsername": "Имя пользователя Github", + "supportKeyInput": "Ключ поддержки", + "supportKeyBuy": "Ключ поддержки", + "logoutError": "Ошибка при выходе", + "signingAs": "Вы вошли как", + "serverAdmin": "Администратор сервера", + "managedSelfhosted": "Управляемый с самовывоза", + "otpEnable": "Включить Двухфакторную Аутентификацию", + "otpDisable": "Отключить двухфакторную аутентификацию", + "logout": "Выйти", + "licenseTierProfessionalRequired": "Требуется профессиональная версия", + "licenseTierProfessionalRequiredDescription": "Эта функция доступна только в профессиональной версии.", + "actionGetOrg": "Получить организацию", + "actionUpdateOrg": "Обновить организацию", + "actionUpdateUser": "Обновить пользователя", + "actionGetUser": "Получить пользователя", + "actionGetOrgUser": "Получить пользователя организации", + "actionListOrgDomains": "Список доменов организации", + "actionCreateSite": "Создать сайт", + "actionDeleteSite": "Удалить сайт", + "actionGetSite": "Получить сайт", + "actionListSites": "Список сайтов", + "setupToken": "Код настройки", + "setupTokenDescription": "Введите токен настройки из консоли сервера.", + "setupTokenRequired": "Токен настройки обязателен", + "actionUpdateSite": "Обновить сайт", + "actionListSiteRoles": "Список разрешенных ролей сайта", + "actionCreateResource": "Создать ресурс", + "actionDeleteResource": "Удалить ресурс", + "actionGetResource": "Получить ресурсы", + "actionListResource": "Список ресурсов", + "actionUpdateResource": "Обновить ресурс", + "actionListResourceUsers": "Список пользователей ресурсов", + "actionSetResourceUsers": "Список пользователей ресурсов", + "actionSetAllowedResourceRoles": "Набор разрешенных ролей ресурсов", + "actionListAllowedResourceRoles": "Список разрешенных ролей сайта", + "actionSetResourcePassword": "Задать пароль ресурса", + "actionSetResourcePincode": "Установить ПИН-код ресурса", + "actionSetResourceEmailWhitelist": "Настроить белый список ресурсов email", + "actionGetResourceEmailWhitelist": "Получить белый список ресурсов email", + "actionCreateTarget": "Создать цель", + "actionDeleteTarget": "Удалить цель", + "actionGetTarget": "Получить цель", + "actionListTargets": "Список целей", + "actionUpdateTarget": "Обновить цель", + "actionCreateRole": "Создать роль", + "actionDeleteRole": "Удалить роль", + "actionGetRole": "Получить Роль", + "actionListRole": "Список ролей", + "actionUpdateRole": "Обновить роль", + "actionListAllowedRoleResources": "Список разрешенных ролей сайта", + "actionInviteUser": "Пригласить пользователя", + "actionRemoveUser": "Удалить пользователя", + "actionListUsers": "Список пользователей", + "actionAddUserRole": "Добавить роль пользователя", + "actionGenerateAccessToken": "Сгенерировать токен доступа", + "actionDeleteAccessToken": "Удалить токен доступа", + "actionListAccessTokens": "Список токенов доступа", + "actionCreateResourceRule": "Создать правило ресурса", + "actionDeleteResourceRule": "Удалить правило ресурса", + "actionListResourceRules": "Список правил ресурса", + "actionUpdateResourceRule": "Обновить правило ресурса", + "actionListOrgs": "Список организаций", + "actionCheckOrgId": "Проверить ID", + "actionCreateOrg": "Создать организацию", + "actionDeleteOrg": "Удалить организацию", + "actionListApiKeys": "Список API ключей", + "actionListApiKeyActions": "Список действий API ключа", + "actionSetApiKeyActions": "Установить разрешённые действия API ключа", + "actionCreateApiKey": "Создать API ключ", + "actionDeleteApiKey": "Удалить API ключ", + "actionCreateIdp": "Создать IDP", + "actionUpdateIdp": "Обновить IDP", + "actionDeleteIdp": "Удалить IDP", + "actionListIdps": "Список IDP", + "actionGetIdp": "Получить IDP", + "actionCreateIdpOrg": "Создать политику IDP организации", + "actionDeleteIdpOrg": "Удалить политику IDP организации", + "actionListIdpOrgs": "Список организаций IDP", + "actionUpdateIdpOrg": "Обновить организацию IDP", + "actionCreateClient": "Создать Клиента", + "actionDeleteClient": "Удалить Клиента", + "actionUpdateClient": "Обновить Клиента", + "actionListClients": "Список Клиентов", + "actionGetClient": "Получить Клиента", + "actionCreateSiteResource": "Создать ресурс сайта", + "actionDeleteSiteResource": "Удалить ресурс сайта ", + "actionGetSiteResource": "Получить ресурс сайта", + "actionListSiteResources": "Список ресурсов сайта", + "actionUpdateSiteResource": "Обновить ресурс сайта", + "actionListInvitations": "Список приглашений", + "noneSelected": "Ничего не выбрано", + "orgNotFound2": "Организации не найдены.", + "searchProgress": "Поиск...", + "create": "Создать", + "orgs": "Организации", + "loginError": "Произошла ошибка при входе", + "passwordForgot": "Забыли пароль?", + "otpAuth": "Двухфакторная аутентификация", + "otpAuthDescription": "Введите код из вашего приложения-аутентификатора или один из ваших одноразовых резервных кодов.", + "otpAuthSubmit": "Отправить код", + "idpContinue": "Или продолжить с", + "otpAuthBack": "Вернуться к входу", + "navbar": "Навигационное меню", + "navbarDescription": "Главное навигационное меню приложения", + "navbarDocsLink": "Документация", + "commercialEdition": "Коммерческая версия", + "otpErrorEnable": "Невозможно включить 2FA", + "otpErrorEnableDescription": "Произошла ошибка при включении 2FA", + "otpSetupCheckCode": "Пожалуйста, введите 6-значный код", + "otpSetupCheckCodeRetry": "Неверный код. Попробуйте снова.", + "otpSetup": "Включить двухфакторную аутентификацию", + "otpSetupDescription": "Защитите свою учётную запись дополнительным уровнем защиты", + "otpSetupScanQr": "Отсканируйте этот QR-код с помощью вашего приложения-аутентификатора или введите секретный ключ вручную:", + "otpSetupSecretCode": "Код аутентификатора", + "otpSetupSuccess": "Двухфакторная аутентификация включена", + "otpSetupSuccessStoreBackupCodes": "Ваша учётная запись теперь более защищена. Не забудьте сохранить резервные коды.", + "otpErrorDisable": "Невозможно отключить 2FA", + "otpErrorDisableDescription": "Произошла ошибка при отключении 2FA", + "otpRemove": "Отключить двухфакторную аутентификацию", + "otpRemoveDescription": "Отключить двухфакторную аутентификацию для вашей учётной записи", + "otpRemoveSuccess": "Двухфакторная аутентификация отключена", + "otpRemoveSuccessMessage": "Двухфакторная аутентификация была отключена для вашей учётной записи. Вы можете включить её снова в любое время.", + "otpRemoveSubmit": "Отключить 2FA", + "paginator": "Страница {current} из {last}", + "paginatorToFirst": "Перейти на первую страницу", + "paginatorToPrevious": "Перейти на предыдущую страницу", + "paginatorToNext": "Перейти на следующую страницу", + "paginatorToLast": "Перейти на последнюю страницу", + "copyText": "Скопировать текст", + "copyTextFailed": "Не удалось скопировать текст: ", + "copyTextClipboard": "Копировать в буфер обмена", + "inviteErrorInvalidConfirmation": "Неверное подтверждение", + "passwordRequired": "Пароль обязателен", + "allowAll": "Разрешить всё", + "permissionsAllowAll": "Разрешить все разрешения", + "githubUsernameRequired": "Имя пользователя GitHub обязательно", + "supportKeyRequired": "Ключ поддержки обязателен", + "passwordRequirementsChars": "Пароль должен быть не менее 8 символов", + "language": "Язык", + "verificationCodeRequired": "Код обязателен", + "userErrorNoUpdate": "Нет пользователя для обновления", + "siteErrorNoUpdate": "Нет сайта для обновления", + "resourceErrorNoUpdate": "Нет ресурса для обновления", + "authErrorNoUpdate": "Нет информации об аутентификации для обновления", + "orgErrorNoUpdate": "Нет организации для обновления", + "orgErrorNoProvided": "Организация не предоставлена", + "apiKeysErrorNoUpdate": "Нет API ключа для обновления", + "sidebarOverview": "Обзор", + "sidebarHome": "Главная", + "sidebarSites": "Сайты", + "sidebarResources": "Ресурсы", + "sidebarAccessControl": "Контроль доступа", + "sidebarUsers": "Пользователи", + "sidebarInvitations": "Приглашения", + "sidebarRoles": "Роли", + "sidebarShareableLinks": "Общие ссылки", + "sidebarApiKeys": "API ключи", + "sidebarSettings": "Настройки", + "sidebarAllUsers": "Все пользователи", + "sidebarIdentityProviders": "Поставщики удостоверений", + "sidebarLicense": "Лицензия", + "sidebarClients": "Клиенты (бета)", + "sidebarDomains": "Домены", + "enableDockerSocket": "Включить Docker Socket", + "enableDockerSocketDescription": "Включить обнаружение Docker Socket для заполнения информации о контейнерах. Путь к сокету должен быть предоставлен Newt.", + "enableDockerSocketLink": "Узнать больше", + "viewDockerContainers": "Просмотр контейнеров Docker", + "containersIn": "Контейнеры в {siteName}", + "selectContainerDescription": "Выберите любой контейнер для использования в качестве имени хоста для этой цели. Нажмите на порт, чтобы использовать порт.", + "containerName": "Имя", + "containerImage": "Образ", + "containerState": "Состояние", + "containerNetworks": "Сети", + "containerHostnameIp": "Имя хоста/IP", + "containerLabels": "Метки", + "containerLabelsCount": "{count, plural, one {# метка} few {# метки} many {# меток} other {# меток}}", + "containerLabelsTitle": "Метки контейнера", + "containerLabelEmpty": "", + "containerPorts": "Порты", + "containerPortsMore": "+{count} ещё", + "containerActions": "Действия", + "select": "Выбрать", + "noContainersMatchingFilters": "Контейнеры, соответствующие текущим фильтрам, не найдены.", + "showContainersWithoutPorts": "Показать контейнеры без портов", + "showStoppedContainers": "Показать остановленные контейнеры", + "noContainersFound": "Контейнеры не найдены. Убедитесь, что контейнеры Docker запущены.", + "searchContainersPlaceholder": "Поиск среди {count} {count, plural, one {контейнера} few {контейнеров} many {контейнеров} other {контейнеров}}...", + "searchResultsCount": "{count, plural, one {# результат} few {# результата} many {# результатов} other {# результатов}}", + "filters": "Фильтры", + "filterOptions": "Параметры фильтрации", + "filterPorts": "Порты", + "filterStopped": "Остановлены", + "clearAllFilters": "Очистить все фильтры", + "columns": "Колонки", + "toggleColumns": "Переключить колонки", + "refreshContainersList": "Обновить список контейнеров", + "searching": "Поиск...", + "noContainersFoundMatching": "Контейнеры, соответствующие \"{filter}\", не найдены.", + "light": "светлая", + "dark": "тёмная", + "system": "системная", + "theme": "Тема", + "subnetRequired": "Требуется подсеть", + "initialSetupTitle": "Начальная настройка сервера", + "initialSetupDescription": "Создайте первоначальную учётную запись администратора сервера. Может существовать только один администратор сервера. Вы всегда можете изменить эти учётные данные позже.", + "createAdminAccount": "Создать учётную запись администратора", + "setupErrorCreateAdmin": "Произошла ошибка при создании учётной записи администратора сервера.", + "certificateStatus": "Статус сертификата", + "loading": "Загрузка", + "restart": "Перезагрузка", + "domains": "Домены", + "domainsDescription": "Управление доменами для вашей организации", + "domainsSearch": "Поиск доменов...", + "domainAdd": "Добавить Домен", + "domainAddDescription": "Зарегистрировать новый домен в вашей организации", + "domainCreate": "Создать Домен", + "domainCreatedDescription": "Домен успешно создан", + "domainDeletedDescription": "Домен успешно удален", + "domainQuestionRemove": "Вы уверены, что хотите удалить домен {domain} из вашего аккаунта?", + "domainMessageRemove": "После удаления домен больше не будет связан с вашей учетной записью.", + "domainMessageConfirm": "Для подтверждения введите ниже имя домена.", + "domainConfirmDelete": "Подтвердить удаление домена", + "domainDelete": "Удалить Домен", + "domain": "Домен", + "selectDomainTypeNsName": "Делегация домена (NS)", + "selectDomainTypeNsDescription": "Этот домен и все его субдомены. Используйте это, когда вы хотите управлять всей доменной зоной.", + "selectDomainTypeCnameName": "Одиночный домен (CNAME)", + "selectDomainTypeCnameDescription": "Только этот конкретный домен. Используйте это для отдельных субдоменов или отдельных записей домена.", + "selectDomainTypeWildcardName": "Подставной домен", + "selectDomainTypeWildcardDescription": "Этот домен и его субдомены.", + "domainDelegation": "Единый домен", + "selectType": "Выберите тип", + "actions": "Действия", + "refresh": "Обновить", + "refreshError": "Не удалось обновить данные", + "verified": "Подтверждено", + "pending": "В ожидании", + "sidebarBilling": "Выставление счетов", + "billing": "Выставление счетов", + "orgBillingDescription": "Управляйте информацией о выставлении счетов и подписками", + "github": "GitHub", + "pangolinHosted": "Pangolin Hosted", + "fossorial": "Fossorial", + "completeAccountSetup": "Завершите настройку аккаунта", + "completeAccountSetupDescription": "Установите ваш пароль, чтобы начать", + "accountSetupSent": "Мы отправим код для настройки аккаунта на этот email адрес.", + "accountSetupCode": "Код настройки", + "accountSetupCodeDescription": "Проверьте вашу почту для получения кода настройки.", + "passwordCreate": "Создать пароль", + "passwordCreateConfirm": "Подтвердите пароль", + "accountSetupSubmit": "Отправить код настройки", + "completeSetup": "Завершить настройку", + "accountSetupSuccess": "Настройка аккаунта завершена! Добро пожаловать в Pangolin!", + "documentation": "Документация", + "saveAllSettings": "Сохранить все настройки", + "settingsUpdated": "Настройки обновлены", + "settingsUpdatedDescription": "Все настройки успешно обновлены", + "settingsErrorUpdate": "Не удалось обновить настройки", + "settingsErrorUpdateDescription": "Произошла ошибка при обновлении настроек", + "sidebarCollapse": "Свернуть", + "sidebarExpand": "Развернуть", + "newtUpdateAvailable": "Доступно обновление", + "newtUpdateAvailableInfo": "Доступна новая версия Newt. Пожалуйста, обновитесь до последней версии для лучшего опыта.", + "domainPickerEnterDomain": "Домен", + "domainPickerPlaceholder": "myapp.example.com, api.v1.mydomain.com, или просто myapp", + "domainPickerDescription": "Введите полный домен ресурса, чтобы увидеть доступные опции.", + "domainPickerDescriptionSaas": "Введите полный домен, поддомен или просто имя, чтобы увидеть доступные опции", + "domainPickerTabAll": "Все", + "domainPickerTabOrganization": "Организация", + "domainPickerTabProvided": "Предоставлено", + "domainPickerSortAsc": "А-Я", + "domainPickerSortDesc": "Я-А", + "domainPickerCheckingAvailability": "Проверка доступности...", + "domainPickerNoMatchingDomains": "Не найдены сопоставимые домены. Попробуйте другой домен или проверьте настройки доменов вашей организации.", + "domainPickerOrganizationDomains": "Домены организации", + "domainPickerProvidedDomains": "Предоставленные домены", + "domainPickerSubdomain": "Поддомен: {subdomain}", + "domainPickerNamespace": "Пространство имен: {namespace}", + "domainPickerShowMore": "Показать еще", + "domainNotFound": "Домен не найден", + "domainNotFoundDescription": "Этот ресурс отключен, так как домен больше не существует в нашей системе. Пожалуйста, установите новый домен для этого ресурса.", + "failed": "Ошибка", + "createNewOrgDescription": "Создать новую организацию", + "organization": "Организация", + "port": "Порт", + "securityKeyManage": "Управление ключами безопасности", + "securityKeyDescription": "Добавить или удалить ключи безопасности для аутентификации без пароля", + "securityKeyRegister": "Зарегистрировать новый ключ безопасности", + "securityKeyList": "Ваши ключи безопасности", + "securityKeyNone": "Ключи безопасности еще не зарегистрированы", + "securityKeyNameRequired": "Имя обязательно", + "securityKeyRemove": "Удалить", + "securityKeyLastUsed": "Последнее использование: {date}", + "securityKeyNameLabel": "Имя ключа безопасности", + "securityKeyRegisterSuccess": "Ключ безопасности успешно зарегистрирован", + "securityKeyRegisterError": "Не удалось зарегистрировать ключ безопасности", + "securityKeyRemoveSuccess": "Ключ безопасности успешно удален", + "securityKeyRemoveError": "Не удалось удалить ключ безопасности", + "securityKeyLoadError": "Не удалось загрузить ключи безопасности", + "securityKeyLogin": "Продолжить с ключом безопасности", + "securityKeyAuthError": "Не удалось аутентифицироваться с ключом безопасности", + "securityKeyRecommendation": "Зарегистрируйте резервный ключ безопасности на другом устройстве, чтобы всегда иметь доступ к вашему аккаунту.", + "registering": "Регистрация...", + "securityKeyPrompt": "Пожалуйста, подтвердите свою личность с использованием вашего ключа безопасности. Убедитесь, что ваш ключ безопасности подключен и готов.", + "securityKeyBrowserNotSupported": "Ваш браузер не поддерживает ключи безопасности. Пожалуйста, используйте современный браузер, такой как Chrome, Firefox или Safari.", + "securityKeyPermissionDenied": "Пожалуйста, разрешите доступ к вашему ключу безопасности, чтобы продолжить вход.", + "securityKeyRemovedTooQuickly": "Пожалуйста, держите ваш ключ безопасности подключенным, пока процесс входа не завершится.", + "securityKeyNotSupported": "Ваш ключ безопасности может быть несовместим. Попробуйте другой ключ безопасности.", + "securityKeyUnknownError": "Произошла проблема при использовании вашего ключа безопасности. Пожалуйста, попробуйте еще раз.", + "twoFactorRequired": "Для регистрации ключа безопасности требуется двухфакторная аутентификация.", + "twoFactor": "Двухфакторная аутентификация", + "adminEnabled2FaOnYourAccount": "Ваш администратор включил двухфакторную аутентификацию для {email}. Пожалуйста, завершите процесс настройки, чтобы продолжить.", + "continueToApplication": "Перейти к приложению", + "securityKeyAdd": "Добавить ключ безопасности", + "securityKeyRegisterTitle": "Регистрация нового ключа безопасности", + "securityKeyRegisterDescription": "Подключите свой ключ безопасности и введите имя для его идентификации", + "securityKeyTwoFactorRequired": "Требуется двухфакторная аутентификация", + "securityKeyTwoFactorDescription": "Пожалуйста, введите ваш код двухфакторной аутентификации для регистрации ключа безопасности", + "securityKeyTwoFactorRemoveDescription": "Пожалуйста, введите ваш код двухфакторной аутентификации для удаления ключа безопасности", + "securityKeyTwoFactorCode": "Код двухфакторной аутентификации", + "securityKeyRemoveTitle": "Удалить ключ безопасности", + "securityKeyRemoveDescription": "Введите ваш пароль для удаления ключа безопасности \"{name}\"", + "securityKeyNoKeysRegistered": "Ключи безопасности не зарегистрированы", + "securityKeyNoKeysDescription": "Добавьте ключ безопасности, чтобы повысить безопасность вашего аккаунта", + "createDomainRequired": "Домен обязателен", + "createDomainAddDnsRecords": "Добавить DNS записи", + "createDomainAddDnsRecordsDescription": "Добавьте следующие DNS записи у вашего провайдера доменных имен для завершения настройки.", + "createDomainNsRecords": "NS Записи", + "createDomainRecord": "Запись", + "createDomainType": "Тип:", + "createDomainName": "Имя:", + "createDomainValue": "Значение:", + "createDomainCnameRecords": "CNAME Записи", + "createDomainARecords": "A Записи", + "createDomainRecordNumber": "Запись {number}", + "createDomainTxtRecords": "TXT Записи", + "createDomainSaveTheseRecords": "Сохранить эти записи", + "createDomainSaveTheseRecordsDescription": "Обязательно сохраните эти DNS записи, так как вы их больше не увидите.", + "createDomainDnsPropagation": "Распространение DNS", + "createDomainDnsPropagationDescription": "Изменения DNS могут занять некоторое время для распространения через интернет. Это может занять от нескольких минут до 48 часов в зависимости от вашего DNS провайдера и настроек TTL.", + "resourcePortRequired": "Номер порта необходим для не-HTTP ресурсов", + "resourcePortNotAllowed": "Номер порта не должен быть установлен для HTTP ресурсов", + "signUpTerms": { + "IAgreeToThe": "Я согласен с", + "termsOfService": "условия использования", + "and": "и", + "privacyPolicy": "политика конфиденциальности" + }, + "siteRequired": "Необходимо указать сайт.", + "olmTunnel": "Olm Туннель", + "olmTunnelDescription": "Используйте Olm для подключений клиентов", + "errorCreatingClient": "Ошибка при создании клиента", + "clientDefaultsNotFound": "Настройки клиента по умолчанию не найдены", + "createClient": "Создать клиента", + "createClientDescription": "Создайте нового клиента для подключения к вашим сайтам", + "seeAllClients": "Просмотреть всех клиентов", + "clientInformation": "Информация о клиенте", + "clientNamePlaceholder": "Имя клиента", + "address": "Адрес", + "subnetPlaceholder": "Подсеть", + "addressDescription": "Адрес, который этот клиент будет использовать для подключения", + "selectSites": "Выберите сайты", + "sitesDescription": "Клиент будет иметь подключение к выбранным сайтам", + "clientInstallOlm": "Установить Olm", + "clientInstallOlmDescription": "Запустите Olm на вашей системе", + "clientOlmCredentials": "Учётные данные Olm", + "clientOlmCredentialsDescription": "Так Olm будет аутентифицироваться через сервер", + "olmEndpoint": "Конечная точка Olm", + "olmId": "Olm ID", + "olmSecretKey": "Секретный ключ Olm", + "clientCredentialsSave": "Сохраните ваши учётные данные", + "clientCredentialsSaveDescription": "Вы сможете увидеть их только один раз. Обязательно скопируйте в безопасное место.", + "generalSettingsDescription": "Настройте общие параметры для этого клиента", + "clientUpdated": "Клиент обновлен", + "clientUpdatedDescription": "Клиент был обновлён.", + "clientUpdateFailed": "Не удалось обновить клиента", + "clientUpdateError": "Произошла ошибка при обновлении клиента.", + "sitesFetchFailed": "Не удалось получить сайты", + "sitesFetchError": "Произошла ошибка при получении сайтов.", + "olmErrorFetchReleases": "Произошла ошибка при получении релизов Olm.", + "olmErrorFetchLatest": "Произошла ошибка при получении последнего релиза Olm.", + "remoteSubnets": "Удалённые подсети", + "enterCidrRange": "Введите диапазон CIDR", + "remoteSubnetsDescription": "Добавьте диапазоны адресов CIDR, которые можно получить из этого сайта удаленно, используя клиентов. Используйте формат 10.0.0.0/24. Это относится ТОЛЬКО к подключению через VPN клиентов.", + "resourceEnableProxy": "Включить публичный прокси", + "resourceEnableProxyDescription": "Включите публичное проксирование для этого ресурса. Это позволяет получить доступ к ресурсу извне сети через облако через открытый порт. Требуется конфигурация Traefik.", + "externalProxyEnabled": "Внешний прокси включен", + "addNewTarget": "Добавить новую цель", + "targetsList": "Список целей", + "targetErrorDuplicateTargetFound": "Обнаружена дублирующаяся цель", + "httpMethod": "HTTP метод", + "selectHttpMethod": "Выберите HTTP метод", + "domainPickerSubdomainLabel": "Поддомен", + "domainPickerBaseDomainLabel": "Основной домен", + "domainPickerSearchDomains": "Поиск доменов...", + "domainPickerNoDomainsFound": "Доменов не найдено", + "domainPickerLoadingDomains": "Загрузка доменов...", + "domainPickerSelectBaseDomain": "Выбор основного домена...", + "domainPickerNotAvailableForCname": "Не доступно для CNAME доменов", + "domainPickerEnterSubdomainOrLeaveBlank": "Введите поддомен или оставьте пустым для использования основного домена.", + "domainPickerEnterSubdomainToSearch": "Введите поддомен для поиска и выбора из доступных свободных доменов.", + "domainPickerFreeDomains": "Свободные домены", + "domainPickerSearchForAvailableDomains": "Поиск доступных доменов", + "resourceDomain": "Домен", + "resourceEditDomain": "Редактировать домен", + "siteName": "Имя сайта", + "proxyPort": "Порт", + "resourcesTableProxyResources": "Проксированные ресурсы", + "resourcesTableClientResources": "Клиентские ресурсы", + "resourcesTableNoProxyResourcesFound": "Проксированных ресурсов не найдено.", + "resourcesTableNoInternalResourcesFound": "Внутренних ресурсов не найдено.", + "resourcesTableDestination": "Пункт назначения", + "resourcesTableTheseResourcesForUseWith": "Эти ресурсы предназначены для использования с", + "resourcesTableClients": "Клиенты", + "resourcesTableAndOnlyAccessibleInternally": "и доступны только внутренне при подключении с клиентом.", + "editInternalResourceDialogEditClientResource": "Редактировать ресурс клиента", + "editInternalResourceDialogUpdateResourceProperties": "Обновите свойства ресурса и настройку цели для {resourceName}.", + "editInternalResourceDialogResourceProperties": "Свойства ресурса", + "editInternalResourceDialogName": "Имя", + "editInternalResourceDialogProtocol": "Протокол", + "editInternalResourceDialogSitePort": "Порт сайта", + "editInternalResourceDialogTargetConfiguration": "Настройка цели", + "editInternalResourceDialogDestinationIP": "Целевая IP", + "editInternalResourceDialogDestinationPort": "Целевой порт", + "editInternalResourceDialogCancel": "Отмена", + "editInternalResourceDialogSaveResource": "Сохранить ресурс", + "editInternalResourceDialogSuccess": "Успешно", + "editInternalResourceDialogInternalResourceUpdatedSuccessfully": "Внутренний ресурс успешно обновлен", + "editInternalResourceDialogError": "Ошибка", + "editInternalResourceDialogFailedToUpdateInternalResource": "Не удалось обновить внутренний ресурс", + "editInternalResourceDialogNameRequired": "Имя обязательно", + "editInternalResourceDialogNameMaxLength": "Имя не должно быть длиннее 255 символов", + "editInternalResourceDialogProxyPortMin": "Порт прокси должен быть не менее 1", + "editInternalResourceDialogProxyPortMax": "Порт прокси должен быть меньше 65536", + "editInternalResourceDialogInvalidIPAddressFormat": "Неверный формат IP адреса", + "editInternalResourceDialogDestinationPortMin": "Целевой порт должен быть не менее 1", + "editInternalResourceDialogDestinationPortMax": "Целевой порт должен быть меньше 65536", + "createInternalResourceDialogNoSitesAvailable": "Нет доступных сайтов", + "createInternalResourceDialogNoSitesAvailableDescription": "Вам необходимо иметь хотя бы один сайт Newt с настроенной подсетью для создания внутреннего ресурса.", + "createInternalResourceDialogClose": "Закрыть", + "createInternalResourceDialogCreateClientResource": "Создать ресурс клиента", + "createInternalResourceDialogCreateClientResourceDescription": "Создайте новый ресурс, который будет доступен клиентам, подключенным к выбранному сайту.", + "createInternalResourceDialogResourceProperties": "Свойства ресурса", + "createInternalResourceDialogName": "Имя", + "createInternalResourceDialogSite": "Сайт", + "createInternalResourceDialogSelectSite": "Выберите сайт...", + "createInternalResourceDialogSearchSites": "Поиск сайтов...", + "createInternalResourceDialogNoSitesFound": "Сайты не найдены.", + "createInternalResourceDialogProtocol": "Протокол", + "createInternalResourceDialogTcp": "TCP", + "createInternalResourceDialogUdp": "UDP", + "createInternalResourceDialogSitePort": "Порт сайта", + "createInternalResourceDialogSitePortDescription": "Используйте этот порт для доступа к ресурсу на сайте при подключении с клиентом.", + "createInternalResourceDialogTargetConfiguration": "Настройка цели", + "createInternalResourceDialogDestinationIP": "Целевая IP", + "createInternalResourceDialogDestinationIPDescription": "IP-адрес ресурса в сети сайта.", + "createInternalResourceDialogDestinationPort": "Целевой порт", + "createInternalResourceDialogDestinationPortDescription": "Порт на IP-адресе назначения, где доступен ресурс.", + "createInternalResourceDialogCancel": "Отмена", + "createInternalResourceDialogCreateResource": "Создать ресурс", + "createInternalResourceDialogSuccess": "Успешно", + "createInternalResourceDialogInternalResourceCreatedSuccessfully": "Внутренний ресурс успешно создан", + "createInternalResourceDialogError": "Ошибка", + "createInternalResourceDialogFailedToCreateInternalResource": "Не удалось создать внутренний ресурс", + "createInternalResourceDialogNameRequired": "Имя обязательно", + "createInternalResourceDialogNameMaxLength": "Имя должно содержать менее 255 символов", + "createInternalResourceDialogPleaseSelectSite": "Пожалуйста, выберите сайт", + "createInternalResourceDialogProxyPortMin": "Прокси-порт должен быть не менее 1", + "createInternalResourceDialogProxyPortMax": "Прокси-порт должен быть меньше 65536", + "createInternalResourceDialogInvalidIPAddressFormat": "Неверный формат IP-адреса", + "createInternalResourceDialogDestinationPortMin": "Целевой порт должен быть не менее 1", + "createInternalResourceDialogDestinationPortMax": "Целевой порт должен быть меньше 65536", + "siteConfiguration": "Конфигурация", + "siteAcceptClientConnections": "Принимать подключения клиентов", + "siteAcceptClientConnectionsDescription": "Разрешите другим устройствам подключаться через этот экземпляр Newt в качестве шлюза с использованием клиентов.", + "siteAddress": "Адрес сайта", + "siteAddressDescription": "Укажите IP-адрес хоста для подключения клиентов. Это внутренний адрес сайта в сети Pangolin для адресации клиентов. Должен находиться в пределах подсети организационного уровня.", + "autoLoginExternalIdp": "Автоматический вход с внешним провайдером", + "autoLoginExternalIdpDescription": "Немедленно перенаправьте пользователя к внешнему провайдеру для аутентификации.", + "selectIdp": "Выберите провайдера", + "selectIdpPlaceholder": "Выберите провайдера...", + "selectIdpRequired": "Пожалуйста, выберите провайдера, когда автоматический вход включен.", + "autoLoginTitle": "Перенаправление", + "autoLoginDescription": "Перенаправление вас к внешнему провайдеру для аутентификации.", + "autoLoginProcessing": "Подготовка аутентификации...", + "autoLoginRedirecting": "Перенаправление к входу...", + "autoLoginError": "Ошибка автоматического входа", + "autoLoginErrorNoRedirectUrl": "URL-адрес перенаправления не получен от провайдера удостоверения.", + "autoLoginErrorGeneratingUrl": "Не удалось сгенерировать URL-адрес аутентификации.", + "managedSelfHosted": { + "title": "Управляемый с самовывоза", + "description": "Более надежный и низко обслуживаемый сервер Pangolin с дополнительными колокольнями и свистками", + "introTitle": "Управляемый Само-Хост Панголина", + "introDescription": "- это вариант развертывания, предназначенный для людей, которые хотят простоты и надёжности, сохраняя при этом свои данные конфиденциальными и самостоятельными.", + "introDetail": "С помощью этой опции вы по-прежнему используете узел Pangolin — туннели, SSL, и весь остающийся на вашем сервере. Разница заключается в том, что управление и мониторинг осуществляются через нашу панель инструментов из облака, которая открывает ряд преимуществ:", + "benefitSimplerOperations": { + "title": "Более простые операции", + "description": "Не нужно запускать свой собственный почтовый сервер или настроить комплексное оповещение. Вы будете получать проверки состояния здоровья и оповещения о неисправностях из коробки." + }, + "benefitAutomaticUpdates": { + "title": "Автоматическое обновление", + "description": "Панель управления в облаке развивается быстро, так что вы получаете новые функции и исправления ошибок, без необходимости каждый раз получать новые контейнеры." + }, + "benefitLessMaintenance": { + "title": "Меньше обслуживания", + "description": "Нет миграции баз данных, резервных копий или дополнительной инфраструктуры для управления. Мы обрабатываем это в облаке." + }, + "benefitCloudFailover": { + "title": "Облачное срабатывание", + "description": "Если ваш узел исчезнет, ваши туннели могут временно прерваться до наших облачных точек присутствия, пока вы не вернете его в сети." + }, + "benefitHighAvailability": { + "title": "Высокая доступность (PoP)", + "description": "Вы также можете прикрепить несколько узлов к вашему аккаунту для избыточности и лучшей производительности." + }, + "benefitFutureEnhancements": { + "title": "Будущие улучшения", + "description": "Мы планируем добавить дополнительные инструменты аналитики, оповещения и управления, чтобы сделать установку еще более надежной." + }, + "docsAlert": { + "text": "Узнайте больше о опции Managed Self-Hosted в нашей", + "documentation": "документация" + }, + "convertButton": "Конвертировать этот узел в управляемый себе-хост" + }, + "internationaldomaindetected": "Обнаружен международный домен", + "willbestoredas": "Будет храниться как:" +} diff --git a/messages/tr-TR.json b/messages/tr-TR.json new file mode 100644 index 00000000..2253dab2 --- /dev/null +++ b/messages/tr-TR.json @@ -0,0 +1,1500 @@ +{ + "setupCreate": "Organizasyonunuzu, sitenizi ve kaynaklarınızı oluşturun", + "setupNewOrg": "Yeni Organizasyon", + "setupCreateOrg": "Organizasyon Oluştur", + "setupCreateResources": "Kaynaklar Oluştur", + "setupOrgName": "Organizasyon Adı", + "orgDisplayName": "Bu, organizasyonunuzun görünen adıdır.", + "orgId": "Organizasyon ID", + "setupIdentifierMessage": "Bu, organizasyonunuzun benzersiz kimliğidir. Görünen adtan ayrı olarak.", + "setupErrorIdentifier": "Organizasyon ID'si zaten alınmış. Lütfen başka bir tane seçin.", + "componentsErrorNoMemberCreate": "Şu anda herhangi bir organizasyona üye değilsiniz. Başlamak için bir organizasyon oluşturun.", + "componentsErrorNoMember": "Şu anda herhangi bir organizasyona üye değilsiniz.", + "welcome": "Pangolin'e hoş geldiniz", + "welcomeTo": "Hoş geldiniz", + "componentsCreateOrg": "Bir Organizasyon Oluşturun", + "componentsMember": "{count, plural, =0 {hiçbir organizasyon} one {bir organizasyon} other {# organizasyon}} üyesisiniz.", + "componentsInvalidKey": "Geçersiz veya süresi dolmuş lisans anahtarları tespit edildi. Tüm özellikleri kullanmaya devam etmek için lisans koşullarına uyun.", + "dismiss": "Kapat", + "componentsLicenseViolation": "Lisans İhlali: Bu sunucu, lisanslı sınırı olan {maxSites} sitesini aşarak {usedSites} site kullanmaktadır. Tüm özellikleri kullanmaya devam etmek için lisans koşullarına uyun.", + "componentsSupporterMessage": "Pangolin'e {tier} olarak destek olduğunuz için teşekkür ederiz!", + "inviteErrorNotValid": "Üzgünüz, ancak erişmeye çalıştığınız davet kabul edilmemiş veya artık geçerli değil gibi görünüyor.", + "inviteErrorUser": "Üzgünüz, ancak erişmeye çalıştığınız davetin bu kullanıcı için olmadığı görünüyor.", + "inviteLoginUser": "Lütfen doğru kullanıcı olarak oturum açtığınızdan emin olun.", + "inviteErrorNoUser": "Üzgünüz, ancak erişmeye çalıştığınız davet, var olan bir kullanıcı için değil gibi görünüyor.", + "inviteCreateUser": "Öncelikle bir hesap oluşturun.", + "goHome": "Ana Sayfaya Dön", + "inviteLogInOtherUser": "Başka bir kullanıcı olarak giriş yapın", + "createAnAccount": "Bir Hesap Oluşturun", + "inviteNotAccepted": "Davet Kabul Edilmedi", + "authCreateAccount": "Başlamak için bir hesap oluşturun", + "authNoAccount": "Hesabınız yok mu?", + "email": "E-posta", + "password": "Şifre", + "confirmPassword": "Şifreyi Onayla", + "createAccount": "Hesap Oluştur", + "viewSettings": "Ayarları görüntüle", + "delete": "Sil", + "name": "Ad", + "online": "Çevrimiçi", + "offline": "Çevrimdışı", + "site": "Site", + "dataIn": "Gelen Veri", + "dataOut": "Giden Veri", + "connectionType": "Bağlantı Türü", + "tunnelType": "Tünel Türü", + "local": "Yerel", + "edit": "Düzenle", + "siteConfirmDelete": "Site Silmeyi Onayla", + "siteDelete": "Siteyi Sil", + "siteMessageRemove": "Kaldırıldıktan sonra site artık erişilebilir olmayacak. Siteyle ilişkili tüm kaynaklar ve hedefler de kaldırılacaktır.", + "siteMessageConfirm": "Onaylamak için lütfen aşağıya sitenin adını yazın.", + "siteQuestionRemove": "{selectedSite} sitesini organizasyondan kaldırmak istediğinizden emin misiniz?", + "siteManageSites": "Siteleri Yönet", + "siteDescription": "Ağınıza güvenli tüneller üzerinden bağlantı izni verin", + "siteCreate": "Site Oluştur", + "siteCreateDescription2": "Yeni bir site oluşturup bağlanmak için aşağıdaki adımları izleyin", + "siteCreateDescription": "Kaynaklarınızı bağlamaya başlamak için yeni bir site oluşturun", + "close": "Kapat", + "siteErrorCreate": "Site oluşturulurken hata", + "siteErrorCreateKeyPair": "Anahtar çifti veya site varsayılanları bulunamadı", + "siteErrorCreateDefaults": "Site varsayılanları bulunamadı", + "method": "Yöntem", + "siteMethodDescription": "Bağlantıları nasıl açığa çıkaracağınız budur.", + "siteLearnNewt": "Newt'i sisteminize nasıl kuracağınızı öğrenin", + "siteSeeConfigOnce": "Konfigürasyonu yalnızca bir kez görebileceksiniz.", + "siteLoadWGConfig": "WireGuard yapılandırması yükleniyor...", + "siteDocker": "Docker Dağıtım Ayrıntılarını Genişlet", + "toggle": "Geçiş", + "dockerCompose": "Docker Compose", + "dockerRun": "Docker Çalıştır", + "siteLearnLocal": "Yerel siteler tünellemez, daha fazla bilgi edinin", + "siteConfirmCopy": "Yapılandırmayı kopyaladım", + "searchSitesProgress": "Siteleri ara...", + "siteAdd": "Site Ekle", + "siteInstallNewt": "Newt Yükle", + "siteInstallNewtDescription": "Newt'i sisteminizde çalıştırma", + "WgConfiguration": "WireGuard Yapılandırması", + "WgConfigurationDescription": "Ağınıza bağlanmak için aşağıdaki yapılandırmayı kullanın", + "operatingSystem": "İşletim Sistemi", + "commands": "Komutlar", + "recommended": "Önerilen", + "siteNewtDescription": "En iyi kullanıcı deneyimi için Newt'i kullanın. WireGuard'ı arka planda kullanır ve özel kaynaklarınıza Pangolin kontrol panelinden LAN adresleriyle erişmenizi sağlar.", + "siteRunsInDocker": "Docker'da Çalışır", + "siteRunsInShell": "macOS, Linux, ve Windows'da kabukta çalışır", + "siteErrorDelete": "Site silinirken hata", + "siteErrorUpdate": "Site güncellenirken hata oluştu", + "siteErrorUpdateDescription": "Site güncellenirken bir hata oluştu.", + "siteUpdated": "Site güncellendi", + "siteUpdatedDescription": "Site güncellendi.", + "siteGeneralDescription": "Bu site için genel ayarları yapılandırın", + "siteSettingDescription": "Sitenizdeki ayarları yapılandırın", + "siteSetting": "{siteName} Ayarları", + "siteNewtTunnel": "Newt Tüneli (Önerilen)", + "siteNewtTunnelDescription": "Ağınıza giriş noktası oluşturmanın en kolay yolu. Ekstra kurulum gerekmez.", + "siteWg": "Temel WireGuard", + "siteWgDescription": "Bir tünel oluşturmak için herhangi bir WireGuard istemcisi kullanın. Manuel NAT kurulumu gereklidir.", + "siteWgDescriptionSaas": "Bir tünel oluşturmak için herhangi bir WireGuard istemcisi kullanın. Manuel NAT kurulumu gereklidir. YALNIZCA SELF HOSTED DÜĞÜMLERDE ÇALIŞIR", + "siteLocalDescription": "Yalnızca yerel kaynaklar. Tünelleme yok.", + "siteLocalDescriptionSaas": "Yalnızca yerel kaynaklar. Tünel yok. YALNIZCA SELF HOSTED DÜĞÜMLERDE ÇALIŞIR", + "siteSeeAll": "Tüm Siteleri Gör", + "siteTunnelDescription": "Sitenize nasıl bağlanmak istediğinizi belirleyin", + "siteNewtCredentials": "Newt Kimlik Bilgileri", + "siteNewtCredentialsDescription": "Bu, Newt'in sunucu ile kimlik doğrulaması yapacağı yöntemdir", + "siteCredentialsSave": "Kimlik Bilgilerinizi Kaydedin", + "siteCredentialsSaveDescription": "Yalnızca bir kez görebileceksiniz. Güvenli bir yere kopyaladığınızdan emin olun.", + "siteInfo": "Site Bilgilendirmesi", + "status": "Durum", + "shareTitle": "Paylaşım Bağlantılarını Yönet", + "shareDescription": "Kaynaklarınıza geçici veya kalıcı erişim sağlamak için paylaşılabilir bağlantılar oluşturun", + "shareSearch": "Paylaşım bağlantılarını ara...", + "shareCreate": "Paylaşım Bağlantısı Oluştur", + "shareErrorDelete": "Bağlantı silinirken hata oluştu", + "shareErrorDeleteMessage": "Bağlantı silinirken bir hata oluştu", + "shareDeleted": "Bağlantı silindi", + "shareDeletedDescription": "Bağlantı silindi", + "shareTokenDescription": "Erişim jetonunuz iki şekilde iletilebilir: sorgu parametresi olarak veya istek başlıklarında. Kimlik doğrulanmış erişim için her istekten müşteri tarafından iletilmelidir.", + "accessToken": "Erişim Jetonu", + "usageExamples": "Kullanım Örnekleri", + "tokenId": "Jeton ID", + "requestHeades": "İstek Başlıkları", + "queryParameter": "Sorgu Parametresi", + "importantNote": "Önemli Not", + "shareImportantDescription": "Güvenlik nedenleriyle, mümkünse başlıklar üzerinden kullanılması sorgu parametrelerinden daha önerilir, çünkü sorgu parametreleri sunucu günlüklerinde veya tarayıcı geçmişinde kaydedilebilir.", + "token": "Jeton", + "shareTokenSecurety": "Erişim jetonunuzu güvende tutun. Herkese açık alanlarda veya istemci tarafı kodunda paylaşmayın.", + "shareErrorFetchResource": "Kaynaklar getirilemedi", + "shareErrorFetchResourceDescription": "Kaynaklar getirilirken bir hata oluştu", + "shareErrorCreate": "Paylaşım bağlantısı oluşturma başarısız oldu", + "shareErrorCreateDescription": "Paylaşım bağlantısı oluşturulurken bir hata oluştu", + "shareCreateDescription": "Bu bağlantıya sahip olan herkes kaynağa erişebilir", + "shareTitleOptional": "Başlık (isteğe bağlı)", + "expireIn": "Süresi Dolacak", + "neverExpire": "Hiçbir Zaman Sona Ermez", + "shareExpireDescription": "Son kullanma süresi, bağlantının kullanılabilir ve kaynağa erişim sağlayacak süresidir. Bu süreden sonra bağlantı çalışmayı durduracak ve bu bağlantıyı kullanan kullanıcılar kaynağa erişimini kaybedecektir.", + "shareSeeOnce": "Bu bağlantıyı yalnızca bir kez görebileceksiniz. Kopyaladığınızdan emin olun.", + "shareAccessHint": "Bu bağlantıya sahip olan herkes kaynağa erişebilir. Dikkatle paylaşın.", + "shareTokenUsage": "Erişim Jetonu Kullanımını Gör", + "createLink": "Bağlantı Oluştur", + "resourcesNotFound": "Hiçbir kaynak bulunamadı", + "resourceSearch": "Kaynak ara", + "openMenu": "Menüyü Aç", + "resource": "Kaynak", + "title": "Başlık", + "created": "Oluşturulmuş", + "expires": "Süresi Doluyor", + "never": "Asla", + "shareErrorSelectResource": "Lütfen bir kaynak seçin", + "resourceTitle": "Kaynakları Yönet", + "resourceDescription": "Özel uygulamalarınıza güvenli vekil sunucular oluşturun", + "resourcesSearch": "Kaynakları ara...", + "resourceAdd": "Kaynak Ekle", + "resourceErrorDelte": "Kaynak silinirken hata", + "authentication": "Kimlik Doğrulama", + "protected": "Korunan", + "notProtected": "Korunmayan", + "resourceMessageRemove": "Kaldırıldıktan sonra kaynak artık erişilebilir olmayacaktır. Kaynakla ilişkili tüm hedefler de kaldırılacaktır.", + "resourceMessageConfirm": "Onaylamak için lütfen aşağıya kaynağın adını yazın.", + "resourceQuestionRemove": "{selectedResource} kaynağını organizasyondan kaldırmak istediğinizden emin misiniz?", + "resourceHTTP": "HTTPS Kaynağı", + "resourceHTTPDescription": "Bir alt alan adı veya temel alan adı kullanarak uygulamanıza HTTPS üzerinden vekil istek gönderin.", + "resourceRaw": "Ham TCP/UDP Kaynağı", + "resourceRawDescription": "Uygulamanıza TCP/UDP üzerinden port numarası ile vekil istek gönderin.", + "resourceCreate": "Kaynak Oluştur", + "resourceCreateDescription": "Yeni bir kaynak oluşturmak için aşağıdaki adımları izleyin", + "resourceSeeAll": "Tüm Kaynakları Gör", + "resourceInfo": "Kaynak Bilgilendirmesi", + "resourceNameDescription": "Bu, kaynak için görünen addır.", + "siteSelect": "Site seç", + "siteSearch": "Site ara", + "siteNotFound": "Herhangi bir site bulunamadı.", + "siteSelectionDescription": "Bu site hedefe bağlantı sağlayacaktır.", + "resourceType": "Kaynak Türü", + "resourceTypeDescription": "Kaynağınıza nasıl erişmek istediğinizi belirleyin", + "resourceHTTPSSettings": "HTTPS Ayarları", + "resourceHTTPSSettingsDescription": "Kaynağınıza HTTPS üzerinden erişimin nasıl sağlanacağını yapılandırın", + "domainType": "Alan Türü", + "subdomain": "Alt Alan Adı", + "baseDomain": "Temel Alan Adı", + "subdomnainDescription": "Kaynağınızın erişilebileceği alt alan adı.", + "resourceRawSettings": "TCP/UDP Ayarları", + "resourceRawSettingsDescription": "Kaynağınıza TCP/UDP üzerinden erişimin nasıl sağlanacağını yapılandırın", + "protocol": "Protokol", + "protocolSelect": "Bir protokol seçin", + "resourcePortNumber": "Port Numarası", + "resourcePortNumberDescription": "Vekil istekler için harici port numarası.", + "cancel": "İptal", + "resourceConfig": "Yapılandırma Parçaları", + "resourceConfigDescription": "TCP/UDP kaynağınızı kurmak için bu yapılandırma parçalarını kopyalayıp yapıştırın", + "resourceAddEntrypoints": "Traefik: Başlangıç Noktaları Ekleyin", + "resourceExposePorts": "Gerbil: Docker Compose'da Portları Açın", + "resourceLearnRaw": "TCP/UDP kaynaklarını nasıl yapılandıracağınızı öğrenin", + "resourceBack": "Kaynaklara Geri Dön", + "resourceGoTo": "Kaynağa Git", + "resourceDelete": "Kaynağı Sil", + "resourceDeleteConfirm": "Kaynak Silmeyi Onayla", + "visibility": "Görünürlük", + "enabled": "Etkin", + "disabled": "Devre Dışı", + "general": "Genel", + "generalSettings": "Genel Ayarlar", + "proxy": "Vekil Sunucu", + "internal": "Dahili", + "rules": "Kurallar", + "resourceSettingDescription": "Kaynağınızdaki ayarları yapılandırın", + "resourceSetting": "{resourceName} Ayarları", + "alwaysAllow": "Her Zaman İzin Ver", + "alwaysDeny": "Her Zaman Reddet", + "passToAuth": "Kimlik Doğrulamasına Geç", + "orgSettingsDescription": "Organizasyonunuzun genel ayarlarını yapılandırın", + "orgGeneralSettings": "Organizasyon Ayarları", + "orgGeneralSettingsDescription": "Organizasyon detaylarınızı ve yapılandırmanızı yönetin", + "saveGeneralSettings": "Genel Ayarları Kaydet", + "saveSettings": "Ayarları Kaydet", + "orgDangerZone": "Tehlike Alanı", + "orgDangerZoneDescription": "Bu organizasyonu sildikten sonra geri dönüş yoktur. Emin olun.", + "orgDelete": "Organizasyonu Sil", + "orgDeleteConfirm": "Organizasyon Silmeyi Onayla", + "orgMessageRemove": "Bu işlem geri alınamaz ve tüm ilişkili verileri silecektir.", + "orgMessageConfirm": "Onaylamak için lütfen aşağıya organizasyonun adını yazın.", + "orgQuestionRemove": "{selectedOrg} organizasyonunu kaldırmak istediğinizden emin misiniz?", + "orgUpdated": "Organizasyon güncellendi", + "orgUpdatedDescription": "Organizasyon güncellendi.", + "orgErrorUpdate": "Organizasyon güncellenemedi", + "orgErrorUpdateMessage": "Organizasyon güncellenirken bir hata oluştu.", + "orgErrorFetch": "Organizasyonlar getirilemedi", + "orgErrorFetchMessage": "Organizasyonlarınız listelenirken bir hata oluştu", + "orgErrorDelete": "Organizasyon silinemedi", + "orgErrorDeleteMessage": "Organizasyon silinirken bir hata oluştu.", + "orgDeleted": "Organizasyon silindi", + "orgDeletedMessage": "Organizasyon ve verileri silindi.", + "orgMissing": "Organizasyon Kimliği Eksik", + "orgMissingMessage": "Organizasyon kimliği olmadan daveti yeniden oluşturmanız mümkün değildir.", + "accessUsersManage": "Kullanıcıları Yönet", + "accessUsersDescription": "Kullanıcıları davet edin ve erişimi yönetmek için rollere ekleyin", + "accessUsersSearch": "Kullanıcıları ara...", + "accessUserCreate": "Kullanıcı Oluştur", + "accessUserRemove": "Kullanıcıyı Kaldır", + "username": "Kullanıcı Adı", + "identityProvider": "General Information", + "role": "Rol", + "nameRequired": "Ad gereklidir", + "accessRolesManage": "Rolleri Yönet", + "accessRolesDescription": "Organizasyonunuza erişimi yönetmek için rolleri yapılandırın", + "accessRolesSearch": "Rolleri ara...", + "accessRolesAdd": "Rol Ekle", + "accessRoleDelete": "Rolü Sil", + "description": "Açıklama", + "inviteTitle": "Açık Davetiyeler", + "inviteDescription": "Davetiyelerinizi diğer kullanıcılarla yönetin", + "inviteSearch": "Davetiyeleri ara...", + "minutes": "Dakika", + "hours": "Saat", + "days": "Gün", + "weeks": "Hafta", + "months": "Ay", + "years": "Yıl", + "day": "{count, plural, one {# gün} other {# gün}}", + "apiKeysTitle": "API Anahtar Bilgilendirmesi", + "apiKeysConfirmCopy2": "API anahtarını kopyaladığınızı onaylamanız gerekmektedir.", + "apiKeysErrorCreate": "API anahtarı oluşturulurken hata", + "apiKeysErrorSetPermission": "İzinler ayarlanırken hata", + "apiKeysCreate": "API Anahtarı Oluştur", + "apiKeysCreateDescription": "Organizasyonunuz için yeni bir API anahtarı oluşturun", + "apiKeysGeneralSettings": "İzinler", + "apiKeysGeneralSettingsDescription": "Bu API anahtarının neler yapabileceğini belirleyin", + "apiKeysList": "API Anahtarınız", + "apiKeysSave": "API Anahtarınızı Kaydedin", + "apiKeysSaveDescription": "Bunu yalnızca bir kez görebileceksiniz. Güvenli bir yere kopyaladığınızdan emin olun.", + "apiKeysInfo": "API anahtarınız:", + "apiKeysConfirmCopy": "API anahtarını kopyaladım", + "generate": "Oluştur", + "done": "Tamamlandı", + "apiKeysSeeAll": "Tüm API Anahtarlarını Gör", + "apiKeysPermissionsErrorLoadingActions": "API anahtarı eylemleri yüklenirken bir hata oluştu", + "apiKeysPermissionsErrorUpdate": "İzin ayarları sırasında bir hata oluştu", + "apiKeysPermissionsUpdated": "İzinler güncellendi", + "apiKeysPermissionsUpdatedDescription": "İzinler güncellenmiştir.", + "apiKeysPermissionsGeneralSettings": "İzinler", + "apiKeysPermissionsGeneralSettingsDescription": "Bu API anahtarının neler yapabileceğini belirleyin", + "apiKeysPermissionsSave": "İzinleri Kaydet", + "apiKeysPermissionsTitle": "İzinler", + "apiKeys": "API Anahtarları", + "searchApiKeys": "API anahtarlarını ara...", + "apiKeysAdd": "API Anahtarı Oluştur", + "apiKeysErrorDelete": "API anahtarı silinirken bir hata oluştu", + "apiKeysErrorDeleteMessage": "API anahtarı silinirken bir hata oluştu", + "apiKeysQuestionRemove": "{selectedApiKey} API anahtarını organizasyondan kaldırmak istediğinizden emin misiniz?", + "apiKeysMessageRemove": "Kaldırıldığında, API anahtarı artık kullanılamayacaktır.", + "apiKeysMessageConfirm": "Onaylamak için lütfen aşağıya API anahtarının adını yazın.", + "apiKeysDeleteConfirm": "API Anahtarının Silinmesini Onaylayın", + "apiKeysDelete": "API Anahtarını Sil", + "apiKeysManage": "API Anahtarlarını Yönet", + "apiKeysDescription": "API anahtarları entegrasyon API'sini doğrulamak için kullanılır", + "apiKeysSettings": "{apiKeyName} Ayarları", + "userTitle": "Tüm Kullanıcıları Yönet", + "userDescription": "Sistemdeki tüm kullanıcıları görün ve yönetin", + "userAbount": "Kullanıcı Yönetimi Hakkında", + "userAbountDescription": "Bu tablo sistemdeki tüm kök kullanıcı nesnelerini gösterir. Her kullanıcı birden fazla organizasyona ait olabilir. Bir kullanıcıyı bir organizasyondan kaldırmak, onların kök kullanıcı nesnesini silmez - sistemde kalmaya devam ederler. Bir kullanıcıyı sistemden tamamen kaldırmak için, bu tablodaki silme işlemini kullanarak kök kullanıcı nesnesini silmelisiniz.", + "userServer": "Sunucu Kullanıcıları", + "userSearch": "Sunucu kullanıcılarını ara...", + "userErrorDelete": "Kullanıcı silme hatası", + "userDeleteConfirm": "Kullanıcı Silinmesini Onayla", + "userDeleteServer": "Kullanıcıyı Sunucudan Sil", + "userMessageRemove": "Kullanıcı tüm organizasyonlardan çıkarılacak ve tamamen sunucudan kaldırılacaktır.", + "userMessageConfirm": "Onaylamak için lütfen aşağıya kullanıcının adını yazın.", + "userQuestionRemove": "{selectedUser} kullanıcısını sunucudan kalıcı olarak silmek istediğinizden emin misiniz?", + "licenseKey": "Lisans Anahtarı", + "valid": "Geçerli", + "numberOfSites": "Site Sayısı", + "licenseKeySearch": "Lisans anahtarlarını ara...", + "licenseKeyAdd": "Lisans Anahtarı Ekle", + "type": "Tür", + "licenseKeyRequired": "Lisans anahtarı gereklidir", + "licenseTermsAgree": "Lisans koşullarını kabul etmelisiniz", + "licenseErrorKeyLoad": "Lisans anahtarları yüklenemedi", + "licenseErrorKeyLoadDescription": "Lisans anahtarları yüklenirken bir hata oluştu.", + "licenseErrorKeyDelete": "Lisans anahtarı silinemedi", + "licenseErrorKeyDeleteDescription": "Lisans anahtarı silinirken bir hata oluştu.", + "licenseKeyDeleted": "Lisans anahtarı silindi", + "licenseKeyDeletedDescription": "Lisans anahtarı silinmiştir.", + "licenseErrorKeyActivate": "Lisans anahtarı etkinleştirilemedi", + "licenseErrorKeyActivateDescription": "Lisans anahtarı etkinleştirilirken bir hata oluştu.", + "licenseAbout": "Lisans Hakkında", + "communityEdition": "Topluluk Sürümü", + "licenseAboutDescription": "Bu, Pangolin'i ticari bir ortamda kullanan işletme ve kurumsal kullanıcılar içindir. Pangolin'i kişisel kullanım için kullanıyorsanız, bu bölümü görmezden gelebilirsiniz.", + "licenseKeyActivated": "Lisans anahtarı etkinleştirildi", + "licenseKeyActivatedDescription": "Lisans anahtarı başarıyla etkinleştirildi.", + "licenseErrorKeyRecheck": "Lisans anahtarları yeniden kontrol edilemedi", + "licenseErrorKeyRecheckDescription": "Lisans anahtarları yeniden kontrol edilirken bir hata oluştu.", + "licenseErrorKeyRechecked": "Lisans anahtarları yeniden kontrol edildi", + "licenseErrorKeyRecheckedDescription": "Tüm lisans anahtarları yeniden kontrol edilmiştir", + "licenseActivateKey": "Lisans Anahtarını Etkinleştir", + "licenseActivateKeyDescription": "Etkinleştirmek için bir lisans anahtarı girin.", + "licenseActivate": "Lisansı Etkinleştir", + "licenseAgreement": "Bu kutuyu işaretleyerek, lisans anahtarınıza bağlı olan seviye ile ilgili lisans koşullarını okuduğunuzu ve kabul ettiğinizi onaylıyorsunuz.", + "fossorialLicense": "Fossorial Ticari Lisans ve Abonelik Koşullarını Gör", + "licenseMessageRemove": "Bu, lisans anahtarını ve onun tarafından verilen tüm izinleri kaldıracaktır.", + "licenseMessageConfirm": "Onaylamak için lütfen aşağıya lisans anahtarını yazın.", + "licenseQuestionRemove": "{selectedKey} lisans anahtarını silmek istediğinizden emin misiniz?", + "licenseKeyDelete": "Lisans Anahtarını Sil", + "licenseKeyDeleteConfirm": "Lisans Anahtarının Silinmesini Onaylayın", + "licenseTitle": "Lisans Durumunu Yönet", + "licenseTitleDescription": "Sistemdeki lisans anahtarlarını görüntüleyin ve yönetin", + "licenseHost": "Ana Lisans", + "licenseHostDescription": "Ana bilgisayar için ana lisans anahtarını yönetin.", + "licensedNot": "Lisanssız", + "hostId": "Ana Bilgisayar Kimliği", + "licenseReckeckAll": "Tüm Anahtarları Yeniden Kontrol Et", + "licenseSiteUsage": "Site Kullanımı", + "licenseSiteUsageDecsription": "Bu lisansı kullanan sitelerin sayısını görüntüleyin.", + "licenseNoSiteLimit": "Lisanssız ana bilgisayar kullanan site sayısında herhangi bir sınır yoktur.", + "licensePurchase": "Lisans Satın Al", + "licensePurchaseSites": "Ek Siteler Satın Al", + "licenseSitesUsedMax": "{usedSites} / {maxSites} siteleri kullanıldı", + "licenseSitesUsed": "{count, plural, =0 {# site} one {# site} other {# site}} sistemde bulunmaktadır.", + "licensePurchaseDescription": "{selectedMode, select, license {Lisans satın almak için kaç site istediğinizi seçin. Daha sonra daha fazla site ekleyebilirsiniz.} other {mevcut lisansınıza kaç site ekleneceğini seçin.}}", + "licenseFee": "Lisans ücreti", + "licensePriceSite": "Site başına fiyat", + "total": "Toplam", + "licenseContinuePayment": "Ödemeye Devam Et", + "pricingPage": "fiyatlandırma sayfası", + "pricingPortal": "Satın Alma Portalını Gör", + "licensePricingPage": "En güncel fiyatlandırma ve indirimler için lütfen ", + "invite": "Davetiye", + "inviteRegenerate": "Daveti Tekrar Üret", + "inviteRegenerateDescription": "Önceki daveti iptal et ve yenisini oluştur", + "inviteRemove": "Daveti Kaldır", + "inviteRemoveError": "Kaldırma işlemi başarısız oldu", + "inviteRemoveErrorDescription": "Daveti kaldırırken bir hata oluştu.", + "inviteRemoved": "Davetiye kaldırıldı", + "inviteRemovedDescription": "{email} için olan davetiye kaldırıldı.", + "inviteQuestionRemove": "{email} davetini kaldırmak istediğinizden emin misiniz?", + "inviteMessageRemove": "Kaldırıldıktan sonra bu davetiye artık geçerli olmayacak. Kullanıcı tekrar davet edilebilir.", + "inviteMessageConfirm": "Onaylamak için lütfen aşağıya davetiyenin e-posta adresini yazın.", + "inviteQuestionRegenerate": "Are you sure you want to regenerate the invitation for{email, plural, ='' {}, other { for #}}? This will revoke the previous invitation.", + "inviteRemoveConfirm": "Daveti Kaldırmayı Onayla", + "inviteRegenerated": "Davetiye Yenilendi", + "inviteSent": "{email} adresine yeni bir davet gönderildi.", + "inviteSentEmail": "Kullanıcıya e-posta bildirimi gönder", + "inviteGenerate": "{email} için yeni bir davetiye oluşturuldu.", + "inviteDuplicateError": "Yinelenen Davet", + "inviteDuplicateErrorDescription": "Bu kullanıcı için zaten bir davetiye mevcut.", + "inviteRateLimitError": "Hız Sınırı Aşıldı", + "inviteRateLimitErrorDescription": "Saatte 3 yenileme sınırını aştınız. Lütfen daha sonra tekrar deneyiniz.", + "inviteRegenerateError": "Daveti Tekrar Üretme Başarısız", + "inviteRegenerateErrorDescription": "Daveti yenilerken bir hata oluştu.", + "inviteValidityPeriod": "Geçerlilik Süresi", + "inviteValidityPeriodSelect": "Geçerlilik süresini seçin", + "inviteRegenerateMessage": "Davetiye yenilendi. Kullanıcının daveti kabul etmek için aşağıdaki bağlantıya erişmesi gerekiyor.", + "inviteRegenerateButton": "Yeniden Üret", + "expiresAt": "Bitiş Tarihi", + "accessRoleUnknown": "Bilinmeyen Rol", + "placeholder": "Yer Tutucu", + "userErrorOrgRemove": "Kullanıcı kaldırma başarısız oldu", + "userErrorOrgRemoveDescription": "Kullanıcı kaldırılırken bir hata oluştu.", + "userOrgRemoved": "Kullanıcı kaldırıldı", + "userOrgRemovedDescription": "{email} kullanıcı organizasyondan kaldırılmıştır.", + "userQuestionOrgRemove": "{email} adresini organizasyondan kaldırmak istediğinizden emin misiniz?", + "userMessageOrgRemove": "Kaldırıldığında, bu kullanıcı organizasyona artık erişim sağlayamayacak. Kullanıcı tekrar davet edilebilir, ancak daveti kabul etmesi gerekecek.", + "userMessageOrgConfirm": "Onaylamak için lütfen aşağıya kullanıcının adını yazın.", + "userRemoveOrgConfirm": "Kullanıcıyı Kaldırmayı Onayla", + "userRemoveOrg": "Kullanıcıyı Organizasyondan Kaldır", + "users": "Kullanıcılar", + "accessRoleMember": "Üye", + "accessRoleOwner": "Sahip", + "userConfirmed": "Onaylandı", + "idpNameInternal": "Dahili", + "emailInvalid": "Geçersiz e-posta adresi", + "inviteValidityDuration": "Lütfen bir süre seçin", + "accessRoleSelectPlease": "Lütfen bir rol seçin", + "usernameRequired": "Kullanıcı adı gereklidir", + "idpSelectPlease": "Lütfen bir kimlik sağlayıcı seçin", + "idpGenericOidc": "Genel OAuth2/OIDC sağlayıcısı.", + "accessRoleErrorFetch": "Roller alınamadı", + "accessRoleErrorFetchDescription": "Roller alınırken bir hata oluştu", + "idpErrorFetch": "Kimlik sağlayıcıları alınamadı", + "idpErrorFetchDescription": "Kimlik sağlayıcıları alınırken bir hata oluştu", + "userErrorExists": "Kullanıcı Zaten Mevcut", + "userErrorExistsDescription": "Bu kullanıcı zaten organizasyonun bir üyesidir.", + "inviteError": "Kullanıcı davet etme başarısız oldu", + "inviteErrorDescription": "Kullanıcı davet edilirken bir hata oluştu", + "userInvited": "Kullanıcı davet edildi", + "userInvitedDescription": "Kullanıcı başarıyla davet edilmiştir.", + "userErrorCreate": "Kullanıcı oluşturulamadı", + "userErrorCreateDescription": "Kullanıcı oluşturulurken bir hata oluştu", + "userCreated": "Kullanıcı oluşturuldu", + "userCreatedDescription": "Kullanıcı başarıyla oluşturulmuştur.", + "userTypeInternal": "Dahili Kullanıcı", + "userTypeInternalDescription": "Kullanıcınızı doğrudan organizasyonunuza davet edin.", + "userTypeExternal": "Harici Kullanıcı", + "userTypeExternalDescription": "Harici bir kimlik sağlayıcısıyla kullanıcı oluşturun.", + "accessUserCreateDescription": "Yeni bir kullanıcı oluşturmak için aşağıdaki adımları izleyin", + "userSeeAll": "Tüm Kullanıcıları Gör", + "userTypeTitle": "Kullanıcı Türü", + "userTypeDescription": "Kullanıcı oluşturma yöntemini belirleyin", + "userSettings": "Kullanıcı Bilgileri", + "userSettingsDescription": "Yeni kullanıcı için detayları girin", + "inviteEmailSent": "Kullanıcıya davet e-postası gönder", + "inviteValid": "Geçerli Süresi", + "selectDuration": "Süreyi seçin", + "accessRoleSelect": "Rol seçin", + "inviteEmailSentDescription": "Kullanıcıya erişim bağlantısı ile bir e-posta gönderildi. Daveti kabul etmek için bağlantıya erişmelidirler.", + "inviteSentDescription": "Kullanıcı davet edilmiştir. Daveti kabul etmek için aşağıdaki bağlantıya erişmelidirler.", + "inviteExpiresIn": "Davetiye {days, plural, one {# gün} other {# gün}} içinde sona erecektir.", + "idpTitle": "General Information", + "idpSelect": "Dış kullanıcı için kimlik sağlayıcıyı seçin", + "idpNotConfigured": "Herhangi bir kimlik sağlayıcı yapılandırılmamış. Harici kullanıcılar oluşturulmadan önce lütfen bir kimlik sağlayıcı yapılandırın.", + "usernameUniq": "Bu, seçilen kimlik sağlayıcısında bulunan benzersiz kullanıcı adıyla eşleşmelidir.", + "emailOptional": "E-posta (İsteğe Bağlı)", + "nameOptional": "İsim (İsteğe Bağlı)", + "accessControls": "Erişim Kontrolleri", + "userDescription2": "Bu kullanıcı üzerindeki ayarları yönetin", + "accessRoleErrorAdd": "Kullanıcıyı role ekleme başarısız oldu", + "accessRoleErrorAddDescription": "Kullanıcı role eklenirken bir hata oluştu.", + "userSaved": "Kullanıcı kaydedildi", + "userSavedDescription": "Kullanıcı güncellenmiştir.", + "accessControlsDescription": "Bu kullanıcının organizasyonda neleri erişebileceğini ve yapabileceğini yönetin", + "accessControlsSubmit": "Erişim Kontrollerini Kaydet", + "roles": "Roller", + "accessUsersRoles": "Kullanıcılar ve Roller Yönetin", + "accessUsersRolesDescription": "Kullanıcılara davet gönderin ve organizasyonunuza erişim yönetmek için rollere ekleyin", + "key": "Anahtar", + "createdAt": "Oluşturulma Tarihi", + "proxyErrorInvalidHeader": "Geçersiz özel Ana Bilgisayar Başlığı değeri. Alan adı formatını kullanın veya özel Ana Bilgisayar Başlığını ayarlamak için boş bırakın.", + "proxyErrorTls": "Geçersiz TLS Sunucu Adı. Alan adı formatını kullanın veya TLS Sunucu Adını kaldırmak için boş bırakılsın.", + "proxyEnableSSL": "SSL'yi Etkinleştir (https)", + "targetErrorFetch": "Hedefleri alamadı", + "targetErrorFetchDescription": "Hedefler alınırken bir hata oluştu", + "siteErrorFetch": "kaynağa ulaşılamadı", + "siteErrorFetchDescription": "kaynağa ulaşılırken bir hata oluştu", + "targetErrorDuplicate": "Yinelenen hedef", + "targetErrorDuplicateDescription": "Bu ayarlarla zaten bir hedef mevcut", + "targetWireGuardErrorInvalidIp": "Geçersiz hedef IP'si", + "targetWireGuardErrorInvalidIpDescription": "Hedef IP, site alt ağında olmalıdır", + "targetsUpdated": "Hedefler Güncellendi", + "targetsUpdatedDescription": "Hedefler ve ayarlar başarıyla güncellendi", + "targetsErrorUpdate": "Hedefler güncellenemedi", + "targetsErrorUpdateDescription": "Hedefler güncellenirken bir hata oluştu", + "targetTlsUpdate": "TLS ayarları güncellendi", + "targetTlsUpdateDescription": "TLS ayarlarınız başarıyla güncellendi", + "targetErrorTlsUpdate": "TLS ayarları güncellenemedi", + "targetErrorTlsUpdateDescription": "TLS ayarlarını güncellerken bir hata oluştu", + "proxyUpdated": "Proxy ayarları güncellendi", + "proxyUpdatedDescription": "Proxy ayarlarınız başarıyla güncellenmiştir", + "proxyErrorUpdate": "Proxy ayarları güncellenemedi", + "proxyErrorUpdateDescription": "Proxy ayarlarını güncellerken bir hata oluştu", + "targetAddr": "IP / Hostname", + "targetPort": "Bağlantı Noktası", + "targetProtocol": "Protokol", + "targetTlsSettings": "HTTPS & TLS Settings", + "targetTlsSettingsDescription": "Configure TLS settings for your resource", + "targetTlsSettingsAdvanced": "Gelişmiş TLS Ayarları", + "targetTlsSni": "TLS Sunucu Adı (SNI)", + "targetTlsSniDescription": "SNI için kullanılacak TLS Sunucu Adı'", + "targetTlsSubmit": "Ayarları Kaydet", + "targets": "Hedefler Konfigürasyonu", + "targetsDescription": "Trafiği arka uç hizmetlerinize yönlendirmek için hedefleri ayarlayın", + "targetStickySessions": "Yapışkan Oturumları Etkinleştir", + "targetStickySessionsDescription": "Bağlantıları oturum süresince aynı arka uç hedef üzerinde tutun.", + "methodSelect": "Yöntemi Seç", + "targetSubmit": "Hedef Ekle", + "targetNoOne": "Hiçbir hedef yok. Formu kullanarak bir hedef ekleyin.", + "targetNoOneDescription": "Yukarıdaki birden fazla hedef ekleyerek yük dengeleme etkinleştirilecektir.", + "targetsSubmit": "Hedefleri Kaydet", + "proxyAdditional": "Ek Proxy Ayarları", + "proxyAdditionalDescription": "Kaynağınızın proxy ayarlarını nasıl yöneteceğini yapılandırın", + "proxyCustomHeader": "Özel Ana Bilgisayar Başlığı", + "proxyCustomHeaderDescription": "İstekleri proxy'lerken ayarlanacak ana bilgisayar başlığı. Varsayılanı kullanmak için boş bırakılır.", + "proxyAdditionalSubmit": "Proxy Ayarlarını Kaydet", + "subnetMaskErrorInvalid": "Geçersiz alt ağ maskesi. 0 ile 32 arasında olmalıdır.", + "ipAddressErrorInvalidFormat": "Geçersiz IP adresi formatı", + "ipAddressErrorInvalidOctet": "Geçersiz IP adresi okteti", + "path": "Yol", + "ipAddressRange": "IP Aralığı", + "rulesErrorFetch": "Kurallar alınamadı", + "rulesErrorFetchDescription": "Kurallar alınırken bir hata oluştu", + "rulesErrorDuplicate": "Yinelenen kural", + "rulesErrorDuplicateDescription": "Bu ayarlara sahip bir kural zaten mevcut", + "rulesErrorInvalidIpAddressRange": "Geçersiz CIDR", + "rulesErrorInvalidIpAddressRangeDescription": "Lütfen geçerli bir CIDR değeri girin", + "rulesErrorInvalidUrl": "Geçersiz URL yolu", + "rulesErrorInvalidUrlDescription": "Lütfen geçerli bir URL yolu değeri girin", + "rulesErrorInvalidIpAddress": "Geçersiz IP", + "rulesErrorInvalidIpAddressDescription": "Lütfen geçerli bir IP adresi girin", + "rulesErrorUpdate": "Kurallar güncellenemedi", + "rulesErrorUpdateDescription": "Kurallar güncellenirken bir hata oluştu", + "rulesUpdated": "Kuralları Etkinleştir", + "rulesUpdatedDescription": "Kural değerlendirmesi güncellendi", + "rulesMatchIpAddressRangeDescription": "CIDR formatında bir adres girin (örneğin, 103.21.244.0/22)", + "rulesMatchIpAddress": "Bir IP adresi girin (örneğin, 103.21.244.12)", + "rulesMatchUrl": "Bir URL yolu veya deseni girin (örneğin, /api/v1/todos veya /api/v1/*)", + "rulesErrorInvalidPriority": "Geçersiz Öncelik", + "rulesErrorInvalidPriorityDescription": "Lütfen geçerli bir öncelik girin", + "rulesErrorDuplicatePriority": "Yinelenen Öncelikler", + "rulesErrorDuplicatePriorityDescription": "Lütfen benzersiz öncelikler girin", + "ruleUpdated": "Kurallar güncellendi", + "ruleUpdatedDescription": "Kurallar başarıyla güncellendi", + "ruleErrorUpdate": "Operasyon başarısız oldu", + "ruleErrorUpdateDescription": "Kaydetme operasyonu sırasında bir hata oluştu", + "rulesPriority": "Öncelik", + "rulesAction": "Aksiyon", + "rulesMatchType": "Eşleşme Türü", + "value": "Değer", + "rulesAbout": "Kurallar Hakkında", + "rulesAboutDescription": "Kurallar, kaynağınıza erişimi belirli bir kriterlere göre kontrol etmenizi sağlar. IP adresi veya URL yolu temelinde erişimi izin vermek veya engellemek için kurallar oluşturabilirsiniz.", + "rulesActions": "Aksiyonlar", + "rulesActionAlwaysAllow": "Her Zaman İzin Ver: Tüm kimlik doğrulama yöntemlerini atlayın", + "rulesActionAlwaysDeny": "Her Zaman Reddedin: Tüm istekleri engelleyin; kimlik doğrulaması yapılamaz", + "rulesActionPassToAuth": "Kimlik Doğrulamasına Geç: Kimlik doğrulama yöntemlerinin denenmesine izin ver", + "rulesMatchCriteria": "Eşleşme Kriterleri", + "rulesMatchCriteriaIpAddress": "Belirli bir IP adresi ile eşleşme", + "rulesMatchCriteriaIpAddressRange": "CIDR gösteriminde bir IP adresi aralığı ile eşleşme", + "rulesMatchCriteriaUrl": "Bir URL yolu veya deseni ile eşleşme", + "rulesEnable": "Kuralları Etkinleştir", + "rulesEnableDescription": "Bu kaynak için kural değerlendirmesini etkinleştirin veya devre dışı bırakın", + "rulesResource": "Kaynak Kuralları Yapılandırması", + "rulesResourceDescription": "Kaynağınıza erişimi kontrol etmek için kuralları yapılandırın", + "ruleSubmit": "Kural Ekle", + "rulesNoOne": "Kural yok. Formu kullanarak bir kural ekleyin.", + "rulesOrder": "Kurallar, artan öncelik sırasına göre değerlendirilir.", + "rulesSubmit": "Kuralları Kaydet", + "resourceErrorCreate": "Kaynak oluşturma hatası", + "resourceErrorCreateDescription": "Kaynak oluşturulurken bir hata oluştu", + "resourceErrorCreateMessage": "Kaynak oluşturma hatası:", + "resourceErrorCreateMessageDescription": "Beklenmeyen bir hata oluştu", + "sitesErrorFetch": "Siteler alınırken hata oluştu", + "sitesErrorFetchDescription": "Siteler alınırken bir hata oluştu", + "domainsErrorFetch": "Alanlar alınırken hata oluştu", + "domainsErrorFetchDescription": "Alanlar alınırken bir hata oluştu", + "none": "Hiçbiri", + "unknown": "Bilinmiyor", + "resources": "Kaynaklar", + "resourcesDescription": "Kaynaklar, özel ağınızda çalışan uygulamalara proxy görevi görür. Özel ağınızdaki herhangi bir HTTP/HTTPS veya ham TCP/UDP hizmeti için bir kaynak oluşturun. Her kaynak, şifreli bir WireGuard tüneli aracılığıyla özel ve güvenli bağlantıyı etkinleştirmek için bir siteye bağlı olmalıdır.", + "resourcesWireGuardConnect": "WireGuard şifreleme ile güvenli bağlantı", + "resourcesMultipleAuthenticationMethods": "Birden fazla kimlik doğrulama yöntemi yapılandırın", + "resourcesUsersRolesAccess": "Kullanıcı ve rol tabanlı erişim kontrolü", + "resourcesErrorUpdate": "Kaynak değiştirilemedi", + "resourcesErrorUpdateDescription": "Kaynak güncellenirken bir hata oluştu", + "access": "Erişim", + "shareLink": "{resource} Paylaşım Bağlantısı", + "resourceSelect": "Kaynak seçin", + "shareLinks": "Paylaşım Bağlantıları", + "share": "Paylaşılabilir Bağlantılar", + "shareDescription2": "Kaynaklarınıza geçici veya sınırsız erişim sağlamak için paylaşılabilir bağlantılar oluşturun. Bağlantı oluştururken sona erme süresini yapılandırabilirsiniz.", + "shareEasyCreate": "Kolayca oluştur ve paylaş", + "shareConfigurableExpirationDuration": "Yapılandırılabilir sona erme süresi", + "shareSecureAndRevocable": "Güvenli ve iptal edilebilir", + "nameMin": "İsim en az {len} karakter olmalıdır.", + "nameMax": "İsim {len} karakterden uzun olmamalıdır.", + "sitesConfirmCopy": "Yapılandırmayı kopyaladığınızı onaylayın.", + "unknownCommand": "Bilinmeyen komut", + "newtErrorFetchReleases": "Sürüm bilgileri alınamadı: {err}", + "newtErrorFetchLatest": "Son sürüm alınırken hata: {err}", + "newtEndpoint": "Newt Uç Noktası", + "newtId": "Newt Kimliği", + "newtSecretKey": "Newt Gizli Anahtarı", + "architecture": "Mimari", + "sites": "Siteler", + "siteWgAnyClients": "Herhangi bir WireGuard istemcisi kullanarak bağlanın. Dahili kaynaklarınıza eş IP adresini kullanarak erişmeniz gerekecek.", + "siteWgCompatibleAllClients": "Tüm WireGuard istemcileriyle uyumlu", + "siteWgManualConfigurationRequired": "Manuel yapılandırma gerekli", + "userErrorNotAdminOrOwner": "Kullanıcı yönetici veya sahibi değil", + "pangolinSettings": "Ayarlar - Pangolin", + "accessRoleYour": "Rolünüz:", + "accessRoleSelect2": "Bir rol seçin", + "accessUserSelect": "Bir kullanıcı seçin", + "otpEmailEnter": "Bir e-posta girin", + "otpEmailEnterDescription": "E-posta girdikten sonra girdi alanına yazıp enter'a basın.", + "otpEmailErrorInvalid": "Geçersiz e-posta adresi. Joker karakter (*) yerel kısmın tamamı olmalıdır.", + "otpEmailSmtpRequired": "SMTP Gerekli", + "otpEmailSmtpRequiredDescription": "Tek seferlik şifre kimlik doğrulamasını kullanmak için, sunucuda SMTP etkinleştirilmelidir.", + "otpEmailTitle": "Tek Seferlik Şifreler", + "otpEmailTitleDescription": "Kaynak erişimi için e-posta tabanlı kimlik doğrulamasını zorunlu kılın", + "otpEmailWhitelist": "E-posta Beyaz Listesi", + "otpEmailWhitelistList": "Beyaz Listeye Alınan E-postalar", + "otpEmailWhitelistListDescription": "Yalnızca bu e-posta adresleriyle kullanıcılar bu kaynağa erişebilecektir. E-postalarına gönderilen tek seferlik şifreyi girmeleri istenecektir. Bir etki alanından herhangi bir e-posta adresine izin vermek için joker karakterler (*@example.com) kullanılabilir.", + "otpEmailWhitelistSave": "Beyaz Listeyi Kaydet", + "passwordAdd": "Şifre Ekle", + "passwordRemove": "Şifre Kaldır", + "pincodeAdd": "PIN Kodu Ekle", + "pincodeRemove": "PIN Kodu Kaldır", + "resourceAuthMethods": "Kimlik Doğrulama Yöntemleri", + "resourceAuthMethodsDescriptions": "Ek kimlik doğrulama yöntemleriyle kaynağa erişime izin verin", + "resourceAuthSettingsSave": "Başarıyla kaydedildi", + "resourceAuthSettingsSaveDescription": "Kimlik doğrulama ayarları kaydedildi", + "resourceErrorAuthFetch": "Veriler alınamadı", + "resourceErrorAuthFetchDescription": "Veri alınırken bir hata oluştu", + "resourceErrorPasswordRemove": "Kaynak şifresi kaldırılırken hata oluştu", + "resourceErrorPasswordRemoveDescription": "Kaynak şifresi kaldırılırken bir hata oluştu", + "resourceErrorPasswordSetup": "Kaynak şifresi ayarlanırken hata oluştu", + "resourceErrorPasswordSetupDescription": "Kaynak şifresi ayarlanırken bir hata oluştu", + "resourceErrorPincodeRemove": "Kaynak pincode kaldırılırken hata oluştu", + "resourceErrorPincodeRemoveDescription": "Kaynak pincode kaldırılırken bir hata oluştu", + "resourceErrorPincodeSetup": "Kaynak PIN kodu ayarlanırken hata oluştu", + "resourceErrorPincodeSetupDescription": "Kaynak PIN kodu ayarlanırken bir hata oluştu", + "resourceErrorUsersRolesSave": "Roller kaydedilemedi", + "resourceErrorUsersRolesSaveDescription": "Roller ayarlanırken bir hata oluştu", + "resourceErrorWhitelistSave": "Beyaz liste kaydedilemedi", + "resourceErrorWhitelistSaveDescription": "Beyaz liste kaydedilirken bir hata oluştu", + "resourcePasswordSubmit": "Parola Korumasını Etkinleştir", + "resourcePasswordProtection": "Parola Koruması {status}", + "resourcePasswordRemove": "Kaynak parolası kaldırıldı", + "resourcePasswordRemoveDescription": "Kaynak parolası başarıyla kaldırıldı", + "resourcePasswordSetup": "Kaynak parolası ayarlandı", + "resourcePasswordSetupDescription": "Kaynak parolası başarıyla ayarlandı", + "resourcePasswordSetupTitle": "Parola Ayarla", + "resourcePasswordSetupTitleDescription": "Bu kaynağı korumak için bir parola ayarlayın", + "resourcePincode": "PIN Kodu", + "resourcePincodeSubmit": "PIN Kodu Korumasını Etkinleştir", + "resourcePincodeProtection": "PIN Kodu Koruması {status}", + "resourcePincodeRemove": "Kaynak pincode kaldırıldı", + "resourcePincodeRemoveDescription": "Kaynak parolası başarıyla kaldırıldı", + "resourcePincodeSetup": "Kaynak PIN kodu ayarlandı", + "resourcePincodeSetupDescription": "Kaynak pincode başarıyla ayarlandı", + "resourcePincodeSetupTitle": "Pincode Ayarla", + "resourcePincodeSetupTitleDescription": "Bu kaynağı korumak için bir pincode ayarlayın", + "resourceRoleDescription": "Yöneticiler her zaman bu kaynağa erişebilir.", + "resourceUsersRoles": "Kullanıcılar ve Roller", + "resourceUsersRolesDescription": "Bu kaynağı kimlerin ziyaret edebileceği kullanıcıları ve rolleri yapılandırın", + "resourceUsersRolesSubmit": "Kullanıcıları ve Rolleri Kaydet", + "resourceWhitelistSave": "Başarıyla kaydedildi", + "resourceWhitelistSaveDescription": "Beyaz liste ayarları kaydedildi", + "ssoUse": "Platform SSO'sunu Kullanın", + "ssoUseDescription": "Mevcut kullanıcılar yalnızca bir kez giriş yapmak zorunda kalacaktır bu etkinleştirildiğinde bütün kaynaklar için.", + "proxyErrorInvalidPort": "Geçersiz port numarası", + "subdomainErrorInvalid": "Geçersiz alt domain", + "domainErrorFetch": "Alanlar alınırken hata oluştu", + "domainErrorFetchDescription": "Alanlar alınırken bir hata oluştu", + "resourceErrorUpdate": "Kaynak güncellenemedi", + "resourceErrorUpdateDescription": "Kaynak güncellenirken bir hata oluştu", + "resourceUpdated": "Kaynak güncellendi", + "resourceUpdatedDescription": "Kaynak başarıyla güncellendi", + "resourceErrorTransfer": "Kaynak aktarılamadı", + "resourceErrorTransferDescription": "Kaynak aktarılırken bir hata oluştu", + "resourceTransferred": "Kaynak aktarıldı", + "resourceTransferredDescription": "Kaynak başarıyla aktarıldı", + "resourceErrorToggle": "Kaynak değiştirilemedi", + "resourceErrorToggleDescription": "Kaynak güncellenirken bir hata oluştu", + "resourceVisibilityTitle": "Görünürlük", + "resourceVisibilityTitleDescription": "Kaynak görünürlüğünü tamamen etkinleştirin veya devre dışı bırakın", + "resourceGeneral": "Genel Ayarlar", + "resourceGeneralDescription": "Bu kaynak için genel ayarları yapılandırın", + "resourceEnable": "Kaynağı Etkinleştir", + "resourceTransfer": "Kaynağı Aktar", + "resourceTransferDescription": "Bu kaynağı farklı bir siteye aktarın", + "resourceTransferSubmit": "Kaynağı Aktar", + "siteDestination": "Hedef Site", + "searchSites": "Siteleri ara", + "accessRoleCreate": "Rol Oluştur", + "accessRoleCreateDescription": "Kullanıcıları gruplamak ve izinlerini yönetmek için yeni bir rol oluşturun.", + "accessRoleCreateSubmit": "Rol Oluştur", + "accessRoleCreated": "Rol oluşturuldu", + "accessRoleCreatedDescription": "Rol başarıyla oluşturuldu.", + "accessRoleErrorCreate": "Rol oluşturulamadı", + "accessRoleErrorCreateDescription": "Rol oluşturulurken bir hata oluştu.", + "accessRoleErrorNewRequired": "Yeni rol gerekli", + "accessRoleErrorRemove": "Rol kaldırılamadı", + "accessRoleErrorRemoveDescription": "Rol kaldırılırken bir hata oluştu.", + "accessRoleName": "Rol Adı", + "accessRoleQuestionRemove": "{name} rolünü silmek üzeresiniz. Bu eylemi geri alamazsınız.", + "accessRoleRemove": "Rolü Kaldır", + "accessRoleRemoveDescription": "Kuruluştan bir rol kaldır", + "accessRoleRemoveSubmit": "Rolü Kaldır", + "accessRoleRemoved": "Rol kaldırıldı", + "accessRoleRemovedDescription": "Rol başarıyla kaldırıldı.", + "accessRoleRequiredRemove": "Bu rolü silmeden önce, mevcut üyeleri aktarmak için yeni bir rol seçin.", + "manage": "Yönet", + "sitesNotFound": "Site bulunamadı.", + "pangolinServerAdmin": "Sunucu Yöneticisi - Pangolin", + "licenseTierProfessional": "Profesyonel Lisans", + "licenseTierEnterprise": "Kurumsal Lisans", + "licenseTierCommercial": "Ticari Lisans", + "licensed": "Lisanslı", + "yes": "Evet", + "no": "Hayır", + "sitesAdditional": "Ek Siteler", + "licenseKeys": "Lisans Anahtarları", + "sitestCountDecrease": "Site sayısını azalt", + "sitestCountIncrease": "Site sayısını artır", + "idpManage": "Kimlik Sağlayıcılarını Yönet", + "idpManageDescription": "Sistem içindeki kimlik sağlayıcıları görün ve yönetin", + "idpDeletedDescription": "Kimlik sağlayıcı başarıyla silindi", + "idpOidc": "OAuth2/OIDC", + "idpQuestionRemove": "Kimlik sağlayıcıyı kalıcı olarak silmek istediğinizden emin misiniz? {name}", + "idpMessageRemove": "Bu, kimlik sağlayıcıyı ve tüm ilişkili yapılandırmaları kaldıracaktır. Bu sağlayıcıdan kimlik doğrulayan kullanıcılar artık giriş yapamayacaktır.", + "idpMessageConfirm": "Onaylamak için lütfen aşağıya kimlik sağlayıcının adını yazın.", + "idpConfirmDelete": "Kimlik Sağlayıcıyı Silme Onayı", + "idpDelete": "Kimlik Sağlayıcıyı Sil", + "idp": "Kimlik Sağlayıcıları", + "idpSearch": "Kimlik sağlayıcıları ara...", + "idpAdd": "Kimlik Sağlayıcı Ekle", + "idpClientIdRequired": "Müşteri Kimliği gereklidir.", + "idpClientSecretRequired": "Müşteri Gizli Anahtarı gereklidir.", + "idpErrorAuthUrlInvalid": "Kimlik Doğrulama URL'si geçerli bir URL olmalıdır.", + "idpErrorTokenUrlInvalid": "Token URL'si geçerli bir URL olmalıdır.", + "idpPathRequired": "Tanımlayıcı Yol gereklidir.", + "idpScopeRequired": "Kapsamlar gereklidir.", + "idpOidcDescription": "OpenID Connect kimlik sağlayıcısı yapılandırın", + "idpCreatedDescription": "Kimlik sağlayıcı başarıyla oluşturuldu", + "idpCreate": "Kimlik Sağlayıcı Oluştur", + "idpCreateDescription": "Kullanıcı kimlik doğrulaması için yeni bir kimlik sağlayıcı yapılandırın", + "idpSeeAll": "Tüm Kimlik Sağlayıcılarını Gör", + "idpSettingsDescription": "Kimlik sağlayıcınız için temel bilgileri yapılandırın", + "idpDisplayName": "Bu kimlik sağlayıcı için bir görüntü adı", + "idpAutoProvisionUsers": "Kullanıcıları Otomatik Sağla", + "idpAutoProvisionUsersDescription": "Etkinleştirildiğinde, kullanıcılar rol ve organizasyonlara eşleme yeteneğiyle birlikte sistemde otomatik olarak oluşturulacak.", + "licenseBadge": "Profesyonel", + "idpType": "Sağlayıcı Türü", + "idpTypeDescription": "Yapılandırmak istediğiniz kimlik sağlayıcısı türünü seçin", + "idpOidcConfigure": "OAuth2/OIDC Yapılandırması", + "idpOidcConfigureDescription": "OAuth2/OIDC sağlayıcı uç noktalarını ve kimlik bilgilerini yapılandırın", + "idpClientId": "Müşteri ID", + "idpClientIdDescription": "Kimlik sağlayıcınızdan alınan OAuth2 istemci kimliği", + "idpClientSecret": "Müşteri Gizli", + "idpClientSecretDescription": "Kimlik sağlayıcınızdan alınan OAuth2 istemci sırrı", + "idpAuthUrl": "Yetki URL'si", + "idpAuthUrlDescription": "OAuth2 yetki uç nokta URL'si", + "idpTokenUrl": "Token URL'si", + "idpTokenUrlDescription": "OAuth2 jeton uç nokta URL'si", + "idpOidcConfigureAlert": "Önemli Bilgi", + "idpOidcConfigureAlertDescription": "Kimlik sağlayıcısını oluşturduktan sonra, kimlik sağlayıcınızın ayarlarında geri arama URL'sini yapılandırmanız gerekecektir. Geri arama URL'si başarılı bir oluşturma işleminden sonra sağlanacaktır.", + "idpToken": "Token Yapılandırma", + "idpTokenDescription": "Kullanıcı bilgisini ID token'dan nasıl çıkaracağınızı yapılandırın", + "idpJmespathAbout": "JMESPath Hakkında", + "idpJmespathAboutDescription": "Aşağıdaki yollar, ID token'dan değerleri çıkarmak için JMESPath sözdizimini kullanır.", + "idpJmespathAboutDescriptionLink": "JMESPath hakkında daha fazla bilgi edinin", + "idpJmespathLabel": "Tanımlayıcı Yolu", + "idpJmespathLabelDescription": "The JMESPath to the user identifier in the ID token", + "idpJmespathEmailPathOptional": "E-posta Yolu (İsteğe Bağlı)", + "idpJmespathEmailPathOptionalDescription": "The JMESPath to the user's email in the ID token", + "idpJmespathNamePathOptional": "Ad Yolu (İsteğe Bağlı)", + "idpJmespathNamePathOptionalDescription": "The JMESPath to the user's name in the ID token", + "idpOidcConfigureScopes": "Kapsamlar", + "idpOidcConfigureScopesDescription": "Talep edilecek OAuth2 kapsamlarının boşlukla ayrılmış listesi", + "idpSubmit": "Kimlik Sağlayıcı Oluştur", + "orgPolicies": "Kuruluş Politikaları", + "idpSettings": "{idpName} Ayarları", + "idpCreateSettingsDescription": "Kimlik sağlayıcınız için ayarları yapılandırın", + "roleMapping": "Rol Eşlemesi", + "orgMapping": "Kuruluş Eşlemesi", + "orgPoliciesSearch": "Kuruluş politikalarını ara...", + "orgPoliciesAdd": "Kuruluş Politikası Ekle", + "orgRequired": "Kuruluş gereklidir", + "error": "Hata", + "success": "Başarı", + "orgPolicyAddedDescription": "Politika başarıyla eklendi", + "orgPolicyUpdatedDescription": "Politika başarıyla güncellendi", + "orgPolicyDeletedDescription": "Politika başarıyla silindi", + "defaultMappingsUpdatedDescription": "Varsayılan eşlemeler başarıyla güncellendi", + "orgPoliciesAbout": "Kuruluş Politikaları Hakkında", + "orgPoliciesAboutDescription": "Organization policies are used to control access to organizations based on the user's ID token. You can specify JMESPath expressions to extract role and organization information from the ID token. For more information, see", + "orgPoliciesAboutDescriptionLink": "the documentation", + "defaultMappingsOptional": "Varsayılan Eşlemeler (İsteğe Bağlı)", + "defaultMappingsOptionalDescription": "Varsayılan eşlemeler, bir kuruluş için bir kuruluş politikası tanımlı olmadığında kullanılır. Burada varsayılan rol ve kuruluş eşlemelerini belirtebilirsiniz.", + "defaultMappingsRole": "Varsayılan Rol Eşleme", + "defaultMappingsRoleDescription": "JMESPath to extract role information from the ID token. The result of this expression must return the role name as defined in the organization as a string.", + "defaultMappingsOrg": "Varsayılan Kuruluş Eşleme", + "defaultMappingsOrgDescription": "JMESPath to extract organization information from the ID token. This expression must return the org ID or true for the user to be allowed to access the organization.", + "defaultMappingsSubmit": "Varsayılan Eşlemeleri Kaydet", + "orgPoliciesEdit": "Kuruluş Politikasını Düzenle", + "org": "Kuruluş", + "orgSelect": "Kuruluşu seç", + "orgSearch": "Kuruluşu ara", + "orgNotFound": "Kuruluş bulunamadı.", + "roleMappingPathOptional": "Rol Eşleme Yolu (İsteğe Bağlı)", + "orgMappingPathOptional": "Kuruluş Eşleme Yolu (İsteğe Bağlı)", + "orgPolicyUpdate": "Politikayı Güncelle", + "orgPolicyAdd": "Politika Ekle", + "orgPolicyConfig": "Bir kuruluş için erişimi yapılandırın", + "idpUpdatedDescription": "Kimlik sağlayıcı başarıyla güncellendi", + "redirectUrl": "Yönlendirme URL'si", + "redirectUrlAbout": "Yönlendirme URL'si Hakkında", + "redirectUrlAboutDescription": "Bu, kimlik doğrulamasından sonra kullanıcıların yönlendirileceği URL'dir. Bu URL'yi kimlik sağlayıcınızın ayarlarında yapılandırmanız gerekir.", + "pangolinAuth": "Auth - Pangolin", + "verificationCodeLengthRequirements": "Doğrulama kodunuz 8 karakter olmalıdır.", + "errorOccurred": "Bir hata oluştu", + "emailErrorVerify": "E-posta doğrulanamadı: ", + "emailVerified": "E-posta başarıyla doğrulandı! Yönlendiriliyorsunuz...", + "verificationCodeErrorResend": "Doğrulama kodu yeniden gönderilemedi:", + "verificationCodeResend": "Doğrulama kodu yeniden gönderildi", + "verificationCodeResendDescription": "E-posta adresinize bir doğrulama kodu yeniden gönderdik. Lütfen gelen kutunuzu kontrol edin.", + "emailVerify": "E-posta Onayla", + "emailVerifyDescription": "E-posta adresinize gönderilen doğrulama kodunu girin.", + "verificationCode": "Doğrulama Kodu", + "verificationCodeEmailSent": "E-posta adresinize bir doğrulama kodu gönderdik.", + "submit": "Gönder", + "emailVerifyResendProgress": "Yeniden gönderiliyor...", + "emailVerifyResend": "Kod gelmedi mi? Tekrar göndermek için buraya tıklayın", + "passwordNotMatch": "Parolalar eşleşmiyor", + "signupError": "Kaydolurken bir hata oluştu", + "pangolinLogoAlt": "Pangolin Logosu", + "inviteAlready": "Davetiye gönderilmiş gibi görünüyor!", + "inviteAlreadyDescription": "Daveti kabul etmek için giriş yapmalı veya bir hesap oluşturmalısınız.", + "signupQuestion": "Zaten bir hesabınız var mı?", + "login": "Giriş yap", + "resourceNotFound": "No resources found", + "resourceNotFoundDescription": "Erişmeye çalıştığınız kaynak mevcut değil.", + "pincodeRequirementsLength": "PIN kesinlikle 6 haneli olmalıdır", + "pincodeRequirementsChars": "PIN sadece numaralardan oluşmalıdır", + "passwordRequirementsLength": "Şifre en az 1 karakter uzunluğunda olmalıdır", + "passwordRequirementsTitle": "Şifre gereksinimleri:", + "passwordRequirementLength": "En az 8 karakter uzunluğunda", + "passwordRequirementUppercase": "En az bir büyük harf", + "passwordRequirementLowercase": "En az bir küçük harf", + "passwordRequirementNumber": "En az bir sayı", + "passwordRequirementSpecial": "En az bir özel karakter", + "passwordRequirementsMet": "✓ Şifre tüm gereksinimleri karşılıyor", + "passwordStrength": "Şifre gücü", + "passwordStrengthWeak": "Zayıf", + "passwordStrengthMedium": "Orta", + "passwordStrengthStrong": "Güçlü", + "passwordRequirements": "Gereksinimler:", + "passwordRequirementLengthText": "8+ karakter", + "passwordRequirementUppercaseText": "Büyük harf (A-Z)", + "passwordRequirementLowercaseText": "Küçük harf (a-z)", + "passwordRequirementNumberText": "Sayı (0-9)", + "passwordRequirementSpecialText": "Özel karakter (!@#$%...)", + "passwordsDoNotMatch": "Parolalar eşleşmiyor", + "otpEmailRequirementsLength": "OTP en az 1 karakter uzunluğunda olmalıdır", + "otpEmailSent": "OTP Gönderildi", + "otpEmailSentDescription": "E-posta adresinize bir OTP gönderildi", + "otpEmailErrorAuthenticate": "E-posta ile kimlik doğrulama başarasız oldu", + "pincodeErrorAuthenticate": "PIN kodu ile kimlik doğrulama başarısız oldu", + "passwordErrorAuthenticate": "Şifre ile kimlik doğrulama başarısız oldu", + "poweredBy": "Tarafından sağlanmıştır", + "authenticationRequired": "Kimlik Doğrulama Gerekiyor", + "authenticationMethodChoose": "{name} erişimi için tercih edilen yöntemi seçin", + "authenticationRequest": "{name} erişimi için kimlik doğrulamanız gerekiyor", + "user": "Kullanıcı", + "pincodeInput": "6 haneli PIN Kodu", + "pincodeSubmit": "PIN ile Giriş Yap", + "passwordSubmit": "Şifre ile Giriş Yap", + "otpEmailDescription": "Bu e-posta adresine tek kullanımlık bir kod gönderilecektir.", + "otpEmailSend": "Tek Kullanımlık Kod Gönder", + "otpEmail": "Tek Kullanımlık Parola (OTP)", + "otpEmailSubmit": "OTP Gönder", + "backToEmail": "E-postaya Geri Dön", + "noSupportKey": "Sunucu destek anahtarı olmadan çalışıyor. Projeyi desteklemeyi düşünün!", + "accessDenied": "Erişim Reddedildi", + "accessDeniedDescription": "Bu kaynağa erişim izniniz yok. Bunun bir hata olduğunu düşünüyorsanız lütfen yöneticiyle iletişime geçin.", + "accessTokenError": "Erişim jetonu kontrol ederken hata oluştu", + "accessGranted": "Erişim İzni Verildi", + "accessUrlInvalid": "Erişim URL'si Geçersiz", + "accessGrantedDescription": "Bu kaynağa erişim izni verildi. Yönlendiriliyorsunuz...", + "accessUrlInvalidDescription": "Bu paylaşılan erişim URL'si geçersiz. Yeni bir URL için lütfen kaynak sahibine başvurun.", + "tokenInvalid": "Geçersiz jeton", + "pincodeInvalid": "Geçersiz kod", + "passwordErrorRequestReset": "Şifre sıfırlama isteği başarısız oldu:", + "passwordErrorReset": "Şifre sıfırlama başarısız oldu:", + "passwordResetSuccess": "Şifre başarıyla sıfırlandı! Girişe geri...", + "passwordReset": "Şifreyi Yenile", + "passwordResetDescription": "Şifrenizi sıfırlamak için adımları uygulayın", + "passwordResetSent": "Bu e-posta adresine bir şifre sıfırlama kodu gönderilecektir.", + "passwordResetCode": "Sıfırlama Kodu", + "passwordResetCodeDescription": "E-posta gelen kutunuzda sıfırlama kodunu kontrol edin.", + "passwordNew": "Yeni Şifre", + "passwordNewConfirm": "Yeni Şifreyi Onayla", + "pincodeAuth": "Kimlik Doğrulama Kodu", + "pincodeSubmit2": "Kodu Gönder", + "passwordResetSubmit": "Sıfırlama İsteği", + "passwordBack": "Şifreye Geri Dön", + "loginBack": "Girişe geri dön", + "signup": "Kaydol", + "loginStart": "Başlamak için giriş yapın", + "idpOidcTokenValidating": "OIDC token'ı doğrulanıyor", + "idpOidcTokenResponse": "OIDC token yanıtını doğrula", + "idpErrorOidcTokenValidating": "OIDC token'ı doğrularken hata", + "idpConnectingTo": "{name} ile bağlantı kuruluyor", + "idpConnectingToDescription": "Kimliğiniz doğrulanıyor", + "idpConnectingToProcess": "Bağlanılıyor...", + "idpConnectingToFinished": "Bağlandı", + "idpErrorConnectingTo": "{name} ile bağlantı kurarken bir sorun meydana geldi. Lütfen yöneticiye danışın.", + "idpErrorNotFound": "IdP bulunamadı", + "inviteInvalid": "Geçersiz Davet", + "inviteInvalidDescription": "Davet bağlantısı geçersiz.", + "inviteErrorWrongUser": "Davet bu kullanıcı için değil", + "inviteErrorUserNotExists": "Kullanıcı mevcut değil. Lütfen önce bir hesap oluşturun.", + "inviteErrorLoginRequired": "Bir daveti kabul etmek için giriş yapmış olmanız gerekir", + "inviteErrorExpired": "Davet süresi dolmuş olabilir", + "inviteErrorRevoked": "Davet iptal edilmiş olabilir", + "inviteErrorTypo": "Davet bağlantısında yazım hatası olabilir", + "pangolinSetup": "Kurulum - Pangolin", + "orgNameRequired": "Kuruluş adı gereklidir", + "orgIdRequired": "Kuruluş ID gereklidir", + "orgErrorCreate": "Kuruluş oluşturulurken bir hata oluştu", + "pageNotFound": "Sayfa Bulunamadı", + "pageNotFoundDescription": "Oops! Aradığınız sayfa mevcut değil.", + "overview": "Genel Bakış", + "home": "Ana Sayfa", + "accessControl": "Erişim Kontrolü", + "settings": "Ayarlar", + "usersAll": "Tüm Kullanıcılar", + "license": "Lisans", + "pangolinDashboard": "Kontrol Paneli - Pangolin", + "noResults": "Sonuç bulunamadı.", + "terabytes": "{count} TB", + "gigabytes": "{count} GB", + "megabytes": "{count} MB", + "tagsEntered": "Girilen Etiketler", + "tagsEnteredDescription": "Bunlar girilen etiketlerdir.", + "tagsWarnCannotBeLessThanZero": "maxTags ve minTags 0'ın altında olamaz", + "tagsWarnNotAllowedAutocompleteOptions": "Otomatik tamamlama seçeneklerine göre etiket izin verilmiyor", + "tagsWarnInvalid": "validateTag'e göre geçersiz etiket", + "tagWarnTooShort": "Etiket {tagText} çok kısa", + "tagWarnTooLong": "Etiket {tagText} çok uzun", + "tagsWarnReachedMaxNumber": "İzin verilen maksimum etiket sayısına ulaşıldı", + "tagWarnDuplicate": "Yinelenen etiket {tagText} eklenmedi", + "supportKeyInvalid": "Geçersiz Anahtar", + "supportKeyInvalidDescription": "Destekleyici anahtarınız geçersiz.", + "supportKeyValid": "Geçerli Anahtar", + "supportKeyValidDescription": "Destekleyici anahtarınız doğrulandı. Desteğiniz için teşekkürler!", + "supportKeyErrorValidationDescription": "Destekleyici anahtar doğrulanamadı.", + "supportKey": "Geliştirmeyi Destekleyin ve Bir Pangolin Edinin!", + "supportKeyDescription": "Pangolin uygulamasını topluluk için geliştirmemize devam etmemize yardımcı olacak bir destek anahtarı satın alın. Katkınız, herkese uygulamanın bakımını yapmamıza ve yeni özellikler eklememize daha fazla zaman ayırmamıza olanak tanır. Bu özellikleri ücretli hale getirmek için kullanılmayacaktır. Bu durum Ticari Sürümden tamamen ayrıdır.", + "supportKeyPet": "Ayrıca kendi evcil Pangolininize sahip olacak ve onunla tanışacaksınız!", + "supportKeyPurchase": "Ödemeler GitHub üzerinden işlenir. Daha sonra anahtarınızı şu yerden alabilirsiniz:", + "supportKeyPurchaseLink": "web sitemiz", + "supportKeyPurchase2": "ve burada kullanabilirsiniz.", + "supportKeyLearnMore": "Daha fazla bilgi.", + "supportKeyOptions": "Size en uygun seçeneği lütfen seçin.", + "supportKetOptionFull": "Tam Destek", + "forWholeServer": "Tüm sunucu için", + "lifetimePurchase": "Ömür Boyu satın alma", + "supporterStatus": "Destekçi durumu", + "buy": "Satın Al", + "supportKeyOptionLimited": "Sınırlı Destek", + "forFiveUsers": "5 veya daha az kullanıcı için", + "supportKeyRedeem": "Destekleyici Anahtarı Gir", + "supportKeyHideSevenDays": "7 gün boyunca gizle", + "supportKeyEnter": "Destekçi Anahtarını Gir", + "supportKeyEnterDescription": "Kendi evcil Pangolininle tanış!", + "githubUsername": "GitHub Kullanıcı Adı", + "supportKeyInput": "Destekçi Anahtarı", + "supportKeyBuy": "Destekçi Anahtarı Satın Al", + "logoutError": "Çıkış yaparken hata", + "signingAs": "Olarak giriş yapıldı", + "serverAdmin": "Sunucu Yöneticisi", + "managedSelfhosted": "Yönetilen Self-Hosted", + "otpEnable": "İki faktörlü özelliğini etkinleştir", + "otpDisable": "İki faktörlü özelliğini devre dışı bırak", + "logout": "Çıkış Yap", + "licenseTierProfessionalRequired": "Profesyonel Sürüme Gereklidir", + "licenseTierProfessionalRequiredDescription": "Bu özellik yalnızca Professional Edition'da kullanılabilir.", + "actionGetOrg": "Kuruluşu Al", + "actionUpdateOrg": "Kuruluşu Güncelle", + "actionUpdateUser": "Kullanıcıyı Güncelle", + "actionGetUser": "Kullanıcıyı Getir", + "actionGetOrgUser": "Kuruluş Kullanıcısını Al", + "actionListOrgDomains": "Kuruluş Alan Adlarını Listele", + "actionCreateSite": "Site Oluştur", + "actionDeleteSite": "Siteyi Sil", + "actionGetSite": "Siteyi Al", + "actionListSites": "Siteleri Listele", + "setupToken": "Kurulum Simgesi", + "setupTokenDescription": "Sunucu konsolundan kurulum simgesini girin.", + "setupTokenRequired": "Kurulum simgesi gerekli", + "actionUpdateSite": "Siteyi Güncelle", + "actionListSiteRoles": "İzin Verilen Site Rolleri Listele", + "actionCreateResource": "Kaynak Oluştur", + "actionDeleteResource": "Kaynağı Sil", + "actionGetResource": "Kaynağı Al", + "actionListResource": "Kaynakları Listele", + "actionUpdateResource": "Kaynağı Güncelle", + "actionListResourceUsers": "Kaynak Kullanıcılarını Listele", + "actionSetResourceUsers": "Kaynak Kullanıcılarını Ayarla", + "actionSetAllowedResourceRoles": "İzin Verilen Kaynak Rolleri Ayarla", + "actionListAllowedResourceRoles": "İzin Verilen Kaynak Rolleri Listele", + "actionSetResourcePassword": "Kaynak Şifresini Ayarla", + "actionSetResourcePincode": "Kaynak PIN Kodunu Ayarla", + "actionSetResourceEmailWhitelist": "Kaynak E-posta Beyaz Listesi Ayarla", + "actionGetResourceEmailWhitelist": "Kaynak E-posta Beyaz Listesini Al", + "actionCreateTarget": "Hedef Oluştur", + "actionDeleteTarget": "Hedefi Sil", + "actionGetTarget": "Hedefi Al", + "actionListTargets": "Hedefleri Listele", + "actionUpdateTarget": "Hedefi Güncelle", + "actionCreateRole": "Rol Oluştur", + "actionDeleteRole": "Rolü Sil", + "actionGetRole": "Rolü Al", + "actionListRole": "Rolleri Listele", + "actionUpdateRole": "Rolü Güncelle", + "actionListAllowedRoleResources": "İzin Verilen Rol Kaynakları Listele", + "actionInviteUser": "Kullanıcıyı Davet Et", + "actionRemoveUser": "Kullanıcıyı Kaldır", + "actionListUsers": "Kullanıcıları Listele", + "actionAddUserRole": "Kullanıcı Rolü Ekle", + "actionGenerateAccessToken": "Erişim Jetonu Oluştur", + "actionDeleteAccessToken": "Erişim Jetonunu Sil", + "actionListAccessTokens": "Erişim Jetonlarını Listele", + "actionCreateResourceRule": "Kaynak Kuralı Oluştur", + "actionDeleteResourceRule": "Kaynak Kuralını Sil", + "actionListResourceRules": "Kaynak Kurallarını Listele", + "actionUpdateResourceRule": "Kaynak Kuralını Güncelle", + "actionListOrgs": "Organizasyonları Listele", + "actionCheckOrgId": "Kimliği Kontrol Et", + "actionCreateOrg": "Organizasyon Oluştur", + "actionDeleteOrg": "Organizasyonu Sil", + "actionListApiKeys": "API Anahtarlarını Listele", + "actionListApiKeyActions": "API Anahtarı İşlemlerini Listele", + "actionSetApiKeyActions": "API Anahtarı İzin Verilen İşlemleri Ayarla", + "actionCreateApiKey": "API Anahtarı Oluştur", + "actionDeleteApiKey": "API Anahtarını Sil", + "actionCreateIdp": "Kimlik Sağlayıcı Oluştur", + "actionUpdateIdp": "Kimlik Sağlayıcıyı Güncelle", + "actionDeleteIdp": "Kimlik Sağlayıcıyı Sil", + "actionListIdps": "Kimlik Sağlayıcı Listesi", + "actionGetIdp": "Kimlik Sağlayıcıyı Getir", + "actionCreateIdpOrg": "Kimlik Sağlayıcı Organizasyon Politikasını Oluştur", + "actionDeleteIdpOrg": "Kimlik Sağlayıcı Organizasyon Politikasını Sil", + "actionListIdpOrgs": "Kimlik Sağlayıcı Organizasyonları Listele", + "actionUpdateIdpOrg": "Kimlik Sağlayıcı Organizasyonu Güncelle", + "actionCreateClient": "Müşteri Oluştur", + "actionDeleteClient": "Müşteri Sil", + "actionUpdateClient": "Müşteri Güncelle", + "actionListClients": "Müşterileri Listele", + "actionGetClient": "Müşteriyi Al", + "actionCreateSiteResource": "Site Kaynağı Oluştur", + "actionDeleteSiteResource": "Site Kaynağını Sil", + "actionGetSiteResource": "Site Kaynağını Al", + "actionListSiteResources": "Site Kaynaklarını Listele", + "actionUpdateSiteResource": "Site Kaynağını Güncelle", + "actionListInvitations": "Davetiyeleri Listele", + "noneSelected": "Hiçbiri seçili değil", + "orgNotFound2": "Hiçbir organizasyon bulunamadı.", + "searchProgress": "Ara...", + "create": "Oluştur", + "orgs": "Organizasyonlar", + "loginError": "Giriş yaparken bir hata oluştu", + "passwordForgot": "Şifrenizi mi unuttunuz?", + "otpAuth": "İki Faktörlü Kimlik Doğrulama", + "otpAuthDescription": "Authenticator uygulamanızdan veya tek kullanımlık yedek kodlarınızdan birini girin.", + "otpAuthSubmit": "Kodu Gönder", + "idpContinue": "Veya devam et:", + "otpAuthBack": "Girişe Dön", + "navbar": "Navigasyon Menüsü", + "navbarDescription": "Uygulamanın ana navigasyon menüsü", + "navbarDocsLink": "Dokümantasyon", + "commercialEdition": "Ticari Sürüm", + "otpErrorEnable": "2FA etkinleştirilemedi", + "otpErrorEnableDescription": "2FA etkinleştirilirken bir hata oluştu", + "otpSetupCheckCode": "6 haneli bir kod girin", + "otpSetupCheckCodeRetry": "Geçersiz kod. Lütfen tekrar deneyin.", + "otpSetup": "İki Faktörlü Kimlik Doğrulamayı Etkinleştir", + "otpSetupDescription": "Hesabınızı ekstra bir koruma katmanıyla güvence altına alın", + "otpSetupScanQr": "Authenticator uygulamanızla bu QR kodunu tarayın veya gizli anahtarı manuel olarak girin:", + "otpSetupSecretCode": "Kimlik Doğrulayıcı Kodu", + "otpSetupSuccess": "İki Faktörlü Kimlik Doğrulama Etkinleştirildi", + "otpSetupSuccessStoreBackupCodes": "Hesabınız artık daha güvenli. Yedek kodlarınızı kaydetmeyi unutmayın.", + "otpErrorDisable": "2FA devre dışı bırakılamadı", + "otpErrorDisableDescription": "2FA devre dışı bırakılırken bir hata oluştu", + "otpRemove": "İki Faktörlü Kimlik Doğrulamayı Devre Dışı Bırak", + "otpRemoveDescription": "Hesabınız için iki faktörlü kimlik doğrulamayı devre dışı bırakın", + "otpRemoveSuccess": "İki Faktörlü Kimlik Doğrulama Devre Dışı", + "otpRemoveSuccessMessage": "Hesabınız için iki faktörlü kimlik doğrulama devre dışı bırakıldı. İstediğiniz zaman tekrar etkinleştirebilirsiniz.", + "otpRemoveSubmit": "2FA'yı Devre Dışı Bırak", + "paginator": "Sayfa {current} / {last}", + "paginatorToFirst": "İlk sayfaya git", + "paginatorToPrevious": "Önceki sayfaya git", + "paginatorToNext": "Sonraki sayfaya git", + "paginatorToLast": "Son sayfaya git", + "copyText": "Metni kopyala", + "copyTextFailed": "Metin kopyalanamadı: ", + "copyTextClipboard": "Panoya kopyala", + "inviteErrorInvalidConfirmation": "Geçersiz onay", + "passwordRequired": "Şifre gerekli", + "allowAll": "Tümüne İzin Ver", + "permissionsAllowAll": "Tüm İzinlere İzin Ver", + "githubUsernameRequired": "GitHub kullanıcı adı gereklidir", + "supportKeyRequired": "Destekleyici anahtar gereklidir", + "passwordRequirementsChars": "Şifre en az 8 karakter olmalıdır", + "language": "Dil", + "verificationCodeRequired": "Kod gerekli", + "userErrorNoUpdate": "Güncellenecek kullanıcı yok", + "siteErrorNoUpdate": "Güncellenecek site yok", + "resourceErrorNoUpdate": "Güncellenecek kaynak yok", + "authErrorNoUpdate": "Güncellenecek kimlik doğrulama bilgisi yok", + "orgErrorNoUpdate": "Güncellenecek organizasyon yok", + "orgErrorNoProvided": "Sağlanan organizasyon yok", + "apiKeysErrorNoUpdate": "Güncellenecek API anahtarı yok", + "sidebarOverview": "Genel Bakış", + "sidebarHome": "Ana Sayfa", + "sidebarSites": "Siteler", + "sidebarResources": "Kaynaklar", + "sidebarAccessControl": "Erişim Kontrolü", + "sidebarUsers": "Kullanıcılar", + "sidebarInvitations": "Davetiye", + "sidebarRoles": "Roller", + "sidebarShareableLinks": "Paylaşılabilir Bağlantılar", + "sidebarApiKeys": "API Anahtarları", + "sidebarSettings": "Ayarlar", + "sidebarAllUsers": "Tüm Kullanıcılar", + "sidebarIdentityProviders": "Kimlik Sağlayıcılar", + "sidebarLicense": "Lisans", + "sidebarClients": "Müşteriler (Beta)", + "sidebarDomains": "Alan Adları", + "enableDockerSocket": "Docker Soketi Etkinleştir", + "enableDockerSocketDescription": "Konteyner bilgilerini doldurmak için Docker Socket keşfini etkinleştirin. Socket yolu Newt'e sağlanmalıdır.", + "enableDockerSocketLink": "Daha fazla bilgi", + "viewDockerContainers": "Docker Konteynerlerini Görüntüle", + "containersIn": "{siteName} içindeki konteynerler", + "selectContainerDescription": "Bu hedef için bir ana bilgisayar adı olarak kullanmak üzere herhangi bir konteyner seçin. Bir bağlantı noktası kullanmak için bir bağlantı noktasına tıklayın.", + "containerName": "Ad", + "containerImage": "Görsel", + "containerState": "Durum", + "containerNetworks": "Ağlar", + "containerHostnameIp": "Ana Makine/IP", + "containerLabels": "Etiketler", + "containerLabelsCount": "{count, plural, one {# etiket} other {# etiketler}}", + "containerLabelsTitle": "Konteyner Etiketleri", + "containerLabelEmpty": "", + "containerPorts": "Bağlantı Noktaları", + "containerPortsMore": "+{count} tane daha", + "containerActions": "İşlemler", + "select": "Seç", + "noContainersMatchingFilters": "Mevcut filtrelerle uyuşan konteyner bulunamadı.", + "showContainersWithoutPorts": "Bağlantı noktası olmayan konteynerleri göster", + "showStoppedContainers": "Durdurulmuş konteynerleri göster", + "noContainersFound": "Konteyner bulunamadı. Docker konteynerlerinin çalıştığından emin olun.", + "searchContainersPlaceholder": "{count} konteyner arasında arama yapın...", + "searchResultsCount": "{count, plural, one {# sonuç} other {# sonuçlar}}", + "filters": "Filtreler", + "filterOptions": "Filtre Seçenekleri", + "filterPorts": "Bağlantı Noktaları", + "filterStopped": "Durdurulanlar", + "clearAllFilters": "Tüm filtreleri temizle", + "columns": "Sütunlar", + "toggleColumns": "Sütunları Aç/Kapat", + "refreshContainersList": "Konteyner listesi yenile", + "searching": "Aranıyor...", + "noContainersFoundMatching": "\"{filter}\" ile eşleşen konteyner bulunamadı.", + "light": "açık", + "dark": "koyu", + "system": "sistem", + "theme": "Tema", + "subnetRequired": "Alt ağ gereklidir", + "initialSetupTitle": "İlk Sunucu Kurulumu", + "initialSetupDescription": "İlk sunucu yönetici hesabını oluşturun. Yalnızca bir sunucu yöneticisi olabilir. Bu kimlik bilgilerini daha sonra her zaman değiştirebilirsiniz.", + "createAdminAccount": "Yönetici Hesabı Oluştur", + "setupErrorCreateAdmin": "Sunucu yönetici hesabı oluşturulurken bir hata oluştu.", + "certificateStatus": "Sertifika Durumu", + "loading": "Yükleniyor", + "restart": "Yeniden Başlat", + "domains": "Alan Adları", + "domainsDescription": "Organizasyonunuz için alan adlarını yönetin", + "domainsSearch": "Alan adlarını ara...", + "domainAdd": "Alan Adı Ekle", + "domainAddDescription": "Organizasyonunuz için yeni bir alan adı kaydedin", + "domainCreate": "Alan Adı Oluştur", + "domainCreatedDescription": "Alan adı başarıyla oluşturuldu", + "domainDeletedDescription": "Alan adı başarıyla silindi", + "domainQuestionRemove": "{domain} alan adını hesabınızdan kaldırmak istediğinizden emin misiniz?", + "domainMessageRemove": "Kaldırıldığında, alan adı hesabınızla ilişkilendirilmeyecek.", + "domainMessageConfirm": "Onaylamak için lütfen aşağıya alan adını yazın.", + "domainConfirmDelete": "Alan Adı Silinmesini Onayla", + "domainDelete": "Alan Adını Sil", + "domain": "Alan Adı", + "selectDomainTypeNsName": "Alan Adı Delege Etme (NS)", + "selectDomainTypeNsDescription": "Bu alan adı ve tüm alt alan adları. Tüm bir alan adı bölgesini kontrol etmek istediğinizde bunu kullanın.", + "selectDomainTypeCnameName": "Tekil Alan Adı (CNAME)", + "selectDomainTypeCnameDescription": "Sadece bu belirli alan adı. Bireysel alt alan adları veya belirli alan adı girişleri için bunu kullanın.", + "selectDomainTypeWildcardName": "Wildcard Alan Adı", + "selectDomainTypeWildcardDescription": "Bu domain ve alt alan adları.", + "domainDelegation": "Tekil Alan Adı", + "selectType": "Bir tür seçin", + "actions": "İşlemler", + "refresh": "Yenile", + "refreshError": "Veriler yenilenemedi", + "verified": "Doğrulandı", + "pending": "Beklemede", + "sidebarBilling": "Faturalama", + "billing": "Faturalama", + "orgBillingDescription": "Fatura bilgilerinizi ve aboneliklerinizi yönetin", + "github": "GitHub", + "pangolinHosted": "Pangolin Barındırılan", + "fossorial": "Fossorial", + "completeAccountSetup": "Hesap Kurulumunu Tamamla", + "completeAccountSetupDescription": "Başlamak için şifrenizi ayarlayın", + "accountSetupSent": "Bu e-posta adresine bir hesap kurulum kodu göndereceğiz.", + "accountSetupCode": "Kurulum Kodu", + "accountSetupCodeDescription": "Kurulum kodu için e-posta gelen kutunuzu kontrol edin.", + "passwordCreate": "Parola Oluştur", + "passwordCreateConfirm": "Şifreyi Onayla", + "accountSetupSubmit": "Kurulum Kodunu Gönder", + "completeSetup": "Kurulumu Tamamla", + "accountSetupSuccess": "Hesap kurulumu tamamlandı! Pangolin'e hoş geldiniz!", + "documentation": "Dokümantasyon", + "saveAllSettings": "Tüm Ayarları Kaydet", + "settingsUpdated": "Ayarlar güncellendi", + "settingsUpdatedDescription": "Tüm ayarlar başarıyla güncellendi", + "settingsErrorUpdate": "Ayarlar güncellenemedi", + "settingsErrorUpdateDescription": "Ayarları güncellerken bir hata oluştu", + "sidebarCollapse": "Daralt", + "sidebarExpand": "Genişlet", + "newtUpdateAvailable": "Güncelleme Mevcut", + "newtUpdateAvailableInfo": "Newt'in yeni bir versiyonu mevcut. En iyi deneyim için lütfen en son sürüme güncelleyin.", + "domainPickerEnterDomain": "Domain", + "domainPickerPlaceholder": "myapp.example.com, api.v1.mydomain.com veya sadece myapp", + "domainPickerDescription": "Mevcut seçenekleri görmek için kaynağın tam etki alanını girin.", + "domainPickerDescriptionSaas": "Mevcut seçenekleri görmek için tam etki alanı, alt etki alanı veya sadece bir isim girin", + "domainPickerTabAll": "Tümü", + "domainPickerTabOrganization": "Organizasyon", + "domainPickerTabProvided": "Sağlanan", + "domainPickerSortAsc": "A-Z", + "domainPickerSortDesc": "Z-A", + "domainPickerCheckingAvailability": "Kullanılabilirlik kontrol ediliyor...", + "domainPickerNoMatchingDomains": "Eşleşen domain bulunamadı. Farklı bir domain deneyin veya organizasyonunuzun domain ayarlarını kontrol edin.", + "domainPickerOrganizationDomains": "Organizasyon Alan Adları", + "domainPickerProvidedDomains": "Sağlanan Alan Adları", + "domainPickerSubdomain": "Alt Alan: {subdomain}", + "domainPickerNamespace": "Ad Alanı: {namespace}", + "domainPickerShowMore": "Daha Fazla Göster", + "domainNotFound": "Alan Adı Bulunamadı", + "domainNotFoundDescription": "Bu kaynak devre dışıdır çünkü alan adı sistemimizde artık mevcut değil. Bu kaynak için yeni bir alan adı belirleyin.", + "failed": "Başarısız", + "createNewOrgDescription": "Yeni bir organizasyon oluşturun", + "organization": "Kuruluş", + "port": "Bağlantı Noktası", + "securityKeyManage": "Güvenlik Anahtarlarını Yönet", + "securityKeyDescription": "Şifresiz kimlik doğrulama için güvenlik anahtarları ekleyin veya kaldırın", + "securityKeyRegister": "Yeni Güvenlik Anahtarı Kaydet", + "securityKeyList": "Güvenlik Anahtarlarınız", + "securityKeyNone": "Henüz kayıtlı güvenlik anahtarı yok", + "securityKeyNameRequired": "İsim gerekli", + "securityKeyRemove": "Kaldır", + "securityKeyLastUsed": "Son kullanım: {date}", + "securityKeyNameLabel": "İsim", + "securityKeyRegisterSuccess": "Güvenlik anahtarı başarıyla kaydedildi", + "securityKeyRegisterError": "Güvenlik anahtarı kaydedilirken hata oluştu", + "securityKeyRemoveSuccess": "Güvenlik anahtarı başarıyla kaldırıldı", + "securityKeyRemoveError": "Güvenlik anahtarı kaldırılırken hata oluştu", + "securityKeyLoadError": "Güvenlik anahtarları yüklenirken hata oluştu", + "securityKeyLogin": "Güvenlik anahtarı ile devam edin", + "securityKeyAuthError": "Güvenlik anahtarı ile kimlik doğrulama başarısız oldu", + "securityKeyRecommendation": "Hesabınızdan kilitlenmediğinizden emin olmak için farklı bir cihazda başka bir güvenlik anahtarı kaydetmeyi düşünün.", + "registering": "Kaydediliyor...", + "securityKeyPrompt": "Lütfen güvenlik anahtarınızı kullanarak kimliğinizi doğrulayın. Güvenlik anahtarınızın bağlı ve hazır olduğundan emin olun.", + "securityKeyBrowserNotSupported": "Tarayıcınız güvenlik anahtarlarını desteklemiyor. Lütfen Chrome, Firefox veya Safari gibi modern bir tarayıcı kullanın.", + "securityKeyPermissionDenied": "Giriş yapmaya devam etmek için lütfen güvenlik anahtarınıza erişime izin verin.", + "securityKeyRemovedTooQuickly": "Güvenlik anahtarınızın bağlantısını kesmeden önce oturum açma işlemi tamamlanana kadar bağlı kalmasını sağlayın.", + "securityKeyNotSupported": "Güvenlik anahtarınız uyumlu olmayabilir. Lütfen farklı bir güvenlik anahtarı deneyin.", + "securityKeyUnknownError": "Güvenlik anahtarınızı kullanırken bir sorun oluştu. Lütfen tekrar deneyin.", + "twoFactorRequired": "Güvenlik anahtarını kaydetmek için iki faktörlü kimlik doğrulama gereklidir.", + "twoFactor": "İki Faktörlü Kimlik Doğrulama", + "adminEnabled2FaOnYourAccount": "Yöneticiniz {email} için iki faktörlü kimlik doğrulamayı etkinleştirdi. Devam etmek için kurulum işlemini tamamlayın.", + "continueToApplication": "Uygulamaya Devam Et", + "securityKeyAdd": "Güvenlik Anahtarı Ekle", + "securityKeyRegisterTitle": "Yeni Güvenlik Anahtarı Kaydet", + "securityKeyRegisterDescription": "Güvenlik anahtarınızı bağlayın ve tanımlamak için bir ad girin", + "securityKeyTwoFactorRequired": "İki Faktörlü Kimlik Doğrulama Gereklidir", + "securityKeyTwoFactorDescription": "Güvenlik anahtarını kaydetmek için lütfen iki faktörlü kimlik doğrulama kodunuzu girin", + "securityKeyTwoFactorRemoveDescription": "Güvenlik anahtarını kaldırmak için lütfen iki faktörlü kimlik doğrulama kodunuzu girin", + "securityKeyTwoFactorCode": "İki Faktörlü Kod", + "securityKeyRemoveTitle": "Güvenlik Anahtarını Kaldır", + "securityKeyRemoveDescription": "Güvenlik anahtarını \"{name}\" kaldırmak için şifrenizi girin", + "securityKeyNoKeysRegistered": "Kayıtlı güvenlik anahtarı yok", + "securityKeyNoKeysDescription": "Hesabınızın güvenliğini artırmak için bir güvenlik anahtarı ekleyin", + "createDomainRequired": "Alan adı gereklidir", + "createDomainAddDnsRecords": "DNS Kayıtlarını Ekle", + "createDomainAddDnsRecordsDescription": "Kurulumu tamamlamak için alan sağlayıcınıza şu DNS kayıtlarını ekleyin.", + "createDomainNsRecords": "NS Kayıtları", + "createDomainRecord": "Kayıt", + "createDomainType": "Tür:", + "createDomainName": "Ad:", + "createDomainValue": "Değer:", + "createDomainCnameRecords": "CNAME Kayıtları", + "createDomainARecords": "A Kayıtları", + "createDomainRecordNumber": "Kayıt {number}", + "createDomainTxtRecords": "TXT Kayıtları", + "createDomainSaveTheseRecords": "Bu Kayıtları Kaydet", + "createDomainSaveTheseRecordsDescription": "Bu DNS kayıtlarını kaydettiğinizden emin olun çünkü tekrar görmeyeceksiniz.", + "createDomainDnsPropagation": "DNS Yayılması", + "createDomainDnsPropagationDescription": "DNS değişikliklerinin internet genelinde yayılması zaman alabilir. DNS sağlayıcınız ve TTL ayarlarına bağlı olarak bu birkaç dakika ile 48 saat arasında değişebilir.", + "resourcePortRequired": "HTTP dışı kaynaklar için bağlantı noktası numarası gereklidir", + "resourcePortNotAllowed": "HTTP kaynakları için bağlantı noktası numarası ayarlanmamalı", + "signUpTerms": { + "IAgreeToThe": "Kabul ediyorum", + "termsOfService": "hizmet şartları", + "and": "ve", + "privacyPolicy": "gizlilik politikası" + }, + "siteRequired": "Site gerekli.", + "olmTunnel": "Olm Tüneli", + "olmTunnelDescription": "Müşteri bağlantıları için Olm kullanın", + "errorCreatingClient": "Müşteri oluşturulurken hata oluştu", + "clientDefaultsNotFound": "Müşteri varsayılanları bulunamadı", + "createClient": "Müşteri Oluştur", + "createClientDescription": "Sitelerinize bağlanmak için yeni bir müşteri oluşturun", + "seeAllClients": "Tüm Müşterileri Gör", + "clientInformation": "Müşteri Bilgileri", + "clientNamePlaceholder": "Müşteri adı", + "address": "Adres", + "subnetPlaceholder": "Alt ağ", + "addressDescription": "Bu müşteri için bağlantıda kullanılacak adres", + "selectSites": "Siteleri seçin", + "sitesDescription": "Müşteri seçilen sitelere bağlantı kuracaktır", + "clientInstallOlm": "Olm Yükle", + "clientInstallOlmDescription": "Sisteminizde Olm çalıştırın", + "clientOlmCredentials": "Olm Kimlik Bilgileri", + "clientOlmCredentialsDescription": "Bu, Olm'in sunucu ile kimlik doğrulaması yapacağı yöntemdir", + "olmEndpoint": "Olm Uç Noktası", + "olmId": "Olm Kimliği", + "olmSecretKey": "Olm Gizli Anahtarı", + "clientCredentialsSave": "Kimlik Bilgilerinizi Kaydedin", + "clientCredentialsSaveDescription": "Bunu yalnızca bir kez görebileceksiniz. Güvenli bir yere kopyaladığınızdan emin olun.", + "generalSettingsDescription": "Bu müşteri için genel ayarları yapılandırın", + "clientUpdated": "Müşteri güncellendi", + "clientUpdatedDescription": "Müşteri güncellenmiştir.", + "clientUpdateFailed": "Müşteri güncellenemedi", + "clientUpdateError": "Müşteri güncellenirken bir hata oluştu.", + "sitesFetchFailed": "Siteler alınamadı", + "sitesFetchError": "Siteler alınırken bir hata oluştu.", + "olmErrorFetchReleases": "Olm yayınları alınırken bir hata oluştu.", + "olmErrorFetchLatest": "En son Olm yayını alınırken bir hata oluştu.", + "remoteSubnets": "Uzak Alt Ağlar", + "enterCidrRange": "CIDR aralığını girin", + "remoteSubnetsDescription": "Bu siteye uzaktan erişilebilen CIDR aralıklarını ekleyin. 10.0.0.0/24 formatını kullanın. Bu YALNIZCA VPN istemci bağlantıları için geçerlidir.", + "resourceEnableProxy": "Genel Proxy'i Etkinleştir", + "resourceEnableProxyDescription": "Bu kaynağa genel proxy erişimini etkinleştirin. Bu sayede ağ dışından açık bir port üzerinden kaynağa bulut aracılığıyla erişim sağlanır. Traefik yapılandırması gereklidir.", + "externalProxyEnabled": "Dış Proxy Etkinleştirildi", + "addNewTarget": "Yeni Hedef Ekle", + "targetsList": "Hedefler Listesi", + "targetErrorDuplicateTargetFound": "Yinelenen hedef bulundu", + "httpMethod": "HTTP Yöntemi", + "selectHttpMethod": "HTTP yöntemini seçin", + "domainPickerSubdomainLabel": "Alt Alan Adı", + "domainPickerBaseDomainLabel": "Temel Alan Adı", + "domainPickerSearchDomains": "Alan adlarını ara...", + "domainPickerNoDomainsFound": "Hiçbir alan adı bulunamadı", + "domainPickerLoadingDomains": "Alan adları yükleniyor...", + "domainPickerSelectBaseDomain": "Temel alan adını seçin...", + "domainPickerNotAvailableForCname": "CNAME alan adları için kullanılabilir değil", + "domainPickerEnterSubdomainOrLeaveBlank": "Alt alan adını girin veya temel alan adını kullanmak için boş bırakın.", + "domainPickerEnterSubdomainToSearch": "Mevcut ücretsiz alan adları arasından aramak ve seçmek için bir alt alan adı girin.", + "domainPickerFreeDomains": "Ücretsiz Alan Adları", + "domainPickerSearchForAvailableDomains": "Mevcut alan adlarını ara", + "resourceDomain": "Alan Adı", + "resourceEditDomain": "Alan Adını Düzenle", + "siteName": "Site Adı", + "proxyPort": "Bağlantı Noktası", + "resourcesTableProxyResources": "Proxy Kaynaklar", + "resourcesTableClientResources": "İstemci Kaynaklar", + "resourcesTableNoProxyResourcesFound": "Hiçbir proxy kaynağı bulunamadı.", + "resourcesTableNoInternalResourcesFound": "Hiçbir dahili kaynak bulunamadı.", + "resourcesTableDestination": "Hedef", + "resourcesTableTheseResourcesForUseWith": "Bu kaynaklar ile kullanılmak için", + "resourcesTableClients": "İstemciler", + "resourcesTableAndOnlyAccessibleInternally": "veyalnızca bir istemci ile bağlandığında dahili olarak erişilebilir.", + "editInternalResourceDialogEditClientResource": "İstemci Kaynağı Düzenleyin", + "editInternalResourceDialogUpdateResourceProperties": "{resourceName} için kaynak özelliklerini ve hedef yapılandırmasını güncelleyin.", + "editInternalResourceDialogResourceProperties": "Kaynak Özellikleri", + "editInternalResourceDialogName": "Ad", + "editInternalResourceDialogProtocol": "Protokol", + "editInternalResourceDialogSitePort": "Site Bağlantı Noktası", + "editInternalResourceDialogTargetConfiguration": "Hedef Yapılandırma", + "editInternalResourceDialogDestinationIP": "Hedef IP", + "editInternalResourceDialogDestinationPort": "Hedef Bağlantı Noktası", + "editInternalResourceDialogCancel": "İptal", + "editInternalResourceDialogSaveResource": "Kaynağı Kaydet", + "editInternalResourceDialogSuccess": "Başarı", + "editInternalResourceDialogInternalResourceUpdatedSuccessfully": "Dahili kaynak başarıyla güncellendi", + "editInternalResourceDialogError": "Hata", + "editInternalResourceDialogFailedToUpdateInternalResource": "Dahili kaynak güncellenemedi", + "editInternalResourceDialogNameRequired": "Ad gerekli", + "editInternalResourceDialogNameMaxLength": "Ad 255 karakterden kısa olmalıdır", + "editInternalResourceDialogProxyPortMin": "Proxy bağlantı noktası en az 1 olmalıdır", + "editInternalResourceDialogProxyPortMax": "Proxy bağlantı noktası 65536'dan küçük olmalıdır", + "editInternalResourceDialogInvalidIPAddressFormat": "Geçersiz IP adresi formatı", + "editInternalResourceDialogDestinationPortMin": "Hedef bağlantı noktası en az 1 olmalıdır", + "editInternalResourceDialogDestinationPortMax": "Hedef bağlantı noktası 65536'dan küçük olmalıdır", + "createInternalResourceDialogNoSitesAvailable": "Site Bulunamadı", + "createInternalResourceDialogNoSitesAvailableDescription": "Dahili kaynak oluşturmak için en az bir Newt sitesine ve alt ağa sahip olmalısınız.", + "createInternalResourceDialogClose": "Kapat", + "createInternalResourceDialogCreateClientResource": "İstemci Kaynağı Oluştur", + "createInternalResourceDialogCreateClientResourceDescription": "Seçilen siteye bağlı istemciler için erişilebilir olacak yeni bir kaynak oluşturun.", + "createInternalResourceDialogResourceProperties": "Kaynak Özellikleri", + "createInternalResourceDialogName": "Ad", + "createInternalResourceDialogSite": "Site", + "createInternalResourceDialogSelectSite": "Site seç...", + "createInternalResourceDialogSearchSites": "Siteleri ara...", + "createInternalResourceDialogNoSitesFound": "Site bulunamadı.", + "createInternalResourceDialogProtocol": "Protokol", + "createInternalResourceDialogTcp": "TCP", + "createInternalResourceDialogUdp": "UDP", + "createInternalResourceDialogSitePort": "Site Bağlantı Noktası", + "createInternalResourceDialogSitePortDescription": "İstemci ile bağlanıldığında site üzerindeki kaynağa erişmek için bu bağlantı noktasını kullanın.", + "createInternalResourceDialogTargetConfiguration": "Hedef Yapılandırma", + "createInternalResourceDialogDestinationIP": "Hedef IP", + "createInternalResourceDialogDestinationIPDescription": "Site ağındaki kaynağın IP adresi.", + "createInternalResourceDialogDestinationPort": "Hedef Bağlantı Noktası", + "createInternalResourceDialogDestinationPortDescription": "Kaynağa erişilebilecek hedef IP üzerindeki bağlantı noktası.", + "createInternalResourceDialogCancel": "İptal", + "createInternalResourceDialogCreateResource": "Kaynak Oluştur", + "createInternalResourceDialogSuccess": "Başarı", + "createInternalResourceDialogInternalResourceCreatedSuccessfully": "Dahili kaynak başarıyla oluşturuldu", + "createInternalResourceDialogError": "Hata", + "createInternalResourceDialogFailedToCreateInternalResource": "Dahili kaynak oluşturulamadı", + "createInternalResourceDialogNameRequired": "Ad gerekli", + "createInternalResourceDialogNameMaxLength": "Ad 255 karakterden kısa olmalıdır", + "createInternalResourceDialogPleaseSelectSite": "Lütfen bir site seçin", + "createInternalResourceDialogProxyPortMin": "Proxy bağlantı noktası en az 1 olmalıdır", + "createInternalResourceDialogProxyPortMax": "Proxy bağlantı noktası 65536'dan küçük olmalıdır", + "createInternalResourceDialogInvalidIPAddressFormat": "Geçersiz IP adresi formatı", + "createInternalResourceDialogDestinationPortMin": "Hedef bağlantı noktası en az 1 olmalıdır", + "createInternalResourceDialogDestinationPortMax": "Hedef bağlantı noktası 65536'dan küçük olmalıdır", + "siteConfiguration": "Yapılandırma", + "siteAcceptClientConnections": "İstemci Bağlantılarını Kabul Et", + "siteAcceptClientConnectionsDescription": "Bu Newt örneğini bir geçit olarak kullanarak diğer cihazların bağlanmasına izin verin.", + "siteAddress": "Site Adresi", + "siteAddressDescription": "İstemcilerin bağlanması için hostun IP adresini belirtin. Bu, Pangolin ağındaki sitenin iç adresidir ve istemciler için atlas olmalıdır. Org alt ağına düşmelidir.", + "autoLoginExternalIdp": "Harici IDP ile Otomatik Giriş", + "autoLoginExternalIdpDescription": "Kullanıcıyı kimlik doğrulama için otomatik olarak harici IDP'ye yönlendirin.", + "selectIdp": "IDP Seç", + "selectIdpPlaceholder": "IDP seçin...", + "selectIdpRequired": "Otomatik giriş etkinleştirildiğinde lütfen bir IDP seçin.", + "autoLoginTitle": "Yönlendiriliyor", + "autoLoginDescription": "Kimlik doğrulama için harici kimlik sağlayıcıya yönlendiriliyorsunuz.", + "autoLoginProcessing": "Kimlik doğrulama hazırlanıyor...", + "autoLoginRedirecting": "Girişe yönlendiriliyorsunuz...", + "autoLoginError": "Otomatik Giriş Hatası", + "autoLoginErrorNoRedirectUrl": "Kimlik sağlayıcıdan yönlendirme URL'si alınamadı.", + "autoLoginErrorGeneratingUrl": "Kimlik doğrulama URL'si oluşturulamadı.", + "managedSelfHosted": { + "title": "Yönetilen Self-Hosted", + "description": "Daha güvenilir ve düşük bakım gerektiren, ekstra özelliklere sahip kendi kendine barındırabileceğiniz Pangolin sunucusu", + "introTitle": "Yönetilen Kendi Kendine Barındırılan Pangolin", + "introDescription": "Bu, basitlik ve ekstra güvenilirlik arayan, ancak verilerini gizli tutmak ve kendi sunucularında barındırmak isteyen kişiler için tasarlanmış bir dağıtım seçeneğidir.", + "introDetail": "Bu seçenekle, kendi Pangolin düğümünüzü çalıştırmaya devam edersiniz — tünelleriniz, SSL bitişiniz ve trafiğiniz tamamen sunucunuzda kalır. Fark, yönetim ve izlemeyi bulut panomuz üzerinden gerçekleştiririz, bu da bir dizi avantaj sağlar:", + "benefitSimplerOperations": { + "title": "Daha basit işlemler", + "description": "Kendi e-posta sunucunuzu çalıştırmanıza veya karmaşık uyarılar kurmanıza gerek yok. Sağlık kontrolleri ve kesinti uyarılarını kutudan çıktığı gibi alırsınız." + }, + "benefitAutomaticUpdates": { + "title": "Otomatik güncellemeler", + "description": "Bulut panosu hızla gelişir, böylece her seferinde yeni konteynerler manuel olarak çekmeden yeni özellikler ve hata düzeltmeleri alırsınız." + }, + "benefitLessMaintenance": { + "title": "Daha az bakım", + "description": "Veritabanı geçişleri, yedeklemeler veya ekstra altyapı yönetimi yok. Biz bunu bulutta hallederiz." + }, + "benefitCloudFailover": { + "title": "Bulut yedekleme", + "description": "Düğümünüz kapandığında, tünelleriniz geçici olarak bulut bağlantı noktalarımıza geçebilir, böylece tekrar çevrimiçi hale getirene kadar tünelleriniz kesintiye uğramaz." + }, + "benefitHighAvailability": { + "title": "Yüksek kullanılabilirlik (Bağlantı Noktaları)", + "description": "Yedeklilik ve daha iyi performans için hesabınıza birden fazla düğüm bağlayabilirsiniz." + }, + "benefitFutureEnhancements": { + "title": "Gelecek iyileştirmeler", + "description": "Dağıtımınızı daha sağlam hale getirmek amacıyla daha fazla analiz, uyarı ve yönetim aracı eklemeyi planlıyoruz." + }, + "docsAlert": { + "text": "Yönetilen Kendi Kendine Barındırılan seçeneği hakkında daha fazla bilgi edinin", + "documentation": "dokümantasyon" + }, + "convertButton": "Bu Düğümü Yönetilen Kendi Kendine Barındırma Dönüştürün" + }, + "internationaldomaindetected": "Uluslararası Alan Adı Tespit Edildi", + "willbestoredas": "Şu şekilde depolanacak:" +} diff --git a/messages/zh-CN.json b/messages/zh-CN.json new file mode 100644 index 00000000..1eaa2263 --- /dev/null +++ b/messages/zh-CN.json @@ -0,0 +1,1500 @@ +{ + "setupCreate": "创建您的第一个组织、网站和资源", + "setupNewOrg": "新建组织", + "setupCreateOrg": "创建组织", + "setupCreateResources": "创建资源", + "setupOrgName": "组织名称", + "orgDisplayName": "这是您组织的显示名称。", + "orgId": "组织ID", + "setupIdentifierMessage": "这是您组织的唯一标识符。这是与显示名称分开的。", + "setupErrorIdentifier": "组织ID 已被使用。请另选一个。", + "componentsErrorNoMemberCreate": "您目前不是任何组织的成员。创建组织以开始操作。", + "componentsErrorNoMember": "您目前不是任何组织的成员。", + "welcome": "欢迎使用 Pangolin", + "welcomeTo": "欢迎来到", + "componentsCreateOrg": "创建组织", + "componentsMember": "您属于{count, plural, =0 {没有组织} one {一个组织} other {# 个组织}}。", + "componentsInvalidKey": "检测到无效或过期的许可证密钥。按照许可证条款操作以继续使用所有功能。", + "dismiss": "忽略", + "componentsLicenseViolation": "许可证超限:该服务器使用了 {usedSites} 个站点,已超过授权的 {maxSites} 个。请遵守许可证条款以继续使用全部功能。", + "componentsSupporterMessage": "感谢您的支持!您现在是 Pangolin 的 {tier} 用户。", + "inviteErrorNotValid": "很抱歉,但看起来你试图访问的邀请尚未被接受或不再有效。", + "inviteErrorUser": "很抱歉,但看起来你想要访问的邀请不是这个用户。", + "inviteLoginUser": "请确保您以正确的用户登录。", + "inviteErrorNoUser": "很抱歉,但看起来你想访问的邀请不是一个存在的用户。", + "inviteCreateUser": "请先创建一个帐户。", + "goHome": "返回首页", + "inviteLogInOtherUser": "以不同的用户登录", + "createAnAccount": "创建帐户", + "inviteNotAccepted": "邀请未接受", + "authCreateAccount": "创建一个帐户以开始", + "authNoAccount": "没有账户?", + "email": "电子邮件地址", + "password": "密码", + "confirmPassword": "确认密码", + "createAccount": "创建帐户", + "viewSettings": "查看设置", + "delete": "删除", + "name": "名称", + "online": "在线", + "offline": "离线的", + "site": "站点", + "dataIn": "数据输入", + "dataOut": "数据输出", + "connectionType": "连接类型", + "tunnelType": "隧道类型", + "local": "本地的", + "edit": "编辑", + "siteConfirmDelete": "确认删除站点", + "siteDelete": "删除站点", + "siteMessageRemove": "一旦删除,该站点将无法访问。与该站点相关的所有资源和目标也将被删除。", + "siteMessageConfirm": "请在下面输入站点名称以确认。", + "siteQuestionRemove": "您确定要从组织中删除 {selectedSite} 站点吗?", + "siteManageSites": "管理站点", + "siteDescription": "允许通过安全隧道连接到您的网络", + "siteCreate": "创建站点", + "siteCreateDescription2": "按照下面的步骤创建和连接一个新站点", + "siteCreateDescription": "创建一个新站点开始连接您的资源", + "close": "关闭", + "siteErrorCreate": "创建站点出错", + "siteErrorCreateKeyPair": "找不到密钥对或站点默认值", + "siteErrorCreateDefaults": "未找到站点默认值", + "method": "方法", + "siteMethodDescription": "这是您将如何显示连接。", + "siteLearnNewt": "学习如何在您的系统上安装 Newt", + "siteSeeConfigOnce": "您只能看到一次配置。", + "siteLoadWGConfig": "正在载入 WireGuard 配置...", + "siteDocker": "扩展 Docker 部署详细信息", + "toggle": "切换", + "dockerCompose": "Docker 配置", + "dockerRun": "停靠栏", + "siteLearnLocal": "本地站点不需要隧道连接,点击了解更多", + "siteConfirmCopy": "我已经复制了配置信息", + "searchSitesProgress": "搜索站点...", + "siteAdd": "添加站点", + "siteInstallNewt": "安装 Newt", + "siteInstallNewtDescription": "在您的系统中运行 Newt", + "WgConfiguration": "WireGuard 配置", + "WgConfigurationDescription": "使用以下配置连接到您的网络", + "operatingSystem": "操作系统", + "commands": "命令", + "recommended": "推荐", + "siteNewtDescription": "为获得最佳用户体验,请使用 Newt。其底层采用 WireGuard 技术,可直接通过 Pangolin 控制台,使用局域网地址访问您私有网络中的资源。", + "siteRunsInDocker": "在 Docker 中运行", + "siteRunsInShell": "在 macOS 、 Linux 和 Windows 的 Shell 中运行", + "siteErrorDelete": "删除站点出错", + "siteErrorUpdate": "更新站点失败", + "siteErrorUpdateDescription": "更新站点时出错。", + "siteUpdated": "站点已更新", + "siteUpdatedDescription": "网站已更新。", + "siteGeneralDescription": "配置此站点的常规设置", + "siteSettingDescription": "配置您网站上的设置", + "siteSetting": "{siteName} 设置", + "siteNewtTunnel": "Newt 隧道 (推荐)", + "siteNewtTunnelDescription": "最简单的方式来连接到您的网络。不需要任何额外设置。", + "siteWg": "基本 WireGuard", + "siteWgDescription": "使用任何 WireGuard 客户端来建立隧道。需要手动配置 NAT。", + "siteWgDescriptionSaas": "使用任何WireGuard客户端建立隧道。需要手动配置NAT。仅适用于自托管节点。", + "siteLocalDescription": "仅限本地资源。不需要隧道。", + "siteLocalDescriptionSaas": "仅本地资源。无需隧道。仅适用于自托管节点。", + "siteSeeAll": "查看所有站点", + "siteTunnelDescription": "确定如何连接到您的网站", + "siteNewtCredentials": "Newt 凭据", + "siteNewtCredentialsDescription": "这是 Newt 服务器的身份验证凭据", + "siteCredentialsSave": "保存您的凭据", + "siteCredentialsSaveDescription": "您只能看到一次。请确保将其复制并保存到一个安全的地方。", + "siteInfo": "站点信息", + "status": "状态", + "shareTitle": "管理共享链接", + "shareDescription": "创建可共享的链接,允许暂时或永久访问您的资源", + "shareSearch": "搜索共享链接...", + "shareCreate": "创建共享链接", + "shareErrorDelete": "删除链接失败", + "shareErrorDeleteMessage": "删除链接时出错", + "shareDeleted": "链接已删除", + "shareDeletedDescription": "链接已删除", + "shareTokenDescription": "您的访问令牌可以通过两种方式传递:作为查询参数或请求头。 每次验证访问请求都必须从客户端传递。", + "accessToken": "访问令牌", + "usageExamples": "用法示例", + "tokenId": "令牌 ID", + "requestHeades": "请求头", + "queryParameter": "查询参数", + "importantNote": "重要提示", + "shareImportantDescription": "出于安全考虑,建议尽可能在使用请求头传递参数,因为查询参数可能会被浏览器历史记录或服务器日志记录。", + "token": "令牌", + "shareTokenSecurety": "请妥善保管您的访问令牌,不要将其暴露在公开访问的区域或客户端代码中。", + "shareErrorFetchResource": "获取资源失败", + "shareErrorFetchResourceDescription": "获取资源时出错", + "shareErrorCreate": "无法创建共享链接", + "shareErrorCreateDescription": "创建共享链接时出错", + "shareCreateDescription": "任何具有此链接的人都可以访问资源", + "shareTitleOptional": "标题 (可选)", + "expireIn": "过期时间", + "neverExpire": "永不过期", + "shareExpireDescription": "过期时间是链接可以使用并提供对资源的访问时间。 此时间后,链接将不再工作,使用此链接的用户将失去对资源的访问。", + "shareSeeOnce": "您只能看到此链接。请确保复制它。", + "shareAccessHint": "任何具有此链接的人都可以访问该资源。小心地分享它。", + "shareTokenUsage": "查看访问令牌使用情况", + "createLink": "创建链接", + "resourcesNotFound": "找不到资源", + "resourceSearch": "搜索资源", + "openMenu": "打开菜单", + "resource": "资源", + "title": "标题", + "created": "已创建", + "expires": "过期时间", + "never": "永不过期", + "shareErrorSelectResource": "请选择一个资源", + "resourceTitle": "管理资源", + "resourceDescription": "为您的私人应用程序创建安全代理", + "resourcesSearch": "搜索资源...", + "resourceAdd": "添加资源", + "resourceErrorDelte": "删除资源时出错", + "authentication": "认证", + "protected": "受到保护", + "notProtected": "未受到保护", + "resourceMessageRemove": "一旦删除,资源将不再可访问。与该资源相关的所有目标也将被删除。", + "resourceMessageConfirm": "请在下面输入资源名称以确认。", + "resourceQuestionRemove": "您确定要从组织中删除 {selectedResource} 吗?", + "resourceHTTP": "HTTPS 资源", + "resourceHTTPDescription": "使用子域或根域名通过 HTTPS 向您的应用程序提出代理请求。", + "resourceRaw": "TCP/UDP 资源", + "resourceRawDescription": "使用 TCP/UDP 使用端口号向您的应用提出代理请求。", + "resourceCreate": "创建资源", + "resourceCreateDescription": "按照下面的步骤创建新资源", + "resourceSeeAll": "查看所有资源", + "resourceInfo": "资源信息", + "resourceNameDescription": "这是资源的显示名称。", + "siteSelect": "选择站点", + "siteSearch": "搜索站点", + "siteNotFound": "未找到站点。", + "siteSelectionDescription": "此站点将为目标提供连接。", + "resourceType": "资源类型", + "resourceTypeDescription": "确定如何访问您的资源", + "resourceHTTPSSettings": "HTTPS 设置", + "resourceHTTPSSettingsDescription": "配置如何通过 HTTPS 访问您的资源", + "domainType": "域类型", + "subdomain": "子域名", + "baseDomain": "根域名", + "subdomnainDescription": "您的资源可以访问的子域名。", + "resourceRawSettings": "TCP/UDP 设置", + "resourceRawSettingsDescription": "配置如何通过 TCP/UDP 访问您的资源", + "protocol": "协议", + "protocolSelect": "选择协议", + "resourcePortNumber": "端口号", + "resourcePortNumberDescription": "代理请求的外部端口号。", + "cancel": "取消", + "resourceConfig": "配置片段", + "resourceConfigDescription": "复制并粘贴这些配置片段以设置您的 TCP/UDP 资源", + "resourceAddEntrypoints": "Traefik: 添加入口点", + "resourceExposePorts": "Gerbil:在 Docker Compose 中显示端口", + "resourceLearnRaw": "学习如何配置 TCP/UDP 资源", + "resourceBack": "返回资源", + "resourceGoTo": "转到资源", + "resourceDelete": "删除资源", + "resourceDeleteConfirm": "确认删除资源", + "visibility": "可见性", + "enabled": "已启用", + "disabled": "已禁用", + "general": "概览", + "generalSettings": "常规设置", + "proxy": "代理服务器", + "internal": "内部设置", + "rules": "规则", + "resourceSettingDescription": "配置您资源上的设置", + "resourceSetting": "{resourceName} 设置", + "alwaysAllow": "一律允许", + "alwaysDeny": "一律拒绝", + "passToAuth": "传递至认证", + "orgSettingsDescription": "配置您组织的一般设置", + "orgGeneralSettings": "组织设置", + "orgGeneralSettingsDescription": "管理您的机构详细信息和配置", + "saveGeneralSettings": "保存常规设置", + "saveSettings": "保存设置", + "orgDangerZone": "危险区域", + "orgDangerZoneDescription": "一旦删除该组织,将无法恢复,请务必确认。", + "orgDelete": "删除组织", + "orgDeleteConfirm": "确认删除组织", + "orgMessageRemove": "此操作不可逆,这将删除所有相关数据。", + "orgMessageConfirm": "要确认,请在下面输入组织名称。", + "orgQuestionRemove": "你确定要删除 \"{selectedOrg}\" 组织吗?", + "orgUpdated": "组织已更新", + "orgUpdatedDescription": "组织已更新。", + "orgErrorUpdate": "更新组织失败", + "orgErrorUpdateMessage": "更新组织时出错。", + "orgErrorFetch": "获取组织失败", + "orgErrorFetchMessage": "列出您的组织时出错", + "orgErrorDelete": "删除组织失败", + "orgErrorDeleteMessage": "删除组织时出错。", + "orgDeleted": "组织已删除", + "orgDeletedMessage": "组织及其数据已被删除。", + "orgMissing": "缺少组织 ID", + "orgMissingMessage": "没有组织ID,无法重新生成邀请。", + "accessUsersManage": "管理用户", + "accessUsersDescription": "邀请用户并位他们添加角色以管理访问您的组织", + "accessUsersSearch": "搜索用户...", + "accessUserCreate": "创建用户", + "accessUserRemove": "删除用户", + "username": "用户名", + "identityProvider": "身份提供商", + "role": "角色", + "nameRequired": "名称是必填项", + "accessRolesManage": "管理角色", + "accessRolesDescription": "配置角色来管理访问您的组织", + "accessRolesSearch": "搜索角色...", + "accessRolesAdd": "添加角色", + "accessRoleDelete": "删除角色", + "description": "描述", + "inviteTitle": "打开邀请", + "inviteDescription": "管理您给其他用户的邀请", + "inviteSearch": "搜索邀请...", + "minutes": "分钟", + "hours": "小时", + "days": "天", + "weeks": "周", + "months": "月", + "years": "年", + "day": "{count, plural, other {# 天}}", + "apiKeysTitle": "API 密钥", + "apiKeysConfirmCopy2": "您必须确认您已复制 API 密钥。", + "apiKeysErrorCreate": "创建 API 密钥出错", + "apiKeysErrorSetPermission": "设置权限出错", + "apiKeysCreate": "生成 API 密钥", + "apiKeysCreateDescription": "为您的组织生成一个新的 API 密钥", + "apiKeysGeneralSettings": "权限", + "apiKeysGeneralSettingsDescription": "确定此 API 密钥可以做什么", + "apiKeysList": "您的 API 密钥", + "apiKeysSave": "保存您的 API 密钥", + "apiKeysSaveDescription": "该信息仅会显示一次,请确保将其复制到安全的位置。", + "apiKeysInfo": "您的 API 密钥是:", + "apiKeysConfirmCopy": "我已复制 API 密钥", + "generate": "生成", + "done": "完成", + "apiKeysSeeAll": "查看所有 API 密钥", + "apiKeysPermissionsErrorLoadingActions": "加载 API 密钥操作时出错", + "apiKeysPermissionsErrorUpdate": "设置权限出错", + "apiKeysPermissionsUpdated": "权限已更新", + "apiKeysPermissionsUpdatedDescription": "权限已更新。", + "apiKeysPermissionsGeneralSettings": "权限", + "apiKeysPermissionsGeneralSettingsDescription": "确定此 API 密钥可以做什么", + "apiKeysPermissionsSave": "保存权限", + "apiKeysPermissionsTitle": "权限", + "apiKeys": "API 密钥", + "searchApiKeys": "搜索 API 密钥...", + "apiKeysAdd": "生成 API 密钥", + "apiKeysErrorDelete": "删除 API 密钥出错", + "apiKeysErrorDeleteMessage": "删除 API 密钥出错", + "apiKeysQuestionRemove": "您确定要从组织中删除 \"{selectedApiKey}\" API密钥吗?", + "apiKeysMessageRemove": "一旦删除,此API密钥将无法被使用。", + "apiKeysMessageConfirm": "要确认,请在下方输入API密钥名称。", + "apiKeysDeleteConfirm": "确认删除 API 密钥", + "apiKeysDelete": "删除 API 密钥", + "apiKeysManage": "管理 API 密钥", + "apiKeysDescription": "API 密钥用于认证集成 API", + "apiKeysSettings": "{apiKeyName} 设置", + "userTitle": "管理所有用户", + "userDescription": "查看和管理系统中的所有用户", + "userAbount": "关于用户管理", + "userAbountDescription": "此表格显示系统中所有根用户对象。每个用户可能属于多个组织。 从组织中删除用户不会删除其根用户对象 - 他们将保留在系统中。 要从系统中完全删除用户,您必须使用此表格中的删除操作删除其根用户对象。", + "userServer": "服务器用户", + "userSearch": "搜索服务器用户...", + "userErrorDelete": "删除用户时出错", + "userDeleteConfirm": "确认删除用户", + "userDeleteServer": "从服务器删除用户", + "userMessageRemove": "该用户将被从所有组织中删除并完全从服务器中删除。", + "userMessageConfirm": "请在下面输入用户名称以确认。", + "userQuestionRemove": "您确定要从服务器中永久删除 {selectedUser} 吗?", + "licenseKey": "许可证密钥", + "valid": "有效", + "numberOfSites": "站点数量", + "licenseKeySearch": "搜索许可证密钥...", + "licenseKeyAdd": "添加许可证密钥", + "type": "类型", + "licenseKeyRequired": "需要许可证密钥", + "licenseTermsAgree": "您必须同意许可条款", + "licenseErrorKeyLoad": "加载许可证密钥失败", + "licenseErrorKeyLoadDescription": "加载许可证密钥时出错。", + "licenseErrorKeyDelete": "删除许可证密钥失败", + "licenseErrorKeyDeleteDescription": "删除许可证密钥时出错。", + "licenseKeyDeleted": "许可证密钥已删除", + "licenseKeyDeletedDescription": "许可证密钥已被删除。", + "licenseErrorKeyActivate": "激活许可证密钥失败", + "licenseErrorKeyActivateDescription": "激活许可证密钥时出错。", + "licenseAbout": "关于许可协议", + "communityEdition": "社区版", + "licenseAboutDescription": "这是针对商业环境中使用Pangolin的商业和企业用户。 如果您正在使用 Pangolin 供个人使用,您可以忽略此部分。", + "licenseKeyActivated": "授权密钥已激活", + "licenseKeyActivatedDescription": "已成功激活许可证密钥。", + "licenseErrorKeyRecheck": "重新检查许可证密钥失败", + "licenseErrorKeyRecheckDescription": "重新检查许可证密钥时出错。", + "licenseErrorKeyRechecked": "重新检查许可证密钥", + "licenseErrorKeyRecheckedDescription": "已重新检查所有许可证密钥", + "licenseActivateKey": "激活许可证密钥", + "licenseActivateKeyDescription": "输入一个许可密钥来激活它。", + "licenseActivate": "激活许可证", + "licenseAgreement": "通过检查此框,您确认您已经阅读并同意与您的许可证密钥相关的许可条款。", + "fossorialLicense": "查看Fossorial Commercial License和订阅条款", + "licenseMessageRemove": "这将删除许可证密钥和它授予的所有相关权限。", + "licenseMessageConfirm": "要确认,请在下面输入许可证密钥。", + "licenseQuestionRemove": "您确定要删除 {selectedKey} 的邀请吗?", + "licenseKeyDelete": "删除许可证密钥", + "licenseKeyDeleteConfirm": "确认删除许可证密钥", + "licenseTitle": "管理许可证状态", + "licenseTitleDescription": "查看和管理系统中的许可证密钥", + "licenseHost": "主机许可证", + "licenseHostDescription": "管理主机的主许可证密钥。", + "licensedNot": "未授权", + "hostId": "主机 ID", + "licenseReckeckAll": "重新检查所有密钥", + "licenseSiteUsage": "站点使用情况", + "licenseSiteUsageDecsription": "查看使用此许可的站点数量。", + "licenseNoSiteLimit": "使用未经许可主机的站点数量没有限制。", + "licensePurchase": "购买许可证", + "licensePurchaseSites": "购买更多站点", + "licenseSitesUsedMax": "使用了 {usedSites}/{maxSites} 个站点", + "licenseSitesUsed": "{count, plural, =0 {# 站点} one {# 站点} other {# 站点}}", + "licensePurchaseDescription": "请选择您希望 {selectedMode, select, license {直接购买许可证,您可以随时增加更多站点。} other {为现有许可证购买更多站点}}", + "licenseFee": "许可证费用", + "licensePriceSite": "每个站点的价格", + "total": "总计", + "licenseContinuePayment": "继续付款", + "pricingPage": "定价页面", + "pricingPortal": "前往付款页面", + "licensePricingPage": "关于最新的价格和折扣,请访问 ", + "invite": "邀请", + "inviteRegenerate": "重新生成邀请", + "inviteRegenerateDescription": "撤销以前的邀请并创建一个新的邀请", + "inviteRemove": "移除邀请", + "inviteRemoveError": "删除邀请失败", + "inviteRemoveErrorDescription": "删除邀请时出错。", + "inviteRemoved": "邀请已删除", + "inviteRemovedDescription": "为 {email} 创建的邀请已删除", + "inviteQuestionRemove": "您确定要删除 {email} 的邀请吗?", + "inviteMessageRemove": "一旦删除,这个邀请将不再有效。", + "inviteMessageConfirm": "要确认,请在下面输入邀请的电子邮件地址。", + "inviteQuestionRegenerate": "您确定要重新邀请 {email} 吗?这将会撤销掉之前的邀请", + "inviteRemoveConfirm": "确认删除邀请", + "inviteRegenerated": "重新生成邀请", + "inviteSent": "邀请邮件已成功发送至 {email}。", + "inviteSentEmail": "发送电子邮件通知给用户", + "inviteGenerate": "已为 {email} 创建新的邀请。", + "inviteDuplicateError": "重复的邀请", + "inviteDuplicateErrorDescription": "此用户的邀请已存在。", + "inviteRateLimitError": "超出速率限制", + "inviteRateLimitErrorDescription": "您超过了每小时3次再生的限制。请稍后再试。", + "inviteRegenerateError": "重新生成邀请失败", + "inviteRegenerateErrorDescription": "重新生成邀请时出错。", + "inviteValidityPeriod": "有效期", + "inviteValidityPeriodSelect": "选择有效期", + "inviteRegenerateMessage": "邀请已重新生成。用户必须访问下面的链接才能接受邀请。", + "inviteRegenerateButton": "重新生成", + "expiresAt": "到期于", + "accessRoleUnknown": "未知角色", + "placeholder": "占位符", + "userErrorOrgRemove": "删除用户失败", + "userErrorOrgRemoveDescription": "删除用户时出错。", + "userOrgRemoved": "用户已删除", + "userOrgRemovedDescription": "已将 {email} 从组织中移除。", + "userQuestionOrgRemove": "你确定要将 {email} 从组织中移除吗?", + "userMessageOrgRemove": "一旦删除,这个用户将不再能够访问组织。 你总是可以稍后重新邀请他们,但他们需要再次接受邀请。", + "userMessageOrgConfirm": "请在下面输入用户名称以确认。", + "userRemoveOrgConfirm": "确认删除用户", + "userRemoveOrg": "从组织中删除用户", + "users": "用户", + "accessRoleMember": "成员", + "accessRoleOwner": "所有者", + "userConfirmed": "已确认", + "idpNameInternal": "内部设置", + "emailInvalid": "无效的电子邮件地址", + "inviteValidityDuration": "请选择持续时间", + "accessRoleSelectPlease": "请选择一个角色", + "usernameRequired": "必须输入用户名", + "idpSelectPlease": "请选择身份提供商", + "idpGenericOidc": "通用的 OAuth2/OIDC 提供商。", + "accessRoleErrorFetch": "获取角色失败", + "accessRoleErrorFetchDescription": "获取角色时出错", + "idpErrorFetch": "获取身份提供者失败", + "idpErrorFetchDescription": "获取身份提供者时出错", + "userErrorExists": "用户已存在", + "userErrorExistsDescription": "此用户已经是组织成员。", + "inviteError": "邀请用户失败", + "inviteErrorDescription": "邀请用户时出错", + "userInvited": "用户邀请", + "userInvitedDescription": "用户已被成功邀请。", + "userErrorCreate": "创建用户失败", + "userErrorCreateDescription": "创建用户时出错", + "userCreated": "用户已创建", + "userCreatedDescription": "用户已成功创建。", + "userTypeInternal": "内部用户", + "userTypeInternalDescription": "邀请用户直接加入您的组织。", + "userTypeExternal": "外部用户", + "userTypeExternalDescription": "创建一个具有外部身份提供商的用户。", + "accessUserCreateDescription": "按照下面的步骤创建一个新用户", + "userSeeAll": "查看所有用户", + "userTypeTitle": "用户类型", + "userTypeDescription": "确定如何创建用户", + "userSettings": "用户信息", + "userSettingsDescription": "输入新用户的详细信息", + "inviteEmailSent": "发送邀请邮件给用户", + "inviteValid": "有效", + "selectDuration": "选择持续时间", + "accessRoleSelect": "选择角色", + "inviteEmailSentDescription": "一封电子邮件已经发送给用户,带有下面的访问链接。他们必须访问该链接才能接受邀请。", + "inviteSentDescription": "用户已被邀请。他们必须访问下面的链接才能接受邀请。", + "inviteExpiresIn": "邀请将在{days, plural, other {# 天}}后过期。", + "idpTitle": "身份提供商", + "idpSelect": "为外部用户选择身份提供商", + "idpNotConfigured": "没有配置身份提供者。请在创建外部用户之前配置身份提供者。", + "usernameUniq": "这必须匹配所选身份提供者中存在的唯一用户名。", + "emailOptional": "电子邮件(可选)", + "nameOptional": "名称(可选)", + "accessControls": "访问控制", + "userDescription2": "管理此用户的设置", + "accessRoleErrorAdd": "添加用户到角色失败", + "accessRoleErrorAddDescription": "添加用户到角色时出错。", + "userSaved": "用户已保存", + "userSavedDescription": "用户已更新。", + "accessControlsDescription": "管理此用户在组织中可以访问和做什么", + "accessControlsSubmit": "保存访问控制", + "roles": "角色", + "accessUsersRoles": "管理用户和角色", + "accessUsersRolesDescription": "邀请用户并将他们添加到角色以管理访问您的组织", + "key": "关键字", + "createdAt": "创建于", + "proxyErrorInvalidHeader": "无效的自定义主机头值。使用域名格式,或将空保存为取消自定义主机头。", + "proxyErrorTls": "无效的 TLS 服务器名称。使用域名格式,或保存空以删除 TLS 服务器名称。", + "proxyEnableSSL": "启用 SSL (https)", + "targetErrorFetch": "获取目标失败", + "targetErrorFetchDescription": "获取目标时出错", + "siteErrorFetch": "获取资源失败", + "siteErrorFetchDescription": "获取资源时出错", + "targetErrorDuplicate": "重复的目标", + "targetErrorDuplicateDescription": "具有这些设置的目标已存在", + "targetWireGuardErrorInvalidIp": "无效的目标IP", + "targetWireGuardErrorInvalidIpDescription": "目标IP必须在站点子网内", + "targetsUpdated": "目标已更新", + "targetsUpdatedDescription": "目标和设置更新成功", + "targetsErrorUpdate": "更新目标失败", + "targetsErrorUpdateDescription": "更新目标时出错", + "targetTlsUpdate": "TLS 设置已更新", + "targetTlsUpdateDescription": "您的 TLS 设置已成功更新", + "targetErrorTlsUpdate": "更新 TLS 设置失败", + "targetErrorTlsUpdateDescription": "更新 TLS 设置时出错", + "proxyUpdated": "代理设置已更新", + "proxyUpdatedDescription": "您的代理设置已成功更新", + "proxyErrorUpdate": "更新代理设置失败", + "proxyErrorUpdateDescription": "更新代理设置时出错", + "targetAddr": "IP / 域名", + "targetPort": "端口", + "targetProtocol": "协议", + "targetTlsSettings": "安全连接配置", + "targetTlsSettingsDescription": "配置资源的 SSL/TLS 设置", + "targetTlsSettingsAdvanced": "高级TLS设置", + "targetTlsSni": "TLS 服务器名称 (SNI)", + "targetTlsSniDescription": "SNI使用的 TLS 服务器名称。留空使用默认值。", + "targetTlsSubmit": "保存设置", + "targets": "目标配置", + "targetsDescription": "设置目标来路由流量到您的后端服务", + "targetStickySessions": "启用置顶会话", + "targetStickySessionsDescription": "将连接保持在同一个后端目标的整个会话中。", + "methodSelect": "选择方法", + "targetSubmit": "添加目标", + "targetNoOne": "没有目标。使用表单添加目标。", + "targetNoOneDescription": "在上面添加多个目标将启用负载平衡。", + "targetsSubmit": "保存目标", + "proxyAdditional": "附加代理设置", + "proxyAdditionalDescription": "配置你的资源如何处理代理设置", + "proxyCustomHeader": "自定义主机标题", + "proxyCustomHeaderDescription": "代理请求时设置的主机头。留空则使用默认值。", + "proxyAdditionalSubmit": "保存代理设置", + "subnetMaskErrorInvalid": "子网掩码无效。必须在 0 和 32 之间。", + "ipAddressErrorInvalidFormat": "无效的 IP 地址格式", + "ipAddressErrorInvalidOctet": "无效的 IP 地址", + "path": "路径", + "ipAddressRange": "IP 范围", + "rulesErrorFetch": "获取规则失败", + "rulesErrorFetchDescription": "获取规则时出错", + "rulesErrorDuplicate": "复制规则", + "rulesErrorDuplicateDescription": "带有这些设置的规则已存在", + "rulesErrorInvalidIpAddressRange": "无效的 CIDR", + "rulesErrorInvalidIpAddressRangeDescription": "请输入一个有效的 CIDR 值", + "rulesErrorInvalidUrl": "无效的 URL 路径", + "rulesErrorInvalidUrlDescription": "请输入一个有效的 URL 路径值", + "rulesErrorInvalidIpAddress": "无效的 IP", + "rulesErrorInvalidIpAddressDescription": "请输入一个有效的IP地址", + "rulesErrorUpdate": "更新规则失败", + "rulesErrorUpdateDescription": "更新规则时出错", + "rulesUpdated": "启用规则", + "rulesUpdatedDescription": "规则已更新", + "rulesMatchIpAddressRangeDescription": "以 CIDR 格式输入地址(如:103.21.244.0/22)", + "rulesMatchIpAddress": "输入IP地址(例如,103.21.244.12)", + "rulesMatchUrl": "输入一个 URL 路径或模式(例如/api/v1/todos 或 /api/v1/*)", + "rulesErrorInvalidPriority": "无效的优先级", + "rulesErrorInvalidPriorityDescription": "请输入一个有效的优先级", + "rulesErrorDuplicatePriority": "重复的优先级", + "rulesErrorDuplicatePriorityDescription": "请输入唯一的优先级", + "ruleUpdated": "规则已更新", + "ruleUpdatedDescription": "规则更新成功", + "ruleErrorUpdate": "操作失败", + "ruleErrorUpdateDescription": "保存过程中发生错误", + "rulesPriority": "优先权", + "rulesAction": "行为", + "rulesMatchType": "匹配类型", + "value": "值", + "rulesAbout": "关于规则", + "rulesAboutDescription": "规则使您能够依据特定条件控制资源访问权限。您可以创建基于 IP 地址或 URL 路径的规则,以允许或拒绝访问。", + "rulesActions": "行动", + "rulesActionAlwaysAllow": "总是允许:绕过所有身份验证方法", + "rulesActionAlwaysDeny": "总是拒绝:阻止所有请求;无法尝试验证", + "rulesActionPassToAuth": "传递至认证:允许尝试身份验证方法", + "rulesMatchCriteria": "匹配条件", + "rulesMatchCriteriaIpAddress": "匹配一个指定的 IP 地址", + "rulesMatchCriteriaIpAddressRange": "在 CIDR 符号中匹配一系列IP地址", + "rulesMatchCriteriaUrl": "匹配一个 URL 路径或模式", + "rulesEnable": "启用规则", + "rulesEnableDescription": "启用或禁用此资源的规则评估", + "rulesResource": "资源规则配置", + "rulesResourceDescription": "配置规则来控制对您资源的访问", + "ruleSubmit": "添加规则", + "rulesNoOne": "没有规则。使用表单添加规则。", + "rulesOrder": "规则按优先顺序评定。", + "rulesSubmit": "保存规则", + "resourceErrorCreate": "创建资源时出错", + "resourceErrorCreateDescription": "创建资源时出错", + "resourceErrorCreateMessage": "创建资源时发生错误:", + "resourceErrorCreateMessageDescription": "发生意外错误", + "sitesErrorFetch": "获取站点出错", + "sitesErrorFetchDescription": "获取站点时出错", + "domainsErrorFetch": "获取域名出错", + "domainsErrorFetchDescription": "获取域时出错", + "none": "无", + "unknown": "未知", + "resources": "资源", + "resourcesDescription": "资源是您私有网络中运行的应用程序的代理。您可以为私有网络中的任何 HTTP/HTTPS 或 TCP/UDP 服务创建资源。每个资源都必须连接到一个站点,以通过加密的 WireGuard 隧道实现私密且安全的连接。", + "resourcesWireGuardConnect": "采用 WireGuard 提供的加密安全连接", + "resourcesMultipleAuthenticationMethods": "配置多个身份验证方法", + "resourcesUsersRolesAccess": "基于用户和角色的访问控制", + "resourcesErrorUpdate": "切换资源失败", + "resourcesErrorUpdateDescription": "更新资源时出错", + "access": "访问权限", + "shareLink": "{resource} 的分享链接", + "resourceSelect": "选择资源", + "shareLinks": "分享链接", + "share": "分享链接", + "shareDescription2": "创建资源共享链接。链接提供对资源的临时或无限制访问。 当您创建链接时,您可以配置链接的到期时间。", + "shareEasyCreate": "轻松创建和分享", + "shareConfigurableExpirationDuration": "可配置的过期时间", + "shareSecureAndRevocable": "安全和可撤销的", + "nameMin": "名称长度必须大于 {len} 字符。", + "nameMax": "名称长度必须小于 {len} 字符。", + "sitesConfirmCopy": "请确认您已经复制了配置。", + "unknownCommand": "未知命令", + "newtErrorFetchReleases": "无法获取版本信息: {err}", + "newtErrorFetchLatest": "无法获取最新版信息: {err}", + "newtEndpoint": "Newt 端点", + "newtId": "Newt ID", + "newtSecretKey": "Newt 私钥", + "architecture": "架构", + "sites": "站点", + "siteWgAnyClients": "使用任何 WireGuard 客户端连接。您必须使用对等IP解决您的内部资源。", + "siteWgCompatibleAllClients": "与所有WireGuard客户端兼容", + "siteWgManualConfigurationRequired": "需要手动配置", + "userErrorNotAdminOrOwner": "用户不是管理员或所有者", + "pangolinSettings": "设置 - Pangolin", + "accessRoleYour": "您的角色:", + "accessRoleSelect2": "选择角色", + "accessUserSelect": "选择一个用户", + "otpEmailEnter": "输入电子邮件", + "otpEmailEnterDescription": "在输入字段输入后按回车键添加电子邮件。", + "otpEmailErrorInvalid": "无效的邮箱地址。通配符(*)必须占据整个开头部分。", + "otpEmailSmtpRequired": "需要先配置SMTP", + "otpEmailSmtpRequiredDescription": "必须在服务器上启用SMTP才能使用一次性密码验证。", + "otpEmailTitle": "一次性密码", + "otpEmailTitleDescription": "资源访问需要基于电子邮件的身份验证", + "otpEmailWhitelist": "电子邮件白名单", + "otpEmailWhitelistList": "白名单邮件", + "otpEmailWhitelistListDescription": "只有拥有这些电子邮件地址的用户才能访问此资源。 他们将被提示输入一次性密码发送到他们的电子邮件。 通配符 (*@example.com) 可以用来允许来自一个域名的任何电子邮件地址。", + "otpEmailWhitelistSave": "保存白名单", + "passwordAdd": "添加密码", + "passwordRemove": "删除密码", + "pincodeAdd": "添加 PIN 码", + "pincodeRemove": "移除 PIN 码", + "resourceAuthMethods": "身份验证方法", + "resourceAuthMethodsDescriptions": "允许通过额外的认证方法访问资源", + "resourceAuthSettingsSave": "保存成功", + "resourceAuthSettingsSaveDescription": "已保存身份验证设置", + "resourceErrorAuthFetch": "获取数据失败", + "resourceErrorAuthFetchDescription": "获取数据时出错", + "resourceErrorPasswordRemove": "删除资源密码出错", + "resourceErrorPasswordRemoveDescription": "删除资源密码时出错", + "resourceErrorPasswordSetup": "设置资源密码出错", + "resourceErrorPasswordSetupDescription": "设置资源密码时出错", + "resourceErrorPincodeRemove": "删除资源固定码时出错", + "resourceErrorPincodeRemoveDescription": "删除资源PIN码时出错", + "resourceErrorPincodeSetup": "设置资源 PIN 码时出错", + "resourceErrorPincodeSetupDescription": "设置资源 PIN 码时发生错误", + "resourceErrorUsersRolesSave": "设置角色失败", + "resourceErrorUsersRolesSaveDescription": "设置角色时出错", + "resourceErrorWhitelistSave": "保存白名单失败", + "resourceErrorWhitelistSaveDescription": "保存白名单时出错", + "resourcePasswordSubmit": "启用密码保护", + "resourcePasswordProtection": "密码保护 {status}", + "resourcePasswordRemove": "已删除资源密码", + "resourcePasswordRemoveDescription": "已成功删除资源密码", + "resourcePasswordSetup": "设置资源密码", + "resourcePasswordSetupDescription": "已成功设置资源密码", + "resourcePasswordSetupTitle": "设置密码", + "resourcePasswordSetupTitleDescription": "设置密码来保护此资源", + "resourcePincode": "PIN 码", + "resourcePincodeSubmit": "启用 PIN 码保护", + "resourcePincodeProtection": "PIN 码保护 {status}", + "resourcePincodeRemove": "资源 PIN 码已删除", + "resourcePincodeRemoveDescription": "已成功删除资源 PIN 码", + "resourcePincodeSetup": "资源 PIN 码已设置", + "resourcePincodeSetupDescription": "资源 PIN 码已成功设置", + "resourcePincodeSetupTitle": "设置 PIN 码", + "resourcePincodeSetupTitleDescription": "设置 PIN 码来保护此资源", + "resourceRoleDescription": "管理员总是可以访问此资源。", + "resourceUsersRoles": "用户和角色", + "resourceUsersRolesDescription": "配置用户和角色可以访问此资源", + "resourceUsersRolesSubmit": "保存用户和角色", + "resourceWhitelistSave": "保存成功", + "resourceWhitelistSaveDescription": "白名单设置已保存", + "ssoUse": "使用平台 SSO", + "ssoUseDescription": "对于所有启用此功能的资源,现有用户只需登录一次。", + "proxyErrorInvalidPort": "无效的端口号", + "subdomainErrorInvalid": "无效的子域", + "domainErrorFetch": "获取域名失败", + "domainErrorFetchDescription": "获取域名时出错", + "resourceErrorUpdate": "更新资源失败", + "resourceErrorUpdateDescription": "更新资源时出错", + "resourceUpdated": "资源已更新", + "resourceUpdatedDescription": "资源已成功更新", + "resourceErrorTransfer": "转移资源失败", + "resourceErrorTransferDescription": "转移资源时出错", + "resourceTransferred": "资源已传输", + "resourceTransferredDescription": "资源已成功传输", + "resourceErrorToggle": "切换资源失败", + "resourceErrorToggleDescription": "更新资源时出错", + "resourceVisibilityTitle": "可见性", + "resourceVisibilityTitleDescription": "完全启用或禁用资源可见性", + "resourceGeneral": "常规设置", + "resourceGeneralDescription": "配置此资源的常规设置", + "resourceEnable": "启用资源", + "resourceTransfer": "转移资源", + "resourceTransferDescription": "将此资源转移到另一个站点", + "resourceTransferSubmit": "转移资源", + "siteDestination": "目标站点", + "searchSites": "搜索站点", + "accessRoleCreate": "创建角色", + "accessRoleCreateDescription": "创建一个新角色来分组用户并管理他们的权限。", + "accessRoleCreateSubmit": "创建角色", + "accessRoleCreated": "角色已创建", + "accessRoleCreatedDescription": "角色已成功创建。", + "accessRoleErrorCreate": "创建角色失败", + "accessRoleErrorCreateDescription": "创建角色时出错。", + "accessRoleErrorNewRequired": "需要新角色", + "accessRoleErrorRemove": "删除角色失败", + "accessRoleErrorRemoveDescription": "删除角色时出错。", + "accessRoleName": "角色名称", + "accessRoleQuestionRemove": "您即将删除 {name} 角色。 此操作无法撤销。", + "accessRoleRemove": "删除角色", + "accessRoleRemoveDescription": "从组织中删除角色", + "accessRoleRemoveSubmit": "删除角色", + "accessRoleRemoved": "角色已删除", + "accessRoleRemovedDescription": "角色已成功删除。", + "accessRoleRequiredRemove": "删除此角色之前,请选择一个新角色来转移现有成员。", + "manage": "管理", + "sitesNotFound": "未找到站点。", + "pangolinServerAdmin": "服务器管理员 - Pangolin", + "licenseTierProfessional": "专业许可证", + "licenseTierEnterprise": "企业许可证", + "licenseTierCommercial": "商业许可证", + "licensed": "已授权", + "yes": "是", + "no": "否", + "sitesAdditional": "其他站点", + "licenseKeys": "许可证密钥", + "sitestCountDecrease": "减少站点数量", + "sitestCountIncrease": "增加站点数量", + "idpManage": "管理身份提供商", + "idpManageDescription": "查看和管理系统中的身份提供商", + "idpDeletedDescription": "身份提供商删除成功", + "idpOidc": "OAuth2/OIDC", + "idpQuestionRemove": "你确定要永久删除 \"{name}\" 这个身份提供商吗?", + "idpMessageRemove": "这将删除身份提供者和所有相关的配置。通过此提供者进行身份验证的用户将无法登录。", + "idpMessageConfirm": "要确认,请在下面输入身份提供者的名称。", + "idpConfirmDelete": "确认删除身份提供商", + "idpDelete": "删除身份提供商", + "idp": "身份提供商", + "idpSearch": "搜索身份提供者...", + "idpAdd": "添加身份提供商", + "idpClientIdRequired": "客户端ID 是必需的。", + "idpClientSecretRequired": "客户端密钥是必需的。", + "idpErrorAuthUrlInvalid": "身份验证URL 必须是有效的 URL。", + "idpErrorTokenUrlInvalid": "令牌URL 必须是有效的 URL。", + "idpPathRequired": "标识符路径是必需的。", + "idpScopeRequired": "授权范围是必需的。", + "idpOidcDescription": "配置 OpenID 连接身份提供商", + "idpCreatedDescription": "身份提供商创建成功", + "idpCreate": "创建身份提供商", + "idpCreateDescription": "配置用户身份验证的新身份提供商", + "idpSeeAll": "查看所有身份提供商", + "idpSettingsDescription": "配置身份提供者的基本信息", + "idpDisplayName": "此身份提供商的显示名称", + "idpAutoProvisionUsers": "自动提供用户", + "idpAutoProvisionUsersDescription": "如果启用,用户将在首次登录时自动在系统中创建,并且能够映射用户到角色和组织。", + "licenseBadge": "专业版", + "idpType": "提供者类型", + "idpTypeDescription": "选择您想要配置的身份提供者类型", + "idpOidcConfigure": "OAuth2/OIDC 配置", + "idpOidcConfigureDescription": "配置 OAuth2/OIDC 供应商端点和凭据", + "idpClientId": "客户端ID", + "idpClientIdDescription": "来自您身份提供商的 OAuth2 客户端 ID", + "idpClientSecret": "客户端密钥", + "idpClientSecretDescription": "来自身份提供商的 OAuth2 客户端密钥", + "idpAuthUrl": "授权 URL", + "idpAuthUrlDescription": "OAuth2 授权端点的 URL", + "idpTokenUrl": "令牌 URL", + "idpTokenUrlDescription": "OAuth2 令牌端点的 URL", + "idpOidcConfigureAlert": "重要提示", + "idpOidcConfigureAlertDescription": "创建身份提供方后,您需要在其设置中配置回调 URL。回调 URL 会在创建成功后提供。", + "idpToken": "令牌配置", + "idpTokenDescription": "配置如何从 ID 令牌中提取用户信息", + "idpJmespathAbout": "关于 JMESPath", + "idpJmespathAboutDescription": "以下路径使用 JMESPath 语法从 ID 令牌中提取值。", + "idpJmespathAboutDescriptionLink": "了解更多 JMESPath 信息", + "idpJmespathLabel": "标识符路径", + "idpJmespathLabelDescription": "ID 令牌中用户标识符的路径", + "idpJmespathEmailPathOptional": "邮箱路径(可选)", + "idpJmespathEmailPathOptionalDescription": "ID 令牌中用户邮箱的路径", + "idpJmespathNamePathOptional": "用户名路径(可选)", + "idpJmespathNamePathOptionalDescription": "ID 令牌中用户名的路径", + "idpOidcConfigureScopes": "作用域(Scopes)", + "idpOidcConfigureScopesDescription": "以空格分隔的 OAuth2 请求作用域列表", + "idpSubmit": "创建身份提供商", + "orgPolicies": "组织策略", + "idpSettings": "{idpName} 设置", + "idpCreateSettingsDescription": "配置身份提供商的设置", + "roleMapping": "角色映射", + "orgMapping": "组织映射", + "orgPoliciesSearch": "搜索组织策略...", + "orgPoliciesAdd": "添加组织策略", + "orgRequired": "组织是必填项", + "error": "错误", + "success": "成功", + "orgPolicyAddedDescription": "策略添加成功", + "orgPolicyUpdatedDescription": "策略更新成功", + "orgPolicyDeletedDescription": "已成功删除策略", + "defaultMappingsUpdatedDescription": "默认映射更新成功", + "orgPoliciesAbout": "关于组织政策", + "orgPoliciesAboutDescription": "组织策略用于根据用户的 ID 令牌来控制对组织的访问。 您可以指定 JMESPath 表达式来提取角色和组织信息从 ID 令牌中提取信息。", + "orgPoliciesAboutDescriptionLink": "欲了解更多信息,请参阅文件。", + "defaultMappingsOptional": "默认映射(可选)", + "defaultMappingsOptionalDescription": "当没有为某个组织定义组织的政策时,使用默认映射。 您可以指定默认角色和组织映射回到这里。", + "defaultMappingsRole": "默认角色映射", + "defaultMappingsRoleDescription": "此表达式的结果必须返回组织中定义的角色名称作为字符串。", + "defaultMappingsOrg": "默认组织映射", + "defaultMappingsOrgDescription": "此表达式必须返回 组织ID 或 true 才能允许用户访问组织。", + "defaultMappingsSubmit": "保存默认映射", + "orgPoliciesEdit": "编辑组织策略", + "org": "组织", + "orgSelect": "选择组织", + "orgSearch": "搜索", + "orgNotFound": "找不到组织。", + "roleMappingPathOptional": "角色映射路径(可选)", + "orgMappingPathOptional": "组织映射路径(可选)", + "orgPolicyUpdate": "更新策略", + "orgPolicyAdd": "添加策略", + "orgPolicyConfig": "配置组织访问权限", + "idpUpdatedDescription": "身份提供商更新成功", + "redirectUrl": "重定向网址", + "redirectUrlAbout": "关于重定向网址", + "redirectUrlAboutDescription": "这是用户在验证后将被重定向到的URL。您需要在身份提供商设置中配置此URL。", + "pangolinAuth": "认证 - Pangolin", + "verificationCodeLengthRequirements": "您的验证码必须是8个字符。", + "errorOccurred": "发生错误", + "emailErrorVerify": "验证电子邮件失败:", + "emailVerified": "电子邮件验证成功!重定向您...", + "verificationCodeErrorResend": "无法重新发送验证码:", + "verificationCodeResend": "验证码已重新发送", + "verificationCodeResendDescription": "我们已将验证码重新发送到您的电子邮件地址。请检查您的收件箱。", + "emailVerify": "验证电子邮件", + "emailVerifyDescription": "输入验证码发送到您的电子邮件地址。", + "verificationCode": "验证码", + "verificationCodeEmailSent": "我们向您的电子邮件地址发送了验证码。", + "submit": "提交", + "emailVerifyResendProgress": "正在重新发送...", + "emailVerifyResend": "没有收到代码?点击此处重新发送", + "passwordNotMatch": "密码不匹配", + "signupError": "注册时出错", + "pangolinLogoAlt": "Pangolin 标志", + "inviteAlready": "看起来您已被邀请!", + "inviteAlreadyDescription": "要接受邀请,您必须登录或创建一个帐户。", + "signupQuestion": "已经有一个帐户?", + "login": "登录", + "resourceNotFound": "找不到资源", + "resourceNotFoundDescription": "您要访问的资源不存在。", + "pincodeRequirementsLength": "PIN码必须是6位数字", + "pincodeRequirementsChars": "PIN 必须只包含数字", + "passwordRequirementsLength": "密码必须至少 1 个字符长", + "passwordRequirementsTitle": "密码要求:", + "passwordRequirementLength": "至少8个字符长", + "passwordRequirementUppercase": "至少一个大写字母", + "passwordRequirementLowercase": "至少一个小写字母", + "passwordRequirementNumber": "至少一个数字", + "passwordRequirementSpecial": "至少一个特殊字符", + "passwordRequirementsMet": "✓ 密码满足所有要求", + "passwordStrength": "密码强度", + "passwordStrengthWeak": "弱", + "passwordStrengthMedium": "中", + "passwordStrengthStrong": "强", + "passwordRequirements": "要求:", + "passwordRequirementLengthText": "8+ 个字符", + "passwordRequirementUppercaseText": "大写字母 (A-Z)", + "passwordRequirementLowercaseText": "小写字母 (a-z)", + "passwordRequirementNumberText": "数字 (0-9)", + "passwordRequirementSpecialText": "特殊字符 (!@#$%...)", + "passwordsDoNotMatch": "密码不匹配", + "otpEmailRequirementsLength": "OTP 必须至少 1 个字符长", + "otpEmailSent": "OTP 已发送", + "otpEmailSentDescription": "OTP 已经发送到您的电子邮件", + "otpEmailErrorAuthenticate": "通过电子邮件身份验证失败", + "pincodeErrorAuthenticate": "Pincode 验证失败", + "passwordErrorAuthenticate": "密码验证失败", + "poweredBy": "支持者:", + "authenticationRequired": "需要身份验证", + "authenticationMethodChoose": "请选择您偏好的方式来访问 {name}", + "authenticationRequest": "您必须通过身份验证才能访问 {name}", + "user": "用户", + "pincodeInput": "6位数字 PIN 码", + "pincodeSubmit": "使用PIN登录", + "passwordSubmit": "使用密码登录", + "otpEmailDescription": "一次性代码将发送到此电子邮件。", + "otpEmailSend": "发送一次性代码", + "otpEmail": "一次性密码 (OTP)", + "otpEmailSubmit": "提交 OTP", + "backToEmail": "回到电子邮件", + "noSupportKey": "服务器当前未使用支持者密钥,欢迎支持本项目!", + "accessDenied": "访问被拒绝", + "accessDeniedDescription": "当前账户无权访问此资源。如认为这是错误,请与管理员联系。", + "accessTokenError": "检查访问令牌时出错", + "accessGranted": "已授予访问", + "accessUrlInvalid": "访问 URL 无效", + "accessGrantedDescription": "您已获准访问此资源,正在为您跳转...", + "accessUrlInvalidDescription": "此共享访问URL无效。请联系资源所有者获取新URL。", + "tokenInvalid": "无效的令牌", + "pincodeInvalid": "无效的代码", + "passwordErrorRequestReset": "请求重置失败:", + "passwordErrorReset": "重置密码失败:", + "passwordResetSuccess": "密码重置成功!返回登录...", + "passwordReset": "重置密码", + "passwordResetDescription": "按照步骤重置您的密码", + "passwordResetSent": "我们将发送一个验证码到这个电子邮件地址。", + "passwordResetCode": "验证码", + "passwordResetCodeDescription": "请检查您的电子邮件以获取验证码。", + "passwordNew": "新密码", + "passwordNewConfirm": "确认新密码", + "pincodeAuth": "验证器代码", + "pincodeSubmit2": "提交代码", + "passwordResetSubmit": "请求重置", + "passwordBack": "回到密码", + "loginBack": "返回登录", + "signup": "注册", + "loginStart": "登录以开始", + "idpOidcTokenValidating": "正在验证 OIDC 令牌", + "idpOidcTokenResponse": "验证 OIDC 令牌响应", + "idpErrorOidcTokenValidating": "验证 OIDC 令牌出错", + "idpConnectingTo": "连接到{name}", + "idpConnectingToDescription": "正在验证您的身份", + "idpConnectingToProcess": "正在连接...", + "idpConnectingToFinished": "已连接", + "idpErrorConnectingTo": "无法连接到 {name},请联系管理员协助处理。", + "idpErrorNotFound": "找不到 IdP", + "inviteInvalid": "无效邀请", + "inviteInvalidDescription": "邀请链接无效。", + "inviteErrorWrongUser": "邀请不是该用户的", + "inviteErrorUserNotExists": "用户不存在。请先创建帐户。", + "inviteErrorLoginRequired": "您必须登录才能接受邀请", + "inviteErrorExpired": "邀请可能已过期", + "inviteErrorRevoked": "邀请可能已被吊销了", + "inviteErrorTypo": "邀请链接中可能有一个类型", + "pangolinSetup": "认证 - Pangolin", + "orgNameRequired": "组织名称是必需的", + "orgIdRequired": "组织ID是必需的", + "orgErrorCreate": "创建组织时出错", + "pageNotFound": "找不到页面", + "pageNotFoundDescription": "哎呀!您正在查找的页面不存在。", + "overview": "概览", + "home": "首页", + "accessControl": "访问控制", + "settings": "设置", + "usersAll": "所有用户", + "license": "许可协议", + "pangolinDashboard": "仪表板 - Pangolin", + "noResults": "未找到任何结果。", + "terabytes": "{count} TB", + "gigabytes": "{count} GB", + "megabytes": "{count} MB", + "tagsEntered": "已输入的标签", + "tagsEnteredDescription": "这些是您输入的标签。", + "tagsWarnCannotBeLessThanZero": "最大标签和最小标签不能小于 0", + "tagsWarnNotAllowedAutocompleteOptions": "标记不允许为每个自动完成选项", + "tagsWarnInvalid": "无效的标签,每个有效标签", + "tagWarnTooShort": "标签 {tagText} 太短", + "tagWarnTooLong": "标签 {tagText} 太长", + "tagsWarnReachedMaxNumber": "已达到允许标签的最大数量", + "tagWarnDuplicate": "未添加重复标签 {tagText}", + "supportKeyInvalid": "无效密钥", + "supportKeyInvalidDescription": "您的支持者密钥无效。", + "supportKeyValid": "有效的密钥", + "supportKeyValidDescription": "您的支持者密钥已被验证。感谢您的支持!", + "supportKeyErrorValidationDescription": "验证支持者密钥失败。", + "supportKey": "支持开发和通过一个 Pangolin !", + "supportKeyDescription": "购买支持者钥匙,帮助我们继续为社区发展 Pangolin 。 您的贡献使我们能够投入更多的时间来维护和添加所有人的新功能。 我们永远不会用这个来支付墙上的功能。这与任何商业版是分开的。", + "supportKeyPet": "您还可以领养并见到属于自己的 Pangolin!", + "supportKeyPurchase": "付款通过 GitHub 进行处理,之后您可以在以下位置获取您的密钥:", + "supportKeyPurchaseLink": "我们的网站", + "supportKeyPurchase2": "并在这里兑换。", + "supportKeyLearnMore": "了解更多。", + "supportKeyOptions": "请选择最适合您的选项。", + "supportKetOptionFull": "完全支持者", + "forWholeServer": "适用于整个服务器", + "lifetimePurchase": "终身购买", + "supporterStatus": "支持者状态", + "buy": "购买", + "supportKeyOptionLimited": "有限支持者", + "forFiveUsers": "适用于 5 或更少用户", + "supportKeyRedeem": "兑换支持者密钥", + "supportKeyHideSevenDays": "隐藏7天", + "supportKeyEnter": "输入支持者密钥", + "supportKeyEnterDescription": "见到你自己的 Pangolin!", + "githubUsername": "GitHub 用户名", + "supportKeyInput": "支持者密钥", + "supportKeyBuy": "购买支持者密钥", + "logoutError": "注销错误", + "signingAs": "登录为", + "serverAdmin": "服务器管理员", + "managedSelfhosted": "托管自托管", + "otpEnable": "启用双因子认证", + "otpDisable": "禁用双因子认证", + "logout": "登出", + "licenseTierProfessionalRequired": "需要专业版", + "licenseTierProfessionalRequiredDescription": "此功能仅在专业版可用。", + "actionGetOrg": "获取组织", + "actionUpdateOrg": "更新组织", + "actionUpdateUser": "更新用户", + "actionGetUser": "获取用户", + "actionGetOrgUser": "获取组织用户", + "actionListOrgDomains": "列出组织域", + "actionCreateSite": "创建站点", + "actionDeleteSite": "删除站点", + "actionGetSite": "获取站点", + "actionListSites": "站点列表", + "setupToken": "设置令牌", + "setupTokenDescription": "从服务器控制台输入设置令牌。", + "setupTokenRequired": "需要设置令牌", + "actionUpdateSite": "更新站点", + "actionListSiteRoles": "允许站点角色列表", + "actionCreateResource": "创建资源", + "actionDeleteResource": "删除资源", + "actionGetResource": "获取资源", + "actionListResource": "列出资源", + "actionUpdateResource": "更新资源", + "actionListResourceUsers": "列出资源用户", + "actionSetResourceUsers": "设置资源用户", + "actionSetAllowedResourceRoles": "设置允许的资源角色", + "actionListAllowedResourceRoles": "列出允许的资源角色", + "actionSetResourcePassword": "设置资源密码", + "actionSetResourcePincode": "设置资源粉码", + "actionSetResourceEmailWhitelist": "设置资源电子邮件白名单", + "actionGetResourceEmailWhitelist": "获取资源电子邮件白名单", + "actionCreateTarget": "创建目标", + "actionDeleteTarget": "删除目标", + "actionGetTarget": "获取目标", + "actionListTargets": "列表目标", + "actionUpdateTarget": "更新目标", + "actionCreateRole": "创建角色", + "actionDeleteRole": "删除角色", + "actionGetRole": "获取角色", + "actionListRole": "角色列表", + "actionUpdateRole": "更新角色", + "actionListAllowedRoleResources": "列表允许的角色资源", + "actionInviteUser": "邀请用户", + "actionRemoveUser": "删除用户", + "actionListUsers": "列出用户", + "actionAddUserRole": "添加用户角色", + "actionGenerateAccessToken": "生成访问令牌", + "actionDeleteAccessToken": "删除访问令牌", + "actionListAccessTokens": "访问令牌", + "actionCreateResourceRule": "创建资源规则", + "actionDeleteResourceRule": "删除资源规则", + "actionListResourceRules": "列出资源规则", + "actionUpdateResourceRule": "更新资源规则", + "actionListOrgs": "列出组织", + "actionCheckOrgId": "检查组织ID", + "actionCreateOrg": "创建组织", + "actionDeleteOrg": "删除组织", + "actionListApiKeys": "列出API密钥", + "actionListApiKeyActions": "列出API密钥动作", + "actionSetApiKeyActions": "设置 API 密钥允许的操作", + "actionCreateApiKey": "创建 API 密钥", + "actionDeleteApiKey": "删除 API 密钥", + "actionCreateIdp": "创建IDP", + "actionUpdateIdp": "更新IDP", + "actionDeleteIdp": "删除IDP", + "actionListIdps": "列出IDP", + "actionGetIdp": "获取IDP", + "actionCreateIdpOrg": "创建 IDP组织策略", + "actionDeleteIdpOrg": "删除 IDP组织策略", + "actionListIdpOrgs": "列出 IDP组织", + "actionUpdateIdpOrg": "更新 IDP组织", + "actionCreateClient": "创建客户端", + "actionDeleteClient": "删除客户端", + "actionUpdateClient": "更新客户端", + "actionListClients": "列出客户端", + "actionGetClient": "获取客户端", + "actionCreateSiteResource": "创建站点资源", + "actionDeleteSiteResource": "删除站点资源", + "actionGetSiteResource": "获取站点资源", + "actionListSiteResources": "列出站点资源", + "actionUpdateSiteResource": "更新站点资源", + "actionListInvitations": "邀请列表", + "noneSelected": "未选择", + "orgNotFound2": "未找到组织。", + "searchProgress": "搜索中...", + "create": "创建", + "orgs": "组织", + "loginError": "登录时出错", + "passwordForgot": "忘记密码?", + "otpAuth": "两步验证", + "otpAuthDescription": "从您的身份验证程序中输入代码或您的单次备份代码。", + "otpAuthSubmit": "提交代码", + "idpContinue": "或者继续", + "otpAuthBack": "返回登录", + "navbar": "导航菜单", + "navbarDescription": "应用程序的主导航菜单", + "navbarDocsLink": "文件", + "commercialEdition": "商业版", + "otpErrorEnable": "无法启用 2FA", + "otpErrorEnableDescription": "启用 2FA 时出错", + "otpSetupCheckCode": "请输入您的6位数字代码", + "otpSetupCheckCodeRetry": "无效的代码。请重试。", + "otpSetup": "启用两步验证", + "otpSetupDescription": "用额外的保护层来保护您的帐户", + "otpSetupScanQr": "用您的身份验证程序扫描此二维码或手动输入密钥:", + "otpSetupSecretCode": "验证器代码", + "otpSetupSuccess": "启用两步验证", + "otpSetupSuccessStoreBackupCodes": "您的帐户现在更加安全。不要忘记保存您的备份代码。", + "otpErrorDisable": "无法禁用 2FA", + "otpErrorDisableDescription": "禁用2FA 时出错", + "otpRemove": "禁用两步验证", + "otpRemoveDescription": "为您的帐户禁用两步验证", + "otpRemoveSuccess": "双重身份验证已禁用", + "otpRemoveSuccessMessage": "您的帐户已禁用双重身份验证。您可以随时再次启用它。", + "otpRemoveSubmit": "禁用两步验证", + "paginator": "第 {current} 页,共 {last} 页", + "paginatorToFirst": "转到第一页", + "paginatorToPrevious": "转到上一页", + "paginatorToNext": "转到下一页", + "paginatorToLast": "转到最后一页", + "copyText": "复制文本", + "copyTextFailed": "复制文本失败: ", + "copyTextClipboard": "复制到剪贴板", + "inviteErrorInvalidConfirmation": "无效确认", + "passwordRequired": "必须填写密码", + "allowAll": "允许所有", + "permissionsAllowAll": "允许所有权限", + "githubUsernameRequired": "必须填写 GitHub 用户名", + "supportKeyRequired": "必须填写支持者密钥", + "passwordRequirementsChars": "密码至少需要 8 个字符", + "language": "语言", + "verificationCodeRequired": "必须输入代码", + "userErrorNoUpdate": "没有要更新的用户", + "siteErrorNoUpdate": "没有要更新的站点", + "resourceErrorNoUpdate": "没有可更新的资源", + "authErrorNoUpdate": "没有要更新的身份验证信息", + "orgErrorNoUpdate": "没有要更新的组织", + "orgErrorNoProvided": "未提供组织", + "apiKeysErrorNoUpdate": "没有要更新的 API 密钥", + "sidebarOverview": "概览", + "sidebarHome": "首页", + "sidebarSites": "站点", + "sidebarResources": "资源", + "sidebarAccessControl": "访问控制", + "sidebarUsers": "用户", + "sidebarInvitations": "邀请", + "sidebarRoles": "角色", + "sidebarShareableLinks": "分享链接", + "sidebarApiKeys": "API密钥", + "sidebarSettings": "设置", + "sidebarAllUsers": "所有用户", + "sidebarIdentityProviders": "身份提供商", + "sidebarLicense": "证书", + "sidebarClients": "客户端(测试版)", + "sidebarDomains": "域", + "enableDockerSocket": "启用停靠套接字", + "enableDockerSocketDescription": "启用 Docker Socket 发现以填充容器信息。必须向 Newt 提供 Socket 路径。", + "enableDockerSocketLink": "了解更多", + "viewDockerContainers": "查看停靠容器", + "containersIn": "{siteName} 中的容器", + "selectContainerDescription": "选择任何容器作为目标的主机名。点击端口使用端口。", + "containerName": "名称", + "containerImage": "图片", + "containerState": "状态", + "containerNetworks": "网络", + "containerHostnameIp": "主机名/IP", + "containerLabels": "标签", + "containerLabelsCount": "{count, plural, other {# 标签}}", + "containerLabelsTitle": "容器标签", + "containerLabelEmpty": "", + "containerPorts": "端口", + "containerPortsMore": "+{count} 更多", + "containerActions": "行动", + "select": "选择", + "noContainersMatchingFilters": "没有找到匹配当前过滤器的容器。", + "showContainersWithoutPorts": "显示没有端口的容器", + "showStoppedContainers": "显示已停止的容器", + "noContainersFound": "未找到容器。请确保Docker容器正在运行。", + "searchContainersPlaceholder": "在 {count} 个容器中搜索...", + "searchResultsCount": "{count, plural, other {# 个结果}}", + "filters": "筛选器", + "filterOptions": "过滤器选项", + "filterPorts": "端口", + "filterStopped": "已停止", + "clearAllFilters": "清除所有过滤器", + "columns": "列", + "toggleColumns": "切换列", + "refreshContainersList": "刷新容器列表", + "searching": "搜索中...", + "noContainersFoundMatching": "未找到与 \"{filter}\" 匹配的容器。", + "light": "浅色", + "dark": "深色", + "system": "系统", + "theme": "主题", + "subnetRequired": "子网是必填项", + "initialSetupTitle": "初始服务器设置", + "initialSetupDescription": "创建初始服务器管理员帐户。 只能存在一个服务器管理员。 您可以随时更改这些凭据。", + "createAdminAccount": "创建管理员帐户", + "setupErrorCreateAdmin": "创建服务器管理员账户时发生错误。", + "certificateStatus": "证书状态", + "loading": "加载中", + "restart": "重启", + "domains": "域", + "domainsDescription": "管理您的组织域", + "domainsSearch": "搜索域...", + "domainAdd": "添加域", + "domainAddDescription": "在您的组织中注册新域", + "domainCreate": "创建域", + "domainCreatedDescription": "域创建成功", + "domainDeletedDescription": "成功删除域", + "domainQuestionRemove": "您确定要从您的账户中移除域{domain}吗?", + "domainMessageRemove": "移除后,该域将不再与您的账户关联。", + "domainMessageConfirm": "要确认,请在下方输入域名。", + "domainConfirmDelete": "确认删除域", + "domainDelete": "删除域", + "domain": "域", + "selectDomainTypeNsName": "域委派(NS)", + "selectDomainTypeNsDescription": "此域及其所有子域。当您希望控制整个域区域时使用此选项。", + "selectDomainTypeCnameName": "单个域(CNAME)", + "selectDomainTypeCnameDescription": "仅此特定域。用于单个子域或特定域条目。", + "selectDomainTypeWildcardName": "通配符域", + "selectDomainTypeWildcardDescription": "此域名及其子域名。", + "domainDelegation": "单个域", + "selectType": "选择一个类型", + "actions": "操作", + "refresh": "刷新", + "refreshError": "刷新数据失败", + "verified": "已验证", + "pending": "待定", + "sidebarBilling": "计费", + "billing": "计费", + "orgBillingDescription": "管理您的账单信息和订阅", + "github": "GitHub", + "pangolinHosted": "Pangolin 托管", + "fossorial": "Fossorial", + "completeAccountSetup": "完成账户设置", + "completeAccountSetupDescription": "设置您的密码以开始", + "accountSetupSent": "我们将发送账号设置代码到该电子邮件地址。", + "accountSetupCode": "设置代码", + "accountSetupCodeDescription": "请检查您的邮箱以获取设置代码。", + "passwordCreate": "创建密码", + "passwordCreateConfirm": "确认密码", + "accountSetupSubmit": "发送设置代码", + "completeSetup": "完成设置", + "accountSetupSuccess": "账号设置完成!欢迎来到 Pangolin!", + "documentation": "文档", + "saveAllSettings": "保存所有设置", + "settingsUpdated": "设置已更新", + "settingsUpdatedDescription": "所有设置已成功更新", + "settingsErrorUpdate": "设置更新失败", + "settingsErrorUpdateDescription": "更新设置时发生错误", + "sidebarCollapse": "折叠", + "sidebarExpand": "展开", + "newtUpdateAvailable": "更新可用", + "newtUpdateAvailableInfo": "新版本的 Newt 已可用。请更新到最新版本以获得最佳体验。", + "domainPickerEnterDomain": "域名", + "domainPickerPlaceholder": "myapp.example.com、api.v1.mydomain.com 或仅 myapp", + "domainPickerDescription": "输入资源的完整域名以查看可用选项。", + "domainPickerDescriptionSaas": "输入完整域名、子域或名称以查看可用选项。", + "domainPickerTabAll": "所有", + "domainPickerTabOrganization": "组织", + "domainPickerTabProvided": "提供的", + "domainPickerSortAsc": "A-Z", + "domainPickerSortDesc": "Z-A", + "domainPickerCheckingAvailability": "检查可用性...", + "domainPickerNoMatchingDomains": "未找到匹配的域名。尝试不同的域名或检查您组织的域名设置。", + "domainPickerOrganizationDomains": "组织域", + "domainPickerProvidedDomains": "提供的域", + "domainPickerSubdomain": "子域:{subdomain}", + "domainPickerNamespace": "命名空间:{namespace}", + "domainPickerShowMore": "显示更多", + "domainNotFound": "域未找到", + "domainNotFoundDescription": "此资源已禁用,因为该域不再在我们的系统中存在。请为此资源设置一个新域。", + "failed": "失败", + "createNewOrgDescription": "创建一个新组织", + "organization": "组织", + "port": "端口", + "securityKeyManage": "管理安全密钥", + "securityKeyDescription": "添加或删除用于无密码认证的安全密钥", + "securityKeyRegister": "注册新的安全密钥", + "securityKeyList": "您的安全密钥", + "securityKeyNone": "尚未注册安全密钥", + "securityKeyNameRequired": "名称为必填项", + "securityKeyRemove": "删除", + "securityKeyLastUsed": "上次使用:{date}", + "securityKeyNameLabel": "名称", + "securityKeyRegisterSuccess": "安全密钥注册成功", + "securityKeyRegisterError": "注册安全密钥失败", + "securityKeyRemoveSuccess": "安全密钥删除成功", + "securityKeyRemoveError": "删除安全密钥失败", + "securityKeyLoadError": "加载安全密钥失败", + "securityKeyLogin": "使用安全密钥继续", + "securityKeyAuthError": "使用安全密钥认证失败", + "securityKeyRecommendation": "考虑在其他设备上注册另一个安全密钥,以确保不会被锁定在您的账户之外。", + "registering": "注册中...", + "securityKeyPrompt": "请使用您的安全密钥验证身份。确保您的安全密钥已连接并准备好。", + "securityKeyBrowserNotSupported": "您的浏览器不支持安全密钥。请使用像 Chrome、Firefox 或 Safari 这样的现代浏览器。", + "securityKeyPermissionDenied": "请允许访问您的安全密钥以继续登录。", + "securityKeyRemovedTooQuickly": "请保持您的安全密钥连接,直到登录过程完成。", + "securityKeyNotSupported": "您的安全密钥可能不兼容。请尝试不同的安全密钥。", + "securityKeyUnknownError": "使用安全密钥时出现问题。请再试一次。", + "twoFactorRequired": "注册安全密钥需要两步验证。", + "twoFactor": "两步验证", + "adminEnabled2FaOnYourAccount": "管理员已为{email}启用两步验证。请完成设置以继续。", + "continueToApplication": "继续到应用程序", + "securityKeyAdd": "添加安全密钥", + "securityKeyRegisterTitle": "注册新安全密钥", + "securityKeyRegisterDescription": "连接您的安全密钥并输入名称以便识别", + "securityKeyTwoFactorRequired": "要求两步验证", + "securityKeyTwoFactorDescription": "请输入你的两步验证代码以注册安全密钥", + "securityKeyTwoFactorRemoveDescription": "请输入你的两步验证代码以移除安全密钥", + "securityKeyTwoFactorCode": "双因素代码", + "securityKeyRemoveTitle": "移除安全密钥", + "securityKeyRemoveDescription": "输入您的密码以移除安全密钥 \"{name}\"", + "securityKeyNoKeysRegistered": "没有注册安全密钥", + "securityKeyNoKeysDescription": "添加安全密钥以加强您的账户安全", + "createDomainRequired": "必须输入域", + "createDomainAddDnsRecords": "添加 DNS 记录", + "createDomainAddDnsRecordsDescription": "将以下 DNS 记录添加到您的域名提供商以完成设置。", + "createDomainNsRecords": "NS 记录", + "createDomainRecord": "记录", + "createDomainType": "类型:", + "createDomainName": "名称:", + "createDomainValue": "值:", + "createDomainCnameRecords": "CNAME 记录", + "createDomainARecords": "A记录", + "createDomainRecordNumber": "记录 {number}", + "createDomainTxtRecords": "TXT 记录", + "createDomainSaveTheseRecords": "保存这些记录", + "createDomainSaveTheseRecordsDescription": "务必保存这些 DNS 记录,因为您将无法再次查看它们。", + "createDomainDnsPropagation": "DNS 传播", + "createDomainDnsPropagationDescription": "DNS 更改可能需要一些时间才能在互联网上传播。这可能需要从几分钟到 48 小时,具体取决于您的 DNS 提供商和 TTL 设置。", + "resourcePortRequired": "非 HTTP 资源必须输入端口号", + "resourcePortNotAllowed": "HTTP 资源不应设置端口号", + "signUpTerms": { + "IAgreeToThe": "我同意", + "termsOfService": "服务条款", + "and": "和", + "privacyPolicy": "隐私政策" + }, + "siteRequired": "需要站点。", + "olmTunnel": "Olm 隧道", + "olmTunnelDescription": "使用 Olm 进行客户端连接", + "errorCreatingClient": "创建客户端出错", + "clientDefaultsNotFound": "未找到客户端默认值", + "createClient": "创建客户端", + "createClientDescription": "创建一个新客户端来连接您的站点", + "seeAllClients": "查看所有客户端", + "clientInformation": "客户端信息", + "clientNamePlaceholder": "客户端名称", + "address": "地址", + "subnetPlaceholder": "子网", + "addressDescription": "此客户端将用于连接的地址", + "selectSites": "选择站点", + "sitesDescription": "客户端将与所选站点进行连接", + "clientInstallOlm": "安装 Olm", + "clientInstallOlmDescription": "在您的系统上运行 Olm", + "clientOlmCredentials": "Olm 凭据", + "clientOlmCredentialsDescription": "这是 Olm 服务器的身份验证方式", + "olmEndpoint": "Olm 端点", + "olmId": "Olm ID", + "olmSecretKey": "Olm 私钥", + "clientCredentialsSave": "保存您的凭据", + "clientCredentialsSaveDescription": "该信息仅会显示一次,请确保将其复制到安全位置。", + "generalSettingsDescription": "配置此客户端的常规设置", + "clientUpdated": "客户端已更新", + "clientUpdatedDescription": "客户端已更新。", + "clientUpdateFailed": "更新客户端失败", + "clientUpdateError": "更新客户端时出错。", + "sitesFetchFailed": "获取站点失败", + "sitesFetchError": "获取站点时出错。", + "olmErrorFetchReleases": "获取 Olm 发布版本时出错。", + "olmErrorFetchLatest": "获取最新 Olm 发布版本时出错。", + "remoteSubnets": "远程子网", + "enterCidrRange": "输入 CIDR 范围", + "remoteSubnetsDescription": "添加可以通过客户端远程访问该站点的CIDR范围。使用类似10.0.0.0/24的格式。这仅适用于VPN客户端连接。", + "resourceEnableProxy": "启用公共代理", + "resourceEnableProxyDescription": "启用到此资源的公共代理。这允许外部网络通过开放端口访问资源。需要 Traefik 配置。", + "externalProxyEnabled": "外部代理已启用", + "addNewTarget": "添加新目标", + "targetsList": "目标列表", + "targetErrorDuplicateTargetFound": "找到重复的目标", + "httpMethod": "HTTP 方法", + "selectHttpMethod": "选择 HTTP 方法", + "domainPickerSubdomainLabel": "子域名", + "domainPickerBaseDomainLabel": "根域名", + "domainPickerSearchDomains": "搜索域名...", + "domainPickerNoDomainsFound": "未找到域名", + "domainPickerLoadingDomains": "加载域名...", + "domainPickerSelectBaseDomain": "选择根域名...", + "domainPickerNotAvailableForCname": "不适用于CNAME域", + "domainPickerEnterSubdomainOrLeaveBlank": "输入子域名或留空以使用根域名。", + "domainPickerEnterSubdomainToSearch": "输入一个子域名以搜索并从可用免费域名中选择。", + "domainPickerFreeDomains": "免费域名", + "domainPickerSearchForAvailableDomains": "搜索可用域名", + "resourceDomain": "域名", + "resourceEditDomain": "编辑域名", + "siteName": "站点名称", + "proxyPort": "端口", + "resourcesTableProxyResources": "代理资源", + "resourcesTableClientResources": "客户端资源", + "resourcesTableNoProxyResourcesFound": "未找到代理资源。", + "resourcesTableNoInternalResourcesFound": "未找到内部资源。", + "resourcesTableDestination": "目标", + "resourcesTableTheseResourcesForUseWith": "这些资源供...使用", + "resourcesTableClients": "客户端", + "resourcesTableAndOnlyAccessibleInternally": "且仅在与客户端连接时可内部访问。", + "editInternalResourceDialogEditClientResource": "编辑客户端资源", + "editInternalResourceDialogUpdateResourceProperties": "更新{resourceName}的资源属性和目标配置。", + "editInternalResourceDialogResourceProperties": "资源属性", + "editInternalResourceDialogName": "名称", + "editInternalResourceDialogProtocol": "协议", + "editInternalResourceDialogSitePort": "站点端口", + "editInternalResourceDialogTargetConfiguration": "目标配置", + "editInternalResourceDialogDestinationIP": "目标IP", + "editInternalResourceDialogDestinationPort": "目标端口", + "editInternalResourceDialogCancel": "取消", + "editInternalResourceDialogSaveResource": "保存资源", + "editInternalResourceDialogSuccess": "成功", + "editInternalResourceDialogInternalResourceUpdatedSuccessfully": "内部资源更新成功", + "editInternalResourceDialogError": "错误", + "editInternalResourceDialogFailedToUpdateInternalResource": "更新内部资源失败", + "editInternalResourceDialogNameRequired": "名称为必填项", + "editInternalResourceDialogNameMaxLength": "名称长度必须小于255个字符", + "editInternalResourceDialogProxyPortMin": "代理端口必须至少为1", + "editInternalResourceDialogProxyPortMax": "代理端口必须小于65536", + "editInternalResourceDialogInvalidIPAddressFormat": "无效的IP地址格式", + "editInternalResourceDialogDestinationPortMin": "目标端口必须至少为1", + "editInternalResourceDialogDestinationPortMax": "目标端口必须小于65536", + "createInternalResourceDialogNoSitesAvailable": "暂无可用站点", + "createInternalResourceDialogNoSitesAvailableDescription": "您需要至少配置一个子网的Newt站点来创建内部资源。", + "createInternalResourceDialogClose": "关闭", + "createInternalResourceDialogCreateClientResource": "创建客户端资源", + "createInternalResourceDialogCreateClientResourceDescription": "创建一个新资源,该资源将可供连接到所选站点的客户端访问。", + "createInternalResourceDialogResourceProperties": "资源属性", + "createInternalResourceDialogName": "名称", + "createInternalResourceDialogSite": "站点", + "createInternalResourceDialogSelectSite": "选择站点...", + "createInternalResourceDialogSearchSites": "搜索站点...", + "createInternalResourceDialogNoSitesFound": "未找到站点。", + "createInternalResourceDialogProtocol": "协议", + "createInternalResourceDialogTcp": "TCP", + "createInternalResourceDialogUdp": "UDP", + "createInternalResourceDialogSitePort": "站点端口", + "createInternalResourceDialogSitePortDescription": "使用此端口在连接到客户端时访问站点上的资源。", + "createInternalResourceDialogTargetConfiguration": "目标配置", + "createInternalResourceDialogDestinationIP": "目标IP", + "createInternalResourceDialogDestinationIPDescription": "站点网络上资源的IP地址。", + "createInternalResourceDialogDestinationPort": "目标端口", + "createInternalResourceDialogDestinationPortDescription": "资源在目标IP上可访问的端口。", + "createInternalResourceDialogCancel": "取消", + "createInternalResourceDialogCreateResource": "创建资源", + "createInternalResourceDialogSuccess": "成功", + "createInternalResourceDialogInternalResourceCreatedSuccessfully": "内部资源创建成功", + "createInternalResourceDialogError": "错误", + "createInternalResourceDialogFailedToCreateInternalResource": "创建内部资源失败", + "createInternalResourceDialogNameRequired": "名称为必填项", + "createInternalResourceDialogNameMaxLength": "名称长度必须小于255个字符", + "createInternalResourceDialogPleaseSelectSite": "请选择一个站点", + "createInternalResourceDialogProxyPortMin": "代理端口必须至少为1", + "createInternalResourceDialogProxyPortMax": "代理端口必须小于65536", + "createInternalResourceDialogInvalidIPAddressFormat": "无效的IP地址格式", + "createInternalResourceDialogDestinationPortMin": "目标端口必须至少为1", + "createInternalResourceDialogDestinationPortMax": "目标端口必须小于65536", + "siteConfiguration": "配置", + "siteAcceptClientConnections": "接受客户端连接", + "siteAcceptClientConnectionsDescription": "允许其他设备通过此Newt实例使用客户端作为网关连接。", + "siteAddress": "站点地址", + "siteAddressDescription": "指定主机的IP地址以供客户端连接。这是Pangolin网络中站点的内部地址,供客户端访问。必须在Org子网内。", + "autoLoginExternalIdp": "自动使用外部IDP登录", + "autoLoginExternalIdpDescription": "立即将用户重定向到外部IDP进行身份验证。", + "selectIdp": "选择IDP", + "selectIdpPlaceholder": "选择一个IDP...", + "selectIdpRequired": "在启用自动登录时,请选择一个IDP。", + "autoLoginTitle": "重定向中", + "autoLoginDescription": "正在将您重定向到外部身份提供商进行身份验证。", + "autoLoginProcessing": "准备身份验证...", + "autoLoginRedirecting": "重定向到登录...", + "autoLoginError": "自动登录错误", + "autoLoginErrorNoRedirectUrl": "未从身份提供商收到重定向URL。", + "autoLoginErrorGeneratingUrl": "生成身份验证URL失败。", + "managedSelfHosted": { + "title": "托管自托管", + "description": "更可靠和低维护自我托管的 Pangolin 服务器,带有额外的铃声和告密器", + "introTitle": "托管自托管的潘戈林公司", + "introDescription": "这是一种部署选择,为那些希望简洁和额外可靠的人设计,同时仍然保持他们的数据的私密性和自我托管性。", + "introDetail": "通过此选项,您仍然运行您自己的 Pangolin 节点 — — 您的隧道、SSL 终止,并且流量在您的服务器上保持所有状态。 不同之处在于,管理和监测是通过我们的云层仪表板进行的,该仪表板开启了一些好处:", + "benefitSimplerOperations": { + "title": "简单的操作", + "description": "无需运行您自己的邮件服务器或设置复杂的警报。您将从方框中获得健康检查和下限提醒。" + }, + "benefitAutomaticUpdates": { + "title": "自动更新", + "description": "云仪表盘快速演化,所以您可以获得新的功能和错误修复,而不必每次手动拉取新的容器。" + }, + "benefitLessMaintenance": { + "title": "减少维护时间", + "description": "没有要管理的数据库迁移、备份或额外的基础设施。我们在云端处理这个问题。" + }, + "benefitCloudFailover": { + "title": "云失败", + "description": "如果您的节点被关闭,您的隧道可能暂时无法连接到我们的云端,直到您将其重新连接上线。" + }, + "benefitHighAvailability": { + "title": "高可用率(PoPs)", + "description": "您还可以将多个节点添加到您的帐户中以获取冗余和更好的性能。" + }, + "benefitFutureEnhancements": { + "title": "将来的改进", + "description": "我们正在计划添加更多的分析、警报和管理工具,使你的部署更加有力。" + }, + "docsAlert": { + "text": "在我们中更多地了解管理下的自托管选项", + "documentation": "文档" + }, + "convertButton": "将此节点转换为管理自托管的" + }, + "internationaldomaindetected": "检测到国际域", + "willbestoredas": "储存为:" +} diff --git a/next.config.mjs b/next.config.mjs index fce5b1fa..c870f1c1 100644 --- a/next.config.mjs +++ b/next.config.mjs @@ -1,9 +1,13 @@ -/** @type {import('next').NextConfig} */ +import createNextIntlPlugin from "next-intl/plugin"; + +const withNextIntl = createNextIntlPlugin(); + +/** @type {import("next").NextConfig} */ const nextConfig = { eslint: { - ignoreDuringBuilds: true, + ignoreDuringBuilds: true }, output: "standalone" }; -export default nextConfig; +export default withNextIntl(nextConfig); diff --git a/package-lock.json b/package-lock.json index 20cb9e5a..2d8db128 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,115 +9,125 @@ "version": "0.0.0", "license": "SEE LICENSE IN LICENSE AND README.md", "dependencies": { - "@asteasolutions/zod-to-openapi": "^7.3.0", + "@asteasolutions/zod-to-openapi": "^7.3.4", "@hookform/resolvers": "3.9.1", - "@node-rs/argon2": "2.0.2", + "@node-rs/argon2": "^2.0.2", "@oslojs/crypto": "1.0.1", "@oslojs/encoding": "1.1.0", - "@radix-ui/react-avatar": "1.1.2", - "@radix-ui/react-checkbox": "1.1.3", - "@radix-ui/react-collapsible": "1.1.2", - "@radix-ui/react-dialog": "1.1.4", - "@radix-ui/react-dropdown-menu": "2.1.4", + "@radix-ui/react-avatar": "1.1.10", + "@radix-ui/react-checkbox": "1.3.3", + "@radix-ui/react-collapsible": "1.1.12", + "@radix-ui/react-dialog": "1.1.15", + "@radix-ui/react-dropdown-menu": "2.1.16", "@radix-ui/react-icons": "1.3.2", - "@radix-ui/react-label": "2.1.1", - "@radix-ui/react-popover": "1.1.4", - "@radix-ui/react-progress": "^1.1.4", - "@radix-ui/react-radio-group": "1.2.2", - "@radix-ui/react-select": "2.1.4", - "@radix-ui/react-separator": "1.1.1", - "@radix-ui/react-slot": "1.1.1", - "@radix-ui/react-switch": "1.1.2", - "@radix-ui/react-tabs": "1.1.2", - "@radix-ui/react-toast": "1.2.4", - "@react-email/components": "0.0.36", - "@react-email/render": "^1.0.6", - "@react-email/tailwind": "1.0.4", + "@radix-ui/react-label": "2.1.7", + "@radix-ui/react-popover": "1.1.15", + "@radix-ui/react-progress": "^1.1.7", + "@radix-ui/react-radio-group": "1.3.8", + "@radix-ui/react-scroll-area": "^1.2.10", + "@radix-ui/react-select": "2.2.6", + "@radix-ui/react-separator": "1.1.7", + "@radix-ui/react-slot": "1.2.3", + "@radix-ui/react-switch": "1.2.6", + "@radix-ui/react-tabs": "1.1.13", + "@radix-ui/react-toast": "1.2.15", + "@radix-ui/react-tooltip": "^1.2.8", + "@react-email/components": "0.5.0", + "@react-email/render": "^1.2.0", + "@react-email/tailwind": "1.2.2", + "@simplewebauthn/browser": "^13.1.0", + "@simplewebauthn/server": "^9.0.3", "@tailwindcss/forms": "^0.5.10", - "@tanstack/react-table": "8.20.6", - "arctic": "^3.6.0", - "axios": "1.8.4", + "@tanstack/react-table": "8.21.3", + "arctic": "^3.7.0", + "axios": "1.11.0", "better-sqlite3": "11.7.0", "canvas-confetti": "1.9.3", - "class-variance-authority": "0.7.1", + "class-variance-authority": "^0.7.1", "clsx": "2.1.1", - "cmdk": "1.0.4", + "cmdk": "1.1.1", "cookie": "^1.0.2", "cookie-parser": "1.4.7", "cookies": "^0.9.1", "cors": "2.8.5", "crypto-js": "^4.2.0", - "drizzle-orm": "0.38.3", - "eslint": "9.17.0", - "eslint-config-next": "15.1.3", - "express": "4.21.2", - "express-rate-limit": "7.5.0", - "glob": "11.0.0", - "helmet": "8.0.0", + "drizzle-orm": "0.44.4", + "eslint": "9.33.0", + "eslint-config-next": "15.4.6", + "express": "5.1.0", + "express-rate-limit": "8.0.1", + "glob": "11.0.3", + "helmet": "8.1.0", "http-errors": "2.0.0", "i": "^0.3.7", - "input-otp": "1.4.1", + "input-otp": "1.4.2", "jmespath": "^0.16.0", "js-yaml": "4.1.0", "jsonwebtoken": "^9.0.2", - "lucide-react": "0.469.0", + "lucide-react": "0.539.0", "moment": "2.30.1", - "next": "15.2.4", - "next-themes": "0.4.4", + "next": "15.4.6", + "next-intl": "^4.3.4", + "next-themes": "0.4.6", "node-cache": "5.1.2", "node-fetch": "3.3.2", - "nodemailer": "6.9.16", - "npm": "^11.2.0", + "nodemailer": "7.0.5", + "npm": "^11.5.2", "oslo": "1.2.1", + "pg": "^8.16.2", "qrcode.react": "4.2.0", - "react": "19.0.0", - "react-dom": "19.0.0", + "react": "19.1.1", + "react-dom": "19.1.1", "react-easy-sort": "^1.6.0", - "react-hook-form": "7.54.2", + "react-hook-form": "7.62.0", "react-icons": "^5.5.0", "rebuild": "0.1.2", - "semver": "7.6.3", + "semver": "^7.7.2", + "source-map-support": "0.5.21", "swagger-ui-express": "^5.0.1", - "tailwind-merge": "2.6.0", - "tw-animate-css": "^1.2.5", + "tailwind-merge": "3.3.1", + "tw-animate-css": "^1.3.7", "uuid": "^11.1.0", "vaul": "1.1.2", "winston": "3.17.0", "winston-daily-rotate-file": "5.0.0", - "ws": "8.18.0", - "zod": "3.24.1", - "zod-validation-error": "3.4.0" + "ws": "8.18.3", + "yargs": "18.0.0", + "zod": "3.25.76", + "zod-validation-error": "3.5.2" }, "devDependencies": { - "@dotenvx/dotenvx": "1.32.0", + "@dotenvx/dotenvx": "1.49.0", "@esbuild-plugins/tsconfig-paths": "0.1.2", - "@tailwindcss/postcss": "^4.1.3", + "@tailwindcss/postcss": "^4.1.12", "@types/better-sqlite3": "7.6.12", - "@types/cookie-parser": "1.4.8", - "@types/cors": "2.8.17", + "@types/cookie-parser": "1.4.9", + "@types/cors": "2.8.19", "@types/crypto-js": "^4.2.2", - "@types/express": "5.0.0", + "@types/express": "5.0.3", + "@types/express-session": "^1.18.2", "@types/jmespath": "^0.15.2", "@types/js-yaml": "4.0.9", - "@types/jsonwebtoken": "^9.0.9", - "@types/node": "^22", + "@types/jsonwebtoken": "^9.0.10", + "@types/node": "^24", "@types/nodemailer": "6.4.17", - "@types/react": "19.1.1", - "@types/react-dom": "19.1.2", - "@types/semver": "7.5.8", + "@types/pg": "8.15.5", + "@types/react": "19.1.12", + "@types/react-dom": "19.1.9", + "@types/semver": "^7.7.0", "@types/swagger-ui-express": "^4.1.8", - "@types/ws": "8.5.13", + "@types/ws": "8.18.1", "@types/yargs": "17.0.33", - "drizzle-kit": "0.30.6", - "esbuild": "0.25.2", + "drizzle-kit": "0.31.4", + "esbuild": "0.25.9", "esbuild-node-externals": "1.18.0", "postcss": "^8", - "react-email": "4.0.6", + "react-email": "4.2.8", "tailwindcss": "^4.1.4", - "tsc-alias": "1.8.10", - "tsx": "4.19.3", + "tsc-alias": "1.8.16", + "tsx": "4.20.5", "typescript": "^5", - "yargs": "17.7.2" + "typescript-eslint": "^8.40.0" } }, "node_modules/@alloc/quick-lru": { @@ -134,9 +144,9 @@ } }, "node_modules/@asteasolutions/zod-to-openapi": { - "version": "7.3.0", - "resolved": "https://registry.npmjs.org/@asteasolutions/zod-to-openapi/-/zod-to-openapi-7.3.0.tgz", - "integrity": "sha512-7tE/r1gXwMIvGnXVUdIqUhCU1RevEFC4Jk6Bussa0fk1ecbnnINkZzj1EOAJyE/M3AI25DnHT/zKQL1/FPFi8Q==", + "version": "7.3.4", + "resolved": "https://registry.npmjs.org/@asteasolutions/zod-to-openapi/-/zod-to-openapi-7.3.4.tgz", + "integrity": "sha512-/2rThQ5zPi9OzVwes6U7lK1+Yvug0iXu25olp7S0XsYmOqnyMfxH7gdSQjn/+DSOHRg7wnotwGJSyL+fBKdnEA==", "license": "MIT", "dependencies": { "openapi3-ts": "^4.1.2" @@ -146,57 +156,51 @@ } }, "node_modules/@babel/code-frame": { - "version": "7.26.2", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.26.2.tgz", - "integrity": "sha512-RJlIHRueQgwWitWgF8OdFYGZX328Ax5BCemNGlqHfplnRT9ESi8JkFlvaVYbS+UubVY6dpv87Fs2u5M29iNFVQ==", + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", + "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-validator-identifier": "^7.25.9", + "@babel/helper-validator-identifier": "^7.27.1", "js-tokens": "^4.0.0", - "picocolors": "^1.0.0" + "picocolors": "^1.1.1" }, "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/generator": { - "version": "7.27.0", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.27.0.tgz", - "integrity": "sha512-VybsKvpiN1gU1sdMZIp7FcqphVVKEwcuj02x73uvcHE0PTihx1nlBcowYWhDwjpoAXRv43+gDzyggGnn1XZhVw==", + "version": "7.28.0", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.28.0.tgz", + "integrity": "sha512-lJjzvrbEeWrhB4P3QBsH7tey117PjLZnDbLiQEKjQ/fNJTjuq4HSqgFA+UNSwZT8D7dxxbnuSBMsa1lrWzKlQg==", "dev": true, "license": "MIT", "dependencies": { - "@babel/parser": "^7.27.0", - "@babel/types": "^7.27.0", - "@jridgewell/gen-mapping": "^0.3.5", - "@jridgewell/trace-mapping": "^0.3.25", + "@babel/parser": "^7.28.0", + "@babel/types": "^7.28.0", + "@jridgewell/gen-mapping": "^0.3.12", + "@jridgewell/trace-mapping": "^0.3.28", "jsesc": "^3.0.2" }, "engines": { "node": ">=6.9.0" } }, - "node_modules/@babel/generator/node_modules/@babel/parser": { - "version": "7.27.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.27.0.tgz", - "integrity": "sha512-iaepho73/2Pz7w2eMS0Q5f83+0RKI7i4xmiYeBmDzfRVbQtTOG7Ts0S4HzJVsTMGI9keU8rNfuZr8DKfSt7Yyg==", + "node_modules/@babel/helper-globals": { + "version": "7.28.0", + "resolved": "https://registry.npmjs.org/@babel/helper-globals/-/helper-globals-7.28.0.tgz", + "integrity": "sha512-+W6cISkXFa1jXsDEdYA8HeevQT/FULhxzR99pxphltZcVaugps53THCeiWA8SguxxpSp3gKPiuYfSWopkLQ4hw==", "dev": true, "license": "MIT", - "dependencies": { - "@babel/types": "^7.27.0" - }, - "bin": { - "parser": "bin/babel-parser.js" - }, "engines": { - "node": ">=6.0.0" + "node": ">=6.9.0" } }, "node_modules/@babel/helper-string-parser": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.25.9.tgz", - "integrity": "sha512-4A/SCr/2KLd5jrtOMFzaKjVtAei3+2r/NChoBNoZ3EyP/+GlhoaEGoWOZUmFmoITP7zOJyHIMm+DYRd8o3PvHA==", + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz", + "integrity": "sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==", "dev": true, "license": "MIT", "engines": { @@ -204,9 +208,9 @@ } }, "node_modules/@babel/helper-validator-identifier": { - "version": "7.25.9", - "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.25.9.tgz", - "integrity": "sha512-Ed61U6XJc3CVRfkERJWDz4dJwKe7iLmmJsbOGu9wSloNSFttHV0I8g6UAgb7qnK5ly5bGLPd4oXZlxCdANBOWQ==", + "version": "7.27.1", + "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz", + "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==", "dev": true, "license": "MIT", "engines": { @@ -214,11 +218,14 @@ } }, "node_modules/@babel/parser": { - "version": "7.24.5", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.24.5.tgz", - "integrity": "sha512-EOv5IK8arwh3LI47dz1b0tKUb/1uhHAnHJOrjgtQMIpu1uXd9mlFrJg9IUgGUgZ41Ch0K8REPTYpO7B76b4vJg==", + "version": "7.28.0", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.28.0.tgz", + "integrity": "sha512-jVZGvOxOuNSsuQuLRTh13nU0AogFlw32w/MT+LV6D3sP5WdbW61E77RnkbaO2dUvmPAYrBDJXGn5gGS6tH4j8g==", "dev": true, "license": "MIT", + "dependencies": { + "@babel/types": "^7.28.0" + }, "bin": { "parser": "bin/babel-parser.js" }, @@ -227,90 +234,48 @@ } }, "node_modules/@babel/template": { - "version": "7.27.0", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.27.0.tgz", - "integrity": "sha512-2ncevenBqXI6qRMukPlXwHKHchC7RyMuu4xv5JBXRfOGVcTy1mXCD12qrp7Jsoxll1EV3+9sE4GugBVRjT2jFA==", + "version": "7.27.2", + "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.27.2.tgz", + "integrity": "sha512-LPDZ85aEJyYSd18/DkjNh4/y1ntkE5KwUHWTiqgRxruuZL2F1yuHligVHLvcHY2vMHXttKFpJn6LwfI7cw7ODw==", "dev": true, "license": "MIT", "dependencies": { - "@babel/code-frame": "^7.26.2", - "@babel/parser": "^7.27.0", - "@babel/types": "^7.27.0" + "@babel/code-frame": "^7.27.1", + "@babel/parser": "^7.27.2", + "@babel/types": "^7.27.1" }, "engines": { "node": ">=6.9.0" } }, - "node_modules/@babel/template/node_modules/@babel/parser": { - "version": "7.27.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.27.0.tgz", - "integrity": "sha512-iaepho73/2Pz7w2eMS0Q5f83+0RKI7i4xmiYeBmDzfRVbQtTOG7Ts0S4HzJVsTMGI9keU8rNfuZr8DKfSt7Yyg==", - "dev": true, - "license": "MIT", - "dependencies": { - "@babel/types": "^7.27.0" - }, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, "node_modules/@babel/traverse": { - "version": "7.25.6", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.25.6.tgz", - "integrity": "sha512-9Vrcx5ZW6UwK5tvqsj0nGpp/XzqthkT0dqIc9g1AdtygFToNtTF67XzYS//dm+SAK9cp3B9R4ZO/46p63SCjlQ==", + "version": "7.28.0", + "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.28.0.tgz", + "integrity": "sha512-mGe7UK5wWyh0bKRfupsUchrQGqvDbZDbKJw+kcRGSmdHVYrv+ltd0pnpDTVpiTqnaBru9iEvA8pz8W46v0Amwg==", "dev": true, "license": "MIT", "dependencies": { - "@babel/code-frame": "^7.24.7", - "@babel/generator": "^7.25.6", - "@babel/parser": "^7.25.6", - "@babel/template": "^7.25.0", - "@babel/types": "^7.25.6", - "debug": "^4.3.1", - "globals": "^11.1.0" + "@babel/code-frame": "^7.27.1", + "@babel/generator": "^7.28.0", + "@babel/helper-globals": "^7.28.0", + "@babel/parser": "^7.28.0", + "@babel/template": "^7.27.2", + "@babel/types": "^7.28.0", + "debug": "^4.3.1" }, "engines": { "node": ">=6.9.0" } }, - "node_modules/@babel/traverse/node_modules/@babel/parser": { - "version": "7.27.0", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.27.0.tgz", - "integrity": "sha512-iaepho73/2Pz7w2eMS0Q5f83+0RKI7i4xmiYeBmDzfRVbQtTOG7Ts0S4HzJVsTMGI9keU8rNfuZr8DKfSt7Yyg==", - "dev": true, - "license": "MIT", - "dependencies": { - "@babel/types": "^7.27.0" - }, - "bin": { - "parser": "bin/babel-parser.js" - }, - "engines": { - "node": ">=6.0.0" - } - }, - "node_modules/@babel/traverse/node_modules/globals": { - "version": "11.12.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-11.12.0.tgz", - "integrity": "sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=4" - } - }, "node_modules/@babel/types": { - "version": "7.27.0", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.27.0.tgz", - "integrity": "sha512-H45s8fVLYjbhFH62dIJ3WtmJ6RSPt/3DRO0ZcT2SUiYiQyz3BLVb9ADEnLl91m74aQPS3AzzeajZHYOalWe3bg==", + "version": "7.28.2", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.28.2.tgz", + "integrity": "sha512-ruv7Ae4J5dUYULmeXw1gmb7rYRz57OWCPM57pHojnLq/3Z1CK2lNSLTCVjxVk1F/TZHwOZZrOWi0ur95BbLxNQ==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-string-parser": "^7.25.9", - "@babel/helper-validator-identifier": "^7.25.9" + "@babel/helper-string-parser": "^7.27.1", + "@babel/helper-validator-identifier": "^7.27.1" }, "engines": { "node": ">=6.9.0" @@ -337,14 +302,14 @@ } }, "node_modules/@dotenvx/dotenvx": { - "version": "1.32.0", - "resolved": "https://registry.npmjs.org/@dotenvx/dotenvx/-/dotenvx-1.32.0.tgz", - "integrity": "sha512-oQaGYijYfQx6pY9D+FQ08gUOckF1R0RSVK7Jqk+Ma2RyeceoMIawQl1KoogRaJ12i0SmyVWhiGyQxDU01/k13g==", + "version": "1.49.0", + "resolved": "https://registry.npmjs.org/@dotenvx/dotenvx/-/dotenvx-1.49.0.tgz", + "integrity": "sha512-M1cyP6YstFQCjih54SAxCqHLMMi8QqV8tenpgGE48RTXWD7vfMYJiw/6xcCDpS2h28AcLpTsFCZA863Ge9yxzA==", "dev": true, "license": "BSD-3-Clause", "dependencies": { "commander": "^11.1.0", - "dotenv": "^16.4.5", + "dotenv": "^17.2.1", "eciesjs": "^0.4.10", "execa": "^5.1.1", "fdir": "^6.2.0", @@ -354,8 +319,7 @@ "which": "^4.0.0" }, "bin": { - "dotenvx": "src/cli/dotenvx.js", - "git-dotenvx": "src/cli/dotenvx.js" + "dotenvx": "src/cli/dotenvx.js" }, "funding": { "url": "https://dotenvx.com" @@ -369,9 +333,9 @@ "license": "Apache-2.0" }, "node_modules/@ecies/ciphers": { - "version": "0.2.2", - "resolved": "https://registry.npmjs.org/@ecies/ciphers/-/ciphers-0.2.2.tgz", - "integrity": "sha512-ylfGR7PyTd+Rm2PqQowG08BCKA22QuX8NzrL+LxAAvazN10DMwdJ2fWwAzRj05FI/M8vNFGm3cv9Wq/GFWCBLg==", + "version": "0.2.4", + "resolved": "https://registry.npmjs.org/@ecies/ciphers/-/ciphers-0.2.4.tgz", + "integrity": "sha512-t+iX+Wf5nRKyNzk8dviW3Ikb/280+aEJAnw9YXvCp2tYGPSkMki+NRY+8aNLmVFv3eNtMdvViPNOPxS8SZNP+w==", "dev": true, "license": "MIT", "engines": { @@ -384,19 +348,20 @@ } }, "node_modules/@emnapi/core": { - "version": "0.45.0", - "resolved": "https://registry.npmjs.org/@emnapi/core/-/core-0.45.0.tgz", - "integrity": "sha512-DPWjcUDQkCeEM4VnljEOEcXdAD7pp8zSZsgOujk/LGIwCXWbXJngin+MO4zbH429lzeC3WbYLGjE2MaUOwzpyw==", + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/@emnapi/core/-/core-1.4.5.tgz", + "integrity": "sha512-XsLw1dEOpkSX/WucdqUhPWP7hDxSvZiY+fsUC14h+FtQ2Ifni4znbBt8punRX+Uj2JG/uDb8nEHVKvrVlvdZ5Q==", "license": "MIT", "optional": true, "dependencies": { + "@emnapi/wasi-threads": "1.0.4", "tslib": "^2.4.0" } }, "node_modules/@emnapi/runtime": { - "version": "1.4.3", - "resolved": "https://registry.npmjs.org/@emnapi/runtime/-/runtime-1.4.3.tgz", - "integrity": "sha512-pBPWdu6MLKROBX05wSNKcNb++m5Er+KQ9QkB+WVM+pW2Kx9hoSrVTnu3BdkI5eBLZoKu/J6mW/B6i6bJB2ytXQ==", + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/@emnapi/runtime/-/runtime-1.4.5.tgz", + "integrity": "sha512-++LApOtY0pEEz1zrd9vy1/zXVaVJJ/EbAF3u0fXIzPJEDtnITsBGbbK0EkM72amhl/R5b+5xx0Y/QhcVOpuulg==", "license": "MIT", "optional": true, "dependencies": { @@ -404,9 +369,9 @@ } }, "node_modules/@emnapi/wasi-threads": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/@emnapi/wasi-threads/-/wasi-threads-1.0.2.tgz", - "integrity": "sha512-5n3nTJblwRi8LlXkJ9eBzu+kZR8Yxcc7ubakyQTFzPMtIhFpUBRbsnc2Dv88IZDIbCDlBiWrknhB4Lsz7mg6BA==", + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@emnapi/wasi-threads/-/wasi-threads-1.0.4.tgz", + "integrity": "sha512-PJR+bOmMOPH8AtcTGAyYNiuJ3/Fcoj2XN/gBEWzDIKh254XO+mM9XoXHk5GNEhodxeMznbg7BlRojVbKN+gC6g==", "license": "MIT", "optional": true, "dependencies": { @@ -866,9 +831,9 @@ } }, "node_modules/@esbuild/aix-ppc64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.2.tgz", - "integrity": "sha512-wCIboOL2yXZym2cgm6mlA742s9QeJ8DjGVaL39dLN4rRwrOgOyYSnOaFPhKZGLb2ngj4EyfAFjsNJwPXZvseag==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.9.tgz", + "integrity": "sha512-OaGtL73Jck6pBKjNIe24BnFE6agGl+6KxDtTfHhy1HmhthfKouEcOhqpSL64K4/0WCtbKFLOdzD/44cJ4k9opA==", "cpu": [ "ppc64" ], @@ -883,9 +848,9 @@ } }, "node_modules/@esbuild/android-arm": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.25.2.tgz", - "integrity": "sha512-NQhH7jFstVY5x8CKbcfa166GoV0EFkaPkCKBQkdPJFvo5u+nGXLEH/ooniLb3QI8Fk58YAx7nsPLozUWfCBOJA==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.25.9.tgz", + "integrity": "sha512-5WNI1DaMtxQ7t7B6xa572XMXpHAaI/9Hnhk8lcxF4zVN4xstUgTlvuGDorBguKEnZO70qwEcLpfifMLoxiPqHQ==", "cpu": [ "arm" ], @@ -900,9 +865,9 @@ } }, "node_modules/@esbuild/android-arm64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.25.2.tgz", - "integrity": "sha512-5ZAX5xOmTligeBaeNEPnPaeEuah53Id2tX4c2CVP3JaROTH+j4fnfHCkr1PjXMd78hMst+TlkfKcW/DlTq0i4w==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.25.9.tgz", + "integrity": "sha512-IDrddSmpSv51ftWslJMvl3Q2ZT98fUSL2/rlUXuVqRXHCs5EUF1/f+jbjF5+NG9UffUDMCiTyh8iec7u8RlTLg==", "cpu": [ "arm64" ], @@ -917,9 +882,9 @@ } }, "node_modules/@esbuild/android-x64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.25.2.tgz", - "integrity": "sha512-Ffcx+nnma8Sge4jzddPHCZVRvIfQ0kMsUsCMcJRHkGJ1cDmhe4SsrYIjLUKn1xpHZybmOqCWwB0zQvsjdEHtkg==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.25.9.tgz", + "integrity": "sha512-I853iMZ1hWZdNllhVZKm34f4wErd4lMyeV7BLzEExGEIZYsOzqDWDf+y082izYUE8gtJnYHdeDpN/6tUdwvfiw==", "cpu": [ "x64" ], @@ -934,9 +899,9 @@ } }, "node_modules/@esbuild/darwin-arm64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.25.2.tgz", - "integrity": "sha512-MpM6LUVTXAzOvN4KbjzU/q5smzryuoNjlriAIx+06RpecwCkL9JpenNzpKd2YMzLJFOdPqBpuub6eVRP5IgiSA==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.25.9.tgz", + "integrity": "sha512-XIpIDMAjOELi/9PB30vEbVMs3GV1v2zkkPnuyRRURbhqjyzIINwj+nbQATh4H9GxUgH1kFsEyQMxwiLFKUS6Rg==", "cpu": [ "arm64" ], @@ -951,9 +916,9 @@ } }, "node_modules/@esbuild/darwin-x64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.25.2.tgz", - "integrity": "sha512-5eRPrTX7wFyuWe8FqEFPG2cU0+butQQVNcT4sVipqjLYQjjh8a8+vUTfgBKM88ObB85ahsnTwF7PSIt6PG+QkA==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.25.9.tgz", + "integrity": "sha512-jhHfBzjYTA1IQu8VyrjCX4ApJDnH+ez+IYVEoJHeqJm9VhG9Dh2BYaJritkYK3vMaXrf7Ogr/0MQ8/MeIefsPQ==", "cpu": [ "x64" ], @@ -968,9 +933,9 @@ } }, "node_modules/@esbuild/freebsd-arm64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.2.tgz", - "integrity": "sha512-mLwm4vXKiQ2UTSX4+ImyiPdiHjiZhIaE9QvC7sw0tZ6HoNMjYAqQpGyui5VRIi5sGd+uWq940gdCbY3VLvsO1w==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.9.tgz", + "integrity": "sha512-z93DmbnY6fX9+KdD4Ue/H6sYs+bhFQJNCPZsi4XWJoYblUqT06MQUdBCpcSfuiN72AbqeBFu5LVQTjfXDE2A6Q==", "cpu": [ "arm64" ], @@ -985,9 +950,9 @@ } }, "node_modules/@esbuild/freebsd-x64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.25.2.tgz", - "integrity": "sha512-6qyyn6TjayJSwGpm8J9QYYGQcRgc90nmfdUb0O7pp1s4lTY+9D0H9O02v5JqGApUyiHOtkz6+1hZNvNtEhbwRQ==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.25.9.tgz", + "integrity": "sha512-mrKX6H/vOyo5v71YfXWJxLVxgy1kyt1MQaD8wZJgJfG4gq4DpQGpgTB74e5yBeQdyMTbgxp0YtNj7NuHN0PoZg==", "cpu": [ "x64" ], @@ -1002,9 +967,9 @@ } }, "node_modules/@esbuild/linux-arm": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.25.2.tgz", - "integrity": "sha512-UHBRgJcmjJv5oeQF8EpTRZs/1knq6loLxTsjc3nxO9eXAPDLcWW55flrMVc97qFPbmZP31ta1AZVUKQzKTzb0g==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.25.9.tgz", + "integrity": "sha512-HBU2Xv78SMgaydBmdor38lg8YDnFKSARg1Q6AT0/y2ezUAKiZvc211RDFHlEZRFNRVhcMamiToo7bDx3VEOYQw==", "cpu": [ "arm" ], @@ -1019,9 +984,9 @@ } }, "node_modules/@esbuild/linux-arm64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.25.2.tgz", - "integrity": "sha512-gq/sjLsOyMT19I8obBISvhoYiZIAaGF8JpeXu1u8yPv8BE5HlWYobmlsfijFIZ9hIVGYkbdFhEqC0NvM4kNO0g==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.25.9.tgz", + "integrity": "sha512-BlB7bIcLT3G26urh5Dmse7fiLmLXnRlopw4s8DalgZ8ef79Jj4aUcYbk90g8iCa2467HX8SAIidbL7gsqXHdRw==", "cpu": [ "arm64" ], @@ -1036,9 +1001,9 @@ } }, "node_modules/@esbuild/linux-ia32": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.25.2.tgz", - "integrity": "sha512-bBYCv9obgW2cBP+2ZWfjYTU+f5cxRoGGQ5SeDbYdFCAZpYWrfjjfYwvUpP8MlKbP0nwZ5gyOU/0aUzZ5HWPuvQ==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.25.9.tgz", + "integrity": "sha512-e7S3MOJPZGp2QW6AK6+Ly81rC7oOSerQ+P8L0ta4FhVi+/j/v2yZzx5CqqDaWjtPFfYz21Vi1S0auHrap3Ma3A==", "cpu": [ "ia32" ], @@ -1053,9 +1018,9 @@ } }, "node_modules/@esbuild/linux-loong64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.25.2.tgz", - "integrity": "sha512-SHNGiKtvnU2dBlM5D8CXRFdd+6etgZ9dXfaPCeJtz+37PIUlixvlIhI23L5khKXs3DIzAn9V8v+qb1TRKrgT5w==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.25.9.tgz", + "integrity": "sha512-Sbe10Bnn0oUAB2AalYztvGcK+o6YFFA/9829PhOCUS9vkJElXGdphz0A3DbMdP8gmKkqPmPcMJmJOrI3VYB1JQ==", "cpu": [ "loong64" ], @@ -1070,9 +1035,9 @@ } }, "node_modules/@esbuild/linux-mips64el": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.25.2.tgz", - "integrity": "sha512-hDDRlzE6rPeoj+5fsADqdUZl1OzqDYow4TB4Y/3PlKBD0ph1e6uPHzIQcv2Z65u2K0kpeByIyAjCmjn1hJgG0Q==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.25.9.tgz", + "integrity": "sha512-YcM5br0mVyZw2jcQeLIkhWtKPeVfAerES5PvOzaDxVtIyZ2NUBZKNLjC5z3/fUlDgT6w89VsxP2qzNipOaaDyA==", "cpu": [ "mips64el" ], @@ -1087,9 +1052,9 @@ } }, "node_modules/@esbuild/linux-ppc64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.25.2.tgz", - "integrity": "sha512-tsHu2RRSWzipmUi9UBDEzc0nLc4HtpZEI5Ba+Omms5456x5WaNuiG3u7xh5AO6sipnJ9r4cRWQB2tUjPyIkc6g==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.25.9.tgz", + "integrity": "sha512-++0HQvasdo20JytyDpFvQtNrEsAgNG2CY1CLMwGXfFTKGBGQT3bOeLSYE2l1fYdvML5KUuwn9Z8L1EWe2tzs1w==", "cpu": [ "ppc64" ], @@ -1104,9 +1069,9 @@ } }, "node_modules/@esbuild/linux-riscv64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.25.2.tgz", - "integrity": "sha512-k4LtpgV7NJQOml/10uPU0s4SAXGnowi5qBSjaLWMojNCUICNu7TshqHLAEbkBdAszL5TabfvQ48kK84hyFzjnw==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.25.9.tgz", + "integrity": "sha512-uNIBa279Y3fkjV+2cUjx36xkx7eSjb8IvnL01eXUKXez/CBHNRw5ekCGMPM0BcmqBxBcdgUWuUXmVWwm4CH9kg==", "cpu": [ "riscv64" ], @@ -1121,9 +1086,9 @@ } }, "node_modules/@esbuild/linux-s390x": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.25.2.tgz", - "integrity": "sha512-GRa4IshOdvKY7M/rDpRR3gkiTNp34M0eLTaC1a08gNrh4u488aPhuZOCpkF6+2wl3zAN7L7XIpOFBhnaE3/Q8Q==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.25.9.tgz", + "integrity": "sha512-Mfiphvp3MjC/lctb+7D287Xw1DGzqJPb/J2aHHcHxflUo+8tmN/6d4k6I2yFR7BVo5/g7x2Monq4+Yew0EHRIA==", "cpu": [ "s390x" ], @@ -1138,9 +1103,9 @@ } }, "node_modules/@esbuild/linux-x64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.25.2.tgz", - "integrity": "sha512-QInHERlqpTTZ4FRB0fROQWXcYRD64lAoiegezDunLpalZMjcUcld3YzZmVJ2H/Cp0wJRZ8Xtjtj0cEHhYc/uUg==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.25.9.tgz", + "integrity": "sha512-iSwByxzRe48YVkmpbgoxVzn76BXjlYFXC7NvLYq+b+kDjyyk30J0JY47DIn8z1MO3K0oSl9fZoRmZPQI4Hklzg==", "cpu": [ "x64" ], @@ -1155,9 +1120,9 @@ } }, "node_modules/@esbuild/netbsd-arm64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.2.tgz", - "integrity": "sha512-talAIBoY5M8vHc6EeI2WW9d/CkiO9MQJ0IOWX8hrLhxGbro/vBXJvaQXefW2cP0z0nQVTdQ/eNyGFV1GSKrxfw==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.9.tgz", + "integrity": "sha512-9jNJl6FqaUG+COdQMjSCGW4QiMHH88xWbvZ+kRVblZsWrkXlABuGdFJ1E9L7HK+T0Yqd4akKNa/lO0+jDxQD4Q==", "cpu": [ "arm64" ], @@ -1172,9 +1137,9 @@ } }, "node_modules/@esbuild/netbsd-x64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.25.2.tgz", - "integrity": "sha512-voZT9Z+tpOxrvfKFyfDYPc4DO4rk06qamv1a/fkuzHpiVBMOhpjK+vBmWM8J1eiB3OLSMFYNaOaBNLXGChf5tg==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.25.9.tgz", + "integrity": "sha512-RLLdkflmqRG8KanPGOU7Rpg829ZHu8nFy5Pqdi9U01VYtG9Y0zOG6Vr2z4/S+/3zIyOxiK6cCeYNWOFR9QP87g==", "cpu": [ "x64" ], @@ -1189,9 +1154,9 @@ } }, "node_modules/@esbuild/openbsd-arm64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.2.tgz", - "integrity": "sha512-dcXYOC6NXOqcykeDlwId9kB6OkPUxOEqU+rkrYVqJbK2hagWOMrsTGsMr8+rW02M+d5Op5NNlgMmjzecaRf7Tg==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.9.tgz", + "integrity": "sha512-YaFBlPGeDasft5IIM+CQAhJAqS3St3nJzDEgsgFixcfZeyGPCd6eJBWzke5piZuZ7CtL656eOSYKk4Ls2C0FRQ==", "cpu": [ "arm64" ], @@ -1206,9 +1171,9 @@ } }, "node_modules/@esbuild/openbsd-x64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.25.2.tgz", - "integrity": "sha512-t/TkWwahkH0Tsgoq1Ju7QfgGhArkGLkF1uYz8nQS/PPFlXbP5YgRpqQR3ARRiC2iXoLTWFxc6DJMSK10dVXluw==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.25.9.tgz", + "integrity": "sha512-1MkgTCuvMGWuqVtAvkpkXFmtL8XhWy+j4jaSO2wxfJtilVCi0ZE37b8uOdMItIHz4I6z1bWWtEX4CJwcKYLcuA==", "cpu": [ "x64" ], @@ -1222,10 +1187,27 @@ "node": ">=18" } }, + "node_modules/@esbuild/openharmony-arm64": { + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.25.9.tgz", + "integrity": "sha512-4Xd0xNiMVXKh6Fa7HEJQbrpP3m3DDn43jKxMjxLLRjWnRsfxjORYJlXPO4JNcXtOyfajXorRKY9NkOpTHptErg==", + "cpu": [ + "arm64" + ], + "dev": true, + "license": "MIT", + "optional": true, + "os": [ + "openharmony" + ], + "engines": { + "node": ">=18" + } + }, "node_modules/@esbuild/sunos-x64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.25.2.tgz", - "integrity": "sha512-cfZH1co2+imVdWCjd+D1gf9NjkchVhhdpgb1q5y6Hcv9TP6Zi9ZG/beI3ig8TvwT9lH9dlxLq5MQBBgwuj4xvA==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.25.9.tgz", + "integrity": "sha512-WjH4s6hzo00nNezhp3wFIAfmGZ8U7KtrJNlFMRKxiI9mxEK1scOMAaa9i4crUtu+tBr+0IN6JCuAcSBJZfnphw==", "cpu": [ "x64" ], @@ -1240,9 +1222,9 @@ } }, "node_modules/@esbuild/win32-arm64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.25.2.tgz", - "integrity": "sha512-7Loyjh+D/Nx/sOTzV8vfbB3GJuHdOQyrOryFdZvPHLf42Tk9ivBU5Aedi7iyX+x6rbn2Mh68T4qq1SDqJBQO5Q==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.25.9.tgz", + "integrity": "sha512-mGFrVJHmZiRqmP8xFOc6b84/7xa5y5YvR1x8djzXpJBSv/UsNK6aqec+6JDjConTgvvQefdGhFDAs2DLAds6gQ==", "cpu": [ "arm64" ], @@ -1257,9 +1239,9 @@ } }, "node_modules/@esbuild/win32-ia32": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.25.2.tgz", - "integrity": "sha512-WRJgsz9un0nqZJ4MfhabxaD9Ft8KioqU3JMinOTvobbX6MOSUigSBlogP8QB3uxpJDsFS6yN+3FDBdqE5lg9kg==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.25.9.tgz", + "integrity": "sha512-b33gLVU2k11nVx1OhX3C8QQP6UHQK4ZtN56oFWvVXvz2VkDoe6fbG8TOgHFxEvqeqohmRnIHe5A1+HADk4OQww==", "cpu": [ "ia32" ], @@ -1274,9 +1256,9 @@ } }, "node_modules/@esbuild/win32-x64": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.25.2.tgz", - "integrity": "sha512-kM3HKb16VIXZyIeVrM1ygYmZBKybX8N4p754bw390wGO3Tf2j4L2/WYL+4suWujpgf6GBYs3jv7TyUivdd05JA==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.25.9.tgz", + "integrity": "sha512-PPOl1mi6lpLNQxnGoyAfschAodRFYXJ+9fs6WHXz7CSWKbOqiMZsubC+BQsVKuul+3vKLuwTHsS2c2y9EoKwxQ==", "cpu": [ "x64" ], @@ -1291,9 +1273,9 @@ } }, "node_modules/@eslint-community/eslint-utils": { - "version": "4.4.1", - "resolved": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.4.1.tgz", - "integrity": "sha512-s3O3waFUrMV8P/XaF/+ZTp1X9XBZW1a4B97ZnjQF2KYWaFD2A8KyFBsrsfSjEmjn3RGWAIuvlneuZm3CUK3jbA==", + "version": "4.7.0", + "resolved": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.7.0.tgz", + "integrity": "sha512-dyybb3AcajC7uha6CvhdVRJqaKyn7w2YKqKyAN37NKYgZT36w+iRb0Dymmc5qEJ549c/S31cMMSFd75bteCpCw==", "license": "MIT", "dependencies": { "eslint-visitor-keys": "^3.4.3" @@ -1330,12 +1312,12 @@ } }, "node_modules/@eslint/config-array": { - "version": "0.19.1", - "resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.19.1.tgz", - "integrity": "sha512-fo6Mtm5mWyKjA/Chy1BYTdn5mGJoDNjC7C64ug20ADsRDGrA85bN3uK3MaKbeRkRuuIEAR5N33Jr1pbm411/PA==", + "version": "0.21.0", + "resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.21.0.tgz", + "integrity": "sha512-ENIdc4iLu0d93HeYirvKmrzshzofPw6VkZRKQGe9Nv46ZnWUzcF1xV01dcvEg/1wXUR61OmmlSfyeyO7EvjLxQ==", "license": "Apache-2.0", "dependencies": { - "@eslint/object-schema": "^2.1.5", + "@eslint/object-schema": "^2.1.6", "debug": "^4.3.1", "minimatch": "^3.1.2" }, @@ -1343,10 +1325,19 @@ "node": "^18.18.0 || ^20.9.0 || >=21.1.0" } }, + "node_modules/@eslint/config-helpers": { + "version": "0.3.1", + "resolved": "https://registry.npmjs.org/@eslint/config-helpers/-/config-helpers-0.3.1.tgz", + "integrity": "sha512-xR93k9WhrDYpXHORXpxVL5oHj3Era7wo6k/Wd8/IsQNnZUTzkGS29lyn3nAT05v6ltUuTFVCCYDEGfy2Or/sPA==", + "license": "Apache-2.0", + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + } + }, "node_modules/@eslint/core": { - "version": "0.9.1", - "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.9.1.tgz", - "integrity": "sha512-GuUdqkyyzQI5RMIWkHhvTWLCyLo1jNK3vzkSyaExH5kHPDHcuL2VOpHjmMY+y3+NC69qAKToBqldTBgYeLSr9Q==", + "version": "0.15.2", + "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.15.2.tgz", + "integrity": "sha512-78Md3/Rrxh83gCxoUc0EiciuOHsIITzLy53m3d9UyiW8y9Dj2D29FeETqyKA+BRK76tnTp6RXWb3pCay8Oyomg==", "license": "Apache-2.0", "dependencies": { "@types/json-schema": "^7.0.15" @@ -1356,9 +1347,9 @@ } }, "node_modules/@eslint/eslintrc": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.2.0.tgz", - "integrity": "sha512-grOjVNN8P3hjJn/eIETF1wwd12DdnwFDoyceUJLYYdkpbwq3nLi+4fqrTAONx7XDALqlL220wC/RHSC/QTI/0w==", + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.3.1.tgz", + "integrity": "sha512-gtF186CXhIl1p4pJNGZw8Yc6RlshoePRvE0X91oPGb3vZ8pM3qOS9W9NGPat9LziaBV7XrJWGylNQXkGcnM3IQ==", "license": "MIT", "dependencies": { "ajv": "^6.12.4", @@ -1379,74 +1370,65 @@ } }, "node_modules/@eslint/js": { - "version": "9.17.0", - "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.17.0.tgz", - "integrity": "sha512-Sxc4hqcs1kTu0iID3kcZDW3JHq2a77HO9P8CP6YEA/FpH3Ll8UXE2r/86Rz9YJLKme39S9vU5OWNjC6Xl0Cr3w==", + "version": "9.33.0", + "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.33.0.tgz", + "integrity": "sha512-5K1/mKhWaMfreBGJTwval43JJmkip0RmM+3+IuqupeSKNC/Th2Kc7ucaq5ovTSra/OOKB9c58CGSz3QMVbWt0A==", "license": "MIT", "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + }, + "funding": { + "url": "https://eslint.org/donate" } }, "node_modules/@eslint/object-schema": { - "version": "2.1.5", - "resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.5.tgz", - "integrity": "sha512-o0bhxnL89h5Bae5T318nFoFzGy+YE5i/gGkoPAgkmTVdRKTiv3p8JHevPiPaMwoloKfEiiaHlawCqaZMqRm+XQ==", + "version": "2.1.6", + "resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.6.tgz", + "integrity": "sha512-RBMg5FRL0I0gs51M/guSAj5/e14VQ4tpZnQNWwuDT66P14I43ItmPfIZRhO9fUVIPOAQXU47atlywZ/czoqFPA==", "license": "Apache-2.0", "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" } }, "node_modules/@eslint/plugin-kit": { - "version": "0.2.5", - "resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.2.5.tgz", - "integrity": "sha512-lB05FkqEdUg2AA0xEbUz0SnkXT1LcCTa438W4IWTUh4hdOnVbQyOJ81OrDXsJk/LSiJHubgGEFoR5EHq1NsH1A==", + "version": "0.3.5", + "resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.3.5.tgz", + "integrity": "sha512-Z5kJ+wU3oA7MMIqVR9tyZRtjYPr4OC004Q4Rw7pgOKUOKkJfZ3O24nz3WYfGRpMDNmcOi3TwQOmgm7B7Tpii0w==", "license": "Apache-2.0", "dependencies": { - "@eslint/core": "^0.10.0", + "@eslint/core": "^0.15.2", "levn": "^0.4.1" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" } }, - "node_modules/@eslint/plugin-kit/node_modules/@eslint/core": { - "version": "0.10.0", - "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.10.0.tgz", - "integrity": "sha512-gFHJ+xBOo4G3WRlR1e/3G8A6/KZAH6zcE/hkLRCZTi/B9avAG365QhFA8uOGzTMqgTghpn7/fSnscW++dpMSAw==", - "license": "Apache-2.0", - "dependencies": { - "@types/json-schema": "^7.0.15" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - } - }, "node_modules/@floating-ui/core": { - "version": "1.6.9", - "resolved": "https://registry.npmjs.org/@floating-ui/core/-/core-1.6.9.tgz", - "integrity": "sha512-uMXCuQ3BItDUbAMhIXw7UPXRfAlOAvZzdK9BWpE60MCn+Svt3aLn9jsPTi/WNGlRUu2uI0v5S7JiIUsbsvh3fw==", + "version": "1.7.3", + "resolved": "https://registry.npmjs.org/@floating-ui/core/-/core-1.7.3.tgz", + "integrity": "sha512-sGnvb5dmrJaKEZ+LDIpguvdX3bDlEllmv4/ClQ9awcmCZrlx5jQyyMWFM5kBI+EyNOCDDiKk8il0zeuX3Zlg/w==", "license": "MIT", "dependencies": { - "@floating-ui/utils": "^0.2.9" + "@floating-ui/utils": "^0.2.10" } }, "node_modules/@floating-ui/dom": { - "version": "1.6.13", - "resolved": "https://registry.npmjs.org/@floating-ui/dom/-/dom-1.6.13.tgz", - "integrity": "sha512-umqzocjDgNRGTuO7Q8CU32dkHkECqI8ZdMZ5Swb6QAM0t5rnlrN3lGo1hdpscRd3WS8T6DKYK4ephgIH9iRh3w==", + "version": "1.7.3", + "resolved": "https://registry.npmjs.org/@floating-ui/dom/-/dom-1.7.3.tgz", + "integrity": "sha512-uZA413QEpNuhtb3/iIKoYMSK07keHPYeXF02Zhd6e213j+d1NamLix/mCLxBUDW/Gx52sPH2m+chlUsyaBs/Ag==", "license": "MIT", "dependencies": { - "@floating-ui/core": "^1.6.0", - "@floating-ui/utils": "^0.2.9" + "@floating-ui/core": "^1.7.3", + "@floating-ui/utils": "^0.2.10" } }, "node_modules/@floating-ui/react-dom": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/@floating-ui/react-dom/-/react-dom-2.1.2.tgz", - "integrity": "sha512-06okr5cgPzMNBy+Ycse2A6udMi4bqwW/zgBF/rwjcNqWkyr82Mcg8b0vjX8OJpZFy/FKjJmw6wV7t44kK6kW7A==", + "version": "2.1.5", + "resolved": "https://registry.npmjs.org/@floating-ui/react-dom/-/react-dom-2.1.5.tgz", + "integrity": "sha512-HDO/1/1oH9fjj4eLgegrlH3dklZpHtUYYFiVwMUwfGvk9jWDRWqkklA2/NFScknrcNSspbV868WjXORvreDX+Q==", "license": "MIT", "dependencies": { - "@floating-ui/dom": "^1.0.0" + "@floating-ui/dom": "^1.7.3" }, "peerDependencies": { "react": ">=16.8.0", @@ -1454,9 +1436,75 @@ } }, "node_modules/@floating-ui/utils": { - "version": "0.2.9", - "resolved": "https://registry.npmjs.org/@floating-ui/utils/-/utils-0.2.9.tgz", - "integrity": "sha512-MDWhGtE+eHw5JW7lq4qhc5yRLS11ERl1c7Z6Xd0a58DozHES6EnNNwUWbMiG4J9Cgj053Bhk8zvlhFYKVhULwg==", + "version": "0.2.10", + "resolved": "https://registry.npmjs.org/@floating-ui/utils/-/utils-0.2.10.tgz", + "integrity": "sha512-aGTxbpbg8/b5JfU1HXSrbH3wXZuLPJcNEcZQFMxLs3oSzgtVu6nFPkbbGGUvBcUjKV2YyB9Wxxabo+HEH9tcRQ==", + "license": "MIT" + }, + "node_modules/@formatjs/ecma402-abstract": { + "version": "2.3.4", + "resolved": "https://registry.npmjs.org/@formatjs/ecma402-abstract/-/ecma402-abstract-2.3.4.tgz", + "integrity": "sha512-qrycXDeaORzIqNhBOx0btnhpD1c+/qFIHAN9znofuMJX6QBwtbrmlpWfD4oiUUD2vJUOIYFA/gYtg2KAMGG7sA==", + "license": "MIT", + "dependencies": { + "@formatjs/fast-memoize": "2.2.7", + "@formatjs/intl-localematcher": "0.6.1", + "decimal.js": "^10.4.3", + "tslib": "^2.8.0" + } + }, + "node_modules/@formatjs/ecma402-abstract/node_modules/@formatjs/intl-localematcher": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/@formatjs/intl-localematcher/-/intl-localematcher-0.6.1.tgz", + "integrity": "sha512-ePEgLgVCqi2BBFnTMWPfIghu6FkbZnnBVhO2sSxvLfrdFw7wCHAHiDoM2h4NRgjbaY7+B7HgOLZGkK187pZTZg==", + "license": "MIT", + "dependencies": { + "tslib": "^2.8.0" + } + }, + "node_modules/@formatjs/fast-memoize": { + "version": "2.2.7", + "resolved": "https://registry.npmjs.org/@formatjs/fast-memoize/-/fast-memoize-2.2.7.tgz", + "integrity": "sha512-Yabmi9nSvyOMrlSeGGWDiH7rf3a7sIwplbvo/dlz9WCIjzIQAfy1RMf4S0X3yG724n5Ghu2GmEl5NJIV6O9sZQ==", + "license": "MIT", + "dependencies": { + "tslib": "^2.8.0" + } + }, + "node_modules/@formatjs/icu-messageformat-parser": { + "version": "2.11.2", + "resolved": "https://registry.npmjs.org/@formatjs/icu-messageformat-parser/-/icu-messageformat-parser-2.11.2.tgz", + "integrity": "sha512-AfiMi5NOSo2TQImsYAg8UYddsNJ/vUEv/HaNqiFjnI3ZFfWihUtD5QtuX6kHl8+H+d3qvnE/3HZrfzgdWpsLNA==", + "license": "MIT", + "dependencies": { + "@formatjs/ecma402-abstract": "2.3.4", + "@formatjs/icu-skeleton-parser": "1.8.14", + "tslib": "^2.8.0" + } + }, + "node_modules/@formatjs/icu-skeleton-parser": { + "version": "1.8.14", + "resolved": "https://registry.npmjs.org/@formatjs/icu-skeleton-parser/-/icu-skeleton-parser-1.8.14.tgz", + "integrity": "sha512-i4q4V4qslThK4Ig8SxyD76cp3+QJ3sAqr7f6q9VVfeGtxG9OhiAk3y9XF6Q41OymsKzsGQ6OQQoJNY4/lI8TcQ==", + "license": "MIT", + "dependencies": { + "@formatjs/ecma402-abstract": "2.3.4", + "tslib": "^2.8.0" + } + }, + "node_modules/@formatjs/intl-localematcher": { + "version": "0.5.10", + "resolved": "https://registry.npmjs.org/@formatjs/intl-localematcher/-/intl-localematcher-0.5.10.tgz", + "integrity": "sha512-af3qATX+m4Rnd9+wHcjJ4w2ijq+rAVP3CCinJQvFv1kgSu1W6jypUmvleJxcewdxmutM8dmIRZFxO/IQBZmP2Q==", + "license": "MIT", + "dependencies": { + "tslib": "2" + } + }, + "node_modules/@hexagon/base64": { + "version": "1.1.28", + "resolved": "https://registry.npmjs.org/@hexagon/base64/-/base64-1.1.28.tgz", + "integrity": "sha512-lhqDEAvWixy3bZ+UOYbPwUbBkwBq5C1LAJ/xPC8Oi+lL54oyakv/npbA0aU2hgCsx/1NUd4IBvV03+aUBWxerw==", "license": "MIT" }, "node_modules/@hookform/resolvers": { @@ -1517,9 +1565,9 @@ } }, "node_modules/@humanwhocodes/retry": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.4.1.tgz", - "integrity": "sha512-c7hNEllBlenFTHBky65mhq8WD2kbN9Q6gk0bTk8lSBvc554jpXSkST1iePudpt7+A/AQvuHs9EMqjHDXMY1lrA==", + "version": "0.4.3", + "resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.4.3.tgz", + "integrity": "sha512-bV0Tgo9K4hfPCek+aMAn81RppFKv2ySDQeMoSZuvTASywNTnVJCArCZE2FWqpvIatKu7VMRLWlR1EazvVhDyhQ==", "license": "Apache-2.0", "engines": { "node": ">=18.18" @@ -1530,9 +1578,9 @@ } }, "node_modules/@img/sharp-darwin-arm64": { - "version": "0.33.5", - "resolved": "https://registry.npmjs.org/@img/sharp-darwin-arm64/-/sharp-darwin-arm64-0.33.5.tgz", - "integrity": "sha512-UT4p+iz/2H4twwAoLCqfA9UH5pI6DggwKEGuaPy7nCVQ8ZsiY5PIcrRvD1DzuY3qYL07NtIQcWnBSY/heikIFQ==", + "version": "0.34.3", + "resolved": "https://registry.npmjs.org/@img/sharp-darwin-arm64/-/sharp-darwin-arm64-0.34.3.tgz", + "integrity": "sha512-ryFMfvxxpQRsgZJqBd4wsttYQbCxsJksrv9Lw/v798JcQ8+w84mBWuXwl+TT0WJ/WrYOLaYpwQXi3sA9nTIaIg==", "cpu": [ "arm64" ], @@ -1548,13 +1596,35 @@ "url": "https://opencollective.com/libvips" }, "optionalDependencies": { - "@img/sharp-libvips-darwin-arm64": "1.0.4" + "@img/sharp-libvips-darwin-arm64": "1.2.0" + } + }, + "node_modules/@img/sharp-darwin-x64": { + "version": "0.34.3", + "resolved": "https://registry.npmjs.org/@img/sharp-darwin-x64/-/sharp-darwin-x64-0.34.3.tgz", + "integrity": "sha512-yHpJYynROAj12TA6qil58hmPmAwxKKC7reUqtGLzsOHfP7/rniNGTL8tjWX6L3CTV4+5P4ypcS7Pp+7OB+8ihA==", + "cpu": [ + "x64" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-darwin-x64": "1.2.0" } }, "node_modules/@img/sharp-libvips-darwin-arm64": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@img/sharp-libvips-darwin-arm64/-/sharp-libvips-darwin-arm64-1.0.4.tgz", - "integrity": "sha512-XblONe153h0O2zuFfTAbQYAX2JhYmDHeWikp1LM9Hul9gVPjFY427k6dFEcOL72O01QxQsWi761svJ/ev9xEDg==", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-darwin-arm64/-/sharp-libvips-darwin-arm64-1.2.0.tgz", + "integrity": "sha512-sBZmpwmxqwlqG9ueWFXtockhsxefaV6O84BMOrhtg/YqbTaRdqDE7hxraVE3y6gVM4eExmfzW4a8el9ArLeEiQ==", "cpu": [ "arm64" ], @@ -1567,6 +1637,385 @@ "url": "https://opencollective.com/libvips" } }, + "node_modules/@img/sharp-libvips-darwin-x64": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-darwin-x64/-/sharp-libvips-darwin-x64-1.2.0.tgz", + "integrity": "sha512-M64XVuL94OgiNHa5/m2YvEQI5q2cl9d/wk0qFTDVXcYzi43lxuiFTftMR1tOnFQovVXNZJ5TURSDK2pNe9Yzqg==", + "cpu": [ + "x64" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "darwin" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-libvips-linux-arm": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-arm/-/sharp-libvips-linux-arm-1.2.0.tgz", + "integrity": "sha512-mWd2uWvDtL/nvIzThLq3fr2nnGfyr/XMXlq8ZJ9WMR6PXijHlC3ksp0IpuhK6bougvQrchUAfzRLnbsen0Cqvw==", + "cpu": [ + "arm" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "linux" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-libvips-linux-arm64": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-arm64/-/sharp-libvips-linux-arm64-1.2.0.tgz", + "integrity": "sha512-RXwd0CgG+uPRX5YYrkzKyalt2OJYRiJQ8ED/fi1tq9WQW2jsQIn0tqrlR5l5dr/rjqq6AHAxURhj2DVjyQWSOA==", + "cpu": [ + "arm64" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "linux" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-libvips-linux-ppc64": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-ppc64/-/sharp-libvips-linux-ppc64-1.2.0.tgz", + "integrity": "sha512-Xod/7KaDDHkYu2phxxfeEPXfVXFKx70EAFZ0qyUdOjCcxbjqyJOEUpDe6RIyaunGxT34Anf9ue/wuWOqBW2WcQ==", + "cpu": [ + "ppc64" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "linux" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-libvips-linux-s390x": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-s390x/-/sharp-libvips-linux-s390x-1.2.0.tgz", + "integrity": "sha512-eMKfzDxLGT8mnmPJTNMcjfO33fLiTDsrMlUVcp6b96ETbnJmd4uvZxVJSKPQfS+odwfVaGifhsB07J1LynFehw==", + "cpu": [ + "s390x" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "linux" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-libvips-linux-x64": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linux-x64/-/sharp-libvips-linux-x64-1.2.0.tgz", + "integrity": "sha512-ZW3FPWIc7K1sH9E3nxIGB3y3dZkpJlMnkk7z5tu1nSkBoCgw2nSRTFHI5pB/3CQaJM0pdzMF3paf9ckKMSE9Tg==", + "cpu": [ + "x64" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "linux" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-libvips-linuxmusl-arm64": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linuxmusl-arm64/-/sharp-libvips-linuxmusl-arm64-1.2.0.tgz", + "integrity": "sha512-UG+LqQJbf5VJ8NWJ5Z3tdIe/HXjuIdo4JeVNADXBFuG7z9zjoegpzzGIyV5zQKi4zaJjnAd2+g2nna8TZvuW9Q==", + "cpu": [ + "arm64" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "linux" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-libvips-linuxmusl-x64": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@img/sharp-libvips-linuxmusl-x64/-/sharp-libvips-linuxmusl-x64-1.2.0.tgz", + "integrity": "sha512-SRYOLR7CXPgNze8akZwjoGBoN1ThNZoqpOgfnOxmWsklTGVfJiGJoC/Lod7aNMGA1jSsKWM1+HRX43OP6p9+6Q==", + "cpu": [ + "x64" + ], + "license": "LGPL-3.0-or-later", + "optional": true, + "os": [ + "linux" + ], + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-linux-arm": { + "version": "0.34.3", + "resolved": "https://registry.npmjs.org/@img/sharp-linux-arm/-/sharp-linux-arm-0.34.3.tgz", + "integrity": "sha512-oBK9l+h6KBN0i3dC8rYntLiVfW8D8wH+NPNT3O/WBHeW0OQWCjfWksLUaPidsrDKpJgXp3G3/hkmhptAW0I3+A==", + "cpu": [ + "arm" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-linux-arm": "1.2.0" + } + }, + "node_modules/@img/sharp-linux-arm64": { + "version": "0.34.3", + "resolved": "https://registry.npmjs.org/@img/sharp-linux-arm64/-/sharp-linux-arm64-0.34.3.tgz", + "integrity": "sha512-QdrKe3EvQrqwkDrtuTIjI0bu6YEJHTgEeqdzI3uWJOH6G1O8Nl1iEeVYRGdj1h5I21CqxSvQp1Yv7xeU3ZewbA==", + "cpu": [ + "arm64" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-linux-arm64": "1.2.0" + } + }, + "node_modules/@img/sharp-linux-ppc64": { + "version": "0.34.3", + "resolved": "https://registry.npmjs.org/@img/sharp-linux-ppc64/-/sharp-linux-ppc64-0.34.3.tgz", + "integrity": "sha512-GLtbLQMCNC5nxuImPR2+RgrviwKwVql28FWZIW1zWruy6zLgA5/x2ZXk3mxj58X/tszVF69KK0Is83V8YgWhLA==", + "cpu": [ + "ppc64" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-linux-ppc64": "1.2.0" + } + }, + "node_modules/@img/sharp-linux-s390x": { + "version": "0.34.3", + "resolved": "https://registry.npmjs.org/@img/sharp-linux-s390x/-/sharp-linux-s390x-0.34.3.tgz", + "integrity": "sha512-3gahT+A6c4cdc2edhsLHmIOXMb17ltffJlxR0aC2VPZfwKoTGZec6u5GrFgdR7ciJSsHT27BD3TIuGcuRT0KmQ==", + "cpu": [ + "s390x" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-linux-s390x": "1.2.0" + } + }, + "node_modules/@img/sharp-linux-x64": { + "version": "0.34.3", + "resolved": "https://registry.npmjs.org/@img/sharp-linux-x64/-/sharp-linux-x64-0.34.3.tgz", + "integrity": "sha512-8kYso8d806ypnSq3/Ly0QEw90V5ZoHh10yH0HnrzOCr6DKAPI6QVHvwleqMkVQ0m+fc7EH8ah0BB0QPuWY6zJQ==", + "cpu": [ + "x64" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-linux-x64": "1.2.0" + } + }, + "node_modules/@img/sharp-linuxmusl-arm64": { + "version": "0.34.3", + "resolved": "https://registry.npmjs.org/@img/sharp-linuxmusl-arm64/-/sharp-linuxmusl-arm64-0.34.3.tgz", + "integrity": "sha512-vAjbHDlr4izEiXM1OTggpCcPg9tn4YriK5vAjowJsHwdBIdx0fYRsURkxLG2RLm9gyBq66gwtWI8Gx0/ov+JKQ==", + "cpu": [ + "arm64" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-linuxmusl-arm64": "1.2.0" + } + }, + "node_modules/@img/sharp-linuxmusl-x64": { + "version": "0.34.3", + "resolved": "https://registry.npmjs.org/@img/sharp-linuxmusl-x64/-/sharp-linuxmusl-x64-0.34.3.tgz", + "integrity": "sha512-gCWUn9547K5bwvOn9l5XGAEjVTTRji4aPTqLzGXHvIr6bIDZKNTA34seMPgM0WmSf+RYBH411VavCejp3PkOeQ==", + "cpu": [ + "x64" + ], + "license": "Apache-2.0", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + }, + "optionalDependencies": { + "@img/sharp-libvips-linuxmusl-x64": "1.2.0" + } + }, + "node_modules/@img/sharp-wasm32": { + "version": "0.34.3", + "resolved": "https://registry.npmjs.org/@img/sharp-wasm32/-/sharp-wasm32-0.34.3.tgz", + "integrity": "sha512-+CyRcpagHMGteySaWos8IbnXcHgfDn7pO2fiC2slJxvNq9gDipYBN42/RagzctVRKgxATmfqOSulgZv5e1RdMg==", + "cpu": [ + "wasm32" + ], + "license": "Apache-2.0 AND LGPL-3.0-or-later AND MIT", + "optional": true, + "dependencies": { + "@emnapi/runtime": "^1.4.4" + }, + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-win32-arm64": { + "version": "0.34.3", + "resolved": "https://registry.npmjs.org/@img/sharp-win32-arm64/-/sharp-win32-arm64-0.34.3.tgz", + "integrity": "sha512-MjnHPnbqMXNC2UgeLJtX4XqoVHHlZNd+nPt1kRPmj63wURegwBhZlApELdtxM2OIZDRv/DFtLcNhVbd1z8GYXQ==", + "cpu": [ + "arm64" + ], + "license": "Apache-2.0 AND LGPL-3.0-or-later", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-win32-ia32": { + "version": "0.34.3", + "resolved": "https://registry.npmjs.org/@img/sharp-win32-ia32/-/sharp-win32-ia32-0.34.3.tgz", + "integrity": "sha512-xuCdhH44WxuXgOM714hn4amodJMZl3OEvf0GVTm0BEyMeA2to+8HEdRPShH0SLYptJY1uBw+SCFP9WVQi1Q/cw==", + "cpu": [ + "ia32" + ], + "license": "Apache-2.0 AND LGPL-3.0-or-later", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@img/sharp-win32-x64": { + "version": "0.34.3", + "resolved": "https://registry.npmjs.org/@img/sharp-win32-x64/-/sharp-win32-x64-0.34.3.tgz", + "integrity": "sha512-OWwz05d++TxzLEv4VnsTz5CmZ6mI6S05sfQGEMrNrQcOEERbX46332IvE7pO/EUiw7jUrrS40z/M7kPyjfl04g==", + "cpu": [ + "x64" + ], + "license": "Apache-2.0 AND LGPL-3.0-or-later", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": "^18.17.0 || ^20.3.0 || >=21.0.0" + }, + "funding": { + "url": "https://opencollective.com/libvips" + } + }, + "node_modules/@isaacs/balanced-match": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/@isaacs/balanced-match/-/balanced-match-4.0.1.tgz", + "integrity": "sha512-yzMTt9lEb8Gv7zRioUilSglI0c0smZ9k5D65677DLWLtWJaXIS3CqcGyUFByYKlnUj6TkjLVs54fBl6+TiGQDQ==", + "license": "MIT", + "engines": { + "node": "20 || >=22" + } + }, + "node_modules/@isaacs/brace-expansion": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/@isaacs/brace-expansion/-/brace-expansion-5.0.0.tgz", + "integrity": "sha512-ZT55BDLV0yv0RBm2czMiZ+SqCGO7AvmOM3G/w2xhVPH+te0aKgFjmBvGlL1dH+ql2tgGO3MVrbb3jCKyvpgnxA==", + "license": "MIT", + "dependencies": { + "@isaacs/balanced-match": "^4.0.1" + }, + "engines": { + "node": "20 || >=22" + } + }, "node_modules/@isaacs/cliui": { "version": "8.0.2", "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", @@ -1584,19 +2033,39 @@ "node": ">=12" } }, + "node_modules/@isaacs/fs-minipass": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz", + "integrity": "sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==", + "dev": true, + "license": "ISC", + "dependencies": { + "minipass": "^7.0.4" + }, + "engines": { + "node": ">=18.0.0" + } + }, "node_modules/@jridgewell/gen-mapping": { - "version": "0.3.8", - "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.8.tgz", - "integrity": "sha512-imAbBGkb+ebQyxKgzv5Hu2nmROxoDOXHh80evxdoXNOrvAnVx7zimzc1Oo5h9RlfV4vPXaE2iM5pOFbvOCClWA==", + "version": "0.3.13", + "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.13.tgz", + "integrity": "sha512-2kkt/7niJ6MgEPxF0bYdQ6etZaA+fQvDcLKckhy1yIQOzaoKjBBjSj63/aLVjYE3qhRt5dvM+uUyfCg6UKCBbA==", "dev": true, "license": "MIT", "dependencies": { - "@jridgewell/set-array": "^1.2.1", - "@jridgewell/sourcemap-codec": "^1.4.10", + "@jridgewell/sourcemap-codec": "^1.5.0", + "@jridgewell/trace-mapping": "^0.3.24" + } + }, + "node_modules/@jridgewell/remapping": { + "version": "2.3.5", + "resolved": "https://registry.npmjs.org/@jridgewell/remapping/-/remapping-2.3.5.tgz", + "integrity": "sha512-LI9u/+laYG4Ds1TDKSJW2YPrIlcVYOwi2fUC6xB43lueCjgxV4lffOCZCtYFiH6TNOX+tQKXx97T4IKHbhyHEQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "@jridgewell/gen-mapping": "^0.3.5", "@jridgewell/trace-mapping": "^0.3.24" - }, - "engines": { - "node": ">=6.0.0" } }, "node_modules/@jridgewell/resolve-uri": { @@ -1609,27 +2078,17 @@ "node": ">=6.0.0" } }, - "node_modules/@jridgewell/set-array": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz", - "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=6.0.0" - } - }, "node_modules/@jridgewell/sourcemap-codec": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.0.tgz", - "integrity": "sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==", + "version": "1.5.5", + "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz", + "integrity": "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==", "dev": true, "license": "MIT" }, "node_modules/@jridgewell/trace-mapping": { - "version": "0.3.25", - "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz", - "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==", + "version": "0.3.30", + "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.30.tgz", + "integrity": "sha512-GQ7Nw5G2lTu/BtHTKfXhKHok2WGetd4XYcVKGx00SjAk8GMwgJM3zr6zORiPGuOE+/vkc90KtTosSSvaCjKb2Q==", "dev": true, "license": "MIT", "dependencies": { @@ -1637,58 +2096,43 @@ "@jridgewell/sourcemap-codec": "^1.4.14" } }, + "node_modules/@levischuck/tiny-cbor": { + "version": "0.2.11", + "resolved": "https://registry.npmjs.org/@levischuck/tiny-cbor/-/tiny-cbor-0.2.11.tgz", + "integrity": "sha512-llBRm4dT4Z89aRsm6u2oEZ8tfwL/2l6BwpZ7JcyieouniDECM5AqNgr/y08zalEIvW3RSK4upYyybDcmjXqAow==", + "license": "MIT" + }, "node_modules/@napi-rs/wasm-runtime": { - "version": "0.2.9", - "resolved": "https://registry.npmjs.org/@napi-rs/wasm-runtime/-/wasm-runtime-0.2.9.tgz", - "integrity": "sha512-OKRBiajrrxB9ATokgEQoG87Z25c67pCpYcCwmXYX8PBftC9pBfN18gnm/fh1wurSLEKIAt+QRFLFCQISrb66Jg==", + "version": "0.2.12", + "resolved": "https://registry.npmjs.org/@napi-rs/wasm-runtime/-/wasm-runtime-0.2.12.tgz", + "integrity": "sha512-ZVWUcfwY4E/yPitQJl481FjFo3K22D6qF0DuFH6Y/nbnE11GY5uguDxZMGXPQ8WQ0128MXQD7TnfHyK4oWoIJQ==", "license": "MIT", "optional": true, "dependencies": { - "@emnapi/core": "^1.4.0", - "@emnapi/runtime": "^1.4.0", - "@tybys/wasm-util": "^0.9.0" - } - }, - "node_modules/@napi-rs/wasm-runtime/node_modules/@emnapi/core": { - "version": "1.4.3", - "resolved": "https://registry.npmjs.org/@emnapi/core/-/core-1.4.3.tgz", - "integrity": "sha512-4m62DuCE07lw01soJwPiBGC0nAww0Q+RY70VZ+n49yDIO13yyinhbWCeNnaob0lakDtWQzSdtNWzJeOJt2ma+g==", - "license": "MIT", - "optional": true, - "dependencies": { - "@emnapi/wasi-threads": "1.0.2", - "tslib": "^2.4.0" - } - }, - "node_modules/@napi-rs/wasm-runtime/node_modules/@tybys/wasm-util": { - "version": "0.9.0", - "resolved": "https://registry.npmjs.org/@tybys/wasm-util/-/wasm-util-0.9.0.tgz", - "integrity": "sha512-6+7nlbMVX/PVDCwaIQ8nTOPveOcFLSt8GcXdx8hD0bt39uWxYT88uXzqTd4fTvqta7oeUJqudepapKNt2DYJFw==", - "license": "MIT", - "optional": true, - "dependencies": { - "tslib": "^2.4.0" + "@emnapi/core": "^1.4.3", + "@emnapi/runtime": "^1.4.3", + "@tybys/wasm-util": "^0.10.0" } }, "node_modules/@next/env": { - "version": "15.2.4", - "resolved": "https://registry.npmjs.org/@next/env/-/env-15.2.4.tgz", - "integrity": "sha512-+SFtMgoiYP3WoSswuNmxJOCwi06TdWE733D+WPjpXIe4LXGULwEaofiiAy6kbS0+XjM5xF5n3lKuBwN2SnqD9g==", + "version": "15.4.6", + "resolved": "https://registry.npmjs.org/@next/env/-/env-15.4.6.tgz", + "integrity": "sha512-yHDKVTcHrZy/8TWhj0B23ylKv5ypocuCwey9ZqPyv4rPdUdRzpGCkSi03t04KBPyU96kxVtUqx6O3nE1kpxASQ==", "license": "MIT" }, "node_modules/@next/eslint-plugin-next": { - "version": "15.1.3", - "resolved": "https://registry.npmjs.org/@next/eslint-plugin-next/-/eslint-plugin-next-15.1.3.tgz", - "integrity": "sha512-oeP1vnc5Cq9UoOb8SYHAEPbCXMzOgG70l+Zfd+Ie00R25FOm+CCVNrcIubJvB1tvBgakXE37MmqSycksXVPRqg==", + "version": "15.4.6", + "resolved": "https://registry.npmjs.org/@next/eslint-plugin-next/-/eslint-plugin-next-15.4.6.tgz", + "integrity": "sha512-2NOu3ln+BTcpnbIDuxx6MNq+pRrCyey4WSXGaJIyt0D2TYicHeO9QrUENNjcf673n3B1s7hsiV5xBYRCK1Q8kA==", "license": "MIT", "dependencies": { "fast-glob": "3.3.1" } }, "node_modules/@next/swc-darwin-arm64": { - "version": "15.2.4", - "resolved": "https://registry.npmjs.org/@next/swc-darwin-arm64/-/swc-darwin-arm64-15.2.4.tgz", - "integrity": "sha512-1AnMfs655ipJEDC/FHkSr0r3lXBgpqKo4K1kiwfUf3iE68rDFXZ1TtHdMvf7D0hMItgDZ7Vuq3JgNMbt/+3bYw==", + "version": "15.4.6", + "resolved": "https://registry.npmjs.org/@next/swc-darwin-arm64/-/swc-darwin-arm64-15.4.6.tgz", + "integrity": "sha512-667R0RTP4DwxzmrqTs4Lr5dcEda9OxuZsVFsjVtxVMVhzSpo6nLclXejJVfQo2/g7/Z9qF3ETDmN3h65mTjpTQ==", "cpu": [ "arm64" ], @@ -1702,9 +2146,9 @@ } }, "node_modules/@next/swc-darwin-x64": { - "version": "15.2.4", - "resolved": "https://registry.npmjs.org/@next/swc-darwin-x64/-/swc-darwin-x64-15.2.4.tgz", - "integrity": "sha512-3qK2zb5EwCwxnO2HeO+TRqCubeI/NgCe+kL5dTJlPldV/uwCnUgC7VbEzgmxbfrkbjehL4H9BPztWOEtsoMwew==", + "version": "15.4.6", + "resolved": "https://registry.npmjs.org/@next/swc-darwin-x64/-/swc-darwin-x64-15.4.6.tgz", + "integrity": "sha512-KMSFoistFkaiQYVQQnaU9MPWtp/3m0kn2Xed1Ces5ll+ag1+rlac20sxG+MqhH2qYWX1O2GFOATQXEyxKiIscg==", "cpu": [ "x64" ], @@ -1718,9 +2162,9 @@ } }, "node_modules/@next/swc-linux-arm64-gnu": { - "version": "15.2.4", - "resolved": "https://registry.npmjs.org/@next/swc-linux-arm64-gnu/-/swc-linux-arm64-gnu-15.2.4.tgz", - "integrity": "sha512-HFN6GKUcrTWvem8AZN7tT95zPb0GUGv9v0d0iyuTb303vbXkkbHDp/DxufB04jNVD+IN9yHy7y/6Mqq0h0YVaQ==", + "version": "15.4.6", + "resolved": "https://registry.npmjs.org/@next/swc-linux-arm64-gnu/-/swc-linux-arm64-gnu-15.4.6.tgz", + "integrity": "sha512-PnOx1YdO0W7m/HWFeYd2A6JtBO8O8Eb9h6nfJia2Dw1sRHoHpNf6lN1U4GKFRzRDBi9Nq2GrHk9PF3Vmwf7XVw==", "cpu": [ "arm64" ], @@ -1734,9 +2178,9 @@ } }, "node_modules/@next/swc-linux-arm64-musl": { - "version": "15.2.4", - "resolved": "https://registry.npmjs.org/@next/swc-linux-arm64-musl/-/swc-linux-arm64-musl-15.2.4.tgz", - "integrity": "sha512-Oioa0SORWLwi35/kVB8aCk5Uq+5/ZIumMK1kJV+jSdazFm2NzPDztsefzdmzzpx5oGCJ6FkUC7vkaUseNTStNA==", + "version": "15.4.6", + "resolved": "https://registry.npmjs.org/@next/swc-linux-arm64-musl/-/swc-linux-arm64-musl-15.4.6.tgz", + "integrity": "sha512-XBbuQddtY1p5FGPc2naMO0kqs4YYtLYK/8aPausI5lyOjr4J77KTG9mtlU4P3NwkLI1+OjsPzKVvSJdMs3cFaw==", "cpu": [ "arm64" ], @@ -1750,9 +2194,9 @@ } }, "node_modules/@next/swc-linux-x64-gnu": { - "version": "15.2.4", - "resolved": "https://registry.npmjs.org/@next/swc-linux-x64-gnu/-/swc-linux-x64-gnu-15.2.4.tgz", - "integrity": "sha512-yb5WTRaHdkgOqFOZiu6rHV1fAEK0flVpaIN2HB6kxHVSy/dIajWbThS7qON3W9/SNOH2JWkVCyulgGYekMePuw==", + "version": "15.4.6", + "resolved": "https://registry.npmjs.org/@next/swc-linux-x64-gnu/-/swc-linux-x64-gnu-15.4.6.tgz", + "integrity": "sha512-+WTeK7Qdw82ez3U9JgD+igBAP75gqZ1vbK6R8PlEEuY0OIe5FuYXA4aTjL811kWPf7hNeslD4hHK2WoM9W0IgA==", "cpu": [ "x64" ], @@ -1766,9 +2210,9 @@ } }, "node_modules/@next/swc-linux-x64-musl": { - "version": "15.2.4", - "resolved": "https://registry.npmjs.org/@next/swc-linux-x64-musl/-/swc-linux-x64-musl-15.2.4.tgz", - "integrity": "sha512-Dcdv/ix6srhkM25fgXiyOieFUkz+fOYkHlydWCtB0xMST6X9XYI3yPDKBZt1xuhOytONsIFJFB08xXYsxUwJLw==", + "version": "15.4.6", + "resolved": "https://registry.npmjs.org/@next/swc-linux-x64-musl/-/swc-linux-x64-musl-15.4.6.tgz", + "integrity": "sha512-XP824mCbgQsK20jlXKrUpZoh/iO3vUWhMpxCz8oYeagoiZ4V0TQiKy0ASji1KK6IAe3DYGfj5RfKP6+L2020OQ==", "cpu": [ "x64" ], @@ -1782,9 +2226,9 @@ } }, "node_modules/@next/swc-win32-arm64-msvc": { - "version": "15.2.4", - "resolved": "https://registry.npmjs.org/@next/swc-win32-arm64-msvc/-/swc-win32-arm64-msvc-15.2.4.tgz", - "integrity": "sha512-dW0i7eukvDxtIhCYkMrZNQfNicPDExt2jPb9AZPpL7cfyUo7QSNl1DjsHjmmKp6qNAqUESyT8YFl/Aw91cNJJg==", + "version": "15.4.6", + "resolved": "https://registry.npmjs.org/@next/swc-win32-arm64-msvc/-/swc-win32-arm64-msvc-15.4.6.tgz", + "integrity": "sha512-FxrsenhUz0LbgRkNWx6FRRJIPe/MI1JRA4W4EPd5leXO00AZ6YU8v5vfx4MDXTvN77lM/EqsE3+6d2CIeF5NYg==", "cpu": [ "arm64" ], @@ -1798,9 +2242,9 @@ } }, "node_modules/@next/swc-win32-x64-msvc": { - "version": "15.2.4", - "resolved": "https://registry.npmjs.org/@next/swc-win32-x64-msvc/-/swc-win32-x64-msvc-15.2.4.tgz", - "integrity": "sha512-SbnWkJmkS7Xl3kre8SdMF6F/XDh1DTFEhp0jRTj/uB8iPKoU2bb2NDfcu+iifv1+mxQEd1g2vvSxcZbXSKyWiQ==", + "version": "15.4.6", + "resolved": "https://registry.npmjs.org/@next/swc-win32-x64-msvc/-/swc-win32-x64-msvc-15.4.6.tgz", + "integrity": "sha512-T4ufqnZ4u88ZheczkBTtOF+eKaM14V8kbjud/XrAakoM5DKQWjW09vD6B9fsdsWS2T7D5EY31hRHdta7QKWOng==", "cpu": [ "x64" ], @@ -1814,9 +2258,9 @@ } }, "node_modules/@noble/ciphers": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@noble/ciphers/-/ciphers-1.2.1.tgz", - "integrity": "sha512-rONPWMC7PeExE077uLE4oqWrZ1IvAfz3oH9LibVAcVCopJiA9R62uavnbEzdkVmJYI6M6Zgkbeb07+tWjlq2XA==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/@noble/ciphers/-/ciphers-1.3.0.tgz", + "integrity": "sha512-2I0gnIVPtfnMw9ee9h1dJG7tp81+8Ob3OJb3Mv37rx5L40/b0i7djjCVvGOVqc9AEIQyvyu1i6ypKdFw8R8gQw==", "dev": true, "license": "MIT", "engines": { @@ -1827,13 +2271,13 @@ } }, "node_modules/@noble/curves": { - "version": "1.8.1", - "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.8.1.tgz", - "integrity": "sha512-warwspo+UYUPep0Q+vtdVB4Ugn8GGQj8iyB3gnRWsztmUHTI3S1nhdiWNsPUGL0vud7JlRRk1XEu7Lq1KGTnMQ==", + "version": "1.9.6", + "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.9.6.tgz", + "integrity": "sha512-GIKz/j99FRthB8icyJQA51E8Uk5hXmdyThjgQXRKiv9h0zeRlzSCLIzFw6K1LotZ3XuB7yzlf76qk7uBmTdFqA==", "dev": true, "license": "MIT", "dependencies": { - "@noble/hashes": "1.7.1" + "@noble/hashes": "1.8.0" }, "engines": { "node": "^14.21.3 || >=16" @@ -1843,9 +2287,9 @@ } }, "node_modules/@noble/hashes": { - "version": "1.7.1", - "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.7.1.tgz", - "integrity": "sha512-B8XBPsn4vT/KJAGqDzbwztd+6Yte3P4V7iafm24bxgDe/mlRuK6xmWPuCNrKt2vDafZ8MfJLlchDG/vYafQEjQ==", + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.8.0.tgz", + "integrity": "sha512-jCs9ldd7NwzpgXDIf6P3+NrHh9/sD6CQdxHyjQI+h/6rDNo88ypBxxz45UDuZHz9r3tNz7N/VInSVoVdtXEI4A==", "dev": true, "license": "MIT", "engines": { @@ -1881,9 +2325,9 @@ } }, "node_modules/@node-rs/argon2-android-arm-eabi": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-android-arm-eabi/-/argon2-android-arm-eabi-1.7.0.tgz", - "integrity": "sha512-udDqkr5P9E+wYX1SZwAVPdyfYvaF4ry9Tm+R9LkfSHbzWH0uhU6zjIwNRp7m+n4gx691rk+lqqDAIP8RLKwbhg==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-android-arm-eabi/-/argon2-android-arm-eabi-2.0.2.tgz", + "integrity": "sha512-DV/H8p/jt40lrao5z5g6nM9dPNPGEHL+aK6Iy/og+dbL503Uj0AHLqj1Hk9aVUSCNnsDdUEKp4TVMi0YakDYKw==", "cpu": [ "arm" ], @@ -1897,9 +2341,9 @@ } }, "node_modules/@node-rs/argon2-android-arm64": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-android-arm64/-/argon2-android-arm64-1.7.0.tgz", - "integrity": "sha512-s9j/G30xKUx8WU50WIhF0fIl1EdhBGq0RQ06lEhZ0Gi0ap8lhqbE2Bn5h3/G2D1k0Dx+yjeVVNmt/xOQIRG38A==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-android-arm64/-/argon2-android-arm64-2.0.2.tgz", + "integrity": "sha512-1LKwskau+8O1ktKx7TbK7jx1oMOMt4YEXZOdSNIar1TQKxm6isZ0cRXgHLibPHEcNHgYRsJWDE9zvDGBB17QDg==", "cpu": [ "arm64" ], @@ -1929,9 +2373,9 @@ } }, "node_modules/@node-rs/argon2-darwin-x64": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-darwin-x64/-/argon2-darwin-x64-1.7.0.tgz", - "integrity": "sha512-5oi/pxqVhODW/pj1+3zElMTn/YukQeywPHHYDbcAW3KsojFjKySfhcJMd1DjKTc+CHQI+4lOxZzSUzK7mI14Hw==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-darwin-x64/-/argon2-darwin-x64-2.0.2.tgz", + "integrity": "sha512-vNPfkLj5Ij5111UTiYuwgxMqE7DRbOS2y58O2DIySzSHbcnu+nipmRKg+P0doRq6eKIJStyBK8dQi5Ic8pFyDw==", "cpu": [ "x64" ], @@ -1945,9 +2389,9 @@ } }, "node_modules/@node-rs/argon2-freebsd-x64": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-freebsd-x64/-/argon2-freebsd-x64-1.7.0.tgz", - "integrity": "sha512-Ify08683hA4QVXYoIm5SUWOY5DPIT/CMB0CQT+IdxQAg/F+qp342+lUkeAtD5bvStQuCx/dFO3bnnzoe2clMhA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-freebsd-x64/-/argon2-freebsd-x64-2.0.2.tgz", + "integrity": "sha512-M8vQZk01qojQfCqQU0/O1j1a4zPPrz93zc9fSINY7Q/6RhQRBCYwDw7ltDCZXg5JRGlSaeS8cUXWyhPGar3cGg==", "cpu": [ "x64" ], @@ -1961,9 +2405,9 @@ } }, "node_modules/@node-rs/argon2-linux-arm-gnueabihf": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-linux-arm-gnueabihf/-/argon2-linux-arm-gnueabihf-1.7.0.tgz", - "integrity": "sha512-7DjDZ1h5AUHAtRNjD19RnQatbhL+uuxBASuuXIBu4/w6Dx8n7YPxwTP4MXfsvuRgKuMWiOb/Ub/HJ3kXVCXRkg==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-linux-arm-gnueabihf/-/argon2-linux-arm-gnueabihf-2.0.2.tgz", + "integrity": "sha512-7EmmEPHLzcu0G2GDh30L6G48CH38roFC2dqlQJmtRCxs6no3tTE/pvgBGatTp/o2n2oyOJcfmgndVFcUpwMnww==", "cpu": [ "arm" ], @@ -1977,9 +2421,9 @@ } }, "node_modules/@node-rs/argon2-linux-arm64-gnu": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-linux-arm64-gnu/-/argon2-linux-arm64-gnu-1.7.0.tgz", - "integrity": "sha512-nJDoMP4Y3YcqGswE4DvP080w6O24RmnFEDnL0emdI8Nou17kNYBzP2546Nasx9GCyLzRcYQwZOUjrtUuQ+od2g==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-linux-arm64-gnu/-/argon2-linux-arm64-gnu-2.0.2.tgz", + "integrity": "sha512-6lsYh3Ftbk+HAIZ7wNuRF4SZDtxtFTfK+HYFAQQyW7Ig3LHqasqwfUKRXVSV5tJ+xTnxjqgKzvZSUJCAyIfHew==", "cpu": [ "arm64" ], @@ -1993,9 +2437,9 @@ } }, "node_modules/@node-rs/argon2-linux-arm64-musl": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-linux-arm64-musl/-/argon2-linux-arm64-musl-1.7.0.tgz", - "integrity": "sha512-BKWS8iVconhE3jrb9mj6t1J9vwUqQPpzCbUKxfTGJfc+kNL58F1SXHBoe2cDYGnHrFEHTY0YochzXoAfm4Dm/A==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-linux-arm64-musl/-/argon2-linux-arm64-musl-2.0.2.tgz", + "integrity": "sha512-p3YqVMNT/4DNR67tIHTYGbedYmXxW9QlFmF39SkXyEbGQwpgSf6pH457/fyXBIYznTU/smnG9EH+C1uzT5j4hA==", "cpu": [ "arm64" ], @@ -2025,211 +2469,6 @@ } }, "node_modules/@node-rs/argon2-linux-x64-musl": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-linux-x64-musl/-/argon2-linux-x64-musl-1.7.0.tgz", - "integrity": "sha512-/o1efYCYIxjfuoRYyBTi2Iy+1iFfhqHCvvVsnjNSgO1xWiWrX0Rrt/xXW5Zsl7vS2Y+yu8PL8KFWRzZhaVxfKA==", - "cpu": [ - "x64" - ], - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">= 10" - } - }, - "node_modules/@node-rs/argon2-wasm32-wasi": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-wasm32-wasi/-/argon2-wasm32-wasi-1.7.0.tgz", - "integrity": "sha512-Evmk9VcxqnuwQftfAfYEr6YZYSPLzmKUsbFIMep5nTt9PT4XYRFAERj7wNYp+rOcBenF3X4xoB+LhwcOMTNE5w==", - "cpu": [ - "wasm32" - ], - "license": "MIT", - "optional": true, - "dependencies": { - "@emnapi/core": "^0.45.0", - "@emnapi/runtime": "^0.45.0", - "@tybys/wasm-util": "^0.8.1", - "memfs-browser": "^3.4.13000" - }, - "engines": { - "node": ">=14.0.0" - } - }, - "node_modules/@node-rs/argon2-wasm32-wasi/node_modules/@emnapi/runtime": { - "version": "0.45.0", - "resolved": "https://registry.npmjs.org/@emnapi/runtime/-/runtime-0.45.0.tgz", - "integrity": "sha512-Txumi3td7J4A/xTTwlssKieHKTGl3j4A1tglBx72auZ49YK7ePY6XZricgIg9mnZT4xPfA+UPCUdnhRuEFDL+w==", - "license": "MIT", - "optional": true, - "dependencies": { - "tslib": "^2.4.0" - } - }, - "node_modules/@node-rs/argon2-win32-arm64-msvc": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-win32-arm64-msvc/-/argon2-win32-arm64-msvc-1.7.0.tgz", - "integrity": "sha512-qgsU7T004COWWpSA0tppDqDxbPLgg8FaU09krIJ7FBl71Sz8SFO40h7fDIjfbTT5w7u6mcaINMQ5bSHu75PCaA==", - "cpu": [ - "arm64" - ], - "license": "MIT", - "optional": true, - "os": [ - "win32" - ], - "engines": { - "node": ">= 10" - } - }, - "node_modules/@node-rs/argon2-win32-ia32-msvc": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-win32-ia32-msvc/-/argon2-win32-ia32-msvc-1.7.0.tgz", - "integrity": "sha512-JGafwWYQ/HpZ3XSwP4adQ6W41pRvhcdXvpzIWtKvX+17+xEXAe2nmGWM6s27pVkg1iV2ZtoYLRDkOUoGqZkCcg==", - "cpu": [ - "ia32" - ], - "license": "MIT", - "optional": true, - "os": [ - "win32" - ], - "engines": { - "node": ">= 10" - } - }, - "node_modules/@node-rs/argon2-win32-x64-msvc": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-win32-x64-msvc/-/argon2-win32-x64-msvc-1.7.0.tgz", - "integrity": "sha512-9oq4ShyFakw8AG3mRls0AoCpxBFcimYx7+jvXeAf2OqKNO+mSA6eZ9z7KQeVCi0+SOEUYxMGf5UiGiDb9R6+9Q==", - "cpu": [ - "x64" - ], - "license": "MIT", - "optional": true, - "os": [ - "win32" - ], - "engines": { - "node": ">= 10" - } - }, - "node_modules/@node-rs/argon2/node_modules/@node-rs/argon2-android-arm-eabi": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-android-arm-eabi/-/argon2-android-arm-eabi-2.0.2.tgz", - "integrity": "sha512-DV/H8p/jt40lrao5z5g6nM9dPNPGEHL+aK6Iy/og+dbL503Uj0AHLqj1Hk9aVUSCNnsDdUEKp4TVMi0YakDYKw==", - "cpu": [ - "arm" - ], - "license": "MIT", - "optional": true, - "os": [ - "android" - ], - "engines": { - "node": ">= 10" - } - }, - "node_modules/@node-rs/argon2/node_modules/@node-rs/argon2-android-arm64": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-android-arm64/-/argon2-android-arm64-2.0.2.tgz", - "integrity": "sha512-1LKwskau+8O1ktKx7TbK7jx1oMOMt4YEXZOdSNIar1TQKxm6isZ0cRXgHLibPHEcNHgYRsJWDE9zvDGBB17QDg==", - "cpu": [ - "arm64" - ], - "license": "MIT", - "optional": true, - "os": [ - "android" - ], - "engines": { - "node": ">= 10" - } - }, - "node_modules/@node-rs/argon2/node_modules/@node-rs/argon2-darwin-x64": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-darwin-x64/-/argon2-darwin-x64-2.0.2.tgz", - "integrity": "sha512-vNPfkLj5Ij5111UTiYuwgxMqE7DRbOS2y58O2DIySzSHbcnu+nipmRKg+P0doRq6eKIJStyBK8dQi5Ic8pFyDw==", - "cpu": [ - "x64" - ], - "license": "MIT", - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": ">= 10" - } - }, - "node_modules/@node-rs/argon2/node_modules/@node-rs/argon2-freebsd-x64": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-freebsd-x64/-/argon2-freebsd-x64-2.0.2.tgz", - "integrity": "sha512-M8vQZk01qojQfCqQU0/O1j1a4zPPrz93zc9fSINY7Q/6RhQRBCYwDw7ltDCZXg5JRGlSaeS8cUXWyhPGar3cGg==", - "cpu": [ - "x64" - ], - "license": "MIT", - "optional": true, - "os": [ - "freebsd" - ], - "engines": { - "node": ">= 10" - } - }, - "node_modules/@node-rs/argon2/node_modules/@node-rs/argon2-linux-arm-gnueabihf": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-linux-arm-gnueabihf/-/argon2-linux-arm-gnueabihf-2.0.2.tgz", - "integrity": "sha512-7EmmEPHLzcu0G2GDh30L6G48CH38roFC2dqlQJmtRCxs6no3tTE/pvgBGatTp/o2n2oyOJcfmgndVFcUpwMnww==", - "cpu": [ - "arm" - ], - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">= 10" - } - }, - "node_modules/@node-rs/argon2/node_modules/@node-rs/argon2-linux-arm64-gnu": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-linux-arm64-gnu/-/argon2-linux-arm64-gnu-2.0.2.tgz", - "integrity": "sha512-6lsYh3Ftbk+HAIZ7wNuRF4SZDtxtFTfK+HYFAQQyW7Ig3LHqasqwfUKRXVSV5tJ+xTnxjqgKzvZSUJCAyIfHew==", - "cpu": [ - "arm64" - ], - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">= 10" - } - }, - "node_modules/@node-rs/argon2/node_modules/@node-rs/argon2-linux-arm64-musl": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/@node-rs/argon2-linux-arm64-musl/-/argon2-linux-arm64-musl-2.0.2.tgz", - "integrity": "sha512-p3YqVMNT/4DNR67tIHTYGbedYmXxW9QlFmF39SkXyEbGQwpgSf6pH457/fyXBIYznTU/smnG9EH+C1uzT5j4hA==", - "cpu": [ - "arm64" - ], - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">= 10" - } - }, - "node_modules/@node-rs/argon2/node_modules/@node-rs/argon2-linux-x64-musl": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/@node-rs/argon2-linux-x64-musl/-/argon2-linux-x64-musl-2.0.2.tgz", "integrity": "sha512-of5uPqk7oCRF/44a89YlWTEfjsftPywyTULwuFDKyD8QtVZoonrJR6ZWvfFE/6jBT68S0okAkAzzMEdBVWdxWw==", @@ -2245,7 +2484,7 @@ "node": ">= 10" } }, - "node_modules/@node-rs/argon2/node_modules/@node-rs/argon2-wasm32-wasi": { + "node_modules/@node-rs/argon2-wasm32-wasi": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/@node-rs/argon2-wasm32-wasi/-/argon2-wasm32-wasi-2.0.2.tgz", "integrity": "sha512-U3PzLYKSQYzTERstgtHLd4ZTkOF9co57zTXT77r0cVUsleGZOrd6ut7rHzeWwoJSiHOVxxa0OhG1JVQeB7lLoQ==", @@ -2261,7 +2500,7 @@ "node": ">=14.0.0" } }, - "node_modules/@node-rs/argon2/node_modules/@node-rs/argon2-win32-arm64-msvc": { + "node_modules/@node-rs/argon2-win32-arm64-msvc": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/@node-rs/argon2-win32-arm64-msvc/-/argon2-win32-arm64-msvc-2.0.2.tgz", "integrity": "sha512-Eisd7/NM0m23ijrGr6xI2iMocdOuyl6gO27gfMfya4C5BODbUSP7ljKJ7LrA0teqZMdYHesRDzx36Js++/vhiQ==", @@ -2277,7 +2516,7 @@ "node": ">= 10" } }, - "node_modules/@node-rs/argon2/node_modules/@node-rs/argon2-win32-ia32-msvc": { + "node_modules/@node-rs/argon2-win32-ia32-msvc": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/@node-rs/argon2-win32-ia32-msvc/-/argon2-win32-ia32-msvc-2.0.2.tgz", "integrity": "sha512-GsE2ezwAYwh72f9gIjbGTZOf4HxEksb5M2eCaj+Y5rGYVwAdt7C12Q2e9H5LRYxWcFvLH4m4jiSZpQQ4upnPAQ==", @@ -2293,7 +2532,7 @@ "node": ">= 10" } }, - "node_modules/@node-rs/argon2/node_modules/@node-rs/argon2-win32-x64-msvc": { + "node_modules/@node-rs/argon2-win32-x64-msvc": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/@node-rs/argon2-win32-x64-msvc/-/argon2-win32-x64-msvc-2.0.2.tgz", "integrity": "sha512-cJxWXanH4Ew9CfuZ4IAEiafpOBCe97bzoKowHCGk5lG/7kR4WF/eknnBlHW9m8q7t10mKq75kruPLtbSDqgRTw==", @@ -2338,6 +2577,38 @@ "@node-rs/bcrypt-win32-x64-msvc": "1.9.0" } }, + "node_modules/@node-rs/bcrypt-android-arm-eabi": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@node-rs/bcrypt-android-arm-eabi/-/bcrypt-android-arm-eabi-1.9.0.tgz", + "integrity": "sha512-nOCFISGtnodGHNiLrG0WYLWr81qQzZKYfmwHc7muUeq+KY0sQXyHOwZk9OuNQAWv/lnntmtbwkwT0QNEmOyLvA==", + "cpu": [ + "arm" + ], + "license": "MIT", + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/@node-rs/bcrypt-android-arm64": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@node-rs/bcrypt-android-arm64/-/bcrypt-android-arm64-1.9.0.tgz", + "integrity": "sha512-+ZrIAtigVmjYkqZQTThHVlz0+TG6D+GDHWhVKvR2DifjtqJ0i+mb9gjo++hN+fWEQdWNGxKCiBBjwgT4EcXd6A==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">= 10" + } + }, "node_modules/@node-rs/bcrypt-darwin-arm64": { "version": "1.9.0", "resolved": "https://registry.npmjs.org/@node-rs/bcrypt-darwin-arm64/-/bcrypt-darwin-arm64-1.9.0.tgz", @@ -2354,6 +2625,215 @@ "node": ">= 10" } }, + "node_modules/@node-rs/bcrypt-darwin-x64": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@node-rs/bcrypt-darwin-x64/-/bcrypt-darwin-x64-1.9.0.tgz", + "integrity": "sha512-4pTKGawYd7sNEjdJ7R/R67uwQH1VvwPZ0SSUMmeNHbxD5QlwAPXdDH11q22uzVXsvNFZ6nGQBg8No5OUGpx6Ug==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/@node-rs/bcrypt-freebsd-x64": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@node-rs/bcrypt-freebsd-x64/-/bcrypt-freebsd-x64-1.9.0.tgz", + "integrity": "sha512-UmWzySX4BJhT/B8xmTru6iFif3h0Rpx3TqxRLCcbgmH43r7k5/9QuhpiyzpvKGpKHJCFNm4F3rC2wghvw5FCIg==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "freebsd" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/@node-rs/bcrypt-linux-arm-gnueabihf": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@node-rs/bcrypt-linux-arm-gnueabihf/-/bcrypt-linux-arm-gnueabihf-1.9.0.tgz", + "integrity": "sha512-8qoX4PgBND2cVwsbajoAWo3NwdfJPEXgpCsZQZURz42oMjbGyhhSYbovBCskGU3EBLoC8RA2B1jFWooeYVn5BA==", + "cpu": [ + "arm" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/@node-rs/bcrypt-linux-arm64-gnu": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@node-rs/bcrypt-linux-arm64-gnu/-/bcrypt-linux-arm64-gnu-1.9.0.tgz", + "integrity": "sha512-TuAC6kx0SbcIA4mSEWPi+OCcDjTQUMl213v5gMNlttF+D4ieIZx6pPDGTaMO6M2PDHTeCG0CBzZl0Lu+9b0c7Q==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/@node-rs/bcrypt-linux-arm64-musl": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@node-rs/bcrypt-linux-arm64-musl/-/bcrypt-linux-arm64-musl-1.9.0.tgz", + "integrity": "sha512-/sIvKDABOI8QOEnLD7hIj02BVaNOuCIWBKvxcJOt8+TuwJ6zmY1UI5kSv9d99WbiHjTp97wtAUbZQwauU4b9ew==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/@node-rs/bcrypt-linux-x64-gnu": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@node-rs/bcrypt-linux-x64-gnu/-/bcrypt-linux-x64-gnu-1.9.0.tgz", + "integrity": "sha512-DyyhDHDsLBsCKz1tZ1hLvUZSc1DK0FU0v52jK6IBQxrj24WscSU9zZe7ie/V9kdmA4Ep57BfpWX8Dsa2JxGdgQ==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/@node-rs/bcrypt-linux-x64-musl": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@node-rs/bcrypt-linux-x64-musl/-/bcrypt-linux-x64-musl-1.9.0.tgz", + "integrity": "sha512-duIiuqQ+Lew8ASSAYm6ZRqcmfBGWwsi81XLUwz86a2HR7Qv6V4yc3ZAUQovAikhjCsIqe8C11JlAZSK6+PlXYg==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/@node-rs/bcrypt-wasm32-wasi": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@node-rs/bcrypt-wasm32-wasi/-/bcrypt-wasm32-wasi-1.9.0.tgz", + "integrity": "sha512-ylaGmn9Wjwv/D5lxtawttx3H6Uu2WTTR7lWlRHGT6Ga/MB1Vj4OjSGUW8G8zIVnKuXpGbZ92pgHlt4HUpSLctw==", + "cpu": [ + "wasm32" + ], + "license": "MIT", + "optional": true, + "dependencies": { + "@emnapi/core": "^0.45.0", + "@emnapi/runtime": "^0.45.0", + "@tybys/wasm-util": "^0.8.1", + "memfs-browser": "^3.4.13000" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@node-rs/bcrypt-wasm32-wasi/node_modules/@emnapi/core": { + "version": "0.45.0", + "resolved": "https://registry.npmjs.org/@emnapi/core/-/core-0.45.0.tgz", + "integrity": "sha512-DPWjcUDQkCeEM4VnljEOEcXdAD7pp8zSZsgOujk/LGIwCXWbXJngin+MO4zbH429lzeC3WbYLGjE2MaUOwzpyw==", + "license": "MIT", + "optional": true, + "dependencies": { + "tslib": "^2.4.0" + } + }, + "node_modules/@node-rs/bcrypt-wasm32-wasi/node_modules/@emnapi/runtime": { + "version": "0.45.0", + "resolved": "https://registry.npmjs.org/@emnapi/runtime/-/runtime-0.45.0.tgz", + "integrity": "sha512-Txumi3td7J4A/xTTwlssKieHKTGl3j4A1tglBx72auZ49YK7ePY6XZricgIg9mnZT4xPfA+UPCUdnhRuEFDL+w==", + "license": "MIT", + "optional": true, + "dependencies": { + "tslib": "^2.4.0" + } + }, + "node_modules/@node-rs/bcrypt-wasm32-wasi/node_modules/@tybys/wasm-util": { + "version": "0.8.3", + "resolved": "https://registry.npmjs.org/@tybys/wasm-util/-/wasm-util-0.8.3.tgz", + "integrity": "sha512-Z96T/L6dUFFxgFJ+pQtkPpne9q7i6kIPYCFnQBHSgSPV9idTsKfIhCss0h5iM9irweZCatkrdeP8yi5uM1eX6Q==", + "license": "MIT", + "optional": true, + "dependencies": { + "tslib": "^2.4.0" + } + }, + "node_modules/@node-rs/bcrypt-win32-arm64-msvc": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@node-rs/bcrypt-win32-arm64-msvc/-/bcrypt-win32-arm64-msvc-1.9.0.tgz", + "integrity": "sha512-2h86gF7QFyEzODuDFml/Dp1MSJoZjxJ4yyT2Erf4NkwsiA5MqowUhUsorRwZhX6+2CtlGa7orbwi13AKMsYndw==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/@node-rs/bcrypt-win32-ia32-msvc": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@node-rs/bcrypt-win32-ia32-msvc/-/bcrypt-win32-ia32-msvc-1.9.0.tgz", + "integrity": "sha512-kqxalCvhs4FkN0+gWWfa4Bdy2NQAkfiqq/CEf6mNXC13RSV673Ev9V8sRlQyNpCHCNkeXfOT9pgoBdJmMs9muA==", + "cpu": [ + "ia32" + ], + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/@node-rs/bcrypt-win32-x64-msvc": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/@node-rs/bcrypt-win32-x64-msvc/-/bcrypt-win32-x64-msvc-1.9.0.tgz", + "integrity": "sha512-2y0Tuo6ZAT2Cz8V7DHulSlv1Bip3zbzeXyeur+uR25IRNYXKvI/P99Zl85Fbuu/zzYAZRLLlGTRe6/9IHofe/w==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">= 10" + } + }, "node_modules/@nodelib/fs.scandir": { "version": "2.1.5", "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz", @@ -2444,43 +2924,83 @@ "integrity": "sha512-hkjo6MuIK/kQR5CrGNdAPZhS01ZCXuWDRJ187zh6qqF2+yMHZpD9fAYpX8q2bOO6Ryhl3XpCT6kUX76N8hhm4Q==", "license": "MIT" }, - "node_modules/@petamoriken/float16": { - "version": "3.9.2", - "resolved": "https://registry.npmjs.org/@petamoriken/float16/-/float16-3.9.2.tgz", - "integrity": "sha512-VgffxawQde93xKxT3qap3OH+meZf7VaSB5Sqd4Rqc+FP5alWbpOyan/7tRbOAvynjpG3GpdtAuGU/NdhQpmrog==", - "dev": true, - "license": "MIT" - }, - "node_modules/@pkgjs/parseargs": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz", - "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==", - "dev": true, + "node_modules/@peculiar/asn1-android": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/@peculiar/asn1-android/-/asn1-android-2.4.0.tgz", + "integrity": "sha512-YFueREq97CLslZZBI8dKzis7jMfEHSLxM+nr0Zdx1POiXFLjqqwoY5s0F1UimdBiEw/iKlHey2m56MRDv7Jtyg==", "license": "MIT", - "optional": true, - "engines": { - "node": ">=14" + "dependencies": { + "@peculiar/asn1-schema": "^2.4.0", + "asn1js": "^3.0.6", + "tslib": "^2.8.1" + } + }, + "node_modules/@peculiar/asn1-ecc": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/@peculiar/asn1-ecc/-/asn1-ecc-2.4.0.tgz", + "integrity": "sha512-fJiYUBCJBDkjh347zZe5H81BdJ0+OGIg0X9z06v8xXUoql3MFeENUX0JsjCaVaU9A0L85PefLPGYkIoGpTnXLQ==", + "license": "MIT", + "dependencies": { + "@peculiar/asn1-schema": "^2.4.0", + "@peculiar/asn1-x509": "^2.4.0", + "asn1js": "^3.0.6", + "tslib": "^2.8.1" + } + }, + "node_modules/@peculiar/asn1-rsa": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/@peculiar/asn1-rsa/-/asn1-rsa-2.4.0.tgz", + "integrity": "sha512-6PP75voaEnOSlWR9sD25iCQyLgFZHXbmxvUfnnDcfL6Zh5h2iHW38+bve4LfH7a60x7fkhZZNmiYqAlAff9Img==", + "license": "MIT", + "dependencies": { + "@peculiar/asn1-schema": "^2.4.0", + "@peculiar/asn1-x509": "^2.4.0", + "asn1js": "^3.0.6", + "tslib": "^2.8.1" + } + }, + "node_modules/@peculiar/asn1-schema": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/@peculiar/asn1-schema/-/asn1-schema-2.4.0.tgz", + "integrity": "sha512-umbembjIWOrPSOzEGG5vxFLkeM8kzIhLkgigtsOrfLKnuzxWxejAcUX+q/SoZCdemlODOcr5WiYa7+dIEzBXZQ==", + "license": "MIT", + "dependencies": { + "asn1js": "^3.0.6", + "pvtsutils": "^1.3.6", + "tslib": "^2.8.1" + } + }, + "node_modules/@peculiar/asn1-x509": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/@peculiar/asn1-x509/-/asn1-x509-2.4.0.tgz", + "integrity": "sha512-F7mIZY2Eao2TaoVqigGMLv+NDdpwuBKU1fucHPONfzaBS4JXXCNCmfO0Z3dsy7JzKGqtDcYC1mr9JjaZQZNiuw==", + "license": "MIT", + "dependencies": { + "@peculiar/asn1-schema": "^2.4.0", + "asn1js": "^3.0.6", + "pvtsutils": "^1.3.6", + "tslib": "^2.8.1" } }, "node_modules/@radix-ui/number": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@radix-ui/number/-/number-1.1.0.tgz", - "integrity": "sha512-V3gRzhVNU1ldS5XhAPTom1fOIo4ccrjjJgmE+LI2h/WaFpHmx0MQApT+KZHnx8abG6Avtfcz4WoEciMnpFT3HQ==", + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@radix-ui/number/-/number-1.1.1.tgz", + "integrity": "sha512-MkKCwxlXTgz6CFoJx3pCwn07GKp36+aZyu/u2Ln2VrA5DcdyCZkASEDBTd8x5whTQQL5CiYf4prXKLcgQdv29g==", "license": "MIT" }, "node_modules/@radix-ui/primitive": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@radix-ui/primitive/-/primitive-1.1.1.tgz", - "integrity": "sha512-SJ31y+Q/zAyShtXJc8x83i9TYdbAfHZ++tUZnvjJJqFjzsdUnKsxPL6IEtBlxKkU7yzer//GQtZSV4GbldL3YA==", + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@radix-ui/primitive/-/primitive-1.1.3.tgz", + "integrity": "sha512-JTF99U/6XIjCBo0wqkU5sK10glYe27MRRsfwoiq5zzOEZLHU3A3KCMa5X/azekYRCJ0HlwI0crAXS/5dEHTzDg==", "license": "MIT" }, "node_modules/@radix-ui/react-arrow": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@radix-ui/react-arrow/-/react-arrow-1.1.1.tgz", - "integrity": "sha512-NaVpZfmv8SKeZbn4ijN2V3jlHA9ngBG16VnIIm22nUR0Yk8KUALyBxT3KYEUnNuch9sTE8UTsS3whzBgKOL30w==", + "version": "1.1.7", + "resolved": "https://registry.npmjs.org/@radix-ui/react-arrow/-/react-arrow-1.1.7.tgz", + "integrity": "sha512-F+M1tLhO+mlQaOWspE8Wstg+z6PwxwRd8oQ8IXceWz92kfAmalTRf0EjrouQeo7QssEPfCn05B4Ihs1K9WQ/7w==", "license": "MIT", "dependencies": { - "@radix-ui/react-primitive": "2.0.1" + "@radix-ui/react-primitive": "2.1.3" }, "peerDependencies": { "@types/react": "*", @@ -2498,15 +3018,16 @@ } }, "node_modules/@radix-ui/react-avatar": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@radix-ui/react-avatar/-/react-avatar-1.1.2.tgz", - "integrity": "sha512-GaC7bXQZ5VgZvVvsJ5mu/AEbjYLnhhkoidOboC50Z6FFlLA03wG2ianUoH+zgDQ31/9gCF59bE4+2bBgTyMiig==", + "version": "1.1.10", + "resolved": "https://registry.npmjs.org/@radix-ui/react-avatar/-/react-avatar-1.1.10.tgz", + "integrity": "sha512-V8piFfWapM5OmNCXTzVQY+E1rDa53zY+MQ4Y7356v4fFz6vqCyUtIz2rUD44ZEdwg78/jKmMJHj07+C/Z/rcog==", "license": "MIT", "dependencies": { - "@radix-ui/react-context": "1.1.1", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-use-callback-ref": "1.1.0", - "@radix-ui/react-use-layout-effect": "1.1.0" + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-use-callback-ref": "1.1.1", + "@radix-ui/react-use-is-hydrated": "0.1.0", + "@radix-ui/react-use-layout-effect": "1.1.1" }, "peerDependencies": { "@types/react": "*", @@ -2524,19 +3045,19 @@ } }, "node_modules/@radix-ui/react-checkbox": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/@radix-ui/react-checkbox/-/react-checkbox-1.1.3.tgz", - "integrity": "sha512-HD7/ocp8f1B3e6OHygH0n7ZKjONkhciy1Nh0yuBgObqThc3oyx+vuMfFHKAknXRHHWVE9XvXStxJFyjUmB8PIw==", + "version": "1.3.3", + "resolved": "https://registry.npmjs.org/@radix-ui/react-checkbox/-/react-checkbox-1.3.3.tgz", + "integrity": "sha512-wBbpv+NQftHDdG86Qc0pIyXk5IR3tM8Vd0nWLKDcX8nNn4nXFOFwsKuqw2okA/1D/mpaAkmuyndrPJTYDNZtFw==", "license": "MIT", "dependencies": { - "@radix-ui/primitive": "1.1.1", - "@radix-ui/react-compose-refs": "1.1.1", - "@radix-ui/react-context": "1.1.1", - "@radix-ui/react-presence": "1.1.2", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-use-controllable-state": "1.1.0", - "@radix-ui/react-use-previous": "1.1.0", - "@radix-ui/react-use-size": "1.1.0" + "@radix-ui/primitive": "1.1.3", + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-presence": "1.1.5", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-use-controllable-state": "1.2.2", + "@radix-ui/react-use-previous": "1.1.1", + "@radix-ui/react-use-size": "1.1.1" }, "peerDependencies": { "@types/react": "*", @@ -2554,19 +3075,19 @@ } }, "node_modules/@radix-ui/react-collapsible": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@radix-ui/react-collapsible/-/react-collapsible-1.1.2.tgz", - "integrity": "sha512-PliMB63vxz7vggcyq0IxNYk8vGDrLXVWw4+W4B8YnwI1s18x7YZYqlG9PLX7XxAJUi0g2DxP4XKJMFHh/iVh9A==", + "version": "1.1.12", + "resolved": "https://registry.npmjs.org/@radix-ui/react-collapsible/-/react-collapsible-1.1.12.tgz", + "integrity": "sha512-Uu+mSh4agx2ib1uIGPP4/CKNULyajb3p92LsVXmH2EHVMTfZWpll88XJ0j4W0z3f8NK1eYl1+Mf/szHPmcHzyA==", "license": "MIT", "dependencies": { - "@radix-ui/primitive": "1.1.1", - "@radix-ui/react-compose-refs": "1.1.1", - "@radix-ui/react-context": "1.1.1", - "@radix-ui/react-id": "1.1.0", - "@radix-ui/react-presence": "1.1.2", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-use-controllable-state": "1.1.0", - "@radix-ui/react-use-layout-effect": "1.1.0" + "@radix-ui/primitive": "1.1.3", + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-id": "1.1.1", + "@radix-ui/react-presence": "1.1.5", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-use-controllable-state": "1.2.2", + "@radix-ui/react-use-layout-effect": "1.1.1" }, "peerDependencies": { "@types/react": "*", @@ -2584,15 +3105,15 @@ } }, "node_modules/@radix-ui/react-collection": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@radix-ui/react-collection/-/react-collection-1.1.1.tgz", - "integrity": "sha512-LwT3pSho9Dljg+wY2KN2mrrh6y3qELfftINERIzBUO9e0N+t0oMTyn3k9iv+ZqgrwGkRnLpNJrsMv9BZlt2yuA==", + "version": "1.1.7", + "resolved": "https://registry.npmjs.org/@radix-ui/react-collection/-/react-collection-1.1.7.tgz", + "integrity": "sha512-Fh9rGN0MoI4ZFUNyfFVNU4y9LUz93u9/0K+yLgA2bwRojxM8JU1DyvvMBabnZPBgMWREAJvU2jjVzq+LrFUglw==", "license": "MIT", "dependencies": { - "@radix-ui/react-compose-refs": "1.1.1", - "@radix-ui/react-context": "1.1.1", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-slot": "1.1.1" + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-slot": "1.2.3" }, "peerDependencies": { "@types/react": "*", @@ -2610,9 +3131,9 @@ } }, "node_modules/@radix-ui/react-compose-refs": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@radix-ui/react-compose-refs/-/react-compose-refs-1.1.1.tgz", - "integrity": "sha512-Y9VzoRDSJtgFMUCoiZBDVo084VQ5hfpXxVE+NgkdNsjiDBByiImMZKKhxMwCbdHvhlENG6a833CbFkOQvTricw==", + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@radix-ui/react-compose-refs/-/react-compose-refs-1.1.2.tgz", + "integrity": "sha512-z4eqJvfiNnFMHIIvXP3CY57y2WJs5g2v3X0zm9mEJkrkNv4rDxu+sg9Jh8EkXyeqBkB7SOcboo9dMVqhyrACIg==", "license": "MIT", "peerDependencies": { "@types/react": "*", @@ -2625,9 +3146,9 @@ } }, "node_modules/@radix-ui/react-context": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@radix-ui/react-context/-/react-context-1.1.1.tgz", - "integrity": "sha512-UASk9zi+crv9WteK/NU4PLvOoL3OuE6BWVKNF6hPRBtYBDXQ2u5iu3O59zUlJiTVvkyuycnqrztsHVJwcK9K+Q==", + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/@radix-ui/react-context/-/react-context-1.1.2.tgz", + "integrity": "sha512-jCi/QKUM2r1Ju5a3J64TH2A5SpKAgh0LpknyqdQ4m6DCV0xJ2HG1xARRwNGPQfi1SLdLWZ1OJz6F4OMBBNiGJA==", "license": "MIT", "peerDependencies": { "@types/react": "*", @@ -2640,25 +3161,25 @@ } }, "node_modules/@radix-ui/react-dialog": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/@radix-ui/react-dialog/-/react-dialog-1.1.4.tgz", - "integrity": "sha512-Ur7EV1IwQGCyaAuyDRiOLA5JIUZxELJljF+MbM/2NC0BYwfuRrbpS30BiQBJrVruscgUkieKkqXYDOoByaxIoA==", + "version": "1.1.15", + "resolved": "https://registry.npmjs.org/@radix-ui/react-dialog/-/react-dialog-1.1.15.tgz", + "integrity": "sha512-TCglVRtzlffRNxRMEyR36DGBLJpeusFcgMVD9PZEzAKnUs1lKCgX5u9BmC2Yg+LL9MgZDugFFs1Vl+Jp4t/PGw==", "license": "MIT", "dependencies": { - "@radix-ui/primitive": "1.1.1", - "@radix-ui/react-compose-refs": "1.1.1", - "@radix-ui/react-context": "1.1.1", - "@radix-ui/react-dismissable-layer": "1.1.3", - "@radix-ui/react-focus-guards": "1.1.1", - "@radix-ui/react-focus-scope": "1.1.1", - "@radix-ui/react-id": "1.1.0", - "@radix-ui/react-portal": "1.1.3", - "@radix-ui/react-presence": "1.1.2", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-slot": "1.1.1", - "@radix-ui/react-use-controllable-state": "1.1.0", - "aria-hidden": "^1.1.1", - "react-remove-scroll": "^2.6.1" + "@radix-ui/primitive": "1.1.3", + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-dismissable-layer": "1.1.11", + "@radix-ui/react-focus-guards": "1.1.3", + "@radix-ui/react-focus-scope": "1.1.7", + "@radix-ui/react-id": "1.1.1", + "@radix-ui/react-portal": "1.1.9", + "@radix-ui/react-presence": "1.1.5", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-slot": "1.2.3", + "@radix-ui/react-use-controllable-state": "1.2.2", + "aria-hidden": "^1.2.4", + "react-remove-scroll": "^2.6.3" }, "peerDependencies": { "@types/react": "*", @@ -2676,9 +3197,9 @@ } }, "node_modules/@radix-ui/react-direction": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@radix-ui/react-direction/-/react-direction-1.1.0.tgz", - "integrity": "sha512-BUuBvgThEiAXh2DWu93XsT+a3aWrGqolGlqqw5VU1kG7p/ZH2cuDlM1sRLNnY3QcBS69UIz2mcKhMxDsdewhjg==", + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@radix-ui/react-direction/-/react-direction-1.1.1.tgz", + "integrity": "sha512-1UEWRX6jnOA2y4H5WczZ44gOOjTEmlqv1uNW4GAJEO5+bauCBhv8snY65Iw5/VOS/ghKN9gr2KjnLKxrsvoMVw==", "license": "MIT", "peerDependencies": { "@types/react": "*", @@ -2691,16 +3212,16 @@ } }, "node_modules/@radix-ui/react-dismissable-layer": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/@radix-ui/react-dismissable-layer/-/react-dismissable-layer-1.1.3.tgz", - "integrity": "sha512-onrWn/72lQoEucDmJnr8uczSNTujT0vJnA/X5+3AkChVPowr8n1yvIKIabhWyMQeMvvmdpsvcyDqx3X1LEXCPg==", + "version": "1.1.11", + "resolved": "https://registry.npmjs.org/@radix-ui/react-dismissable-layer/-/react-dismissable-layer-1.1.11.tgz", + "integrity": "sha512-Nqcp+t5cTB8BinFkZgXiMJniQH0PsUt2k51FUhbdfeKvc4ACcG2uQniY/8+h1Yv6Kza4Q7lD7PQV0z0oicE0Mg==", "license": "MIT", "dependencies": { - "@radix-ui/primitive": "1.1.1", - "@radix-ui/react-compose-refs": "1.1.1", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-use-callback-ref": "1.1.0", - "@radix-ui/react-use-escape-keydown": "1.1.0" + "@radix-ui/primitive": "1.1.3", + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-use-callback-ref": "1.1.1", + "@radix-ui/react-use-escape-keydown": "1.1.1" }, "peerDependencies": { "@types/react": "*", @@ -2718,18 +3239,18 @@ } }, "node_modules/@radix-ui/react-dropdown-menu": { - "version": "2.1.4", - "resolved": "https://registry.npmjs.org/@radix-ui/react-dropdown-menu/-/react-dropdown-menu-2.1.4.tgz", - "integrity": "sha512-iXU1Ab5ecM+yEepGAWK8ZhMyKX4ubFdCNtol4sT9D0OVErG9PNElfx3TQhjw7n7BC5nFVz68/5//clWy+8TXzA==", + "version": "2.1.16", + "resolved": "https://registry.npmjs.org/@radix-ui/react-dropdown-menu/-/react-dropdown-menu-2.1.16.tgz", + "integrity": "sha512-1PLGQEynI/3OX/ftV54COn+3Sud/Mn8vALg2rWnBLnRaGtJDduNW/22XjlGgPdpcIbiQxjKtb7BkcjP00nqfJw==", "license": "MIT", "dependencies": { - "@radix-ui/primitive": "1.1.1", - "@radix-ui/react-compose-refs": "1.1.1", - "@radix-ui/react-context": "1.1.1", - "@radix-ui/react-id": "1.1.0", - "@radix-ui/react-menu": "2.1.4", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-use-controllable-state": "1.1.0" + "@radix-ui/primitive": "1.1.3", + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-id": "1.1.1", + "@radix-ui/react-menu": "2.1.16", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-use-controllable-state": "1.2.2" }, "peerDependencies": { "@types/react": "*", @@ -2747,9 +3268,9 @@ } }, "node_modules/@radix-ui/react-focus-guards": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@radix-ui/react-focus-guards/-/react-focus-guards-1.1.1.tgz", - "integrity": "sha512-pSIwfrT1a6sIoDASCSpFwOasEwKTZWDw/iBdtnqKO7v6FeOzYJ7U53cPzYFVR3geGGXgVHaH+CdngrrAzqUGxg==", + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@radix-ui/react-focus-guards/-/react-focus-guards-1.1.3.tgz", + "integrity": "sha512-0rFg/Rj2Q62NCm62jZw0QX7a3sz6QCQU0LpZdNrJX8byRGaGVTqbrW9jAoIAHyMQqsNpeZ81YgSizOt5WXq0Pw==", "license": "MIT", "peerDependencies": { "@types/react": "*", @@ -2762,14 +3283,14 @@ } }, "node_modules/@radix-ui/react-focus-scope": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@radix-ui/react-focus-scope/-/react-focus-scope-1.1.1.tgz", - "integrity": "sha512-01omzJAYRxXdG2/he/+xy+c8a8gCydoQ1yOxnWNcRhrrBW5W+RQJ22EK1SaO8tb3WoUsuEw7mJjBozPzihDFjA==", + "version": "1.1.7", + "resolved": "https://registry.npmjs.org/@radix-ui/react-focus-scope/-/react-focus-scope-1.1.7.tgz", + "integrity": "sha512-t2ODlkXBQyn7jkl6TNaw/MtVEVvIGelJDCG41Okq/KwUsJBwQ4XVZsHAVUkK4mBv3ewiAS3PGuUWuY2BoK4ZUw==", "license": "MIT", "dependencies": { - "@radix-ui/react-compose-refs": "1.1.1", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-use-callback-ref": "1.1.0" + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-use-callback-ref": "1.1.1" }, "peerDependencies": { "@types/react": "*", @@ -2796,12 +3317,12 @@ } }, "node_modules/@radix-ui/react-id": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@radix-ui/react-id/-/react-id-1.1.0.tgz", - "integrity": "sha512-EJUrI8yYh7WOjNOqpoJaf1jlFIH2LvtgAl+YcFqNCa+4hj64ZXmPkAKOFs/ukjz3byN6bdb/AVUqHkI8/uWWMA==", + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@radix-ui/react-id/-/react-id-1.1.1.tgz", + "integrity": "sha512-kGkGegYIdQsOb4XjsfM97rXsiHaBwco+hFI66oO4s9LU+PLAC5oJ7khdOVFxkhsmlbpUqDAvXw11CluXP+jkHg==", "license": "MIT", "dependencies": { - "@radix-ui/react-use-layout-effect": "1.1.0" + "@radix-ui/react-use-layout-effect": "1.1.1" }, "peerDependencies": { "@types/react": "*", @@ -2814,12 +3335,12 @@ } }, "node_modules/@radix-ui/react-label": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/@radix-ui/react-label/-/react-label-2.1.1.tgz", - "integrity": "sha512-UUw5E4e/2+4kFMH7+YxORXGWggtY6sM8WIwh5RZchhLuUg2H1hc98Py+pr8HMz6rdaYrK2t296ZEjYLOCO5uUw==", + "version": "2.1.7", + "resolved": "https://registry.npmjs.org/@radix-ui/react-label/-/react-label-2.1.7.tgz", + "integrity": "sha512-YT1GqPSL8kJn20djelMX7/cTRp/Y9w5IZHvfxQTVHrOqa2yMl7i/UfMqKRU5V7mEyKTrUVgJXhNQPVCG8PBLoQ==", "license": "MIT", "dependencies": { - "@radix-ui/react-primitive": "2.0.1" + "@radix-ui/react-primitive": "2.1.3" }, "peerDependencies": { "@types/react": "*", @@ -2837,29 +3358,29 @@ } }, "node_modules/@radix-ui/react-menu": { - "version": "2.1.4", - "resolved": "https://registry.npmjs.org/@radix-ui/react-menu/-/react-menu-2.1.4.tgz", - "integrity": "sha512-BnOgVoL6YYdHAG6DtXONaR29Eq4nvbi8rutrV/xlr3RQCMMb3yqP85Qiw/3NReozrSW+4dfLkK+rc1hb4wPU/A==", + "version": "2.1.16", + "resolved": "https://registry.npmjs.org/@radix-ui/react-menu/-/react-menu-2.1.16.tgz", + "integrity": "sha512-72F2T+PLlphrqLcAotYPp0uJMr5SjP5SL01wfEspJbru5Zs5vQaSHb4VB3ZMJPimgHHCHG7gMOeOB9H3Hdmtxg==", "license": "MIT", "dependencies": { - "@radix-ui/primitive": "1.1.1", - "@radix-ui/react-collection": "1.1.1", - "@radix-ui/react-compose-refs": "1.1.1", - "@radix-ui/react-context": "1.1.1", - "@radix-ui/react-direction": "1.1.0", - "@radix-ui/react-dismissable-layer": "1.1.3", - "@radix-ui/react-focus-guards": "1.1.1", - "@radix-ui/react-focus-scope": "1.1.1", - "@radix-ui/react-id": "1.1.0", - "@radix-ui/react-popper": "1.2.1", - "@radix-ui/react-portal": "1.1.3", - "@radix-ui/react-presence": "1.1.2", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-roving-focus": "1.1.1", - "@radix-ui/react-slot": "1.1.1", - "@radix-ui/react-use-callback-ref": "1.1.0", - "aria-hidden": "^1.1.1", - "react-remove-scroll": "^2.6.1" + "@radix-ui/primitive": "1.1.3", + "@radix-ui/react-collection": "1.1.7", + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-direction": "1.1.1", + "@radix-ui/react-dismissable-layer": "1.1.11", + "@radix-ui/react-focus-guards": "1.1.3", + "@radix-ui/react-focus-scope": "1.1.7", + "@radix-ui/react-id": "1.1.1", + "@radix-ui/react-popper": "1.2.8", + "@radix-ui/react-portal": "1.1.9", + "@radix-ui/react-presence": "1.1.5", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-roving-focus": "1.1.11", + "@radix-ui/react-slot": "1.2.3", + "@radix-ui/react-use-callback-ref": "1.1.1", + "aria-hidden": "^1.2.4", + "react-remove-scroll": "^2.6.3" }, "peerDependencies": { "@types/react": "*", @@ -2877,26 +3398,26 @@ } }, "node_modules/@radix-ui/react-popover": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/@radix-ui/react-popover/-/react-popover-1.1.4.tgz", - "integrity": "sha512-aUACAkXx8LaFymDma+HQVji7WhvEhpFJ7+qPz17Nf4lLZqtreGOFRiNQWQmhzp7kEWg9cOyyQJpdIMUMPc/CPw==", + "version": "1.1.15", + "resolved": "https://registry.npmjs.org/@radix-ui/react-popover/-/react-popover-1.1.15.tgz", + "integrity": "sha512-kr0X2+6Yy/vJzLYJUPCZEc8SfQcf+1COFoAqauJm74umQhta9M7lNJHP7QQS3vkvcGLQUbWpMzwrXYwrYztHKA==", "license": "MIT", "dependencies": { - "@radix-ui/primitive": "1.1.1", - "@radix-ui/react-compose-refs": "1.1.1", - "@radix-ui/react-context": "1.1.1", - "@radix-ui/react-dismissable-layer": "1.1.3", - "@radix-ui/react-focus-guards": "1.1.1", - "@radix-ui/react-focus-scope": "1.1.1", - "@radix-ui/react-id": "1.1.0", - "@radix-ui/react-popper": "1.2.1", - "@radix-ui/react-portal": "1.1.3", - "@radix-ui/react-presence": "1.1.2", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-slot": "1.1.1", - "@radix-ui/react-use-controllable-state": "1.1.0", - "aria-hidden": "^1.1.1", - "react-remove-scroll": "^2.6.1" + "@radix-ui/primitive": "1.1.3", + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-dismissable-layer": "1.1.11", + "@radix-ui/react-focus-guards": "1.1.3", + "@radix-ui/react-focus-scope": "1.1.7", + "@radix-ui/react-id": "1.1.1", + "@radix-ui/react-popper": "1.2.8", + "@radix-ui/react-portal": "1.1.9", + "@radix-ui/react-presence": "1.1.5", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-slot": "1.2.3", + "@radix-ui/react-use-controllable-state": "1.2.2", + "aria-hidden": "^1.2.4", + "react-remove-scroll": "^2.6.3" }, "peerDependencies": { "@types/react": "*", @@ -2914,21 +3435,21 @@ } }, "node_modules/@radix-ui/react-popper": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@radix-ui/react-popper/-/react-popper-1.2.1.tgz", - "integrity": "sha512-3kn5Me69L+jv82EKRuQCXdYyf1DqHwD2U/sxoNgBGCB7K9TRc3bQamQ+5EPM9EvyPdli0W41sROd+ZU1dTCztw==", + "version": "1.2.8", + "resolved": "https://registry.npmjs.org/@radix-ui/react-popper/-/react-popper-1.2.8.tgz", + "integrity": "sha512-0NJQ4LFFUuWkE7Oxf0htBKS6zLkkjBH+hM1uk7Ng705ReR8m/uelduy1DBo0PyBXPKVnBA6YBlU94MBGXrSBCw==", "license": "MIT", "dependencies": { "@floating-ui/react-dom": "^2.0.0", - "@radix-ui/react-arrow": "1.1.1", - "@radix-ui/react-compose-refs": "1.1.1", - "@radix-ui/react-context": "1.1.1", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-use-callback-ref": "1.1.0", - "@radix-ui/react-use-layout-effect": "1.1.0", - "@radix-ui/react-use-rect": "1.1.0", - "@radix-ui/react-use-size": "1.1.0", - "@radix-ui/rect": "1.1.0" + "@radix-ui/react-arrow": "1.1.7", + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-use-callback-ref": "1.1.1", + "@radix-ui/react-use-layout-effect": "1.1.1", + "@radix-ui/react-use-rect": "1.1.1", + "@radix-ui/react-use-size": "1.1.1", + "@radix-ui/rect": "1.1.1" }, "peerDependencies": { "@types/react": "*", @@ -2946,13 +3467,13 @@ } }, "node_modules/@radix-ui/react-portal": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/@radix-ui/react-portal/-/react-portal-1.1.3.tgz", - "integrity": "sha512-NciRqhXnGojhT93RPyDaMPfLH3ZSl4jjIFbZQ1b/vxvZEdHsBZ49wP9w8L3HzUQwep01LcWtkUvm0OVB5JAHTw==", + "version": "1.1.9", + "resolved": "https://registry.npmjs.org/@radix-ui/react-portal/-/react-portal-1.1.9.tgz", + "integrity": "sha512-bpIxvq03if6UNwXZ+HTK71JLh4APvnXntDc6XOX8UVq4XQOVl7lwok0AvIl+b8zgCw3fSaVTZMpAPPagXbKmHQ==", "license": "MIT", "dependencies": { - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-use-layout-effect": "1.1.0" + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-use-layout-effect": "1.1.1" }, "peerDependencies": { "@types/react": "*", @@ -2970,13 +3491,13 @@ } }, "node_modules/@radix-ui/react-presence": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@radix-ui/react-presence/-/react-presence-1.1.2.tgz", - "integrity": "sha512-18TFr80t5EVgL9x1SwF/YGtfG+l0BS0PRAlCWBDoBEiDQjeKgnNZRVJp/oVBl24sr3Gbfwc/Qpj4OcWTQMsAEg==", + "version": "1.1.5", + "resolved": "https://registry.npmjs.org/@radix-ui/react-presence/-/react-presence-1.1.5.tgz", + "integrity": "sha512-/jfEwNDdQVBCNvjkGit4h6pMOzq8bHkopq458dPt2lMjx+eBQUohZNG9A7DtO/O5ukSbxuaNGXMjHicgwy6rQQ==", "license": "MIT", "dependencies": { - "@radix-ui/react-compose-refs": "1.1.1", - "@radix-ui/react-use-layout-effect": "1.1.0" + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-use-layout-effect": "1.1.1" }, "peerDependencies": { "@types/react": "*", @@ -2994,12 +3515,12 @@ } }, "node_modules/@radix-ui/react-primitive": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/@radix-ui/react-primitive/-/react-primitive-2.0.1.tgz", - "integrity": "sha512-sHCWTtxwNn3L3fH8qAfnF3WbUZycW93SM1j3NFDzXBiz8D6F5UTTy8G1+WFEaiCdvCVRJWj6N2R4Xq6HdiHmDg==", + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/@radix-ui/react-primitive/-/react-primitive-2.1.3.tgz", + "integrity": "sha512-m9gTwRkhy2lvCPe6QJp4d3G1TYEUHn/FzJUtq9MjH46an1wJU+GdoGC5VLof8RX8Ft/DlpshApkhswDLZzHIcQ==", "license": "MIT", "dependencies": { - "@radix-ui/react-slot": "1.1.1" + "@radix-ui/react-slot": "1.2.3" }, "peerDependencies": { "@types/react": "*", @@ -3017,13 +3538,13 @@ } }, "node_modules/@radix-ui/react-progress": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/@radix-ui/react-progress/-/react-progress-1.1.4.tgz", - "integrity": "sha512-8rl9w7lJdcVPor47Dhws9mUHRHLE+8JEgyJRdNWCpGPa6HIlr3eh+Yn9gyx1CnCLbw5naHsI2gaO9dBWO50vzw==", + "version": "1.1.7", + "resolved": "https://registry.npmjs.org/@radix-ui/react-progress/-/react-progress-1.1.7.tgz", + "integrity": "sha512-vPdg/tF6YC/ynuBIJlk1mm7Le0VgW6ub6J2UWnTQ7/D23KXcPI1qy+0vBkgKgd38RCMJavBXpB83HPNFMTb0Fg==", "license": "MIT", "dependencies": { "@radix-ui/react-context": "1.1.2", - "@radix-ui/react-primitive": "2.1.0" + "@radix-ui/react-primitive": "2.1.3" }, "peerDependencies": { "@types/react": "*", @@ -3040,93 +3561,22 @@ } } }, - "node_modules/@radix-ui/react-progress/node_modules/@radix-ui/react-compose-refs": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@radix-ui/react-compose-refs/-/react-compose-refs-1.1.2.tgz", - "integrity": "sha512-z4eqJvfiNnFMHIIvXP3CY57y2WJs5g2v3X0zm9mEJkrkNv4rDxu+sg9Jh8EkXyeqBkB7SOcboo9dMVqhyrACIg==", - "license": "MIT", - "peerDependencies": { - "@types/react": "*", - "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc" - }, - "peerDependenciesMeta": { - "@types/react": { - "optional": true - } - } - }, - "node_modules/@radix-ui/react-progress/node_modules/@radix-ui/react-context": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@radix-ui/react-context/-/react-context-1.1.2.tgz", - "integrity": "sha512-jCi/QKUM2r1Ju5a3J64TH2A5SpKAgh0LpknyqdQ4m6DCV0xJ2HG1xARRwNGPQfi1SLdLWZ1OJz6F4OMBBNiGJA==", - "license": "MIT", - "peerDependencies": { - "@types/react": "*", - "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc" - }, - "peerDependenciesMeta": { - "@types/react": { - "optional": true - } - } - }, - "node_modules/@radix-ui/react-progress/node_modules/@radix-ui/react-primitive": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@radix-ui/react-primitive/-/react-primitive-2.1.0.tgz", - "integrity": "sha512-/J/FhLdK0zVcILOwt5g+dH4KnkonCtkVJsa2G6JmvbbtZfBEI1gMsO3QMjseL4F/SwfAMt1Vc/0XKYKq+xJ1sw==", - "license": "MIT", - "dependencies": { - "@radix-ui/react-slot": "1.2.0" - }, - "peerDependencies": { - "@types/react": "*", - "@types/react-dom": "*", - "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc", - "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc" - }, - "peerDependenciesMeta": { - "@types/react": { - "optional": true - }, - "@types/react-dom": { - "optional": true - } - } - }, - "node_modules/@radix-ui/react-progress/node_modules/@radix-ui/react-slot": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/@radix-ui/react-slot/-/react-slot-1.2.0.tgz", - "integrity": "sha512-ujc+V6r0HNDviYqIK3rW4ffgYiZ8g5DEHrGJVk4x7kTlLXRDILnKX9vAUYeIsLOoDpDJ0ujpqMkjH4w2ofuo6w==", - "license": "MIT", - "dependencies": { - "@radix-ui/react-compose-refs": "1.1.2" - }, - "peerDependencies": { - "@types/react": "*", - "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc" - }, - "peerDependenciesMeta": { - "@types/react": { - "optional": true - } - } - }, "node_modules/@radix-ui/react-radio-group": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/@radix-ui/react-radio-group/-/react-radio-group-1.2.2.tgz", - "integrity": "sha512-E0MLLGfOP0l8P/NxgVzfXJ8w3Ch8cdO6UDzJfDChu4EJDy+/WdO5LqpdY8PYnCErkmZH3gZhDL1K7kQ41fAHuQ==", + "version": "1.3.8", + "resolved": "https://registry.npmjs.org/@radix-ui/react-radio-group/-/react-radio-group-1.3.8.tgz", + "integrity": "sha512-VBKYIYImA5zsxACdisNQ3BjCBfmbGH3kQlnFVqlWU4tXwjy7cGX8ta80BcrO+WJXIn5iBylEH3K6ZTlee//lgQ==", "license": "MIT", "dependencies": { - "@radix-ui/primitive": "1.1.1", - "@radix-ui/react-compose-refs": "1.1.1", - "@radix-ui/react-context": "1.1.1", - "@radix-ui/react-direction": "1.1.0", - "@radix-ui/react-presence": "1.1.2", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-roving-focus": "1.1.1", - "@radix-ui/react-use-controllable-state": "1.1.0", - "@radix-ui/react-use-previous": "1.1.0", - "@radix-ui/react-use-size": "1.1.0" + "@radix-ui/primitive": "1.1.3", + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-direction": "1.1.1", + "@radix-ui/react-presence": "1.1.5", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-roving-focus": "1.1.11", + "@radix-ui/react-use-controllable-state": "1.2.2", + "@radix-ui/react-use-previous": "1.1.1", + "@radix-ui/react-use-size": "1.1.1" }, "peerDependencies": { "@types/react": "*", @@ -3144,20 +3594,51 @@ } }, "node_modules/@radix-ui/react-roving-focus": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@radix-ui/react-roving-focus/-/react-roving-focus-1.1.1.tgz", - "integrity": "sha512-QE1RoxPGJ/Nm8Qmk0PxP8ojmoaS67i0s7hVssS7KuI2FQoc/uzVlZsqKfQvxPE6D8hICCPHJ4D88zNhT3OOmkw==", + "version": "1.1.11", + "resolved": "https://registry.npmjs.org/@radix-ui/react-roving-focus/-/react-roving-focus-1.1.11.tgz", + "integrity": "sha512-7A6S9jSgm/S+7MdtNDSb+IU859vQqJ/QAtcYQcfFC6W8RS4IxIZDldLR0xqCFZ6DCyrQLjLPsxtTNch5jVA4lA==", "license": "MIT", "dependencies": { - "@radix-ui/primitive": "1.1.1", - "@radix-ui/react-collection": "1.1.1", - "@radix-ui/react-compose-refs": "1.1.1", - "@radix-ui/react-context": "1.1.1", - "@radix-ui/react-direction": "1.1.0", - "@radix-ui/react-id": "1.1.0", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-use-callback-ref": "1.1.0", - "@radix-ui/react-use-controllable-state": "1.1.0" + "@radix-ui/primitive": "1.1.3", + "@radix-ui/react-collection": "1.1.7", + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-direction": "1.1.1", + "@radix-ui/react-id": "1.1.1", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-use-callback-ref": "1.1.1", + "@radix-ui/react-use-controllable-state": "1.2.2" + }, + "peerDependencies": { + "@types/react": "*", + "@types/react-dom": "*", + "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc", + "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc" + }, + "peerDependenciesMeta": { + "@types/react": { + "optional": true + }, + "@types/react-dom": { + "optional": true + } + } + }, + "node_modules/@radix-ui/react-scroll-area": { + "version": "1.2.10", + "resolved": "https://registry.npmjs.org/@radix-ui/react-scroll-area/-/react-scroll-area-1.2.10.tgz", + "integrity": "sha512-tAXIa1g3sM5CGpVT0uIbUx/U3Gs5N8T52IICuCtObaos1S8fzsrPXG5WObkQN3S6NVl6wKgPhAIiBGbWnvc97A==", + "license": "MIT", + "dependencies": { + "@radix-ui/number": "1.1.1", + "@radix-ui/primitive": "1.1.3", + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-direction": "1.1.1", + "@radix-ui/react-presence": "1.1.5", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-use-callback-ref": "1.1.1", + "@radix-ui/react-use-layout-effect": "1.1.1" }, "peerDependencies": { "@types/react": "*", @@ -3175,32 +3656,32 @@ } }, "node_modules/@radix-ui/react-select": { - "version": "2.1.4", - "resolved": "https://registry.npmjs.org/@radix-ui/react-select/-/react-select-2.1.4.tgz", - "integrity": "sha512-pOkb2u8KgO47j/h7AylCj7dJsm69BXcjkrvTqMptFqsE2i0p8lHkfgneXKjAgPzBMivnoMyt8o4KiV4wYzDdyQ==", + "version": "2.2.6", + "resolved": "https://registry.npmjs.org/@radix-ui/react-select/-/react-select-2.2.6.tgz", + "integrity": "sha512-I30RydO+bnn2PQztvo25tswPH+wFBjehVGtmagkU78yMdwTwVf12wnAOF+AeP8S2N8xD+5UPbGhkUfPyvT+mwQ==", "license": "MIT", "dependencies": { - "@radix-ui/number": "1.1.0", - "@radix-ui/primitive": "1.1.1", - "@radix-ui/react-collection": "1.1.1", - "@radix-ui/react-compose-refs": "1.1.1", - "@radix-ui/react-context": "1.1.1", - "@radix-ui/react-direction": "1.1.0", - "@radix-ui/react-dismissable-layer": "1.1.3", - "@radix-ui/react-focus-guards": "1.1.1", - "@radix-ui/react-focus-scope": "1.1.1", - "@radix-ui/react-id": "1.1.0", - "@radix-ui/react-popper": "1.2.1", - "@radix-ui/react-portal": "1.1.3", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-slot": "1.1.1", - "@radix-ui/react-use-callback-ref": "1.1.0", - "@radix-ui/react-use-controllable-state": "1.1.0", - "@radix-ui/react-use-layout-effect": "1.1.0", - "@radix-ui/react-use-previous": "1.1.0", - "@radix-ui/react-visually-hidden": "1.1.1", - "aria-hidden": "^1.1.1", - "react-remove-scroll": "^2.6.1" + "@radix-ui/number": "1.1.1", + "@radix-ui/primitive": "1.1.3", + "@radix-ui/react-collection": "1.1.7", + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-direction": "1.1.1", + "@radix-ui/react-dismissable-layer": "1.1.11", + "@radix-ui/react-focus-guards": "1.1.3", + "@radix-ui/react-focus-scope": "1.1.7", + "@radix-ui/react-id": "1.1.1", + "@radix-ui/react-popper": "1.2.8", + "@radix-ui/react-portal": "1.1.9", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-slot": "1.2.3", + "@radix-ui/react-use-callback-ref": "1.1.1", + "@radix-ui/react-use-controllable-state": "1.2.2", + "@radix-ui/react-use-layout-effect": "1.1.1", + "@radix-ui/react-use-previous": "1.1.1", + "@radix-ui/react-visually-hidden": "1.2.3", + "aria-hidden": "^1.2.4", + "react-remove-scroll": "^2.6.3" }, "peerDependencies": { "@types/react": "*", @@ -3218,12 +3699,12 @@ } }, "node_modules/@radix-ui/react-separator": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@radix-ui/react-separator/-/react-separator-1.1.1.tgz", - "integrity": "sha512-RRiNRSrD8iUiXriq/Y5n4/3iE8HzqgLHsusUSg5jVpU2+3tqcUFPJXHDymwEypunc2sWxDUS3UC+rkZRlHedsw==", + "version": "1.1.7", + "resolved": "https://registry.npmjs.org/@radix-ui/react-separator/-/react-separator-1.1.7.tgz", + "integrity": "sha512-0HEb8R9E8A+jZjvmFCy/J4xhbXy3TV+9XSnGJ3KvTtjlIUy/YQ/p6UYZvi7YbeoeXdyU9+Y3scizK6hkY37baA==", "license": "MIT", "dependencies": { - "@radix-ui/react-primitive": "2.0.1" + "@radix-ui/react-primitive": "2.1.3" }, "peerDependencies": { "@types/react": "*", @@ -3241,12 +3722,12 @@ } }, "node_modules/@radix-ui/react-slot": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@radix-ui/react-slot/-/react-slot-1.1.1.tgz", - "integrity": "sha512-RApLLOcINYJA+dMVbOju7MYv1Mb2EBp2nH4HdDzXTSyaR5optlm6Otrz1euW3HbdOR8UmmFK06TD+A9frYWv+g==", + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/@radix-ui/react-slot/-/react-slot-1.2.3.tgz", + "integrity": "sha512-aeNmHnBxbi2St0au6VBVC7JXFlhLlOnvIIlePNniyUNAClzmtAUEY8/pBiK3iHjufOlwA+c20/8jngo7xcrg8A==", "license": "MIT", "dependencies": { - "@radix-ui/react-compose-refs": "1.1.1" + "@radix-ui/react-compose-refs": "1.1.2" }, "peerDependencies": { "@types/react": "*", @@ -3259,18 +3740,18 @@ } }, "node_modules/@radix-ui/react-switch": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@radix-ui/react-switch/-/react-switch-1.1.2.tgz", - "integrity": "sha512-zGukiWHjEdBCRyXvKR6iXAQG6qXm2esuAD6kDOi9Cn+1X6ev3ASo4+CsYaD6Fov9r/AQFekqnD/7+V0Cs6/98g==", + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/@radix-ui/react-switch/-/react-switch-1.2.6.tgz", + "integrity": "sha512-bByzr1+ep1zk4VubeEVViV592vu2lHE2BZY5OnzehZqOOgogN80+mNtCqPkhn2gklJqOpxWgPoYTSnhBCqpOXQ==", "license": "MIT", "dependencies": { - "@radix-ui/primitive": "1.1.1", - "@radix-ui/react-compose-refs": "1.1.1", - "@radix-ui/react-context": "1.1.1", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-use-controllable-state": "1.1.0", - "@radix-ui/react-use-previous": "1.1.0", - "@radix-ui/react-use-size": "1.1.0" + "@radix-ui/primitive": "1.1.3", + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-use-controllable-state": "1.2.2", + "@radix-ui/react-use-previous": "1.1.1", + "@radix-ui/react-use-size": "1.1.1" }, "peerDependencies": { "@types/react": "*", @@ -3288,19 +3769,19 @@ } }, "node_modules/@radix-ui/react-tabs": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@radix-ui/react-tabs/-/react-tabs-1.1.2.tgz", - "integrity": "sha512-9u/tQJMcC2aGq7KXpGivMm1mgq7oRJKXphDwdypPd/j21j/2znamPU8WkXgnhUaTrSFNIt8XhOyCAupg8/GbwQ==", + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/@radix-ui/react-tabs/-/react-tabs-1.1.13.tgz", + "integrity": "sha512-7xdcatg7/U+7+Udyoj2zodtI9H/IIopqo+YOIcZOq1nJwXWBZ9p8xiu5llXlekDbZkca79a/fozEYQXIA4sW6A==", "license": "MIT", "dependencies": { - "@radix-ui/primitive": "1.1.1", - "@radix-ui/react-context": "1.1.1", - "@radix-ui/react-direction": "1.1.0", - "@radix-ui/react-id": "1.1.0", - "@radix-ui/react-presence": "1.1.2", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-roving-focus": "1.1.1", - "@radix-ui/react-use-controllable-state": "1.1.0" + "@radix-ui/primitive": "1.1.3", + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-direction": "1.1.1", + "@radix-ui/react-id": "1.1.1", + "@radix-ui/react-presence": "1.1.5", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-roving-focus": "1.1.11", + "@radix-ui/react-use-controllable-state": "1.2.2" }, "peerDependencies": { "@types/react": "*", @@ -3318,23 +3799,57 @@ } }, "node_modules/@radix-ui/react-toast": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/@radix-ui/react-toast/-/react-toast-1.2.4.tgz", - "integrity": "sha512-Sch9idFJHJTMH9YNpxxESqABcAFweJG4tKv+0zo0m5XBvUSL8FM5xKcJLFLXononpePs8IclyX1KieL5SDUNgA==", + "version": "1.2.15", + "resolved": "https://registry.npmjs.org/@radix-ui/react-toast/-/react-toast-1.2.15.tgz", + "integrity": "sha512-3OSz3TacUWy4WtOXV38DggwxoqJK4+eDkNMl5Z/MJZaoUPaP4/9lf81xXMe1I2ReTAptverZUpbPY4wWwWyL5g==", "license": "MIT", "dependencies": { - "@radix-ui/primitive": "1.1.1", - "@radix-ui/react-collection": "1.1.1", - "@radix-ui/react-compose-refs": "1.1.1", - "@radix-ui/react-context": "1.1.1", - "@radix-ui/react-dismissable-layer": "1.1.3", - "@radix-ui/react-portal": "1.1.3", - "@radix-ui/react-presence": "1.1.2", - "@radix-ui/react-primitive": "2.0.1", - "@radix-ui/react-use-callback-ref": "1.1.0", - "@radix-ui/react-use-controllable-state": "1.1.0", - "@radix-ui/react-use-layout-effect": "1.1.0", - "@radix-ui/react-visually-hidden": "1.1.1" + "@radix-ui/primitive": "1.1.3", + "@radix-ui/react-collection": "1.1.7", + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-dismissable-layer": "1.1.11", + "@radix-ui/react-portal": "1.1.9", + "@radix-ui/react-presence": "1.1.5", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-use-callback-ref": "1.1.1", + "@radix-ui/react-use-controllable-state": "1.2.2", + "@radix-ui/react-use-layout-effect": "1.1.1", + "@radix-ui/react-visually-hidden": "1.2.3" + }, + "peerDependencies": { + "@types/react": "*", + "@types/react-dom": "*", + "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc", + "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc" + }, + "peerDependenciesMeta": { + "@types/react": { + "optional": true + }, + "@types/react-dom": { + "optional": true + } + } + }, + "node_modules/@radix-ui/react-tooltip": { + "version": "1.2.8", + "resolved": "https://registry.npmjs.org/@radix-ui/react-tooltip/-/react-tooltip-1.2.8.tgz", + "integrity": "sha512-tY7sVt1yL9ozIxvmbtN5qtmH2krXcBCfjEiCgKGLqunJHvgvZG2Pcl2oQ3kbcZARb1BGEHdkLzcYGO8ynVlieg==", + "license": "MIT", + "dependencies": { + "@radix-ui/primitive": "1.1.3", + "@radix-ui/react-compose-refs": "1.1.2", + "@radix-ui/react-context": "1.1.2", + "@radix-ui/react-dismissable-layer": "1.1.11", + "@radix-ui/react-id": "1.1.1", + "@radix-ui/react-popper": "1.2.8", + "@radix-ui/react-portal": "1.1.9", + "@radix-ui/react-presence": "1.1.5", + "@radix-ui/react-primitive": "2.1.3", + "@radix-ui/react-slot": "1.2.3", + "@radix-ui/react-use-controllable-state": "1.2.2", + "@radix-ui/react-visually-hidden": "1.2.3" }, "peerDependencies": { "@types/react": "*", @@ -3352,9 +3867,9 @@ } }, "node_modules/@radix-ui/react-use-callback-ref": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@radix-ui/react-use-callback-ref/-/react-use-callback-ref-1.1.0.tgz", - "integrity": "sha512-CasTfvsy+frcFkbXtSJ2Zu9JHpN8TYKxkgJGWbjiZhFivxaeW7rMeZt7QELGVLaYVfFMsKHjb7Ak0nMEe+2Vfw==", + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@radix-ui/react-use-callback-ref/-/react-use-callback-ref-1.1.1.tgz", + "integrity": "sha512-FkBMwD+qbGQeMu1cOHnuGB6x4yzPjho8ap5WtbEJ26umhgqVXbhekKUQO+hZEL1vU92a3wHwdp0HAcqAUF5iDg==", "license": "MIT", "peerDependencies": { "@types/react": "*", @@ -3367,12 +3882,31 @@ } }, "node_modules/@radix-ui/react-use-controllable-state": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@radix-ui/react-use-controllable-state/-/react-use-controllable-state-1.1.0.tgz", - "integrity": "sha512-MtfMVJiSr2NjzS0Aa90NPTnvTSg6C/JLCV7ma0W6+OMV78vd8OyRpID+Ng9LxzsPbLeuBnWBA1Nq30AtBIDChw==", + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/@radix-ui/react-use-controllable-state/-/react-use-controllable-state-1.2.2.tgz", + "integrity": "sha512-BjasUjixPFdS+NKkypcyyN5Pmg83Olst0+c6vGov0diwTEo6mgdqVR6hxcEgFuh4QrAs7Rc+9KuGJ9TVCj0Zzg==", "license": "MIT", "dependencies": { - "@radix-ui/react-use-callback-ref": "1.1.0" + "@radix-ui/react-use-effect-event": "0.0.2", + "@radix-ui/react-use-layout-effect": "1.1.1" + }, + "peerDependencies": { + "@types/react": "*", + "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc" + }, + "peerDependenciesMeta": { + "@types/react": { + "optional": true + } + } + }, + "node_modules/@radix-ui/react-use-effect-event": { + "version": "0.0.2", + "resolved": "https://registry.npmjs.org/@radix-ui/react-use-effect-event/-/react-use-effect-event-0.0.2.tgz", + "integrity": "sha512-Qp8WbZOBe+blgpuUT+lw2xheLP8q0oatc9UpmiemEICxGvFLYmHm9QowVZGHtJlGbS6A6yJ3iViad/2cVjnOiA==", + "license": "MIT", + "dependencies": { + "@radix-ui/react-use-layout-effect": "1.1.1" }, "peerDependencies": { "@types/react": "*", @@ -3385,12 +3919,30 @@ } }, "node_modules/@radix-ui/react-use-escape-keydown": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@radix-ui/react-use-escape-keydown/-/react-use-escape-keydown-1.1.0.tgz", - "integrity": "sha512-L7vwWlR1kTTQ3oh7g1O0CBF3YCyyTj8NmhLR+phShpyA50HCfBFKVJTpshm9PzLiKmehsrQzTYTpX9HvmC9rhw==", + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@radix-ui/react-use-escape-keydown/-/react-use-escape-keydown-1.1.1.tgz", + "integrity": "sha512-Il0+boE7w/XebUHyBjroE+DbByORGR9KKmITzbR7MyQ4akpORYP/ZmbhAr0DG7RmmBqoOnZdy2QlvajJ2QA59g==", "license": "MIT", "dependencies": { - "@radix-ui/react-use-callback-ref": "1.1.0" + "@radix-ui/react-use-callback-ref": "1.1.1" + }, + "peerDependencies": { + "@types/react": "*", + "react": "^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc" + }, + "peerDependenciesMeta": { + "@types/react": { + "optional": true + } + } + }, + "node_modules/@radix-ui/react-use-is-hydrated": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/@radix-ui/react-use-is-hydrated/-/react-use-is-hydrated-0.1.0.tgz", + "integrity": "sha512-U+UORVEq+cTnRIaostJv9AGdV3G6Y+zbVd+12e18jQ5A3c0xL03IhnHuiU4UV69wolOQp5GfR58NW/EgdQhwOA==", + "license": "MIT", + "dependencies": { + "use-sync-external-store": "^1.5.0" }, "peerDependencies": { "@types/react": "*", @@ -3403,9 +3955,9 @@ } }, "node_modules/@radix-ui/react-use-layout-effect": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@radix-ui/react-use-layout-effect/-/react-use-layout-effect-1.1.0.tgz", - "integrity": "sha512-+FPE0rOdziWSrH9athwI1R0HDVbWlEhd+FR+aSDk4uWGmSJ9Z54sdZVDQPZAinJhJXwfT+qnj969mCsT2gfm5w==", + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@radix-ui/react-use-layout-effect/-/react-use-layout-effect-1.1.1.tgz", + "integrity": "sha512-RbJRS4UWQFkzHTTwVymMTUv8EqYhOp8dOOviLj2ugtTiXRaRQS7GLGxZTLL1jWhMeoSCf5zmcZkqTl9IiYfXcQ==", "license": "MIT", "peerDependencies": { "@types/react": "*", @@ -3418,9 +3970,9 @@ } }, "node_modules/@radix-ui/react-use-previous": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@radix-ui/react-use-previous/-/react-use-previous-1.1.0.tgz", - "integrity": "sha512-Z/e78qg2YFnnXcW88A4JmTtm4ADckLno6F7OXotmkQfeuCVaKuYzqAATPhVzl3delXE7CxIV8shofPn3jPc5Og==", + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@radix-ui/react-use-previous/-/react-use-previous-1.1.1.tgz", + "integrity": "sha512-2dHfToCj/pzca2Ck724OZ5L0EVrr3eHRNsG/b3xQJLA2hZpVCS99bLAX+hm1IHXDEnzU6by5z/5MIY794/a8NQ==", "license": "MIT", "peerDependencies": { "@types/react": "*", @@ -3433,12 +3985,12 @@ } }, "node_modules/@radix-ui/react-use-rect": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@radix-ui/react-use-rect/-/react-use-rect-1.1.0.tgz", - "integrity": "sha512-0Fmkebhr6PiseyZlYAOtLS+nb7jLmpqTrJyv61Pe68MKYW6OWdRE2kI70TaYY27u7H0lajqM3hSMMLFq18Z7nQ==", + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@radix-ui/react-use-rect/-/react-use-rect-1.1.1.tgz", + "integrity": "sha512-QTYuDesS0VtuHNNvMh+CjlKJ4LJickCMUAqjlE3+j8w+RlRpwyX3apEQKGFzbZGdo7XNG1tXa+bQqIE7HIXT2w==", "license": "MIT", "dependencies": { - "@radix-ui/rect": "1.1.0" + "@radix-ui/rect": "1.1.1" }, "peerDependencies": { "@types/react": "*", @@ -3451,12 +4003,12 @@ } }, "node_modules/@radix-ui/react-use-size": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@radix-ui/react-use-size/-/react-use-size-1.1.0.tgz", - "integrity": "sha512-XW3/vWuIXHa+2Uwcc2ABSfcCledmXhhQPlGbfcRXbiUQI5Icjcg19BGCZVKKInYbvUCut/ufbbLLPFC5cbb1hw==", + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@radix-ui/react-use-size/-/react-use-size-1.1.1.tgz", + "integrity": "sha512-ewrXRDTAqAXlkl6t/fkXWNAhFX9I+CkKlw6zjEwk86RSPKwZr3xpBRso655aqYafwtnbpHLj6toFzmd6xdVptQ==", "license": "MIT", "dependencies": { - "@radix-ui/react-use-layout-effect": "1.1.0" + "@radix-ui/react-use-layout-effect": "1.1.1" }, "peerDependencies": { "@types/react": "*", @@ -3469,12 +4021,12 @@ } }, "node_modules/@radix-ui/react-visually-hidden": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/@radix-ui/react-visually-hidden/-/react-visually-hidden-1.1.1.tgz", - "integrity": "sha512-vVfA2IZ9q/J+gEamvj761Oq1FpWgCDaNOOIfbPVp2MVPLEomUr5+Vf7kJGwQ24YxZSlQVar7Bes8kyTo5Dshpg==", + "version": "1.2.3", + "resolved": "https://registry.npmjs.org/@radix-ui/react-visually-hidden/-/react-visually-hidden-1.2.3.tgz", + "integrity": "sha512-pzJq12tEaaIhqjbzpCuv/OypJY/BPavOofm+dbab+MHLajy277+1lLm6JFcGgF5eskJ6mquGirhXY2GD/8u8Ug==", "license": "MIT", "dependencies": { - "@radix-ui/react-primitive": "2.0.1" + "@radix-ui/react-primitive": "2.1.3" }, "peerDependencies": { "@types/react": "*", @@ -3492,24 +4044,24 @@ } }, "node_modules/@radix-ui/rect": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@radix-ui/rect/-/rect-1.1.0.tgz", - "integrity": "sha512-A9+lCBZoaMJlVKcRBz2YByCG+Cp2t6nAnMnNba+XiWxnj6r4JUFqfsgwocMBZU9LPtdxC6wB56ySYpc7LQIoJg==", + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/@radix-ui/rect/-/rect-1.1.1.tgz", + "integrity": "sha512-HPwpGIzkl28mWyZqG52jiqDJ12waP11Pa1lGoiyUkIEuMLBP0oeK/C89esbXrxsky5we7dfd8U58nm0SgAWpVw==", "license": "MIT" }, "node_modules/@react-email/body": { - "version": "0.0.11", - "resolved": "https://registry.npmjs.org/@react-email/body/-/body-0.0.11.tgz", - "integrity": "sha512-ZSD2SxVSgUjHGrB0Wi+4tu3MEpB4fYSbezsFNEJk2xCWDBkFiOeEsjTmR5dvi+CxTK691hQTQlHv0XWuP7ENTg==", + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/@react-email/body/-/body-0.1.0.tgz", + "integrity": "sha512-o1bcSAmDYNNHECbkeyceCVPGmVsYvT+O3sSO/Ct7apKUu3JphTi31hu+0Nwqr/pgV5QFqdoT5vdS3SW5DJFHgQ==", "license": "MIT", "peerDependencies": { "react": "^18.0 || ^19.0 || ^19.0.0-rc" } }, "node_modules/@react-email/button": { - "version": "0.0.19", - "resolved": "https://registry.npmjs.org/@react-email/button/-/button-0.0.19.tgz", - "integrity": "sha512-HYHrhyVGt7rdM/ls6FuuD6XE7fa7bjZTJqB2byn6/oGsfiEZaogY77OtoLL/mrQHjHjZiJadtAMSik9XLcm7+A==", + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/@react-email/button/-/button-0.2.0.tgz", + "integrity": "sha512-8i+v6cMxr2emz4ihCrRiYJPp2/sdYsNNsBzXStlcA+/B9Umpm5Jj3WJKYpgTPM+aeyiqlG/MMI1AucnBm4f1oQ==", "license": "MIT", "engines": { "node": ">=18.0.0" @@ -3519,12 +4071,12 @@ } }, "node_modules/@react-email/code-block": { - "version": "0.0.12", - "resolved": "https://registry.npmjs.org/@react-email/code-block/-/code-block-0.0.12.tgz", - "integrity": "sha512-Faw3Ij9+/Qwq6moWaeHnV8Hn7ekc/EqyAzPi6yUar21dhcqYugCC4Da1x4d9nA9zC0H9KU3lYVJczh8D3cA+Eg==", + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/@react-email/code-block/-/code-block-0.1.0.tgz", + "integrity": "sha512-jSpHFsgqnQXxDIssE4gvmdtFncaFQz5D6e22BnVjcCPk/udK+0A9jRwGFEG8JD2si9ZXBmU4WsuqQEczuZn4ww==", "license": "MIT", "dependencies": { - "prismjs": "1.30.0" + "prismjs": "^1.30.0" }, "engines": { "node": ">=18.0.0" @@ -3558,14 +4110,14 @@ } }, "node_modules/@react-email/components": { - "version": "0.0.36", - "resolved": "https://registry.npmjs.org/@react-email/components/-/components-0.0.36.tgz", - "integrity": "sha512-VMh+OQplAnG8JMLlJjdnjt+ThJZ+JVkp0q2YMS2NEz+T88N22bLD2p7DZO0QgtNaKgumOhJI/0a2Q7VzCrwu5g==", + "version": "0.5.0", + "resolved": "https://registry.npmjs.org/@react-email/components/-/components-0.5.0.tgz", + "integrity": "sha512-esRbP+yMmSkNP9hcpiy2RwpDnvSmlxJcJ1HHbzSwlACGlCHTap+ma344QovvzhpVRhMccyWemdClLG822UvVpQ==", "license": "MIT", "dependencies": { - "@react-email/body": "0.0.11", - "@react-email/button": "0.0.19", - "@react-email/code-block": "0.0.12", + "@react-email/body": "0.1.0", + "@react-email/button": "0.2.0", + "@react-email/code-block": "0.1.0", "@react-email/code-inline": "0.0.5", "@react-email/column": "0.0.13", "@react-email/container": "0.0.15", @@ -3576,13 +4128,13 @@ "@react-email/html": "0.0.11", "@react-email/img": "0.0.11", "@react-email/link": "0.0.12", - "@react-email/markdown": "0.0.14", - "@react-email/preview": "0.0.12", - "@react-email/render": "1.0.6", + "@react-email/markdown": "0.0.15", + "@react-email/preview": "0.0.13", + "@react-email/render": "1.2.0", "@react-email/row": "0.0.12", "@react-email/section": "0.0.16", - "@react-email/tailwind": "1.0.4", - "@react-email/text": "0.1.1" + "@react-email/tailwind": "1.2.2", + "@react-email/text": "0.1.5" }, "engines": { "node": ">=18.0.0" @@ -3685,12 +4237,12 @@ } }, "node_modules/@react-email/markdown": { - "version": "0.0.14", - "resolved": "https://registry.npmjs.org/@react-email/markdown/-/markdown-0.0.14.tgz", - "integrity": "sha512-5IsobCyPkb4XwnQO8uFfGcNOxnsg3311GRXhJ3uKv51P7Jxme4ycC/MITnwIZ10w2zx7HIyTiqVzTj4XbuIHbg==", + "version": "0.0.15", + "resolved": "https://registry.npmjs.org/@react-email/markdown/-/markdown-0.0.15.tgz", + "integrity": "sha512-UQA9pVm5sbflgtg3EX3FquUP4aMBzmLReLbGJ6DZQZnAskBF36aI56cRykDq1o+1jT+CKIK1CducPYziaXliag==", "license": "MIT", "dependencies": { - "md-to-react-email": "5.0.5" + "md-to-react-email": "^5.0.5" }, "engines": { "node": ">=18.0.0" @@ -3700,9 +4252,9 @@ } }, "node_modules/@react-email/preview": { - "version": "0.0.12", - "resolved": "https://registry.npmjs.org/@react-email/preview/-/preview-0.0.12.tgz", - "integrity": "sha512-g/H5fa9PQPDK6WUEG7iTlC19sAktI23qyoiJtMLqQiXFCfWeQMhqjLGKeLSKkfzszqmfJCjZtpSiKtBoOdxp3Q==", + "version": "0.0.13", + "resolved": "https://registry.npmjs.org/@react-email/preview/-/preview-0.0.13.tgz", + "integrity": "sha512-F7j9FJ0JN/A4d7yr+aw28p4uX7VLWs7hTHtLo7WRyw4G+Lit6Zucq4UWKRxJC8lpsUdzVmG7aBJnKOT+urqs/w==", "license": "MIT", "engines": { "node": ">=18.0.0" @@ -3712,14 +4264,14 @@ } }, "node_modules/@react-email/render": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/@react-email/render/-/render-1.0.6.tgz", - "integrity": "sha512-zNueW5Wn/4jNC1c5LFgXzbUdv5Lhms+FWjOvWAhal7gx5YVf0q6dPJ0dnR70+ifo59gcMLwCZEaTS9EEuUhKvQ==", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/@react-email/render/-/render-1.2.0.tgz", + "integrity": "sha512-5fpbV16VYR9Fmk8t7xiwPNAjxjdI8XzVtlx9J9OkhOsIHdr2s5DwAj8/MXzWa9qRYJyLirQ/l7rBSjjgyRAomw==", "license": "MIT", "dependencies": { - "html-to-text": "9.0.5", - "prettier": "3.5.3", - "react-promise-suspense": "0.3.4" + "html-to-text": "^9.0.5", + "prettier": "^3.5.3", + "react-promise-suspense": "^0.3.4" }, "engines": { "node": ">=18.0.0" @@ -3754,9 +4306,9 @@ } }, "node_modules/@react-email/tailwind": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@react-email/tailwind/-/tailwind-1.0.4.tgz", - "integrity": "sha512-tJdcusncdqgvTUYZIuhNC6LYTfL9vNTSQpwWdTCQhQ1lsrNCEE4OKCSdzSV3S9F32pi0i0xQ+YPJHKIzGjdTSA==", + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/@react-email/tailwind/-/tailwind-1.2.2.tgz", + "integrity": "sha512-heO9Khaqxm6Ulm6p7HQ9h01oiiLRrZuuEQuYds/O7Iyp3c58sMVHZGIxiRXO/kSs857NZQycpjewEVKF3jhNTw==", "license": "MIT", "engines": { "node": ">=18.0.0" @@ -3766,9 +4318,9 @@ } }, "node_modules/@react-email/text": { - "version": "0.1.1", - "resolved": "https://registry.npmjs.org/@react-email/text/-/text-0.1.1.tgz", - "integrity": "sha512-Zo9tSEzkO3fODLVH1yVhzVCiwETfeEL5wU93jXKWo2DHoMuiZ9Iabaso3T0D0UjhrCB1PBMeq2YiejqeToTyIQ==", + "version": "0.1.5", + "resolved": "https://registry.npmjs.org/@react-email/text/-/text-0.1.5.tgz", + "integrity": "sha512-o5PNHFSE085VMXayxH+SJ1LSOtGsTv+RpNKnTiJDrJUwoBu77G3PlKOsZZQHCNyD28WsQpl9v2WcJLbQudqwPg==", "license": "MIT", "engines": { "node": ">=18.0.0" @@ -3784,9 +4336,9 @@ "license": "MIT" }, "node_modules/@rushstack/eslint-patch": { - "version": "1.10.5", - "resolved": "https://registry.npmjs.org/@rushstack/eslint-patch/-/eslint-patch-1.10.5.tgz", - "integrity": "sha512-kkKUDVlII2DQiKy7UstOR1ErJP8kUKAQ4oa+SQtM0K+lPdmmjj0YnnxBgtTVYH7mUKtbsxeFC9y0AmK7Yb78/A==", + "version": "1.12.0", + "resolved": "https://registry.npmjs.org/@rushstack/eslint-patch/-/eslint-patch-1.12.0.tgz", + "integrity": "sha512-5EwMtOqvJMMa3HbmxLlF74e+3/HhwBTMcvt3nqVJgGCozO6hzIPOBlwm8mGVNR9SN2IJpxSnlxczyDjcn7qIyw==", "license": "MIT" }, "node_modules/@scarf/scarf": { @@ -3796,6 +4348,12 @@ "hasInstallScript": true, "license": "Apache-2.0" }, + "node_modules/@schummar/icu-type-parser": { + "version": "1.21.5", + "resolved": "https://registry.npmjs.org/@schummar/icu-type-parser/-/icu-type-parser-1.21.5.tgz", + "integrity": "sha512-bXHSaW5jRTmke9Vd0h5P7BtWZG9Znqb8gSDxZnxaGSJnGwPLDPfS+3g0BKzeWqzgZPsIVZkM7m2tbo18cm5HBw==", + "license": "MIT" + }, "node_modules/@selderee/plugin-htmlparser2": { "version": "0.11.0", "resolved": "https://registry.npmjs.org/@selderee/plugin-htmlparser2/-/plugin-htmlparser2-0.11.0.tgz", @@ -3809,6 +4367,38 @@ "url": "https://ko-fi.com/killymxi" } }, + "node_modules/@simplewebauthn/browser": { + "version": "13.1.2", + "resolved": "https://registry.npmjs.org/@simplewebauthn/browser/-/browser-13.1.2.tgz", + "integrity": "sha512-aZnW0KawAM83fSBUgglP5WofbrLbLyr7CoPqYr66Eppm7zO86YX6rrCjRB3hQKPrL7ATvY4FVXlykZ6w6FwYYw==", + "license": "MIT" + }, + "node_modules/@simplewebauthn/server": { + "version": "9.0.3", + "resolved": "https://registry.npmjs.org/@simplewebauthn/server/-/server-9.0.3.tgz", + "integrity": "sha512-FMZieoBosrVLFxCnxPFD9Enhd1U7D8nidVDT4MsHc6l4fdVcjoeHjDueeXCloO1k5O/fZg1fsSXXPKbY2XTzDA==", + "license": "MIT", + "dependencies": { + "@hexagon/base64": "^1.1.27", + "@levischuck/tiny-cbor": "^0.2.2", + "@peculiar/asn1-android": "^2.3.10", + "@peculiar/asn1-ecc": "^2.3.8", + "@peculiar/asn1-rsa": "^2.3.8", + "@peculiar/asn1-schema": "^2.3.8", + "@peculiar/asn1-x509": "^2.3.8", + "@simplewebauthn/types": "^9.0.1", + "cross-fetch": "^4.0.0" + }, + "engines": { + "node": ">=16.0.0" + } + }, + "node_modules/@simplewebauthn/types": { + "version": "9.0.1", + "resolved": "https://registry.npmjs.org/@simplewebauthn/types/-/types-9.0.1.tgz", + "integrity": "sha512-tGSRP1QvsAvsJmnOlRQyw/mvK9gnPtjEc5fg2+m8n+QUa+D7rvrKkOYyfpy42GTs90X3RDOnqJgfHt+qO67/+w==", + "license": "MIT" + }, "node_modules/@socket.io/component-emitter": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/@socket.io/component-emitter/-/component-emitter-3.1.2.tgz", @@ -3816,12 +4406,6 @@ "dev": true, "license": "MIT" }, - "node_modules/@swc/counter": { - "version": "0.1.3", - "resolved": "https://registry.npmjs.org/@swc/counter/-/counter-0.1.3.tgz", - "integrity": "sha512-e2BR4lsJkkRlKZ/qCHPw9ZaSxc0MVUd7gtbtaB7aMvHeJVYe8sOB8DBZkP2DtISHGSku9sCK6T6cnY0CtXrOCQ==", - "license": "Apache-2.0" - }, "node_modules/@swc/helpers": { "version": "0.5.15", "resolved": "https://registry.npmjs.org/@swc/helpers/-/helpers-0.5.15.tgz", @@ -3844,46 +4428,64 @@ } }, "node_modules/@tailwindcss/node": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/@tailwindcss/node/-/node-4.1.4.tgz", - "integrity": "sha512-MT5118zaiO6x6hNA04OWInuAiP1YISXql8Z+/Y8iisV5nuhM8VXlyhRuqc2PEviPszcXI66W44bCIk500Oolhw==", + "version": "4.1.12", + "resolved": "https://registry.npmjs.org/@tailwindcss/node/-/node-4.1.12.tgz", + "integrity": "sha512-3hm9brwvQkZFe++SBt+oLjo4OLDtkvlE8q2WalaD/7QWaeM7KEJbAiY/LJZUaCs7Xa8aUu4xy3uoyX4q54UVdQ==", "dev": true, "license": "MIT", "dependencies": { - "enhanced-resolve": "^5.18.1", - "jiti": "^2.4.2", - "lightningcss": "1.29.2", - "tailwindcss": "4.1.4" + "@jridgewell/remapping": "^2.3.4", + "enhanced-resolve": "^5.18.3", + "jiti": "^2.5.1", + "lightningcss": "1.30.1", + "magic-string": "^0.30.17", + "source-map-js": "^1.2.1", + "tailwindcss": "4.1.12" + } + }, + "node_modules/@tailwindcss/node/node_modules/jiti": { + "version": "2.5.1", + "resolved": "https://registry.npmjs.org/jiti/-/jiti-2.5.1.tgz", + "integrity": "sha512-twQoecYPiVA5K/h6SxtORw/Bs3ar+mLUtoPSc7iMXzQzK8d7eJ/R09wmTwAjiamETn1cXYPGfNnu7DMoHgu12w==", + "dev": true, + "license": "MIT", + "bin": { + "jiti": "lib/jiti-cli.mjs" } }, "node_modules/@tailwindcss/oxide": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide/-/oxide-4.1.4.tgz", - "integrity": "sha512-p5wOpXyOJx7mKh5MXh5oKk+kqcz8T+bA3z/5VWWeQwFrmuBItGwz8Y2CHk/sJ+dNb9B0nYFfn0rj/cKHZyjahQ==", + "version": "4.1.12", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide/-/oxide-4.1.12.tgz", + "integrity": "sha512-gM5EoKHW/ukmlEtphNwaGx45fGoEmP10v51t9unv55voWh6WrOL19hfuIdo2FjxIaZzw776/BUQg7Pck++cIVw==", "dev": true, + "hasInstallScript": true, "license": "MIT", + "dependencies": { + "detect-libc": "^2.0.4", + "tar": "^7.4.3" + }, "engines": { "node": ">= 10" }, "optionalDependencies": { - "@tailwindcss/oxide-android-arm64": "4.1.4", - "@tailwindcss/oxide-darwin-arm64": "4.1.4", - "@tailwindcss/oxide-darwin-x64": "4.1.4", - "@tailwindcss/oxide-freebsd-x64": "4.1.4", - "@tailwindcss/oxide-linux-arm-gnueabihf": "4.1.4", - "@tailwindcss/oxide-linux-arm64-gnu": "4.1.4", - "@tailwindcss/oxide-linux-arm64-musl": "4.1.4", - "@tailwindcss/oxide-linux-x64-gnu": "4.1.4", - "@tailwindcss/oxide-linux-x64-musl": "4.1.4", - "@tailwindcss/oxide-wasm32-wasi": "4.1.4", - "@tailwindcss/oxide-win32-arm64-msvc": "4.1.4", - "@tailwindcss/oxide-win32-x64-msvc": "4.1.4" + "@tailwindcss/oxide-android-arm64": "4.1.12", + "@tailwindcss/oxide-darwin-arm64": "4.1.12", + "@tailwindcss/oxide-darwin-x64": "4.1.12", + "@tailwindcss/oxide-freebsd-x64": "4.1.12", + "@tailwindcss/oxide-linux-arm-gnueabihf": "4.1.12", + "@tailwindcss/oxide-linux-arm64-gnu": "4.1.12", + "@tailwindcss/oxide-linux-arm64-musl": "4.1.12", + "@tailwindcss/oxide-linux-x64-gnu": "4.1.12", + "@tailwindcss/oxide-linux-x64-musl": "4.1.12", + "@tailwindcss/oxide-wasm32-wasi": "4.1.12", + "@tailwindcss/oxide-win32-arm64-msvc": "4.1.12", + "@tailwindcss/oxide-win32-x64-msvc": "4.1.12" } }, "node_modules/@tailwindcss/oxide-android-arm64": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-android-arm64/-/oxide-android-arm64-4.1.4.tgz", - "integrity": "sha512-xMMAe/SaCN/vHfQYui3fqaBDEXMu22BVwQ33veLc8ep+DNy7CWN52L+TTG9y1K397w9nkzv+Mw+mZWISiqhmlA==", + "version": "4.1.12", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-android-arm64/-/oxide-android-arm64-4.1.12.tgz", + "integrity": "sha512-oNY5pq+1gc4T6QVTsZKwZaGpBb2N1H1fsc1GD4o7yinFySqIuRZ2E4NvGasWc6PhYJwGK2+5YT1f9Tp80zUQZQ==", "cpu": [ "arm64" ], @@ -3898,9 +4500,9 @@ } }, "node_modules/@tailwindcss/oxide-darwin-arm64": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-darwin-arm64/-/oxide-darwin-arm64-4.1.4.tgz", - "integrity": "sha512-JGRj0SYFuDuAGilWFBlshcexev2hOKfNkoX+0QTksKYq2zgF9VY/vVMq9m8IObYnLna0Xlg+ytCi2FN2rOL0Sg==", + "version": "4.1.12", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-darwin-arm64/-/oxide-darwin-arm64-4.1.12.tgz", + "integrity": "sha512-cq1qmq2HEtDV9HvZlTtrj671mCdGB93bVY6J29mwCyaMYCP/JaUBXxrQQQm7Qn33AXXASPUb2HFZlWiiHWFytw==", "cpu": [ "arm64" ], @@ -3915,9 +4517,9 @@ } }, "node_modules/@tailwindcss/oxide-darwin-x64": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-darwin-x64/-/oxide-darwin-x64-4.1.4.tgz", - "integrity": "sha512-sdDeLNvs3cYeWsEJ4H1DvjOzaGios4QbBTNLVLVs0XQ0V95bffT3+scptzYGPMjm7xv4+qMhCDrkHwhnUySEzA==", + "version": "4.1.12", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-darwin-x64/-/oxide-darwin-x64-4.1.12.tgz", + "integrity": "sha512-6UCsIeFUcBfpangqlXay9Ffty9XhFH1QuUFn0WV83W8lGdX8cD5/+2ONLluALJD5+yJ7k8mVtwy3zMZmzEfbLg==", "cpu": [ "x64" ], @@ -3932,9 +4534,9 @@ } }, "node_modules/@tailwindcss/oxide-freebsd-x64": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-freebsd-x64/-/oxide-freebsd-x64-4.1.4.tgz", - "integrity": "sha512-VHxAqxqdghM83HslPhRsNhHo91McsxRJaEnShJOMu8mHmEj9Ig7ToHJtDukkuLWLzLboh2XSjq/0zO6wgvykNA==", + "version": "4.1.12", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-freebsd-x64/-/oxide-freebsd-x64-4.1.12.tgz", + "integrity": "sha512-JOH/f7j6+nYXIrHobRYCtoArJdMJh5zy5lr0FV0Qu47MID/vqJAY3r/OElPzx1C/wdT1uS7cPq+xdYYelny1ww==", "cpu": [ "x64" ], @@ -3949,9 +4551,9 @@ } }, "node_modules/@tailwindcss/oxide-linux-arm-gnueabihf": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-arm-gnueabihf/-/oxide-linux-arm-gnueabihf-4.1.4.tgz", - "integrity": "sha512-OTU/m/eV4gQKxy9r5acuesqaymyeSCnsx1cFto/I1WhPmi5HDxX1nkzb8KYBiwkHIGg7CTfo/AcGzoXAJBxLfg==", + "version": "4.1.12", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-arm-gnueabihf/-/oxide-linux-arm-gnueabihf-4.1.12.tgz", + "integrity": "sha512-v4Ghvi9AU1SYgGr3/j38PD8PEe6bRfTnNSUE3YCMIRrrNigCFtHZ2TCm8142X8fcSqHBZBceDx+JlFJEfNg5zQ==", "cpu": [ "arm" ], @@ -3966,9 +4568,9 @@ } }, "node_modules/@tailwindcss/oxide-linux-arm64-gnu": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-arm64-gnu/-/oxide-linux-arm64-gnu-4.1.4.tgz", - "integrity": "sha512-hKlLNvbmUC6z5g/J4H+Zx7f7w15whSVImokLPmP6ff1QqTVE+TxUM9PGuNsjHvkvlHUtGTdDnOvGNSEUiXI1Ww==", + "version": "4.1.12", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-arm64-gnu/-/oxide-linux-arm64-gnu-4.1.12.tgz", + "integrity": "sha512-YP5s1LmetL9UsvVAKusHSyPlzSRqYyRB0f+Kl/xcYQSPLEw/BvGfxzbH+ihUciePDjiXwHh+p+qbSP3SlJw+6g==", "cpu": [ "arm64" ], @@ -3983,9 +4585,9 @@ } }, "node_modules/@tailwindcss/oxide-linux-arm64-musl": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-arm64-musl/-/oxide-linux-arm64-musl-4.1.4.tgz", - "integrity": "sha512-X3As2xhtgPTY/m5edUtddmZ8rCruvBvtxYLMw9OsZdH01L2gS2icsHRwxdU0dMItNfVmrBezueXZCHxVeeb7Aw==", + "version": "4.1.12", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-arm64-musl/-/oxide-linux-arm64-musl-4.1.12.tgz", + "integrity": "sha512-V8pAM3s8gsrXcCv6kCHSuwyb/gPsd863iT+v1PGXC4fSL/OJqsKhfK//v8P+w9ThKIoqNbEnsZqNy+WDnwQqCA==", "cpu": [ "arm64" ], @@ -4000,9 +4602,9 @@ } }, "node_modules/@tailwindcss/oxide-linux-x64-gnu": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-x64-gnu/-/oxide-linux-x64-gnu-4.1.4.tgz", - "integrity": "sha512-2VG4DqhGaDSmYIu6C4ua2vSLXnJsb/C9liej7TuSO04NK+JJJgJucDUgmX6sn7Gw3Cs5ZJ9ZLrnI0QRDOjLfNQ==", + "version": "4.1.12", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-x64-gnu/-/oxide-linux-x64-gnu-4.1.12.tgz", + "integrity": "sha512-xYfqYLjvm2UQ3TZggTGrwxjYaLB62b1Wiysw/YE3Yqbh86sOMoTn0feF98PonP7LtjsWOWcXEbGqDL7zv0uW8Q==", "cpu": [ "x64" ], @@ -4017,9 +4619,9 @@ } }, "node_modules/@tailwindcss/oxide-linux-x64-musl": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-x64-musl/-/oxide-linux-x64-musl-4.1.4.tgz", - "integrity": "sha512-v+mxVgH2kmur/X5Mdrz9m7TsoVjbdYQT0b4Z+dr+I4RvreCNXyCFELZL/DO0M1RsidZTrm6O1eMnV6zlgEzTMQ==", + "version": "4.1.12", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-linux-x64-musl/-/oxide-linux-x64-musl-4.1.12.tgz", + "integrity": "sha512-ha0pHPamN+fWZY7GCzz5rKunlv9L5R8kdh+YNvP5awe3LtuXb5nRi/H27GeL2U+TdhDOptU7T6Is7mdwh5Ar3A==", "cpu": [ "x64" ], @@ -4034,9 +4636,9 @@ } }, "node_modules/@tailwindcss/oxide-wasm32-wasi": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-wasm32-wasi/-/oxide-wasm32-wasi-4.1.4.tgz", - "integrity": "sha512-2TLe9ir+9esCf6Wm+lLWTMbgklIjiF0pbmDnwmhR9MksVOq+e8aP3TSsXySnBDDvTTVd/vKu1aNttEGj3P6l8Q==", + "version": "4.1.12", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-wasm32-wasi/-/oxide-wasm32-wasi-4.1.12.tgz", + "integrity": "sha512-4tSyu3dW+ktzdEpuk6g49KdEangu3eCYoqPhWNsZgUhyegEda3M9rG0/j1GV/JjVVsj+lG7jWAyrTlLzd/WEBg==", "bundleDependencies": [ "@napi-rs/wasm-runtime", "@emnapi/core", @@ -4052,21 +4654,81 @@ "license": "MIT", "optional": true, "dependencies": { - "@emnapi/core": "^1.4.0", - "@emnapi/runtime": "^1.4.0", - "@emnapi/wasi-threads": "^1.0.1", - "@napi-rs/wasm-runtime": "^0.2.8", - "@tybys/wasm-util": "^0.9.0", + "@emnapi/core": "^1.4.5", + "@emnapi/runtime": "^1.4.5", + "@emnapi/wasi-threads": "^1.0.4", + "@napi-rs/wasm-runtime": "^0.2.12", + "@tybys/wasm-util": "^0.10.0", "tslib": "^2.8.0" }, "engines": { "node": ">=14.0.0" } }, + "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@emnapi/core": { + "version": "1.4.5", + "dev": true, + "inBundle": true, + "license": "MIT", + "optional": true, + "dependencies": { + "@emnapi/wasi-threads": "1.0.4", + "tslib": "^2.4.0" + } + }, + "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@emnapi/runtime": { + "version": "1.4.5", + "dev": true, + "inBundle": true, + "license": "MIT", + "optional": true, + "dependencies": { + "tslib": "^2.4.0" + } + }, + "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@emnapi/wasi-threads": { + "version": "1.0.4", + "dev": true, + "inBundle": true, + "license": "MIT", + "optional": true, + "dependencies": { + "tslib": "^2.4.0" + } + }, + "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@napi-rs/wasm-runtime": { + "version": "0.2.12", + "dev": true, + "inBundle": true, + "license": "MIT", + "optional": true, + "dependencies": { + "@emnapi/core": "^1.4.3", + "@emnapi/runtime": "^1.4.3", + "@tybys/wasm-util": "^0.10.0" + } + }, + "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/@tybys/wasm-util": { + "version": "0.10.0", + "dev": true, + "inBundle": true, + "license": "MIT", + "optional": true, + "dependencies": { + "tslib": "^2.4.0" + } + }, + "node_modules/@tailwindcss/oxide-wasm32-wasi/node_modules/tslib": { + "version": "2.8.0", + "dev": true, + "inBundle": true, + "license": "0BSD", + "optional": true + }, "node_modules/@tailwindcss/oxide-win32-arm64-msvc": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-win32-arm64-msvc/-/oxide-win32-arm64-msvc-4.1.4.tgz", - "integrity": "sha512-VlnhfilPlO0ltxW9/BgfLI5547PYzqBMPIzRrk4W7uupgCt8z6Trw/tAj6QUtF2om+1MH281Pg+HHUJoLesmng==", + "version": "4.1.12", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-win32-arm64-msvc/-/oxide-win32-arm64-msvc-4.1.12.tgz", + "integrity": "sha512-iGLyD/cVP724+FGtMWslhcFyg4xyYyM+5F4hGvKA7eifPkXHRAUDFaimu53fpNg9X8dfP75pXx/zFt/jlNF+lg==", "cpu": [ "arm64" ], @@ -4081,9 +4743,9 @@ } }, "node_modules/@tailwindcss/oxide-win32-x64-msvc": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-win32-x64-msvc/-/oxide-win32-x64-msvc-4.1.4.tgz", - "integrity": "sha512-+7S63t5zhYjslUGb8NcgLpFXD+Kq1F/zt5Xv5qTv7HaFTG/DHyHD9GA6ieNAxhgyA4IcKa/zy7Xx4Oad2/wuhw==", + "version": "4.1.12", + "resolved": "https://registry.npmjs.org/@tailwindcss/oxide-win32-x64-msvc/-/oxide-win32-x64-msvc-4.1.12.tgz", + "integrity": "sha512-NKIh5rzw6CpEodv/++r0hGLlfgT/gFN+5WNdZtvh6wpU2BpGNgdjvj6H2oFc8nCM839QM1YOhjpgbAONUb4IxA==", "cpu": [ "x64" ], @@ -4098,26 +4760,26 @@ } }, "node_modules/@tailwindcss/postcss": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/@tailwindcss/postcss/-/postcss-4.1.4.tgz", - "integrity": "sha512-bjV6sqycCEa+AQSt2Kr7wpGF1bOZJ5wsqnLEkqSbM/JEHxx/yhMH8wHmdkPyApF9xhHeMSwnnkDUUMMM/hYnXw==", + "version": "4.1.12", + "resolved": "https://registry.npmjs.org/@tailwindcss/postcss/-/postcss-4.1.12.tgz", + "integrity": "sha512-5PpLYhCAwf9SJEeIsSmCDLgyVfdBhdBpzX1OJ87anT9IVR0Z9pjM0FNixCAUAHGnMBGB8K99SwAheXrT0Kh6QQ==", "dev": true, "license": "MIT", "dependencies": { "@alloc/quick-lru": "^5.2.0", - "@tailwindcss/node": "4.1.4", - "@tailwindcss/oxide": "4.1.4", + "@tailwindcss/node": "4.1.12", + "@tailwindcss/oxide": "4.1.12", "postcss": "^8.4.41", - "tailwindcss": "4.1.4" + "tailwindcss": "4.1.12" } }, "node_modules/@tanstack/react-table": { - "version": "8.20.6", - "resolved": "https://registry.npmjs.org/@tanstack/react-table/-/react-table-8.20.6.tgz", - "integrity": "sha512-w0jluT718MrOKthRcr2xsjqzx+oEM7B7s/XXyfs19ll++hlId3fjTm+B2zrR3ijpANpkzBAr15j1XGVOMxpggQ==", + "version": "8.21.3", + "resolved": "https://registry.npmjs.org/@tanstack/react-table/-/react-table-8.21.3.tgz", + "integrity": "sha512-5nNMTSETP4ykGegmVkhjcS8tTLW6Vl4axfEGQN3v0zdHYbK4UfoqfPChclTrJ4EoK9QynqAu9oUf8VEmrpZ5Ww==", "license": "MIT", "dependencies": { - "@tanstack/table-core": "8.20.5" + "@tanstack/table-core": "8.21.3" }, "engines": { "node": ">=12" @@ -4132,9 +4794,9 @@ } }, "node_modules/@tanstack/table-core": { - "version": "8.20.5", - "resolved": "https://registry.npmjs.org/@tanstack/table-core/-/table-core-8.20.5.tgz", - "integrity": "sha512-P9dF7XbibHph2PFRz8gfBKEXEY/HJPOhym8CHmjF8y3q5mWpKx9xtZapXQUWCgkqvsK0R46Azuz+VaxD4Xl+Tg==", + "version": "8.21.3", + "resolved": "https://registry.npmjs.org/@tanstack/table-core/-/table-core-8.21.3.tgz", + "integrity": "sha512-ldZXEhOBb8Is7xLs01fR3YEc3DERiz5silj8tnGkFZytt1abEvl/GhUmCE0PMLaMPTa3Jk4HbKmRlHmu+gCftg==", "license": "MIT", "engines": { "node": ">=12" @@ -4145,9 +4807,9 @@ } }, "node_modules/@tybys/wasm-util": { - "version": "0.8.3", - "resolved": "https://registry.npmjs.org/@tybys/wasm-util/-/wasm-util-0.8.3.tgz", - "integrity": "sha512-Z96T/L6dUFFxgFJ+pQtkPpne9q7i6kIPYCFnQBHSgSPV9idTsKfIhCss0h5iM9irweZCatkrdeP8yi5uM1eX6Q==", + "version": "0.10.0", + "resolved": "https://registry.npmjs.org/@tybys/wasm-util/-/wasm-util-0.10.0.tgz", + "integrity": "sha512-VyyPYFlOMNylG45GoAe0xDoLwWuowvf92F9kySqzYh8vmYm7D2u4iUJKa1tOUpS70Ku13ASrOkS4ScXFsTaCNQ==", "license": "MIT", "optional": true, "dependencies": { @@ -4165,9 +4827,9 @@ } }, "node_modules/@types/body-parser": { - "version": "1.19.5", - "resolved": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.5.tgz", - "integrity": "sha512-fB3Zu92ucau0iQ0JMCFQE7b/dv8Ot07NI3KaZIkIUNXq82k4eBAqUaneXfleGY9JWskeS9y+u0nXMyspcuQrCg==", + "version": "1.19.6", + "resolved": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.6.tgz", + "integrity": "sha512-HLFeCYgz89uk22N5Qg3dvGvsv46B8GLvKKo1zKG4NybA8U2DiEO3w9lqGg29t/tfLRJpJ6iQxnVw4OnB7MoM9g==", "dev": true, "license": "MIT", "dependencies": { @@ -4186,9 +4848,9 @@ } }, "node_modules/@types/cookie-parser": { - "version": "1.4.8", - "resolved": "https://registry.npmjs.org/@types/cookie-parser/-/cookie-parser-1.4.8.tgz", - "integrity": "sha512-l37JqFrOJ9yQfRQkljb41l0xVphc7kg5JTjjr+pLRZ0IyZ49V4BQ8vbF4Ut2C2e+WH4al3xD3ZwYwIUfnbT4NQ==", + "version": "1.4.9", + "resolved": "https://registry.npmjs.org/@types/cookie-parser/-/cookie-parser-1.4.9.tgz", + "integrity": "sha512-tGZiZ2Gtc4m3wIdLkZ8mkj1T6CEHb35+VApbL2T14Dew8HA7c+04dmKqsKRNC+8RJPm16JEK0tFSwdZqubfc4g==", "dev": true, "license": "MIT", "peerDependencies": { @@ -4196,9 +4858,9 @@ } }, "node_modules/@types/cors": { - "version": "2.8.17", - "resolved": "https://registry.npmjs.org/@types/cors/-/cors-2.8.17.tgz", - "integrity": "sha512-8CGDvrBj1zgo2qE+oS3pOCyYNqCPryMWY2bGfwA0dcfopWGgxs+78df0Rs3rc9THP4JkOhLsAa+15VdpAqkcUA==", + "version": "2.8.19", + "resolved": "https://registry.npmjs.org/@types/cors/-/cors-2.8.19.tgz", + "integrity": "sha512-mFNylyeyqN93lfe/9CSxOGREz8cpzAhH+E93xJ4xWQf62V8sQ/24reV2nyzUWM6H6Xji+GGHpkbLe7pVoUEskg==", "dev": true, "license": "MIT", "dependencies": { @@ -4213,28 +4875,27 @@ "license": "MIT" }, "node_modules/@types/estree": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.6.tgz", - "integrity": "sha512-AYnb1nQyY49te+VRAVgmzfcgjYS91mY5P0TKUDCLEM+gNnA+3T6rWITXRLYCpahpqSQbN5cE+gHpnPyXjHWxcw==", + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.8.tgz", + "integrity": "sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==", "license": "MIT" }, "node_modules/@types/express": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/@types/express/-/express-5.0.0.tgz", - "integrity": "sha512-DvZriSMehGHL1ZNLzi6MidnsDhUZM/x2pRdDIKdwbUNqqwHxMlRdkxtn6/EPKyqKpHqTl/4nRZsRNLpZxZRpPQ==", + "version": "5.0.3", + "resolved": "https://registry.npmjs.org/@types/express/-/express-5.0.3.tgz", + "integrity": "sha512-wGA0NX93b19/dZC1J18tKWVIYWyyF2ZjT9vin/NRu0qzzvfVzWjs04iq2rQ3H65vCTQYlRqs3YHfY7zjdV+9Kw==", "dev": true, "license": "MIT", "dependencies": { "@types/body-parser": "*", "@types/express-serve-static-core": "^5.0.0", - "@types/qs": "*", "@types/serve-static": "*" } }, "node_modules/@types/express-serve-static-core": { - "version": "5.0.5", - "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-5.0.5.tgz", - "integrity": "sha512-GLZPrd9ckqEBFMcVM/qRFAP0Hg3qiVEojgEFsx/N/zKXsBzbGF6z5FBDpZ0+Xhp1xr+qRZYjfGr1cWHB9oFHSA==", + "version": "5.0.7", + "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-5.0.7.tgz", + "integrity": "sha512-R+33OsgWw7rOhD1emjU7dzCDHucJrgJXMA5PYCzJxVil0dsyx5iBEPHqpPfiKNJQb7lZ1vxwoLR4Z87bBUpeGQ==", "dev": true, "license": "MIT", "dependencies": { @@ -4244,10 +4905,20 @@ "@types/send": "*" } }, + "node_modules/@types/express-session": { + "version": "1.18.2", + "resolved": "https://registry.npmjs.org/@types/express-session/-/express-session-1.18.2.tgz", + "integrity": "sha512-k+I0BxwVXsnEU2hV77cCobC08kIsn4y44C3gC0b46uxZVMaXA04lSPgRLR/bSL2w0t0ShJiG8o4jPzRG/nscFg==", + "dev": true, + "license": "MIT", + "dependencies": { + "@types/express": "*" + } + }, "node_modules/@types/http-errors": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/@types/http-errors/-/http-errors-2.0.4.tgz", - "integrity": "sha512-D0CFMMtydbJAegzOyHjtiKPLlvnm3iTZyZRSZoLq2mRhDdmLfIWOCYPfQJ4cu2erKghU++QvjcUjp/5h7hESpA==", + "version": "2.0.5", + "resolved": "https://registry.npmjs.org/@types/http-errors/-/http-errors-2.0.5.tgz", + "integrity": "sha512-r8Tayk8HJnX0FztbZN7oVqGccWgw98T/0neJphO91KkmOzug1KkofZURD4UaD5uH8AqcFLfdPErnBod0u71/qg==", "dev": true, "license": "MIT" }, @@ -4278,9 +4949,9 @@ "license": "MIT" }, "node_modules/@types/jsonwebtoken": { - "version": "9.0.9", - "resolved": "https://registry.npmjs.org/@types/jsonwebtoken/-/jsonwebtoken-9.0.9.tgz", - "integrity": "sha512-uoe+GxEuHbvy12OUQct2X9JenKM3qAscquYymuQN4fMWG9DBQtykrQEFcAbVACF7qaLw9BePSodUL0kquqBJpQ==", + "version": "9.0.10", + "resolved": "https://registry.npmjs.org/@types/jsonwebtoken/-/jsonwebtoken-9.0.10.tgz", + "integrity": "sha512-asx5hIG9Qmf/1oStypjanR7iKTv0gXQ1Ov/jfrX6kS/EO0OFni8orbmGCn0672NHR3kXHwpAwR+B368ZGN/2rA==", "dev": true, "license": "MIT", "dependencies": { @@ -4303,13 +4974,13 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "22.10.10", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.10.10.tgz", - "integrity": "sha512-X47y/mPNzxviAGY5TcYPtYL8JsY3kAq2n8fMmKoRCxq/c4v4pyGNCzM2R6+M5/umG4ZfHuT+sgqDYqWc9rJ6ww==", + "version": "24.3.0", + "resolved": "https://registry.npmjs.org/@types/node/-/node-24.3.0.tgz", + "integrity": "sha512-aPTXCrfwnDLj4VvXrm+UUCQjNEvJgNA8s5F1cvwQU+3KNltTOkBm1j30uNLyqqPNe7gE3KFzImYoZEfLhp4Yow==", "devOptional": true, "license": "MIT", "dependencies": { - "undici-types": "~6.20.0" + "undici-types": "~7.10.0" } }, "node_modules/@types/nodemailer": { @@ -4322,10 +4993,22 @@ "@types/node": "*" } }, + "node_modules/@types/pg": { + "version": "8.15.5", + "resolved": "https://registry.npmjs.org/@types/pg/-/pg-8.15.5.tgz", + "integrity": "sha512-LF7lF6zWEKxuT3/OR8wAZGzkg4ENGXFNyiV/JeOt9z5B+0ZVwbql9McqX5c/WStFq1GaGso7H1AzP/qSzmlCKQ==", + "devOptional": true, + "license": "MIT", + "dependencies": { + "@types/node": "*", + "pg-protocol": "*", + "pg-types": "^2.2.0" + } + }, "node_modules/@types/qs": { - "version": "6.9.18", - "resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.9.18.tgz", - "integrity": "sha512-kK7dgTYDyGqS+e2Q4aK9X3D7q234CIZ1Bv0q/7Z5IwRDoADNU81xXJK/YVyLbLTZCoIwUoDoffFeF+p/eIklAA==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.14.0.tgz", + "integrity": "sha512-eOunJqu0K1923aExK6y8p6fsihYEn/BYuQ4g0CxAAgFc4b/ZLN4CrsRZ55srTdqoiLzU2B2evC+apEIxprEzkQ==", "dev": true, "license": "MIT" }, @@ -4337,9 +5020,9 @@ "license": "MIT" }, "node_modules/@types/react": { - "version": "19.1.1", - "resolved": "https://registry.npmjs.org/@types/react/-/react-19.1.1.tgz", - "integrity": "sha512-ePapxDL7qrgqSF67s0h9m412d9DbXyC1n59O2st+9rjuuamWsZuD2w55rqY12CbzsZ7uVXb5Nw0gEp9Z8MMutQ==", + "version": "19.1.12", + "resolved": "https://registry.npmjs.org/@types/react/-/react-19.1.12.tgz", + "integrity": "sha512-cMoR+FoAf/Jyq6+Df2/Z41jISvGZZ2eTlnsaJRptmZ76Caldwy1odD4xTr/gNV9VLj0AWgg/nmkevIyUfIIq5w==", "devOptional": true, "license": "MIT", "dependencies": { @@ -4347,9 +5030,9 @@ } }, "node_modules/@types/react-dom": { - "version": "19.1.2", - "resolved": "https://registry.npmjs.org/@types/react-dom/-/react-dom-19.1.2.tgz", - "integrity": "sha512-XGJkWF41Qq305SKWEILa1O8vzhb3aOo3ogBlSmiqNko/WmRb6QIaweuZCXjKygVDXpzXb5wyxKTSOsmkuqj+Qw==", + "version": "19.1.9", + "resolved": "https://registry.npmjs.org/@types/react-dom/-/react-dom-19.1.9.tgz", + "integrity": "sha512-qXRuZaOsAdXKFyOhRBg6Lqqc0yay13vN7KrIg4L7N4aaHN68ma9OK3NE1BoDFgFOTfM7zg+3/8+2n8rLUH3OKQ==", "devOptional": true, "license": "MIT", "peerDependencies": { @@ -4357,16 +5040,16 @@ } }, "node_modules/@types/semver": { - "version": "7.5.8", - "resolved": "https://registry.npmjs.org/@types/semver/-/semver-7.5.8.tgz", - "integrity": "sha512-I8EUhyrgfLrcTkzV3TSsGyl1tSuPrEDzr0yd5m90UgNxQkyDXULk3b6MlQqTCpZpNtWe1K0hzclnZkTcLBe2UQ==", + "version": "7.7.0", + "resolved": "https://registry.npmjs.org/@types/semver/-/semver-7.7.0.tgz", + "integrity": "sha512-k107IF4+Xr7UHjwDc7Cfd6PRQfbdkiRabXGRjo07b4WyPahFBZCZ1sE+BNxYIJPPg73UkfOsVOLwqVc/6ETrIA==", "dev": true, "license": "MIT" }, "node_modules/@types/send": { - "version": "0.17.4", - "resolved": "https://registry.npmjs.org/@types/send/-/send-0.17.4.tgz", - "integrity": "sha512-x2EM6TJOybec7c52BX0ZspPodMsQUd5L6PRwOunVyVUhXiBSKf3AezDL8Dgvgt5o0UfKNfuA0eMLr2wLT4AiBA==", + "version": "0.17.5", + "resolved": "https://registry.npmjs.org/@types/send/-/send-0.17.5.tgz", + "integrity": "sha512-z6F2D3cOStZvuk2SaP6YrwkNO65iTZcwA2ZkSABegdkAh/lf+Aa/YQndZVfmEXT5vgAp6zv06VQ3ejSVjAny4w==", "dev": true, "license": "MIT", "dependencies": { @@ -4375,9 +5058,9 @@ } }, "node_modules/@types/serve-static": { - "version": "1.15.7", - "resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.15.7.tgz", - "integrity": "sha512-W8Ym+h8nhuRwaKPaDw34QUkwsGi6Rc4yYqvKFo5rm2FUEhCFbzVWrxXUxuKK8TASjWsysJY0nsmNCGhCOIsrOw==", + "version": "1.15.8", + "resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.15.8.tgz", + "integrity": "sha512-roei0UY3LhpOJvjbIP6ZZFngyLKl5dskOtDhxY5THRSpO+ZI+nzJ+m5yUMzGrp89YRa7lvknKkMYjqQFGwA7Sg==", "dev": true, "license": "MIT", "dependencies": { @@ -4404,9 +5087,9 @@ "license": "MIT" }, "node_modules/@types/ws": { - "version": "8.5.13", - "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.13.tgz", - "integrity": "sha512-osM/gWBTPKgHV8XkTunnegTRIsvF6owmf5w+JtAfOw472dptdm0dlGv4xCt6GwQRcC2XVOvvRE/0bAoQcL2QkA==", + "version": "8.18.1", + "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.18.1.tgz", + "integrity": "sha512-ThVF6DCVhA8kUGy+aazFQ4kXQ7E1Ty7A3ypFOe0IcJV8O/M511G99AW24irKrW56Wt44yG9+ij8FaqoBGkuBXg==", "dev": true, "license": "MIT", "dependencies": { @@ -4431,20 +5114,20 @@ "license": "MIT" }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "8.21.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.21.0.tgz", - "integrity": "sha512-eTH+UOR4I7WbdQnG4Z48ebIA6Bgi7WO8HvFEneeYBxG8qCOYgTOFPSg6ek9ITIDvGjDQzWHcoWHCDO2biByNzA==", + "version": "8.40.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.40.0.tgz", + "integrity": "sha512-w/EboPlBwnmOBtRbiOvzjD+wdiZdgFeo17lkltrtn7X37vagKKWJABvyfsJXTlHe6XBzugmYgd4A4nW+k8Mixw==", "license": "MIT", "dependencies": { "@eslint-community/regexpp": "^4.10.0", - "@typescript-eslint/scope-manager": "8.21.0", - "@typescript-eslint/type-utils": "8.21.0", - "@typescript-eslint/utils": "8.21.0", - "@typescript-eslint/visitor-keys": "8.21.0", + "@typescript-eslint/scope-manager": "8.40.0", + "@typescript-eslint/type-utils": "8.40.0", + "@typescript-eslint/utils": "8.40.0", + "@typescript-eslint/visitor-keys": "8.40.0", "graphemer": "^1.4.0", - "ignore": "^5.3.1", + "ignore": "^7.0.0", "natural-compare": "^1.4.0", - "ts-api-utils": "^2.0.0" + "ts-api-utils": "^2.1.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -4454,21 +5137,30 @@ "url": "https://opencollective.com/typescript-eslint" }, "peerDependencies": { - "@typescript-eslint/parser": "^8.0.0 || ^8.0.0-alpha.0", + "@typescript-eslint/parser": "^8.40.0", "eslint": "^8.57.0 || ^9.0.0", - "typescript": ">=4.8.4 <5.8.0" + "typescript": ">=4.8.4 <6.0.0" + } + }, + "node_modules/@typescript-eslint/eslint-plugin/node_modules/ignore": { + "version": "7.0.5", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-7.0.5.tgz", + "integrity": "sha512-Hs59xBNfUIunMFgWAbGX5cq6893IbWg4KnrjbYwX3tx0ztorVgTDA6B2sxf8ejHJ4wz8BqGUMYlnzNBer5NvGg==", + "license": "MIT", + "engines": { + "node": ">= 4" } }, "node_modules/@typescript-eslint/parser": { - "version": "8.21.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.21.0.tgz", - "integrity": "sha512-Wy+/sdEH9kI3w9civgACwabHbKl+qIOu0uFZ9IMKzX3Jpv9og0ZBJrZExGrPpFAY7rWsXuxs5e7CPPP17A4eYA==", + "version": "8.40.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.40.0.tgz", + "integrity": "sha512-jCNyAuXx8dr5KJMkecGmZ8KI61KBUhkCob+SD+C+I5+Y1FWI2Y3QmY4/cxMCC5WAsZqoEtEETVhUiUMIGCf6Bw==", "license": "MIT", "dependencies": { - "@typescript-eslint/scope-manager": "8.21.0", - "@typescript-eslint/types": "8.21.0", - "@typescript-eslint/typescript-estree": "8.21.0", - "@typescript-eslint/visitor-keys": "8.21.0", + "@typescript-eslint/scope-manager": "8.40.0", + "@typescript-eslint/types": "8.40.0", + "@typescript-eslint/typescript-estree": "8.40.0", + "@typescript-eslint/visitor-keys": "8.40.0", "debug": "^4.3.4" }, "engines": { @@ -4480,17 +5172,38 @@ }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0", - "typescript": ">=4.8.4 <5.8.0" + "typescript": ">=4.8.4 <6.0.0" + } + }, + "node_modules/@typescript-eslint/project-service": { + "version": "8.40.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.40.0.tgz", + "integrity": "sha512-/A89vz7Wf5DEXsGVvcGdYKbVM9F7DyFXj52lNYUDS1L9yJfqjW/fIp5PgMuEJL/KeqVTe2QSbXAGUZljDUpArw==", + "license": "MIT", + "dependencies": { + "@typescript-eslint/tsconfig-utils": "^8.40.0", + "@typescript-eslint/types": "^8.40.0", + "debug": "^4.3.4" + }, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/typescript-eslint" + }, + "peerDependencies": { + "typescript": ">=4.8.4 <6.0.0" } }, "node_modules/@typescript-eslint/scope-manager": { - "version": "8.21.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.21.0.tgz", - "integrity": "sha512-G3IBKz0/0IPfdeGRMbp+4rbjfSSdnGkXsM/pFZA8zM9t9klXDnB/YnKOBQ0GoPmoROa4bCq2NeHgJa5ydsQ4mA==", + "version": "8.40.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.40.0.tgz", + "integrity": "sha512-y9ObStCcdCiZKzwqsE8CcpyuVMwRouJbbSrNuThDpv16dFAj429IkM6LNb1dZ2m7hK5fHyzNcErZf7CEeKXR4w==", "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.21.0", - "@typescript-eslint/visitor-keys": "8.21.0" + "@typescript-eslint/types": "8.40.0", + "@typescript-eslint/visitor-keys": "8.40.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -4500,16 +5213,33 @@ "url": "https://opencollective.com/typescript-eslint" } }, + "node_modules/@typescript-eslint/tsconfig-utils": { + "version": "8.40.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.40.0.tgz", + "integrity": "sha512-jtMytmUaG9d/9kqSl/W3E3xaWESo4hFDxAIHGVW/WKKtQhesnRIJSAJO6XckluuJ6KDB5woD1EiqknriCtAmcw==", + "license": "MIT", + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/typescript-eslint" + }, + "peerDependencies": { + "typescript": ">=4.8.4 <6.0.0" + } + }, "node_modules/@typescript-eslint/type-utils": { - "version": "8.21.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.21.0.tgz", - "integrity": "sha512-95OsL6J2BtzoBxHicoXHxgk3z+9P3BEcQTpBKriqiYzLKnM2DeSqs+sndMKdamU8FosiadQFT3D+BSL9EKnAJQ==", + "version": "8.40.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.40.0.tgz", + "integrity": "sha512-eE60cK4KzAc6ZrzlJnflXdrMqOBaugeukWICO2rB0KNvwdIMaEaYiywwHMzA1qFpTxrLhN9Lp4E/00EgWcD3Ow==", "license": "MIT", "dependencies": { - "@typescript-eslint/typescript-estree": "8.21.0", - "@typescript-eslint/utils": "8.21.0", + "@typescript-eslint/types": "8.40.0", + "@typescript-eslint/typescript-estree": "8.40.0", + "@typescript-eslint/utils": "8.40.0", "debug": "^4.3.4", - "ts-api-utils": "^2.0.0" + "ts-api-utils": "^2.1.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -4520,13 +5250,13 @@ }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0", - "typescript": ">=4.8.4 <5.8.0" + "typescript": ">=4.8.4 <6.0.0" } }, "node_modules/@typescript-eslint/types": { - "version": "8.21.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.21.0.tgz", - "integrity": "sha512-PAL6LUuQwotLW2a8VsySDBwYMm129vFm4tMVlylzdoTybTHaAi0oBp7Ac6LhSrHHOdLM3efH+nAR6hAWoMF89A==", + "version": "8.40.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.40.0.tgz", + "integrity": "sha512-ETdbFlgbAmXHyFPwqUIYrfc12ArvpBhEVgGAxVYSwli26dn8Ko+lIo4Su9vI9ykTZdJn+vJprs/0eZU0YMAEQg==", "license": "MIT", "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -4537,19 +5267,21 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "8.21.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.21.0.tgz", - "integrity": "sha512-x+aeKh/AjAArSauz0GiQZsjT8ciadNMHdkUSwBB9Z6PrKc/4knM4g3UfHml6oDJmKC88a6//cdxnO/+P2LkMcg==", + "version": "8.40.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.40.0.tgz", + "integrity": "sha512-k1z9+GJReVVOkc1WfVKs1vBrR5MIKKbdAjDTPvIK3L8De6KbFfPFt6BKpdkdk7rZS2GtC/m6yI5MYX+UsuvVYQ==", "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.21.0", - "@typescript-eslint/visitor-keys": "8.21.0", + "@typescript-eslint/project-service": "8.40.0", + "@typescript-eslint/tsconfig-utils": "8.40.0", + "@typescript-eslint/types": "8.40.0", + "@typescript-eslint/visitor-keys": "8.40.0", "debug": "^4.3.4", "fast-glob": "^3.3.2", "is-glob": "^4.0.3", "minimatch": "^9.0.4", "semver": "^7.6.0", - "ts-api-utils": "^2.0.0" + "ts-api-utils": "^2.1.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -4559,13 +5291,13 @@ "url": "https://opencollective.com/typescript-eslint" }, "peerDependencies": { - "typescript": ">=4.8.4 <5.8.0" + "typescript": ">=4.8.4 <6.0.0" } }, "node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz", + "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==", "license": "MIT", "dependencies": { "balanced-match": "^1.0.0" @@ -4615,15 +5347,15 @@ } }, "node_modules/@typescript-eslint/utils": { - "version": "8.21.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.21.0.tgz", - "integrity": "sha512-xcXBfcq0Kaxgj7dwejMbFyq7IOHgpNMtVuDveK7w3ZGwG9owKzhALVwKpTF2yrZmEwl9SWdetf3fxNzJQaVuxw==", + "version": "8.40.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.40.0.tgz", + "integrity": "sha512-Cgzi2MXSZyAUOY+BFwGs17s7ad/7L+gKt6Y8rAVVWS+7o6wrjeFN4nVfTpbE25MNcxyJ+iYUXflbs2xR9h4UBg==", "license": "MIT", "dependencies": { - "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "8.21.0", - "@typescript-eslint/types": "8.21.0", - "@typescript-eslint/typescript-estree": "8.21.0" + "@eslint-community/eslint-utils": "^4.7.0", + "@typescript-eslint/scope-manager": "8.40.0", + "@typescript-eslint/types": "8.40.0", + "@typescript-eslint/typescript-estree": "8.40.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -4634,17 +5366,17 @@ }, "peerDependencies": { "eslint": "^8.57.0 || ^9.0.0", - "typescript": ">=4.8.4 <5.8.0" + "typescript": ">=4.8.4 <6.0.0" } }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "8.21.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.21.0.tgz", - "integrity": "sha512-BkLMNpdV6prozk8LlyK/SOoWLmUFi+ZD+pcqti9ILCbVvHGk1ui1g4jJOc2WDLaeExz2qWwojxlPce5PljcT3w==", + "version": "8.40.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.40.0.tgz", + "integrity": "sha512-8CZ47QwalyRjsypfwnbI3hKy5gJDPmrkLjkgMxhi0+DZZ2QNx2naS6/hWoVYUHU7LU2zleF68V9miaVZvhFfTA==", "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.21.0", - "eslint-visitor-keys": "^4.2.0" + "@typescript-eslint/types": "8.40.0", + "eslint-visitor-keys": "^4.2.1" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -4654,23 +5386,273 @@ "url": "https://opencollective.com/typescript-eslint" } }, + "node_modules/@unrs/resolver-binding-android-arm-eabi": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-android-arm-eabi/-/resolver-binding-android-arm-eabi-1.11.1.tgz", + "integrity": "sha512-ppLRUgHVaGRWUx0R0Ut06Mjo9gBaBkg3v/8AxusGLhsIotbBLuRk51rAzqLC8gq6NyyAojEXglNjzf6R948DNw==", + "cpu": [ + "arm" + ], + "license": "MIT", + "optional": true, + "os": [ + "android" + ] + }, + "node_modules/@unrs/resolver-binding-android-arm64": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-android-arm64/-/resolver-binding-android-arm64-1.11.1.tgz", + "integrity": "sha512-lCxkVtb4wp1v+EoN+HjIG9cIIzPkX5OtM03pQYkG+U5O/wL53LC4QbIeazgiKqluGeVEeBlZahHalCaBvU1a2g==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "android" + ] + }, + "node_modules/@unrs/resolver-binding-darwin-arm64": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-darwin-arm64/-/resolver-binding-darwin-arm64-1.11.1.tgz", + "integrity": "sha512-gPVA1UjRu1Y/IsB/dQEsp2V1pm44Of6+LWvbLc9SDk1c2KhhDRDBUkQCYVWe6f26uJb3fOK8saWMgtX8IrMk3g==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ] + }, + "node_modules/@unrs/resolver-binding-darwin-x64": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-darwin-x64/-/resolver-binding-darwin-x64-1.11.1.tgz", + "integrity": "sha512-cFzP7rWKd3lZaCsDze07QX1SC24lO8mPty9vdP+YVa3MGdVgPmFc59317b2ioXtgCMKGiCLxJ4HQs62oz6GfRQ==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ] + }, + "node_modules/@unrs/resolver-binding-freebsd-x64": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-freebsd-x64/-/resolver-binding-freebsd-x64-1.11.1.tgz", + "integrity": "sha512-fqtGgak3zX4DCB6PFpsH5+Kmt/8CIi4Bry4rb1ho6Av2QHTREM+47y282Uqiu3ZRF5IQioJQ5qWRV6jduA+iGw==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "freebsd" + ] + }, + "node_modules/@unrs/resolver-binding-linux-arm-gnueabihf": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-arm-gnueabihf/-/resolver-binding-linux-arm-gnueabihf-1.11.1.tgz", + "integrity": "sha512-u92mvlcYtp9MRKmP+ZvMmtPN34+/3lMHlyMj7wXJDeXxuM0Vgzz0+PPJNsro1m3IZPYChIkn944wW8TYgGKFHw==", + "cpu": [ + "arm" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ] + }, + "node_modules/@unrs/resolver-binding-linux-arm-musleabihf": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-arm-musleabihf/-/resolver-binding-linux-arm-musleabihf-1.11.1.tgz", + "integrity": "sha512-cINaoY2z7LVCrfHkIcmvj7osTOtm6VVT16b5oQdS4beibX2SYBwgYLmqhBjA1t51CarSaBuX5YNsWLjsqfW5Cw==", + "cpu": [ + "arm" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ] + }, + "node_modules/@unrs/resolver-binding-linux-arm64-gnu": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-arm64-gnu/-/resolver-binding-linux-arm64-gnu-1.11.1.tgz", + "integrity": "sha512-34gw7PjDGB9JgePJEmhEqBhWvCiiWCuXsL9hYphDF7crW7UgI05gyBAi6MF58uGcMOiOqSJ2ybEeCvHcq0BCmQ==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ] + }, + "node_modules/@unrs/resolver-binding-linux-arm64-musl": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-arm64-musl/-/resolver-binding-linux-arm64-musl-1.11.1.tgz", + "integrity": "sha512-RyMIx6Uf53hhOtJDIamSbTskA99sPHS96wxVE/bJtePJJtpdKGXO1wY90oRdXuYOGOTuqjT8ACccMc4K6QmT3w==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ] + }, + "node_modules/@unrs/resolver-binding-linux-ppc64-gnu": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-ppc64-gnu/-/resolver-binding-linux-ppc64-gnu-1.11.1.tgz", + "integrity": "sha512-D8Vae74A4/a+mZH0FbOkFJL9DSK2R6TFPC9M+jCWYia/q2einCubX10pecpDiTmkJVUH+y8K3BZClycD8nCShA==", + "cpu": [ + "ppc64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ] + }, + "node_modules/@unrs/resolver-binding-linux-riscv64-gnu": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-riscv64-gnu/-/resolver-binding-linux-riscv64-gnu-1.11.1.tgz", + "integrity": "sha512-frxL4OrzOWVVsOc96+V3aqTIQl1O2TjgExV4EKgRY09AJ9leZpEg8Ak9phadbuX0BA4k8U5qtvMSQQGGmaJqcQ==", + "cpu": [ + "riscv64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ] + }, + "node_modules/@unrs/resolver-binding-linux-riscv64-musl": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-riscv64-musl/-/resolver-binding-linux-riscv64-musl-1.11.1.tgz", + "integrity": "sha512-mJ5vuDaIZ+l/acv01sHoXfpnyrNKOk/3aDoEdLO/Xtn9HuZlDD6jKxHlkN8ZhWyLJsRBxfv9GYM2utQ1SChKew==", + "cpu": [ + "riscv64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ] + }, + "node_modules/@unrs/resolver-binding-linux-s390x-gnu": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-s390x-gnu/-/resolver-binding-linux-s390x-gnu-1.11.1.tgz", + "integrity": "sha512-kELo8ebBVtb9sA7rMe1Cph4QHreByhaZ2QEADd9NzIQsYNQpt9UkM9iqr2lhGr5afh885d/cB5QeTXSbZHTYPg==", + "cpu": [ + "s390x" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ] + }, + "node_modules/@unrs/resolver-binding-linux-x64-gnu": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-x64-gnu/-/resolver-binding-linux-x64-gnu-1.11.1.tgz", + "integrity": "sha512-C3ZAHugKgovV5YvAMsxhq0gtXuwESUKc5MhEtjBpLoHPLYM+iuwSj3lflFwK3DPm68660rZ7G8BMcwSro7hD5w==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ] + }, + "node_modules/@unrs/resolver-binding-linux-x64-musl": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-linux-x64-musl/-/resolver-binding-linux-x64-musl-1.11.1.tgz", + "integrity": "sha512-rV0YSoyhK2nZ4vEswT/QwqzqQXw5I6CjoaYMOX0TqBlWhojUf8P94mvI7nuJTeaCkkds3QE4+zS8Ko+GdXuZtA==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ] + }, + "node_modules/@unrs/resolver-binding-wasm32-wasi": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-wasm32-wasi/-/resolver-binding-wasm32-wasi-1.11.1.tgz", + "integrity": "sha512-5u4RkfxJm+Ng7IWgkzi3qrFOvLvQYnPBmjmZQ8+szTK/b31fQCnleNl1GgEt7nIsZRIf5PLhPwT0WM+q45x/UQ==", + "cpu": [ + "wasm32" + ], + "license": "MIT", + "optional": true, + "dependencies": { + "@napi-rs/wasm-runtime": "^0.2.11" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@unrs/resolver-binding-win32-arm64-msvc": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-win32-arm64-msvc/-/resolver-binding-win32-arm64-msvc-1.11.1.tgz", + "integrity": "sha512-nRcz5Il4ln0kMhfL8S3hLkxI85BXs3o8EYoattsJNdsX4YUU89iOkVn7g0VHSRxFuVMdM4Q1jEpIId1Ihim/Uw==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "win32" + ] + }, + "node_modules/@unrs/resolver-binding-win32-ia32-msvc": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-win32-ia32-msvc/-/resolver-binding-win32-ia32-msvc-1.11.1.tgz", + "integrity": "sha512-DCEI6t5i1NmAZp6pFonpD5m7i6aFrpofcp4LA2i8IIq60Jyo28hamKBxNrZcyOwVOZkgsRp9O2sXWBWP8MnvIQ==", + "cpu": [ + "ia32" + ], + "license": "MIT", + "optional": true, + "os": [ + "win32" + ] + }, + "node_modules/@unrs/resolver-binding-win32-x64-msvc": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@unrs/resolver-binding-win32-x64-msvc/-/resolver-binding-win32-x64-msvc-1.11.1.tgz", + "integrity": "sha512-lrW200hZdbfRtztbygyaq/6jP6AKE8qQN2KvPcJ+x7wiD038YtnYtZ82IMNJ69GJibV7bwL3y9FgK+5w/pYt6g==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "win32" + ] + }, "node_modules/accepts": { - "version": "1.3.8", - "resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.8.tgz", - "integrity": "sha512-PYAthTa2m2VKxuvSD3DPC/Gy+U+sOA1LAuT8mkmRuvw+NACSaeXEQ+NHcVF7rONl6qcaxV3Uuemwawk+7+SJLw==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/accepts/-/accepts-2.0.0.tgz", + "integrity": "sha512-5cvg6CtKwfgdmVqY1WIiXKc3Q1bkRqGLi+2W/6ao+6Y7gu/RCwRuAhGEzh5B4KlszSuTLgZYuqFqo5bImjNKng==", "license": "MIT", "dependencies": { - "mime-types": "~2.1.34", - "negotiator": "0.6.3" + "mime-types": "^3.0.0", + "negotiator": "^1.0.0" }, "engines": { "node": ">= 0.6" } }, "node_modules/acorn": { - "version": "8.14.0", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.14.0.tgz", - "integrity": "sha512-cl669nCJTZBsL97OF4kUQm5g5hC2uihk0NxY3WENAC0TYdILVkAyHymAntgxGkl7K+t0cXIrH5siy5S4XkFycA==", + "version": "8.15.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz", + "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==", "license": "MIT", "bin": { "acorn": "bin/acorn" @@ -4759,9 +5741,9 @@ } }, "node_modules/arctic": { - "version": "3.6.0", - "resolved": "https://registry.npmjs.org/arctic/-/arctic-3.6.0.tgz", - "integrity": "sha512-egHDsCqEacb6oSHz5QSSxNhp07J+QJwJdPvs0katL+mNM5LaGQVqxmcdq1KwfaSNSAlVumBBs0MRExS88TxbMg==", + "version": "3.7.0", + "resolved": "https://registry.npmjs.org/arctic/-/arctic-3.7.0.tgz", + "integrity": "sha512-ZMQ+f6VazDgUJOd+qNV+H7GohNSYal1mVjm5kEaZfE2Ifb7Ss70w+Q7xpJC87qZDkMZIXYf0pTIYZA0OPasSbw==", "license": "MIT", "dependencies": { "@oslojs/crypto": "1.0.1", @@ -4776,9 +5758,9 @@ "license": "Python-2.0" }, "node_modules/aria-hidden": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/aria-hidden/-/aria-hidden-1.2.4.tgz", - "integrity": "sha512-y+CcFFwelSXpLZk/7fMB2mUbGtX9lKycf1MWJ7CaTIERyitVlyQx6C+sxcROU2BAJ24OiZyK+8wj2i8AlBoS3A==", + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/aria-hidden/-/aria-hidden-1.2.6.tgz", + "integrity": "sha512-ik3ZgC9dY/lYVVM++OISsaYDeg1tb0VtP5uL3ouh1koGOaUMDPpbFIei4JkFimWUFPn90sbMNMXQAIVOlnYKJA==", "license": "MIT", "dependencies": { "tslib": "^2.0.0" @@ -4812,24 +5794,20 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/array-flatten": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", - "integrity": "sha512-PCVAQswWemu6UdxsDFFX/+gVeYqKAod3D3UVm91jHwynguOwAvYPhx8nNlM++NqRcK6CxxpUafjmhIdKiHibqg==", - "license": "MIT" - }, "node_modules/array-includes": { - "version": "3.1.8", - "resolved": "https://registry.npmjs.org/array-includes/-/array-includes-3.1.8.tgz", - "integrity": "sha512-itaWrbYbqpGXkGhZPGUulwnhVf5Hpy1xiCFsGqyIGglbBxmG5vSjxQen3/WGOjPpNEv1RtBLKxbmVXm8HpJStQ==", + "version": "3.1.9", + "resolved": "https://registry.npmjs.org/array-includes/-/array-includes-3.1.9.tgz", + "integrity": "sha512-FmeCCAenzH0KH381SPT5FZmiA/TmpndpcaShhfgEN9eCVjnFBqq3l1xrI42y8+PPLI6hypzou4GXw00WHmPBLQ==", "license": "MIT", "dependencies": { - "call-bind": "^1.0.7", + "call-bind": "^1.0.8", + "call-bound": "^1.0.4", "define-properties": "^1.2.1", - "es-abstract": "^1.23.2", - "es-object-atoms": "^1.0.0", - "get-intrinsic": "^1.2.4", - "is-string": "^1.0.7" + "es-abstract": "^1.24.0", + "es-object-atoms": "^1.1.1", + "get-intrinsic": "^1.3.0", + "is-string": "^1.1.1", + "math-intrinsics": "^1.1.0" }, "engines": { "node": ">= 0.4" @@ -4881,17 +5859,18 @@ } }, "node_modules/array.prototype.findlastindex": { - "version": "1.2.5", - "resolved": "https://registry.npmjs.org/array.prototype.findlastindex/-/array.prototype.findlastindex-1.2.5.tgz", - "integrity": "sha512-zfETvRFA8o7EiNn++N5f/kaCw221hrpGsDmcpndVupkPzEc1Wuf3VgC0qby1BbHs7f5DVYjgtEU2LLh5bqeGfQ==", + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/array.prototype.findlastindex/-/array.prototype.findlastindex-1.2.6.tgz", + "integrity": "sha512-F/TKATkzseUExPlfvmwQKGITM3DGTK+vkAsCZoDc5daVygbJBnjEUCbgkAvVFsgfXfX4YIqZ/27G3k3tdXrTxQ==", "license": "MIT", "dependencies": { - "call-bind": "^1.0.7", + "call-bind": "^1.0.8", + "call-bound": "^1.0.4", "define-properties": "^1.2.1", - "es-abstract": "^1.23.2", + "es-abstract": "^1.23.9", "es-errors": "^1.3.0", - "es-object-atoms": "^1.0.0", - "es-shim-unscopables": "^1.0.2" + "es-object-atoms": "^1.1.1", + "es-shim-unscopables": "^1.1.0" }, "engines": { "node": ">= 0.4" @@ -4973,6 +5952,20 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/asn1js": { + "version": "3.0.6", + "resolved": "https://registry.npmjs.org/asn1js/-/asn1js-3.0.6.tgz", + "integrity": "sha512-UOCGPYbl0tv8+006qks/dTgV9ajs97X2p0FAbyS2iyCRrmLSRolDaHdp+v/CLgnzHc3fVB+CwYiUmei7ndFcgA==", + "license": "BSD-3-Clause", + "dependencies": { + "pvtsutils": "^1.3.6", + "pvutils": "^1.1.3", + "tslib": "^2.8.1" + }, + "engines": { + "node": ">=12.0.0" + } + }, "node_modules/ast-types-flow": { "version": "0.0.8", "resolved": "https://registry.npmjs.org/ast-types-flow/-/ast-types-flow-0.0.8.tgz", @@ -5016,22 +6009,22 @@ } }, "node_modules/axe-core": { - "version": "4.10.2", - "resolved": "https://registry.npmjs.org/axe-core/-/axe-core-4.10.2.tgz", - "integrity": "sha512-RE3mdQ7P3FRSe7eqCWoeQ/Z9QXrtniSjp1wUjt5nRC3WIpz5rSCve6o3fsZ2aCpJtrZjSZgjwXAoTO5k4tEI0w==", + "version": "4.10.3", + "resolved": "https://registry.npmjs.org/axe-core/-/axe-core-4.10.3.tgz", + "integrity": "sha512-Xm7bpRXnDSX2YE2YFfBk2FnF0ep6tmG7xPh8iHee8MIcrgq762Nkce856dYtJYLkuIoYZvGfTs/PbZhideTcEg==", "license": "MPL-2.0", "engines": { "node": ">=4" } }, "node_modules/axios": { - "version": "1.8.4", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.8.4.tgz", - "integrity": "sha512-eBSYY4Y68NNlHbHBMdeDmKNtDgXWhQsJcGqzO3iLUM0GraQFSS9cVgPX5I9b3lbdFKyYoAEGAZF1DwhTaljNAw==", + "version": "1.11.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.11.0.tgz", + "integrity": "sha512-1Lx3WLFQWm3ooKDYZD1eXmoGO9fxYQjrycfHFC8P0sCfQVXyROp0p9PFWBehewBOdCwHc+f/b8I0fMto5eSfwA==", "license": "MIT", "dependencies": { "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", + "form-data": "^4.0.4", "proxy-from-env": "^1.1.0" } }, @@ -5125,48 +6118,29 @@ } }, "node_modules/body-parser": { - "version": "1.20.3", - "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.3.tgz", - "integrity": "sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==", + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-2.2.0.tgz", + "integrity": "sha512-02qvAaxv8tp7fBa/mw1ga98OGm+eCbqzJOKoRt70sLmfEEi+jyBYVTDGfCL/k06/4EMk/z01gCe7HoCH/f2LTg==", "license": "MIT", "dependencies": { - "bytes": "3.1.2", - "content-type": "~1.0.5", - "debug": "2.6.9", - "depd": "2.0.0", - "destroy": "1.2.0", - "http-errors": "2.0.0", - "iconv-lite": "0.4.24", - "on-finished": "2.4.1", - "qs": "6.13.0", - "raw-body": "2.5.2", - "type-is": "~1.6.18", - "unpipe": "1.0.0" + "bytes": "^3.1.2", + "content-type": "^1.0.5", + "debug": "^4.4.0", + "http-errors": "^2.0.0", + "iconv-lite": "^0.6.3", + "on-finished": "^2.4.1", + "qs": "^6.14.0", + "raw-body": "^3.0.0", + "type-is": "^2.0.0" }, "engines": { - "node": ">= 0.8", - "npm": "1.2.8000 || >= 1.4.16" + "node": ">=18" } }, - "node_modules/body-parser/node_modules/debug": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", - "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", - "license": "MIT", - "dependencies": { - "ms": "2.0.0" - } - }, - "node_modules/body-parser/node_modules/ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==", - "license": "MIT" - }, "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "version": "1.1.12", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz", + "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==", "license": "MIT", "dependencies": { "balanced-match": "^1.0.0", @@ -5219,20 +6193,8 @@ "version": "1.1.2", "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", "integrity": "sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==", - "dev": true, "license": "MIT" }, - "node_modules/busboy": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/busboy/-/busboy-1.6.0.tgz", - "integrity": "sha512-8SFQbg/0hQ9xy3UNTB0YEnsNBbWfhf7RtnzpL7TkBiTBRfrQ9Fxcnz7VJsleJpyp6rVLvXiuORqjlHi5q+PYuA==", - "dependencies": { - "streamsearch": "^1.1.0" - }, - "engines": { - "node": ">=10.16.0" - } - }, "node_modules/bytes": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz", @@ -5261,9 +6223,9 @@ } }, "node_modules/call-bind-apply-helpers": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.1.tgz", - "integrity": "sha512-BhYE+WDaywFg2TBWYNXAE+8B1ATnThNBqXHP5nQu0jWJdVvY2hvkpyB3qOmtmDePiS5/BDQ8wASEWGMWRG148g==", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", "license": "MIT", "dependencies": { "es-errors": "^1.3.0", @@ -5274,13 +6236,13 @@ } }, "node_modules/call-bound": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/call-bound/-/call-bound-1.0.3.tgz", - "integrity": "sha512-YTd+6wGlNlPxSuri7Y6X8tY2dmm12UMH66RpKMhiX6rsk5wXXnYgbUcOt8kiS31/AjfoTOvCsE+w8nZQLQnzHA==", + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/call-bound/-/call-bound-1.0.4.tgz", + "integrity": "sha512-+ys997U96po4Kx/ABpBCqhA9EuxJaQWDQg7295H4hBphv3IZg0boBKuwYpt4YXp6MZ5AmZQnU/tyMTlRpaSejg==", "license": "MIT", "dependencies": { - "call-bind-apply-helpers": "^1.0.1", - "get-intrinsic": "^1.2.6" + "call-bind-apply-helpers": "^1.0.2", + "get-intrinsic": "^1.3.0" }, "engines": { "node": ">= 0.4" @@ -5299,9 +6261,9 @@ } }, "node_modules/caniuse-lite": { - "version": "1.0.30001695", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001695.tgz", - "integrity": "sha512-vHyLade6wTgI2u1ec3WQBxv+2BrTERV28UXQu9LO6lZ9pYeMk34vjXFLOxo1A4UBA8XTL4njRQZdno/yYaSmWw==", + "version": "1.0.30001734", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001734.tgz", + "integrity": "sha512-uhE1Ye5vgqju6OI71HTQqcBCZrvHugk0MjLak7Q+HfoBgoq5Bi+5YnwjP4fjDgrtYr/l8MVRBvzz9dPD4KyK0A==", "funding": [ { "type": "opencollective", @@ -5361,10 +6323,24 @@ } }, "node_modules/chownr": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.4.tgz", - "integrity": "sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==", - "license": "ISC" + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/chownr/-/chownr-3.0.0.tgz", + "integrity": "sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==", + "dev": true, + "license": "BlueOak-1.0.0", + "engines": { + "node": ">=18" + } + }, + "node_modules/citty": { + "version": "0.1.6", + "resolved": "https://registry.npmjs.org/citty/-/citty-0.1.6.tgz", + "integrity": "sha512-tskPPKEs8D2KPafUypv2gxwJP8h/OaJmC82QQGGDQcHvXX43xF2VDACcJVmZ0EuSxkpO9Kc4MlrA3q0+FG58AQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "consola": "^3.2.3" + } }, "node_modules/class-variance-authority": { "version": "0.7.1", @@ -5379,16 +6355,19 @@ } }, "node_modules/cli-cursor": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-3.1.0.tgz", - "integrity": "sha512-I/zHAwsKf9FqGoXM4WWRACob9+SNukZTd94DWF57E4toouRulbCxcUh6RKUEOQlYTHJnzkPMySvPNaaSLNfLZw==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-5.0.0.tgz", + "integrity": "sha512-aCj4O5wKyszjMmDT4tZj93kxyydN/K5zPWSCe6/0AV/AA1pqe5ZBIw0a2ZfPQV7lL5/yb5HsUreJ6UFAF1tEQw==", "dev": true, "license": "MIT", "dependencies": { - "restore-cursor": "^3.1.0" + "restore-cursor": "^5.0.0" }, "engines": { - "node": ">=8" + "node": ">=18" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, "node_modules/cli-spinners": { @@ -5411,88 +6390,75 @@ "license": "MIT" }, "node_modules/cliui": { - "version": "8.0.1", - "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz", - "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==", - "dev": true, + "version": "9.0.1", + "resolved": "https://registry.npmjs.org/cliui/-/cliui-9.0.1.tgz", + "integrity": "sha512-k7ndgKhwoQveBL+/1tqGJYNz097I7WOvwbmmU2AR5+magtbjPWQTS1C5vzGkBC8Ym8UWRzfKUzUUqFLypY4Q+w==", "license": "ISC", "dependencies": { - "string-width": "^4.2.0", - "strip-ansi": "^6.0.1", - "wrap-ansi": "^7.0.0" + "string-width": "^7.2.0", + "strip-ansi": "^7.1.0", + "wrap-ansi": "^9.0.0" }, "engines": { - "node": ">=12" + "node": ">=20" } }, - "node_modules/cliui/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true, + "node_modules/cliui/node_modules/ansi-styles": { + "version": "6.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz", + "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==", "license": "MIT", "engines": { - "node": ">=8" + "node": ">=12" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, "node_modules/cliui/node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true, + "version": "10.4.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-10.4.0.tgz", + "integrity": "sha512-EC+0oUMY1Rqm4O6LLrgjtYDvcVYTy7chDnM4Q7030tP4Kwj3u/pR6gP9ygnp2CJMK5Gq+9Q2oqmrFJAz01DXjw==", "license": "MIT" }, "node_modules/cliui/node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-7.2.0.tgz", + "integrity": "sha512-tsaTIkKW9b4N+AEj+SVA+WhJzV7/zMhcSu78mLKWSk7cXMOSHsBKFWUs0fWwq8QyK3MgJBQRX6Gbi4kYbdvGkQ==", "license": "MIT", "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" + "emoji-regex": "^10.3.0", + "get-east-asian-width": "^1.0.0", + "strip-ansi": "^7.1.0" }, "engines": { - "node": ">=8" - } - }, - "node_modules/cliui/node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "license": "MIT", - "dependencies": { - "ansi-regex": "^5.0.1" + "node": ">=18" }, - "engines": { - "node": ">=8" + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, "node_modules/cliui/node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", - "dev": true, + "version": "9.0.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-9.0.0.tgz", + "integrity": "sha512-G8ura3S+3Z2G+mkgNRq8dqaFZAuxfsxpBB8OCTGRTCtp+l/v9nbFNmCUP1BZMts3G1142MsZfn6eeUKrr4PD1Q==", "license": "MIT", "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" + "ansi-styles": "^6.2.1", + "string-width": "^7.0.0", + "strip-ansi": "^7.1.0" }, "engines": { - "node": ">=10" + "node": ">=18" }, "funding": { "url": "https://github.com/chalk/wrap-ansi?sponsor=1" } }, "node_modules/clone": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/clone/-/clone-1.0.4.tgz", - "integrity": "sha512-JQHZ2QMW6l3aH/j6xCqQThY/9OH4D/9ls34cgkUBiEeocRTU04tHfKPBsUK1PqZCUQM7GiA0IIXJSuXHI64Kbg==", - "dev": true, + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/clone/-/clone-2.1.2.tgz", + "integrity": "sha512-3Pe/CF1Nn94hyhIYpjtiLhdCoEoz0DqQ+988E9gmeEdQZlojxnOb74wctFyuwWQHzqyf9X7C7MG8juUpqBJT8w==", "license": "MIT", "engines": { "node": ">=0.8" @@ -5508,15 +6474,15 @@ } }, "node_modules/cmdk": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/cmdk/-/cmdk-1.0.4.tgz", - "integrity": "sha512-AnsjfHyHpQ/EFeAnG216WY7A5LiYCoZzCSygiLvfXC3H3LFGCprErteUcszaVluGOhuOTbJS3jWHrSDYPBBygg==", + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/cmdk/-/cmdk-1.1.1.tgz", + "integrity": "sha512-Vsv7kFaXm+ptHDMZ7izaRsP70GgrW9NBNGswt9OZaVBLlE0SNpDq8eu/VGXyF9r7M0azK3Wy7OlYXsuyYLFzHg==", "license": "MIT", "dependencies": { - "@radix-ui/react-dialog": "^1.1.2", + "@radix-ui/react-compose-refs": "^1.1.1", + "@radix-ui/react-dialog": "^1.1.6", "@radix-ui/react-id": "^1.1.0", - "@radix-ui/react-primitive": "^2.0.0", - "use-sync-external-store": "^1.2.2" + "@radix-ui/react-primitive": "^2.0.2" }, "peerDependencies": { "react": "^18 || ^19 || ^19.0.0-rc", @@ -5628,10 +6594,27 @@ "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==", "license": "MIT" }, + "node_modules/confbox": { + "version": "0.2.2", + "resolved": "https://registry.npmjs.org/confbox/-/confbox-0.2.2.tgz", + "integrity": "sha512-1NB+BKqhtNipMsov4xI/NnhCKp9XG9NamYp5PVm9klAT0fsrNPjaFICsCFhNhwZJKNh7zB/3q8qXz0E9oaMNtQ==", + "dev": true, + "license": "MIT" + }, + "node_modules/consola": { + "version": "3.4.2", + "resolved": "https://registry.npmjs.org/consola/-/consola-3.4.2.tgz", + "integrity": "sha512-5IKcdX0nnYavi6G7TtOhwkYzyjfJlatbjMjuLSfE2kYT5pMDOilZ4OvMhi637CcDICTmz3wARPoyhqyX1Y+XvA==", + "dev": true, + "license": "MIT", + "engines": { + "node": "^14.18.0 || >=16.10.0" + } + }, "node_modules/content-disposition": { - "version": "0.5.4", - "resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.4.tgz", - "integrity": "sha512-FveZTNuGw04cxlAiWbzi6zTAL/lhehaWbTtgluJh4/E95DqMwTmha3KZN1aAWA8cFIhHzMZUvLevkw5Rqk+tSQ==", + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-1.0.0.tgz", + "integrity": "sha512-Au9nRL8VNUut/XSzbQA38+M78dzP4D+eqg3gfJHMIHHYa3bg067xj1KxMUWj+VULbiZMowKngFFbKczUrNJ1mg==", "license": "MIT", "dependencies": { "safe-buffer": "5.2.1" @@ -5712,6 +6695,35 @@ "node": ">= 0.10" } }, + "node_modules/cross-fetch": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-4.1.0.tgz", + "integrity": "sha512-uKm5PU+MHTootlWEY+mZ4vvXoCn4fLQxT9dSc1sXVMSFkINTJVN8cAQROpwcKm8bJ/c7rgZVIBWzH5T78sNZZw==", + "license": "MIT", + "dependencies": { + "node-fetch": "^2.7.0" + } + }, + "node_modules/cross-fetch/node_modules/node-fetch": { + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", + "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", + "license": "MIT", + "dependencies": { + "whatwg-url": "^5.0.0" + }, + "engines": { + "node": "4.x || >=6.0.0" + }, + "peerDependencies": { + "encoding": "^0.1.0" + }, + "peerDependenciesMeta": { + "encoding": { + "optional": true + } + } + }, "node_modules/cross-spawn": { "version": "7.0.6", "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", @@ -5827,9 +6839,9 @@ } }, "node_modules/debounce": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/debounce/-/debounce-2.0.0.tgz", - "integrity": "sha512-xRetU6gL1VJbs85Mc4FoEGSjQxzpdxRyFhe3lmWFyy2EzydIcD4xzUvRJMD+NPDfMwKNhxa3PvsIOU32luIWeA==", + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/debounce/-/debounce-2.2.0.tgz", + "integrity": "sha512-Xks6RUDLZFdz8LIdR6q0MTH44k7FikOmnh5xkSjMig6ch45afc8sjTjRQf3P6ax8dMgcQrYO/AR2RGWURrruqw==", "dev": true, "license": "MIT", "engines": { @@ -5840,9 +6852,9 @@ } }, "node_modules/debug": { - "version": "4.4.0", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.0.tgz", - "integrity": "sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==", + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz", + "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==", "license": "MIT", "dependencies": { "ms": "^2.1.3" @@ -5856,6 +6868,12 @@ } } }, + "node_modules/decimal.js": { + "version": "10.6.0", + "resolved": "https://registry.npmjs.org/decimal.js/-/decimal.js-10.6.0.tgz", + "integrity": "sha512-YpgQiITW3JXGntzdUmyUR1V812Hn8T1YVXhCu+wO3OpS4eU9l4YdD3qjyiKdV6mvV29zapkMeD390UVEf2lkUg==", + "license": "MIT" + }, "node_modules/decompress-response": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-6.0.0.tgz", @@ -5895,19 +6913,6 @@ "node": ">=0.10.0" } }, - "node_modules/defaults": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/defaults/-/defaults-1.0.4.tgz", - "integrity": "sha512-eFuaLoy/Rxalv2kr+lqMlUnrDWV+3j4pljOIJgLIhI058IQfWJ7vXhyEIHu+HtC738klGALYxOKDO0bQP3tg8A==", - "dev": true, - "license": "MIT", - "dependencies": { - "clone": "^1.0.2" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/define-data-property": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz", @@ -5960,20 +6965,10 @@ "node": ">= 0.8" } }, - "node_modules/destroy": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/destroy/-/destroy-1.2.0.tgz", - "integrity": "sha512-2sJGJTaXIIaR1w4iJSNoN0hnMY7Gpc/n8D4qSCJw8QqFWXf7cuAgnEHxBpweaVcPevC2l3KpjYCx3NypQQgaJg==", - "license": "MIT", - "engines": { - "node": ">= 0.8", - "npm": "1.2.8000 || >= 1.4.16" - } - }, "node_modules/detect-libc": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-2.0.3.tgz", - "integrity": "sha512-bwy0MGW55bG41VqxxypOsdSdGqLwXPI/focwgTYCFMbdUiBAxLg9CFzG08sz2aqzknwiX7Hkl0bQENjg8iLByw==", + "version": "2.0.4", + "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-2.0.4.tgz", + "integrity": "sha512-3UDv+G9CsCKO1WKMGw9fwq/SWJYbI0c5Y7LU1AXYoDdbhE2AHQ6N6Nb34sG8Fj7T5APy8qXDCKuuIHd1BR0tVA==", "license": "Apache-2.0", "engines": { "node": ">=8" @@ -6066,9 +7061,9 @@ } }, "node_modules/dotenv": { - "version": "16.4.7", - "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.4.7.tgz", - "integrity": "sha512-47qPchRCykZC03FhkYAhrvwU4xDBFIj1QPqaarj6mdM/hgUzfPHcpkHJOn3mJAufFeeAxAzeGsr5X0M4k6fLZQ==", + "version": "17.2.1", + "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-17.2.1.tgz", + "integrity": "sha512-kQhDYKZecqnM0fCnzI5eIv5L4cAe/iRI+HqMbO/hbRdTAeXDG+M9FjipUxNfbARuEg4iHIbhnhs78BCHNbSxEQ==", "dev": true, "license": "BSD-2-Clause", "engines": { @@ -6079,456 +7074,25 @@ } }, "node_modules/drizzle-kit": { - "version": "0.30.6", - "resolved": "https://registry.npmjs.org/drizzle-kit/-/drizzle-kit-0.30.6.tgz", - "integrity": "sha512-U4wWit0fyZuGuP7iNmRleQyK2V8wCuv57vf5l3MnG4z4fzNTjY/U13M8owyQ5RavqvqxBifWORaR3wIUzlN64g==", + "version": "0.31.4", + "resolved": "https://registry.npmjs.org/drizzle-kit/-/drizzle-kit-0.31.4.tgz", + "integrity": "sha512-tCPWVZWZqWVx2XUsVpJRnH9Mx0ClVOf5YUHerZ5so1OKSlqww4zy1R5ksEdGRcO3tM3zj0PYN6V48TbQCL1RfA==", "dev": true, "license": "MIT", "dependencies": { "@drizzle-team/brocli": "^0.10.2", "@esbuild-kit/esm-loader": "^2.5.5", - "esbuild": "^0.19.7", - "esbuild-register": "^3.5.0", - "gel": "^2.0.0" + "esbuild": "^0.25.4", + "esbuild-register": "^3.5.0" }, "bin": { "drizzle-kit": "bin.cjs" } }, - "node_modules/drizzle-kit/node_modules/@esbuild/aix-ppc64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.19.12.tgz", - "integrity": "sha512-bmoCYyWdEL3wDQIVbcyzRyeKLgk2WtWLTWz1ZIAZF/EGbNOwSA6ew3PftJ1PqMiOOGu0OyFMzG53L0zqIpPeNA==", - "cpu": [ - "ppc64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "aix" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/android-arm": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.19.12.tgz", - "integrity": "sha512-qg/Lj1mu3CdQlDEEiWrlC4eaPZ1KztwGJ9B6J+/6G+/4ewxJg7gqj8eVYWvao1bXrqGiW2rsBZFSX3q2lcW05w==", - "cpu": [ - "arm" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "android" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/android-arm64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.19.12.tgz", - "integrity": "sha512-P0UVNGIienjZv3f5zq0DP3Nt2IE/3plFzuaS96vihvD0Hd6H/q4WXUGpCxD/E8YrSXfNyRPbpTq+T8ZQioSuPA==", - "cpu": [ - "arm64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "android" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/android-x64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.19.12.tgz", - "integrity": "sha512-3k7ZoUW6Q6YqhdhIaq/WZ7HwBpnFBlW905Fa4s4qWJyiNOgT1dOqDiVAQFwBH7gBRZr17gLrlFCRzF6jFh7Kew==", - "cpu": [ - "x64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "android" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/darwin-arm64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.19.12.tgz", - "integrity": "sha512-B6IeSgZgtEzGC42jsI+YYu9Z3HKRxp8ZT3cqhvliEHovq8HSX2YX8lNocDn79gCKJXOSaEot9MVYky7AKjCs8g==", - "cpu": [ - "arm64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/darwin-x64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.19.12.tgz", - "integrity": "sha512-hKoVkKzFiToTgn+41qGhsUJXFlIjxI/jSYeZf3ugemDYZldIXIxhvwN6erJGlX4t5h417iFuheZ7l+YVn05N3A==", - "cpu": [ - "x64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/freebsd-arm64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.19.12.tgz", - "integrity": "sha512-4aRvFIXmwAcDBw9AueDQ2YnGmz5L6obe5kmPT8Vd+/+x/JMVKCgdcRwH6APrbpNXsPz+K653Qg8HB/oXvXVukA==", - "cpu": [ - "arm64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "freebsd" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/freebsd-x64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.19.12.tgz", - "integrity": "sha512-EYoXZ4d8xtBoVN7CEwWY2IN4ho76xjYXqSXMNccFSx2lgqOG/1TBPW0yPx1bJZk94qu3tX0fycJeeQsKovA8gg==", - "cpu": [ - "x64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "freebsd" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/linux-arm": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.19.12.tgz", - "integrity": "sha512-J5jPms//KhSNv+LO1S1TX1UWp1ucM6N6XuL6ITdKWElCu8wXP72l9MM0zDTzzeikVyqFE6U8YAV9/tFyj0ti+w==", - "cpu": [ - "arm" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/linux-arm64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.19.12.tgz", - "integrity": "sha512-EoTjyYyLuVPfdPLsGVVVC8a0p1BFFvtpQDB/YLEhaXyf/5bczaGeN15QkR+O4S5LeJ92Tqotve7i1jn35qwvdA==", - "cpu": [ - "arm64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/linux-ia32": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.19.12.tgz", - "integrity": "sha512-Thsa42rrP1+UIGaWz47uydHSBOgTUnwBwNq59khgIwktK6x60Hivfbux9iNR0eHCHzOLjLMLfUMLCypBkZXMHA==", - "cpu": [ - "ia32" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/linux-loong64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.19.12.tgz", - "integrity": "sha512-LiXdXA0s3IqRRjm6rV6XaWATScKAXjI4R4LoDlvO7+yQqFdlr1Bax62sRwkVvRIrwXxvtYEHHI4dm50jAXkuAA==", - "cpu": [ - "loong64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/linux-mips64el": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.19.12.tgz", - "integrity": "sha512-fEnAuj5VGTanfJ07ff0gOA6IPsvrVHLVb6Lyd1g2/ed67oU1eFzL0r9WL7ZzscD+/N6i3dWumGE1Un4f7Amf+w==", - "cpu": [ - "mips64el" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/linux-ppc64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.19.12.tgz", - "integrity": "sha512-nYJA2/QPimDQOh1rKWedNOe3Gfc8PabU7HT3iXWtNUbRzXS9+vgB0Fjaqr//XNbd82mCxHzik2qotuI89cfixg==", - "cpu": [ - "ppc64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/linux-riscv64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.19.12.tgz", - "integrity": "sha512-2MueBrlPQCw5dVJJpQdUYgeqIzDQgw3QtiAHUC4RBz9FXPrskyyU3VI1hw7C0BSKB9OduwSJ79FTCqtGMWqJHg==", - "cpu": [ - "riscv64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/linux-s390x": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.19.12.tgz", - "integrity": "sha512-+Pil1Nv3Umes4m3AZKqA2anfhJiVmNCYkPchwFJNEJN5QxmTs1uzyy4TvmDrCRNT2ApwSari7ZIgrPeUx4UZDg==", - "cpu": [ - "s390x" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/linux-x64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.19.12.tgz", - "integrity": "sha512-B71g1QpxfwBvNrfyJdVDexenDIt1CiDN1TIXLbhOw0KhJzE78KIFGX6OJ9MrtC0oOqMWf+0xop4qEU8JrJTwCg==", - "cpu": [ - "x64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/netbsd-x64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.19.12.tgz", - "integrity": "sha512-3ltjQ7n1owJgFbuC61Oj++XhtzmymoCihNFgT84UAmJnxJfm4sYCiSLTXZtE00VWYpPMYc+ZQmB6xbSdVh0JWA==", - "cpu": [ - "x64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "netbsd" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/openbsd-x64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.19.12.tgz", - "integrity": "sha512-RbrfTB9SWsr0kWmb9srfF+L933uMDdu9BIzdA7os2t0TXhCRjrQyCeOt6wVxr79CKD4c+p+YhCj31HBkYcXebw==", - "cpu": [ - "x64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "openbsd" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/sunos-x64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.19.12.tgz", - "integrity": "sha512-HKjJwRrW8uWtCQnQOz9qcU3mUZhTUQvi56Q8DPTLLB+DawoiQdjsYq+j+D3s9I8VFtDr+F9CjgXKKC4ss89IeA==", - "cpu": [ - "x64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "sunos" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/win32-arm64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.19.12.tgz", - "integrity": "sha512-URgtR1dJnmGvX864pn1B2YUYNzjmXkuJOIqG2HdU62MVS4EHpU2946OZoTMnRUHklGtJdJZ33QfzdjGACXhn1A==", - "cpu": [ - "arm64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "win32" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/win32-ia32": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.19.12.tgz", - "integrity": "sha512-+ZOE6pUkMOJfmxmBZElNOx72NKpIa/HFOMGzu8fqzQJ5kgf6aTGrcJaFsNiVMH4JKpMipyK+7k0n2UXN7a8YKQ==", - "cpu": [ - "ia32" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "win32" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/@esbuild/win32-x64": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.19.12.tgz", - "integrity": "sha512-T1QyPSDCyMXaO3pzBkF96E8xMkiRYbUEZADd29SyPGabqxMViNoii+NcK7eWJAEoU6RZyEm5lVSIjTmcdoB9HA==", - "cpu": [ - "x64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "win32" - ], - "engines": { - "node": ">=12" - } - }, - "node_modules/drizzle-kit/node_modules/esbuild": { - "version": "0.19.12", - "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.19.12.tgz", - "integrity": "sha512-aARqgq8roFBj054KvQr5f1sFu0D65G+miZRCuJyJ0G13Zwx7vRar5Zhn2tkQNzIXcBrNVsv/8stehpj+GAjgbg==", - "dev": true, - "hasInstallScript": true, - "license": "MIT", - "bin": { - "esbuild": "bin/esbuild" - }, - "engines": { - "node": ">=12" - }, - "optionalDependencies": { - "@esbuild/aix-ppc64": "0.19.12", - "@esbuild/android-arm": "0.19.12", - "@esbuild/android-arm64": "0.19.12", - "@esbuild/android-x64": "0.19.12", - "@esbuild/darwin-arm64": "0.19.12", - "@esbuild/darwin-x64": "0.19.12", - "@esbuild/freebsd-arm64": "0.19.12", - "@esbuild/freebsd-x64": "0.19.12", - "@esbuild/linux-arm": "0.19.12", - "@esbuild/linux-arm64": "0.19.12", - "@esbuild/linux-ia32": "0.19.12", - "@esbuild/linux-loong64": "0.19.12", - "@esbuild/linux-mips64el": "0.19.12", - "@esbuild/linux-ppc64": "0.19.12", - "@esbuild/linux-riscv64": "0.19.12", - "@esbuild/linux-s390x": "0.19.12", - "@esbuild/linux-x64": "0.19.12", - "@esbuild/netbsd-x64": "0.19.12", - "@esbuild/openbsd-x64": "0.19.12", - "@esbuild/sunos-x64": "0.19.12", - "@esbuild/win32-arm64": "0.19.12", - "@esbuild/win32-ia32": "0.19.12", - "@esbuild/win32-x64": "0.19.12" - } - }, "node_modules/drizzle-orm": { - "version": "0.38.3", - "resolved": "https://registry.npmjs.org/drizzle-orm/-/drizzle-orm-0.38.3.tgz", - "integrity": "sha512-w41Y+PquMpSff/QDRGdItG0/aWca+/J3Sda9PPGkTxBtjWQvgU1jxlFBXdjog5tYvTu58uvi3PwR1NuCx0KeZg==", + "version": "0.44.4", + "resolved": "https://registry.npmjs.org/drizzle-orm/-/drizzle-orm-0.44.4.tgz", + "integrity": "sha512-ZyzKFpTC/Ut3fIqc2c0dPZ6nhchQXriTsqTNs4ayRgl6sZcFlMs9QZKPSHXK4bdOf41GHGWf+FrpcDDYwW+W6Q==", "license": "Apache-2.0", "peerDependencies": { "@aws-sdk/client-rds-data": ">=3", @@ -6539,24 +7103,24 @@ "@neondatabase/serverless": ">=0.10.0", "@op-engineering/op-sqlite": ">=2", "@opentelemetry/api": "^1.4.1", - "@planetscale/database": ">=1", + "@planetscale/database": ">=1.13", "@prisma/client": "*", "@tidbcloud/serverless": "*", "@types/better-sqlite3": "*", "@types/pg": "*", - "@types/react": ">=18", "@types/sql.js": "*", + "@upstash/redis": ">=1.34.7", "@vercel/postgres": ">=0.8.0", "@xata.io/client": "*", "better-sqlite3": ">=7", "bun-types": "*", "expo-sqlite": ">=14.0.0", + "gel": ">=2", "knex": "*", "kysely": "*", "mysql2": ">=2", "pg": ">=8", "postgres": ">=3", - "react": ">=18", "sql.js": ">=1", "sqlite3": ">=5" }, @@ -6600,10 +7164,10 @@ "@types/pg": { "optional": true }, - "@types/react": { + "@types/sql.js": { "optional": true }, - "@types/sql.js": { + "@upstash/redis": { "optional": true }, "@vercel/postgres": { @@ -6621,6 +7185,9 @@ "expo-sqlite": { "optional": true }, + "gel": { + "optional": true + }, "knex": { "optional": true }, @@ -6639,9 +7206,6 @@ "prisma": { "optional": true }, - "react": { - "optional": true - }, "sql.js": { "optional": true }, @@ -6680,16 +7244,16 @@ } }, "node_modules/eciesjs": { - "version": "0.4.13", - "resolved": "https://registry.npmjs.org/eciesjs/-/eciesjs-0.4.13.tgz", - "integrity": "sha512-zBdtR4K+wbj10bWPpIOF9DW+eFYQu8miU5ypunh0t4Bvt83ZPlEWgT5Dq/0G6uwEXumZKjfb5BZxYUZQ2Hzn/Q==", + "version": "0.4.15", + "resolved": "https://registry.npmjs.org/eciesjs/-/eciesjs-0.4.15.tgz", + "integrity": "sha512-r6kEJXDKecVOCj2nLMuXK/FCPeurW33+3JRpfXVbjLja3XUYFfD9I/JBreH6sUyzcm3G/YQboBjMla6poKeSdA==", "dev": true, "license": "MIT", "dependencies": { - "@ecies/ciphers": "^0.2.2", - "@noble/ciphers": "^1.0.0", - "@noble/curves": "^1.6.0", - "@noble/hashes": "^1.5.0" + "@ecies/ciphers": "^0.2.3", + "@noble/ciphers": "^1.3.0", + "@noble/curves": "^1.9.1", + "@noble/hashes": "^1.8.0" }, "engines": { "bun": ">=1", @@ -6725,9 +7289,9 @@ } }, "node_modules/end-of-stream": { - "version": "1.4.4", - "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", - "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.5.tgz", + "integrity": "sha512-ooEGc6HP26xXq/N+GCGOT0JKCLDGrq2bQUZrQ7gyrJiZANJ/8YDTxTpQBXGMn+WbIQXNVpyWymm7KYVICQnyOg==", "license": "MIT", "dependencies": { "once": "^1.4.0" @@ -6764,6 +7328,20 @@ "node": ">=10.0.0" } }, + "node_modules/engine.io/node_modules/accepts": { + "version": "1.3.8", + "resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.8.tgz", + "integrity": "sha512-PYAthTa2m2VKxuvSD3DPC/Gy+U+sOA1LAuT8mkmRuvw+NACSaeXEQ+NHcVF7rONl6qcaxV3Uuemwawk+7+SJLw==", + "dev": true, + "license": "MIT", + "dependencies": { + "mime-types": "~2.1.34", + "negotiator": "0.6.3" + }, + "engines": { + "node": ">= 0.6" + } + }, "node_modules/engine.io/node_modules/cookie": { "version": "0.7.2", "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.2.tgz", @@ -6792,6 +7370,39 @@ } } }, + "node_modules/engine.io/node_modules/mime-db": { + "version": "1.52.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", + "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/engine.io/node_modules/mime-types": { + "version": "2.1.35", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", + "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", + "dev": true, + "license": "MIT", + "dependencies": { + "mime-db": "1.52.0" + }, + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/engine.io/node_modules/negotiator": { + "version": "0.6.3", + "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz", + "integrity": "sha512-+EUsqGPLsM+j/zdChZjsnX51g4XrHFOIXwfnCVPGlQk/k5giakcKsuxCObBRu6DSm9opw/O6slWbJdghQM4bBg==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.6" + } + }, "node_modules/engine.io/node_modules/ws": { "version": "8.17.1", "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz", @@ -6815,9 +7426,10 @@ } }, "node_modules/enhanced-resolve": { - "version": "5.18.1", - "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.18.1.tgz", - "integrity": "sha512-ZSW3ma5GkcQBIpwZTSRAI8N71Uuwgs93IezB7mf7R60tC8ZbJideoDNKjHn2O9KIlx6rkGTTEk1xUCK2E1Y2Yg==", + "version": "5.18.3", + "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.18.3.tgz", + "integrity": "sha512-d4lC8xfavMeBjzGr2vECC3fsGXziXZQyJxD868h2M/mBI3PwAuODxAkLkq5HYuvrPYcUtiLzsTo8U3PgX3Ocww==", + "dev": true, "license": "MIT", "dependencies": { "graceful-fs": "^4.2.4", @@ -6839,41 +7451,28 @@ "url": "https://github.com/fb55/entities?sponsor=1" } }, - "node_modules/env-paths": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/env-paths/-/env-paths-3.0.0.tgz", - "integrity": "sha512-dtJUTepzMW3Lm/NPxRf3wP4642UWhjL2sQxc+ym2YMj1m/H2zDNQOlezafzkHwn6sMstjHTwG6iQQsctDW/b1A==", - "dev": true, - "license": "MIT", - "engines": { - "node": "^12.20.0 || ^14.13.1 || >=16.0.0" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/es-abstract": { - "version": "1.23.9", - "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.23.9.tgz", - "integrity": "sha512-py07lI0wjxAC/DcfK1S6G7iANonniZwTISvdPzk9hzeH0IZIshbuuFxLIU96OyF89Yb9hiqWn8M/bY83KY5vzA==", + "version": "1.24.0", + "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.24.0.tgz", + "integrity": "sha512-WSzPgsdLtTcQwm4CROfS5ju2Wa1QQcVeT37jFjYzdFz1r9ahadC8B8/a4qxJxM+09F18iumCdRmlr96ZYkQvEg==", "license": "MIT", "dependencies": { "array-buffer-byte-length": "^1.0.2", "arraybuffer.prototype.slice": "^1.0.4", "available-typed-arrays": "^1.0.7", "call-bind": "^1.0.8", - "call-bound": "^1.0.3", + "call-bound": "^1.0.4", "data-view-buffer": "^1.0.2", "data-view-byte-length": "^1.0.2", "data-view-byte-offset": "^1.0.1", "es-define-property": "^1.0.1", "es-errors": "^1.3.0", - "es-object-atoms": "^1.0.0", + "es-object-atoms": "^1.1.1", "es-set-tostringtag": "^2.1.0", "es-to-primitive": "^1.3.0", "function.prototype.name": "^1.1.8", - "get-intrinsic": "^1.2.7", - "get-proto": "^1.0.0", + "get-intrinsic": "^1.3.0", + "get-proto": "^1.0.1", "get-symbol-description": "^1.1.0", "globalthis": "^1.0.4", "gopd": "^1.2.0", @@ -6885,21 +7484,24 @@ "is-array-buffer": "^3.0.5", "is-callable": "^1.2.7", "is-data-view": "^1.0.2", + "is-negative-zero": "^2.0.3", "is-regex": "^1.2.1", + "is-set": "^2.0.3", "is-shared-array-buffer": "^1.0.4", "is-string": "^1.1.1", "is-typed-array": "^1.1.15", - "is-weakref": "^1.1.0", + "is-weakref": "^1.1.1", "math-intrinsics": "^1.1.0", - "object-inspect": "^1.13.3", + "object-inspect": "^1.13.4", "object-keys": "^1.1.1", "object.assign": "^4.1.7", "own-keys": "^1.0.1", - "regexp.prototype.flags": "^1.5.3", + "regexp.prototype.flags": "^1.5.4", "safe-array-concat": "^1.1.3", "safe-push-apply": "^1.0.0", "safe-regex-test": "^1.1.0", "set-proto": "^1.0.0", + "stop-iteration-iterator": "^1.1.0", "string.prototype.trim": "^1.2.10", "string.prototype.trimend": "^1.0.9", "string.prototype.trimstart": "^1.0.8", @@ -6908,7 +7510,7 @@ "typed-array-byte-offset": "^1.0.4", "typed-array-length": "^1.0.7", "unbox-primitive": "^1.1.0", - "which-typed-array": "^1.1.18" + "which-typed-array": "^1.1.19" }, "engines": { "node": ">= 0.4" @@ -6990,12 +7592,15 @@ } }, "node_modules/es-shim-unscopables": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/es-shim-unscopables/-/es-shim-unscopables-1.0.2.tgz", - "integrity": "sha512-J3yBRXCzDu4ULnQwxyToo/OjdMx6akgVC7K6few0a7F/0wLtmKKN7I73AH5T2836UuXRqN7Qg+IIUw/+YJksRw==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/es-shim-unscopables/-/es-shim-unscopables-1.1.0.tgz", + "integrity": "sha512-d9T8ucsEhh8Bi1woXCf+TIKDIROLG5WCkxg8geBCbvk22kzwC5G2OnXVMO6FUsvQlgUUXQ2itephWDLqDzbeCw==", "license": "MIT", "dependencies": { - "hasown": "^2.0.0" + "hasown": "^2.0.2" + }, + "engines": { + "node": ">= 0.4" } }, "node_modules/es-to-primitive": { @@ -7016,9 +7621,9 @@ } }, "node_modules/esbuild": { - "version": "0.25.2", - "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.25.2.tgz", - "integrity": "sha512-16854zccKPnC+toMywC+uKNeYSv+/eXkevRAfwRD/G9Cleq66m8XFIrigkbvauLLlCfDL45Q2cWegSg53gGBnQ==", + "version": "0.25.9", + "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.25.9.tgz", + "integrity": "sha512-CRbODhYyQx3qp7ZEwzxOk4JBqmD/seJrzPa/cGjY1VtIn5E09Oi9/dB4JwctnfZ8Q8iT7rioVv5k/FNT/uf54g==", "dev": true, "hasInstallScript": true, "license": "MIT", @@ -7029,31 +7634,32 @@ "node": ">=18" }, "optionalDependencies": { - "@esbuild/aix-ppc64": "0.25.2", - "@esbuild/android-arm": "0.25.2", - "@esbuild/android-arm64": "0.25.2", - "@esbuild/android-x64": "0.25.2", - "@esbuild/darwin-arm64": "0.25.2", - "@esbuild/darwin-x64": "0.25.2", - "@esbuild/freebsd-arm64": "0.25.2", - "@esbuild/freebsd-x64": "0.25.2", - "@esbuild/linux-arm": "0.25.2", - "@esbuild/linux-arm64": "0.25.2", - "@esbuild/linux-ia32": "0.25.2", - "@esbuild/linux-loong64": "0.25.2", - "@esbuild/linux-mips64el": "0.25.2", - "@esbuild/linux-ppc64": "0.25.2", - "@esbuild/linux-riscv64": "0.25.2", - "@esbuild/linux-s390x": "0.25.2", - "@esbuild/linux-x64": "0.25.2", - "@esbuild/netbsd-arm64": "0.25.2", - "@esbuild/netbsd-x64": "0.25.2", - "@esbuild/openbsd-arm64": "0.25.2", - "@esbuild/openbsd-x64": "0.25.2", - "@esbuild/sunos-x64": "0.25.2", - "@esbuild/win32-arm64": "0.25.2", - "@esbuild/win32-ia32": "0.25.2", - "@esbuild/win32-x64": "0.25.2" + "@esbuild/aix-ppc64": "0.25.9", + "@esbuild/android-arm": "0.25.9", + "@esbuild/android-arm64": "0.25.9", + "@esbuild/android-x64": "0.25.9", + "@esbuild/darwin-arm64": "0.25.9", + "@esbuild/darwin-x64": "0.25.9", + "@esbuild/freebsd-arm64": "0.25.9", + "@esbuild/freebsd-x64": "0.25.9", + "@esbuild/linux-arm": "0.25.9", + "@esbuild/linux-arm64": "0.25.9", + "@esbuild/linux-ia32": "0.25.9", + "@esbuild/linux-loong64": "0.25.9", + "@esbuild/linux-mips64el": "0.25.9", + "@esbuild/linux-ppc64": "0.25.9", + "@esbuild/linux-riscv64": "0.25.9", + "@esbuild/linux-s390x": "0.25.9", + "@esbuild/linux-x64": "0.25.9", + "@esbuild/netbsd-arm64": "0.25.9", + "@esbuild/netbsd-x64": "0.25.9", + "@esbuild/openbsd-arm64": "0.25.9", + "@esbuild/openbsd-x64": "0.25.9", + "@esbuild/openharmony-arm64": "0.25.9", + "@esbuild/sunos-x64": "0.25.9", + "@esbuild/win32-arm64": "0.25.9", + "@esbuild/win32-ia32": "0.25.9", + "@esbuild/win32-x64": "0.25.9" } }, "node_modules/esbuild-node-externals": { @@ -7089,7 +7695,6 @@ "version": "3.2.0", "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==", - "dev": true, "license": "MIT", "engines": { "node": ">=6" @@ -7114,21 +7719,22 @@ } }, "node_modules/eslint": { - "version": "9.17.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.17.0.tgz", - "integrity": "sha512-evtlNcpJg+cZLcnVKwsai8fExnqjGPicK7gnUtlNuzu+Fv9bI0aLpND5T44VLQtoMEnI57LoXO9XAkIXwohKrA==", + "version": "9.33.0", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.33.0.tgz", + "integrity": "sha512-TS9bTNIryDzStCpJN93aC5VRSW3uTx9sClUn4B87pwiCaJh220otoI0X8mJKr+VcPtniMdN8GKjlwgWGUv5ZKA==", "license": "MIT", "dependencies": { "@eslint-community/eslint-utils": "^4.2.0", "@eslint-community/regexpp": "^4.12.1", - "@eslint/config-array": "^0.19.0", - "@eslint/core": "^0.9.0", - "@eslint/eslintrc": "^3.2.0", - "@eslint/js": "9.17.0", - "@eslint/plugin-kit": "^0.2.3", + "@eslint/config-array": "^0.21.0", + "@eslint/config-helpers": "^0.3.1", + "@eslint/core": "^0.15.2", + "@eslint/eslintrc": "^3.3.1", + "@eslint/js": "9.33.0", + "@eslint/plugin-kit": "^0.3.5", "@humanfs/node": "^0.16.6", "@humanwhocodes/module-importer": "^1.0.1", - "@humanwhocodes/retry": "^0.4.1", + "@humanwhocodes/retry": "^0.4.2", "@types/estree": "^1.0.6", "@types/json-schema": "^7.0.15", "ajv": "^6.12.4", @@ -7136,9 +7742,9 @@ "cross-spawn": "^7.0.6", "debug": "^4.3.2", "escape-string-regexp": "^4.0.0", - "eslint-scope": "^8.2.0", - "eslint-visitor-keys": "^4.2.0", - "espree": "^10.3.0", + "eslint-scope": "^8.4.0", + "eslint-visitor-keys": "^4.2.1", + "espree": "^10.4.0", "esquery": "^1.5.0", "esutils": "^2.0.2", "fast-deep-equal": "^3.1.3", @@ -7173,12 +7779,12 @@ } }, "node_modules/eslint-config-next": { - "version": "15.1.3", - "resolved": "https://registry.npmjs.org/eslint-config-next/-/eslint-config-next-15.1.3.tgz", - "integrity": "sha512-wGYlNuWnh4ujuKtZvH+7B2Z2vy9nONZE6ztd+DKF7hAsIabkrxmD4TzYHzASHENo42lmz2tnT2B+zN2sOHvpJg==", + "version": "15.4.6", + "resolved": "https://registry.npmjs.org/eslint-config-next/-/eslint-config-next-15.4.6.tgz", + "integrity": "sha512-4uznvw5DlTTjrZgYZjMciSdDDMO2SWIuQgUNaFyC2O3Zw3Z91XeIejeVa439yRq2CnJb/KEvE4U2AeN/66FpUA==", "license": "MIT", "dependencies": { - "@next/eslint-plugin-next": "15.1.3", + "@next/eslint-plugin-next": "15.4.6", "@rushstack/eslint-patch": "^1.10.3", "@typescript-eslint/eslint-plugin": "^5.4.2 || ^6.0.0 || ^7.0.0 || ^8.0.0", "@typescript-eslint/parser": "^5.4.2 || ^6.0.0 || ^7.0.0 || ^8.0.0", @@ -7220,25 +7826,24 @@ } }, "node_modules/eslint-import-resolver-typescript": { - "version": "3.7.0", - "resolved": "https://registry.npmjs.org/eslint-import-resolver-typescript/-/eslint-import-resolver-typescript-3.7.0.tgz", - "integrity": "sha512-Vrwyi8HHxY97K5ebydMtffsWAn1SCR9eol49eCd5fJS4O1WV7PaAjbcjmbfJJSMz/t4Mal212Uz/fQZrOB8mow==", + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/eslint-import-resolver-typescript/-/eslint-import-resolver-typescript-3.10.1.tgz", + "integrity": "sha512-A1rHYb06zjMGAxdLSkN2fXPBwuSaQ0iO5M/hdyS0Ajj1VBaRp0sPD3dn1FhME3c/JluGFbwSxyCfqdSbtQLAHQ==", "license": "ISC", "dependencies": { "@nolyfill/is-core-module": "1.0.39", - "debug": "^4.3.7", - "enhanced-resolve": "^5.15.0", - "fast-glob": "^3.3.2", - "get-tsconfig": "^4.7.5", - "is-bun-module": "^1.0.2", - "is-glob": "^4.0.3", - "stable-hash": "^0.0.4" + "debug": "^4.4.0", + "get-tsconfig": "^4.10.0", + "is-bun-module": "^2.0.0", + "stable-hash": "^0.0.5", + "tinyglobby": "^0.2.13", + "unrs-resolver": "^1.6.2" }, "engines": { "node": "^14.18.0 || >=16.0.0" }, "funding": { - "url": "https://opencollective.com/unts/projects/eslint-import-resolver-ts" + "url": "https://opencollective.com/eslint-import-resolver-typescript" }, "peerDependencies": { "eslint": "*", @@ -7254,38 +7859,10 @@ } } }, - "node_modules/eslint-import-resolver-typescript/node_modules/fast-glob": { - "version": "3.3.3", - "resolved": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.3.3.tgz", - "integrity": "sha512-7MptL8U0cqcFdzIzwOTHoilX9x5BrNqye7Z/LuC7kCMRio1EMSyqRK3BEAUD7sXRq4iT4AzTVuZdhgQ2TCvYLg==", - "license": "MIT", - "dependencies": { - "@nodelib/fs.stat": "^2.0.2", - "@nodelib/fs.walk": "^1.2.3", - "glob-parent": "^5.1.2", - "merge2": "^1.3.0", - "micromatch": "^4.0.8" - }, - "engines": { - "node": ">=8.6.0" - } - }, - "node_modules/eslint-import-resolver-typescript/node_modules/glob-parent": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", - "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==", - "license": "ISC", - "dependencies": { - "is-glob": "^4.0.1" - }, - "engines": { - "node": ">= 6" - } - }, "node_modules/eslint-module-utils": { - "version": "2.12.0", - "resolved": "https://registry.npmjs.org/eslint-module-utils/-/eslint-module-utils-2.12.0.tgz", - "integrity": "sha512-wALZ0HFoytlyh/1+4wuZ9FJCD/leWHQzzrxJ8+rebyReSLk7LApMyd3WJaLVoN+D5+WIdJyDK1c6JnE65V4Zyg==", + "version": "2.12.1", + "resolved": "https://registry.npmjs.org/eslint-module-utils/-/eslint-module-utils-2.12.1.tgz", + "integrity": "sha512-L8jSWTze7K2mTg0vos/RuLRS5soomksDPoJLXIslC7c8Wmut3bx7CPpJijDcBZtxQ5lrbUdM+s0OlNbz0DCDNw==", "license": "MIT", "dependencies": { "debug": "^3.2.7" @@ -7309,29 +7886,29 @@ } }, "node_modules/eslint-plugin-import": { - "version": "2.31.0", - "resolved": "https://registry.npmjs.org/eslint-plugin-import/-/eslint-plugin-import-2.31.0.tgz", - "integrity": "sha512-ixmkI62Rbc2/w8Vfxyh1jQRTdRTF52VxwRVHl/ykPAmqG+Nb7/kNn+byLP0LxPgI7zWA16Jt82SybJInmMia3A==", + "version": "2.32.0", + "resolved": "https://registry.npmjs.org/eslint-plugin-import/-/eslint-plugin-import-2.32.0.tgz", + "integrity": "sha512-whOE1HFo/qJDyX4SnXzP4N6zOWn79WhnCUY/iDR0mPfQZO8wcYE4JClzI2oZrhBnnMUCBCHZhO6VQyoBU95mZA==", "license": "MIT", "dependencies": { "@rtsao/scc": "^1.1.0", - "array-includes": "^3.1.8", - "array.prototype.findlastindex": "^1.2.5", - "array.prototype.flat": "^1.3.2", - "array.prototype.flatmap": "^1.3.2", + "array-includes": "^3.1.9", + "array.prototype.findlastindex": "^1.2.6", + "array.prototype.flat": "^1.3.3", + "array.prototype.flatmap": "^1.3.3", "debug": "^3.2.7", "doctrine": "^2.1.0", "eslint-import-resolver-node": "^0.3.9", - "eslint-module-utils": "^2.12.0", + "eslint-module-utils": "^2.12.1", "hasown": "^2.0.2", - "is-core-module": "^2.15.1", + "is-core-module": "^2.16.1", "is-glob": "^4.0.3", "minimatch": "^3.1.2", "object.fromentries": "^2.0.8", "object.groupby": "^1.0.3", - "object.values": "^1.2.0", + "object.values": "^1.2.1", "semver": "^6.3.1", - "string.prototype.trimend": "^1.0.8", + "string.prototype.trimend": "^1.0.9", "tsconfig-paths": "^3.15.0" }, "engines": { @@ -7389,9 +7966,9 @@ } }, "node_modules/eslint-plugin-react": { - "version": "7.37.4", - "resolved": "https://registry.npmjs.org/eslint-plugin-react/-/eslint-plugin-react-7.37.4.tgz", - "integrity": "sha512-BGP0jRmfYyvOyvMoRX/uoUeW+GqNj9y16bPQzqAHf3AYII/tDs+jMN0dBVkl88/OZwNGwrVFxE7riHsXVfy/LQ==", + "version": "7.37.5", + "resolved": "https://registry.npmjs.org/eslint-plugin-react/-/eslint-plugin-react-7.37.5.tgz", + "integrity": "sha512-Qteup0SqU15kdocexFNAJMvCJEfa2xUKNV4CC1xsVMrIIqEy3SQ/rqyxCWNzfrd3/ldy6HMlD2e0JDVpDg2qIA==", "license": "MIT", "dependencies": { "array-includes": "^3.1.8", @@ -7404,7 +7981,7 @@ "hasown": "^2.0.2", "jsx-ast-utils": "^2.4.1 || ^3.0.0", "minimatch": "^3.1.2", - "object.entries": "^1.1.8", + "object.entries": "^1.1.9", "object.fromentries": "^2.0.8", "object.values": "^1.2.1", "prop-types": "^15.8.1", @@ -7421,9 +7998,9 @@ } }, "node_modules/eslint-plugin-react-hooks": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/eslint-plugin-react-hooks/-/eslint-plugin-react-hooks-5.1.0.tgz", - "integrity": "sha512-mpJRtPgHN2tNAvZ35AMfqeB3Xqeo273QxrHJsbBEPWODRM4r0yB6jfoROqKEYrOn27UtRPpcpHc2UqyBSuUNTw==", + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/eslint-plugin-react-hooks/-/eslint-plugin-react-hooks-5.2.0.tgz", + "integrity": "sha512-+f15FfK64YQwZdJNELETdn5ibXEUQmW1DZL6KXhNnc2heoy/sg9VJJeT7n8TlMWouzWqSWavFkIhHyIbIAEapg==", "license": "MIT", "engines": { "node": ">=10" @@ -7459,9 +8036,9 @@ } }, "node_modules/eslint-scope": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-8.2.0.tgz", - "integrity": "sha512-PHlWUfG6lvPc3yvP5A4PNyBL1W8fkDUccmI21JUu/+GKZBoH/W5u6usENXUrWFRsyoW5ACUjFGgAFQp5gUlb/A==", + "version": "8.4.0", + "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-8.4.0.tgz", + "integrity": "sha512-sNXOfKCn74rt8RICKMvJS7XKV/Xk9kA7DyJr8mJik3S7Cwgy3qlkkmyS2uQB3jiJg6VNdZd/pDBJu0nvG2NlTg==", "license": "BSD-2-Clause", "dependencies": { "esrecurse": "^4.3.0", @@ -7475,9 +8052,9 @@ } }, "node_modules/eslint-visitor-keys": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-4.2.0.tgz", - "integrity": "sha512-UyLnSehNt62FFhSwjZlHmeokpRK59rcz29j+F1/aDgbkbRTk7wIc9XzdoasMUbRNKDM0qQt/+BJ4BrpFeABemw==", + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-4.2.1.tgz", + "integrity": "sha512-Uhdk5sfqcee/9H/rCOJikYz67o0a2Tw2hGRPOG2Y1R2dg7brRe1uG0yaNQDHu+TO/uQPF/5eCapvYSmHUjt7JQ==", "license": "Apache-2.0", "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -7487,14 +8064,14 @@ } }, "node_modules/espree": { - "version": "10.3.0", - "resolved": "https://registry.npmjs.org/espree/-/espree-10.3.0.tgz", - "integrity": "sha512-0QYC8b24HWY8zjRnDTL6RiHfDbAWn63qb4LMj1Z4b076A4une81+z03Kg7l7mn/48PUTqoLptSXez8oknU8Clg==", + "version": "10.4.0", + "resolved": "https://registry.npmjs.org/espree/-/espree-10.4.0.tgz", + "integrity": "sha512-j6PAQ2uUr79PZhBjP5C5fhl8e39FmRnOjsD5lGnWrFU8i2G776tBK7+nP8KuQUTTyAZUwfQqXAgrVH5MbH9CYQ==", "license": "BSD-2-Clause", "dependencies": { - "acorn": "^8.14.0", + "acorn": "^8.15.0", "acorn-jsx": "^5.3.2", - "eslint-visitor-keys": "^4.2.0" + "eslint-visitor-keys": "^4.2.1" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -7588,45 +8165,41 @@ } }, "node_modules/express": { - "version": "4.21.2", - "resolved": "https://registry.npmjs.org/express/-/express-4.21.2.tgz", - "integrity": "sha512-28HqgMZAmih1Czt9ny7qr6ek2qddF4FclbMzwhCREB6OFfH+rXAnuNCwo1/wFvrtbgsQDb4kSbX9de9lFbrXnA==", + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/express/-/express-5.1.0.tgz", + "integrity": "sha512-DT9ck5YIRU+8GYzzU5kT3eHGA5iL+1Zd0EutOmTE9Dtk+Tvuzd23VBU+ec7HPNSTxXYO55gPV/hq4pSBJDjFpA==", "license": "MIT", "dependencies": { - "accepts": "~1.3.8", - "array-flatten": "1.1.1", - "body-parser": "1.20.3", - "content-disposition": "0.5.4", - "content-type": "~1.0.4", - "cookie": "0.7.1", - "cookie-signature": "1.0.6", - "debug": "2.6.9", - "depd": "2.0.0", - "encodeurl": "~2.0.0", - "escape-html": "~1.0.3", - "etag": "~1.8.1", - "finalhandler": "1.3.1", - "fresh": "0.5.2", - "http-errors": "2.0.0", - "merge-descriptors": "1.0.3", - "methods": "~1.1.2", - "on-finished": "2.4.1", - "parseurl": "~1.3.3", - "path-to-regexp": "0.1.12", - "proxy-addr": "~2.0.7", - "qs": "6.13.0", - "range-parser": "~1.2.1", - "safe-buffer": "5.2.1", - "send": "0.19.0", - "serve-static": "1.16.2", - "setprototypeof": "1.2.0", - "statuses": "2.0.1", - "type-is": "~1.6.18", - "utils-merge": "1.0.1", - "vary": "~1.1.2" + "accepts": "^2.0.0", + "body-parser": "^2.2.0", + "content-disposition": "^1.0.0", + "content-type": "^1.0.5", + "cookie": "^0.7.1", + "cookie-signature": "^1.2.1", + "debug": "^4.4.0", + "encodeurl": "^2.0.0", + "escape-html": "^1.0.3", + "etag": "^1.8.1", + "finalhandler": "^2.1.0", + "fresh": "^2.0.0", + "http-errors": "^2.0.0", + "merge-descriptors": "^2.0.0", + "mime-types": "^3.0.0", + "on-finished": "^2.4.1", + "once": "^1.4.0", + "parseurl": "^1.3.3", + "proxy-addr": "^2.0.7", + "qs": "^6.14.0", + "range-parser": "^1.2.1", + "router": "^2.2.0", + "send": "^1.1.0", + "serve-static": "^2.2.0", + "statuses": "^2.0.1", + "type-is": "^2.0.1", + "vary": "^1.1.2" }, "engines": { - "node": ">= 0.10.0" + "node": ">= 18" }, "funding": { "type": "opencollective", @@ -7634,10 +8207,13 @@ } }, "node_modules/express-rate-limit": { - "version": "7.5.0", - "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-7.5.0.tgz", - "integrity": "sha512-eB5zbQh5h+VenMPM3fh+nw1YExi5nMr6HUCR62ELSP11huvxm/Uir1H1QEyTkk5QX6A58pX6NmaTMceKZ0Eodg==", + "version": "8.0.1", + "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-8.0.1.tgz", + "integrity": "sha512-aZVCnybn7TVmxO4BtlmnvX+nuz8qHW124KKJ8dumsBsmv5ZLxE0pYu7S2nwyRBGHHCAzdmnGyrc5U/rksSPO7Q==", "license": "MIT", + "dependencies": { + "ip-address": "10.0.1" + }, "engines": { "node": ">= 16" }, @@ -7645,31 +8221,32 @@ "url": "https://github.com/sponsors/express-rate-limit" }, "peerDependencies": { - "express": "^4.11 || 5 || ^5.0.0-beta.1" + "express": ">= 4.11" } }, "node_modules/express/node_modules/cookie": { - "version": "0.7.1", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.1.tgz", - "integrity": "sha512-6DnInpx7SJ2AK3+CTUE/ZM0vWTUboZCegxhC2xiIydHR9jNuTAASBrfEpHhiGOZw/nX51bHt6YQl8jsGo4y/0w==", + "version": "0.7.2", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.2.tgz", + "integrity": "sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==", "license": "MIT", "engines": { "node": ">= 0.6" } }, - "node_modules/express/node_modules/debug": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", - "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "node_modules/express/node_modules/cookie-signature": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.2.2.tgz", + "integrity": "sha512-D76uU73ulSXrD1UXF4KE2TMxVVwhsnCgfAyTg9k8P6KGZjlXKrOLe4dJQKI3Bxi5wjesZoFXJWElNWBjPZMbhg==", "license": "MIT", - "dependencies": { - "ms": "2.0.0" + "engines": { + "node": ">=6.6.0" } }, - "node_modules/express/node_modules/ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==", + "node_modules/exsolve": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/exsolve/-/exsolve-1.0.7.tgz", + "integrity": "sha512-VO5fQUzZtI6C+vx4w/4BWJpg3s/5l+6pRQEHzFRM8WFi4XffSP1Z+4qi7GbjWbvRQEbdIco5mIMq+zX4rPuLrw==", + "dev": true, "license": "MIT" }, "node_modules/fast-deep-equal": { @@ -7719,19 +8296,18 @@ "license": "MIT" }, "node_modules/fastq": { - "version": "1.18.0", - "resolved": "https://registry.npmjs.org/fastq/-/fastq-1.18.0.tgz", - "integrity": "sha512-QKHXPW0hD8g4UET03SdOdunzSouc9N4AuHdsX8XNcTsuz+yYFILVNIX4l9yHABMhiEI9Db0JTTIpu0wB+Y1QQw==", + "version": "1.19.1", + "resolved": "https://registry.npmjs.org/fastq/-/fastq-1.19.1.tgz", + "integrity": "sha512-GwLTyxkCXjXbxqIhTsMI2Nui8huMPtnxg7krajPJAjnEG/iiOS7i+zCtWGZR9G0NBKbXKh6X9m9UIsYX/N6vvQ==", "license": "ISC", "dependencies": { "reusify": "^1.0.4" } }, "node_modules/fdir": { - "version": "6.4.3", - "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.4.3.tgz", - "integrity": "sha512-PMXmW2y1hDDfTSRc9gaXIuCCRpuoz3Kaz8cUelp3smouvfT632ozg2vrT6lJsHKKOF59YLbOGfAWGUcKEfRMQw==", - "dev": true, + "version": "6.4.6", + "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.4.6.tgz", + "integrity": "sha512-hiFoqpyZcfNm1yc4u8oWCf9A2c4D3QjCrks3zmoVKVxpQRzmPNar1hUJcBG2RQHvEVGDN+Jm81ZheVLAQMK6+w==", "license": "MIT", "peerDependencies": { "picomatch": "^3 || ^4" @@ -7811,38 +8387,22 @@ } }, "node_modules/finalhandler": { - "version": "1.3.1", - "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.3.1.tgz", - "integrity": "sha512-6BN9trH7bp3qvnrRyzsBz+g3lZxTNZTbVO2EV1CS0WIcDbawYVdYvGflME/9QP0h0pYlCDBCTjYa9nZzMDpyxQ==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-2.1.0.tgz", + "integrity": "sha512-/t88Ty3d5JWQbWYgaOGCCYfXRwV1+be02WqYYlL6h0lEiUAMPM8o8qKGO01YIkOHzka2up08wvgYD0mDiI+q3Q==", "license": "MIT", "dependencies": { - "debug": "2.6.9", - "encodeurl": "~2.0.0", - "escape-html": "~1.0.3", - "on-finished": "2.4.1", - "parseurl": "~1.3.3", - "statuses": "2.0.1", - "unpipe": "~1.0.0" + "debug": "^4.4.0", + "encodeurl": "^2.0.0", + "escape-html": "^1.0.3", + "on-finished": "^2.4.1", + "parseurl": "^1.3.3", + "statuses": "^2.0.1" }, "engines": { "node": ">= 0.8" } }, - "node_modules/finalhandler/node_modules/debug": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", - "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", - "license": "MIT", - "dependencies": { - "ms": "2.0.0" - } - }, - "node_modules/finalhandler/node_modules/ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==", - "license": "MIT" - }, "node_modules/find-up": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/find-up/-/find-up-5.0.0.tgz", @@ -7873,9 +8433,9 @@ } }, "node_modules/flatted": { - "version": "3.3.2", - "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.2.tgz", - "integrity": "sha512-AiwGJM8YcNOaobumgtng+6NHuOqC3A7MixFeDafM3X9cIUM+xUXoS5Vfgf+OihAYe20fxqNM9yPBXJzRtZ/4eA==", + "version": "3.3.3", + "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.3.tgz", + "integrity": "sha512-GX+ysw4PBCz0PzosHDepZGANEuFCMLrnRTiEy9McGjmkCQYwRq4A/X786G/fjM/+OjsWSU1ZrY5qyARZmO/uwg==", "license": "ISC" }, "node_modules/fn.name": { @@ -7885,9 +8445,9 @@ "license": "MIT" }, "node_modules/follow-redirects": { - "version": "1.15.9", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.9.tgz", - "integrity": "sha512-gew4GsXizNgdoRyqmyfMHyAmXsZDk6mHkSxZFCzW9gwlbtOW44CDtYavM+y+72qD/Vq2l550kMF52DT8fOLJqQ==", + "version": "1.15.11", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.11.tgz", + "integrity": "sha512-deG2P0JfjrTxl50XGCDyfI97ZGVCxIpfKYmfyrQ54n5FO/0gfIES8C/Psl6kWVDolizcaaxZJnTS0QSMxvnsBQ==", "funding": [ { "type": "individual", @@ -7905,9 +8465,9 @@ } }, "node_modules/for-each": { - "version": "0.3.4", - "resolved": "https://registry.npmjs.org/for-each/-/for-each-0.3.4.tgz", - "integrity": "sha512-kKaIINnFpzW6ffJNDjjyjrk21BkDx38c0xa/klsT8VzLCaMEefv4ZTacrcVR4DmgTeBra++jMDAfS/tS799YDw==", + "version": "0.3.5", + "resolved": "https://registry.npmjs.org/for-each/-/for-each-0.3.5.tgz", + "integrity": "sha512-dKx12eRCVIzqCxFGplyFKJMPvLEWgmNtUrpTiJIR5u97zEhRG8ySrtboPHZXx7daLxQVrl643cTzbab2tkQjxg==", "license": "MIT", "dependencies": { "is-callable": "^1.2.7" @@ -7920,12 +8480,12 @@ } }, "node_modules/foreground-child": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.0.tgz", - "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.3.1.tgz", + "integrity": "sha512-gIXjKqtFuWEgzFRJA9WCQeSJLZDjgJUOMCMzxtvFq/37KojM1BFGufqsCy0r4qSQmYLsZYMeyRqzIWOMup03sw==", "license": "ISC", "dependencies": { - "cross-spawn": "^7.0.0", + "cross-spawn": "^7.0.6", "signal-exit": "^4.0.1" }, "engines": { @@ -7948,19 +8508,42 @@ } }, "node_modules/form-data": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.1.tgz", - "integrity": "sha512-tzN8e4TX8+kkxGPK8D5u0FNmjPUjw3lwC9lSLxxoB/+GtsJG91CO8bSWy73APlgAZzZbXEYZJuxjkHH2w+Ezhw==", + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.4.tgz", + "integrity": "sha512-KrGhL9Q4zjj0kiUt5OO4Mr/A/jlI2jDYs5eHBpYHPcBEVSiipAvn2Ko2HnPe20rmcuuvMHNdZFp+4IlGTMF0Ow==", "license": "MIT", "dependencies": { "asynckit": "^0.4.0", "combined-stream": "^1.0.8", + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", "mime-types": "^2.1.12" }, "engines": { "node": ">= 6" } }, + "node_modules/form-data/node_modules/mime-db": { + "version": "1.52.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", + "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", + "license": "MIT", + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/form-data/node_modules/mime-types": { + "version": "2.1.35", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", + "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", + "license": "MIT", + "dependencies": { + "mime-db": "1.52.0" + }, + "engines": { + "node": ">= 0.6" + } + }, "node_modules/formdata-polyfill": { "version": "4.0.10", "resolved": "https://registry.npmjs.org/formdata-polyfill/-/formdata-polyfill-4.0.10.tgz", @@ -7983,12 +8566,12 @@ } }, "node_modules/fresh": { - "version": "0.5.2", - "resolved": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz", - "integrity": "sha512-zJ2mQYM18rEFOudeV4GShTGIQ7RbzA7ozbU9I/XBpm7kqgMywgmylMwXHxZJmkVoYkna9d2pVXVXPdYTP9ej8Q==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/fresh/-/fresh-2.0.0.tgz", + "integrity": "sha512-Rx/WycZ60HOaqLKAi6cHRKKI7zxWbJ31MhntmtwMoaTeF7XFH9hhBp8vITaMidfljRQ6eYWCKkaTK+ykVJHP2A==", "license": "MIT", "engines": { - "node": ">= 0.6" + "node": ">= 0.8" } }, "node_modules/fs-constants": { @@ -7998,9 +8581,9 @@ "license": "MIT" }, "node_modules/fs-monkey": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/fs-monkey/-/fs-monkey-1.0.6.tgz", - "integrity": "sha512-b1FMfwetIKymC0eioW7mTywihSQE4oLzQn1dB6rZB5fx/3NpNEdAWeCSMB+60/AeT0TCXsxzAlcYVEFCTAksWg==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/fs-monkey/-/fs-monkey-1.1.0.tgz", + "integrity": "sha512-QMUezzXWII9EV5aTFXW1UBVUO77wYPpjqIF8/AviUCThNeSYZykpoTixUeaNNBwmCev0AMDWMAni+f8Hxb1IFw==", "license": "Unlicense", "optional": true }, @@ -8057,49 +8640,39 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/gel": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/gel/-/gel-2.0.2.tgz", - "integrity": "sha512-XTKpfNR9HZOw+k0Bl04nETZjuP5pypVAXsZADSdwr3EtyygTTe1RqvftU2FjGu7Tp9e576a9b/iIOxWrRBxMiQ==", - "dev": true, - "license": "Apache-2.0", - "dependencies": { - "@petamoriken/float16": "^3.8.7", - "debug": "^4.3.4", - "env-paths": "^3.0.0", - "semver": "^7.6.2", - "shell-quote": "^1.8.1", - "which": "^4.0.0" - }, - "bin": { - "gel": "dist/cli.mjs" - }, - "engines": { - "node": ">= 18.0.0" - } - }, "node_modules/get-caller-file": { "version": "2.0.5", "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz", "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==", - "dev": true, "license": "ISC", "engines": { "node": "6.* || 8.* || >= 10.*" } }, + "node_modules/get-east-asian-width": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-east-asian-width/-/get-east-asian-width-1.3.0.tgz", + "integrity": "sha512-vpeMIQKxczTD/0s2CdEWHcb0eeJe6TFjxb+J5xgX7hScxqrGuyjmv4c1D4A/gelKfyox0gJJwIHF+fLjeaM8kQ==", + "license": "MIT", + "engines": { + "node": ">=18" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/get-intrinsic": { - "version": "1.2.7", - "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.7.tgz", - "integrity": "sha512-VW6Pxhsrk0KAOqs3WEd0klDiF/+V7gQOpAvY1jVU/LHmaD/kQO4523aiJuikX/QAKYiW6x8Jh+RJej1almdtCA==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", "license": "MIT", "dependencies": { - "call-bind-apply-helpers": "^1.0.1", + "call-bind-apply-helpers": "^1.0.2", "es-define-property": "^1.0.1", "es-errors": "^1.3.0", - "es-object-atoms": "^1.0.0", + "es-object-atoms": "^1.1.1", "function-bind": "^1.1.2", - "get-proto": "^1.0.0", + "get-proto": "^1.0.1", "gopd": "^1.2.0", "has-symbols": "^1.1.0", "hasown": "^2.0.2", @@ -8165,9 +8738,9 @@ } }, "node_modules/get-tsconfig": { - "version": "4.10.0", - "resolved": "https://registry.npmjs.org/get-tsconfig/-/get-tsconfig-4.10.0.tgz", - "integrity": "sha512-kGzZ3LWWQcGIAmg6iWvXn0ei6WDtV26wzHRMwDSzmAbcXrTEXxHy6IehI6/4eT6VRKyMP1eF1VqwrVUmE/LR7A==", + "version": "4.10.1", + "resolved": "https://registry.npmjs.org/get-tsconfig/-/get-tsconfig-4.10.1.tgz", + "integrity": "sha512-auHyJ4AgMz7vgS8Hp3N6HXSmlMdUyhSUrfBF16w153rxtLIEOE+HGqaBppczZvnHLqQJfiHotCYpNhl0lUROFQ==", "license": "MIT", "dependencies": { "resolve-pkg-maps": "^1.0.0" @@ -8183,14 +8756,14 @@ "license": "MIT" }, "node_modules/glob": { - "version": "11.0.0", - "resolved": "https://registry.npmjs.org/glob/-/glob-11.0.0.tgz", - "integrity": "sha512-9UiX/Bl6J2yaBbxKoEBRm4Cipxgok8kQYcOPEhScPwebu2I0HoQOuYdIO6S3hLuWoZgpDpwQZMzTFxgpkyT76g==", + "version": "11.0.3", + "resolved": "https://registry.npmjs.org/glob/-/glob-11.0.3.tgz", + "integrity": "sha512-2Nim7dha1KVkaiF4q6Dj+ngPPMdfvLJEOpZk/jKiUAkqKebpGAWQXAq9z1xu9HKu5lWfqw/FASuccEjyznjPaA==", "license": "ISC", "dependencies": { - "foreground-child": "^3.1.0", - "jackspeak": "^4.0.1", - "minimatch": "^10.0.0", + "foreground-child": "^3.3.1", + "jackspeak": "^4.1.1", + "minimatch": "^10.0.3", "minipass": "^7.1.2", "package-json-from-dist": "^1.0.0", "path-scurry": "^2.0.0" @@ -8217,22 +8790,13 @@ "node": ">=10.13.0" } }, - "node_modules/glob/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "license": "MIT", - "dependencies": { - "balanced-match": "^1.0.0" - } - }, "node_modules/glob/node_modules/minimatch": { - "version": "10.0.1", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.0.1.tgz", - "integrity": "sha512-ethXTt3SGGR+95gudmqJ1eNhRO7eGEGIgYA9vnPatK4/etz2MEVDno5GMCibdMTuBMyElzIlgxMna3K94XDIDQ==", + "version": "10.0.3", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.0.3.tgz", + "integrity": "sha512-IPZ167aShDZZUMdRk66cyQAW3qr0WzbHkPdMYa8bzZhlHhO3jALbKdxcaak7W9FfT2rZNpQuUu4Od7ILEpXSaw==", "license": "ISC", "dependencies": { - "brace-expansion": "^2.0.1" + "@isaacs/brace-expansion": "^5.0.0" }, "engines": { "node": "20 || >=22" @@ -8306,6 +8870,7 @@ "version": "4.2.11", "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==", + "dev": true, "license": "ISC" }, "node_modules/graphemer": { @@ -8402,9 +8967,9 @@ } }, "node_modules/helmet": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/helmet/-/helmet-8.0.0.tgz", - "integrity": "sha512-VyusHLEIIO5mjQPUI1wpOAEu+wl6Q0998jzTxqUYGE45xCIcAxy3MsbEK/yyJUJ3ADeMoB6MornPH6GMWAf+Pw==", + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/helmet/-/helmet-8.1.0.tgz", + "integrity": "sha512-jOiHyAZsmnr8LqoPGmCjYAaiuWwjAPLgY8ZX2XrmHawt99/u1y6RgrZMTeoPfpUbV96HOalYgz1qzkRbw54Pmg==", "license": "MIT", "engines": { "node": ">=18.0.0" @@ -8461,6 +9026,15 @@ "node": ">= 0.8" } }, + "node_modules/http-errors/node_modules/statuses": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz", + "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==", + "license": "MIT", + "engines": { + "node": ">= 0.8" + } + }, "node_modules/human-signals": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/human-signals/-/human-signals-2.1.0.tgz", @@ -8480,12 +9054,12 @@ } }, "node_modules/iconv-lite": { - "version": "0.4.24", - "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", - "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==", + "version": "0.6.3", + "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.6.3.tgz", + "integrity": "sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==", "license": "MIT", "dependencies": { - "safer-buffer": ">= 2.1.2 < 3" + "safer-buffer": ">= 2.1.2 < 3.0.0" }, "engines": { "node": ">=0.10.0" @@ -8521,9 +9095,9 @@ } }, "node_modules/import-fresh": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz", - "integrity": "sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==", + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.1.tgz", + "integrity": "sha512-TR3KfrTZTYLPB6jUjfx6MF9WcWrHL9su5TObK4ZkYgBdWKPOFoSoQIdEuTuR82pmtxH2spWG9h6etwfr1pLBqQ==", "license": "MIT", "dependencies": { "parent-module": "^1.0.0", @@ -8558,9 +9132,9 @@ "license": "ISC" }, "node_modules/input-otp": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/input-otp/-/input-otp-1.4.1.tgz", - "integrity": "sha512-+yvpmKYKHi9jIGngxagY9oWiiblPB7+nEO75F2l2o4vs+6vpPZZmUl4tBNYuTCvQjhvEIbdNeJu70bhfYP2nbw==", + "version": "1.4.2", + "resolved": "https://registry.npmjs.org/input-otp/-/input-otp-1.4.2.tgz", + "integrity": "sha512-l3jWwYNvrEa6NTCt7BECfCm48GvwuZzkoeG3gBL2w4CHeOXW3eKFmf9UNYkNfYc3mxMrthMnxjIE07MT0zLBQA==", "license": "MIT", "peerDependencies": { "react": "^16.8 || ^17.0 || ^18.0 || ^19.0.0 || ^19.0.0-rc", @@ -8581,6 +9155,27 @@ "node": ">= 0.4" } }, + "node_modules/intl-messageformat": { + "version": "10.7.16", + "resolved": "https://registry.npmjs.org/intl-messageformat/-/intl-messageformat-10.7.16.tgz", + "integrity": "sha512-UmdmHUmp5CIKKjSoE10la5yfU+AYJAaiYLsodbjL4lji83JNvgOQUjGaGhGrpFCb0Uh7sl7qfP1IyILa8Z40ug==", + "license": "BSD-3-Clause", + "dependencies": { + "@formatjs/ecma402-abstract": "2.3.4", + "@formatjs/fast-memoize": "2.2.7", + "@formatjs/icu-messageformat-parser": "2.11.2", + "tslib": "^2.8.0" + } + }, + "node_modules/ip-address": { + "version": "10.0.1", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-10.0.1.tgz", + "integrity": "sha512-NWv9YLW4PoW2B7xtzaS3NCot75m6nK7Icdv0o3lfMceJVRfSoQwqD4wEH5rLwoKJwUiZ/rfpiVBhnaF0FK4HoA==", + "license": "MIT", + "engines": { + "node": ">= 12" + } + }, "node_modules/ipaddr.js": { "version": "1.9.1", "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz", @@ -8661,12 +9256,12 @@ } }, "node_modules/is-boolean-object": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/is-boolean-object/-/is-boolean-object-1.2.1.tgz", - "integrity": "sha512-l9qO6eFlUETHtuihLcYOaLKByJ1f+N4kthcU9YjHy3N+B3hWv0y/2Nd0mu/7lTFnRQHTrSdXF50HQ3bl5fEnng==", + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/is-boolean-object/-/is-boolean-object-1.2.2.tgz", + "integrity": "sha512-wa56o2/ElJMYqjCjGkXri7it5FbebW5usLw/nPmCMs5DeZ7eziSYZhSmPRn0txqeW4LnAmQQU7FgqLpsEFKM4A==", "license": "MIT", "dependencies": { - "call-bound": "^1.0.2", + "call-bound": "^1.0.3", "has-tostringtag": "^1.0.2" }, "engines": { @@ -8677,12 +9272,12 @@ } }, "node_modules/is-bun-module": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/is-bun-module/-/is-bun-module-1.3.0.tgz", - "integrity": "sha512-DgXeu5UWI0IsMQundYb5UAOzm6G2eVnarJ0byP6Tm55iZNKceD59LNPA2L4VvsScTtHcw0yEkVwSf7PC+QoLSA==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-bun-module/-/is-bun-module-2.0.0.tgz", + "integrity": "sha512-gNCGbnnnnFAUGKeZ9PdbyeGYJqewpmc2aKHUEMO5nQPWU9lOmv7jcmQIv+qHD8fXW6W7qfuCwX4rY9LNRjXrkQ==", "license": "MIT", "dependencies": { - "semver": "^7.6.3" + "semver": "^7.7.1" } }, "node_modules/is-callable": { @@ -8809,13 +9404,16 @@ } }, "node_modules/is-interactive": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-interactive/-/is-interactive-1.0.0.tgz", - "integrity": "sha512-2HvIEKRoqS62guEC+qBjpvRubdX910WCMuJTZ+I9yvqKU2/12eSL549HMwtabb4oupdj2sMP50k+XJfB/8JE6w==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/is-interactive/-/is-interactive-2.0.0.tgz", + "integrity": "sha512-qP1vozQRI+BMOPcjFzrjXuQvdak2pHNUMZoeG2eRbiSqyvbEf/wQtEOTOX1guk6E3t36RkaqiSt8A/6YElNxLQ==", "dev": true, "license": "MIT", "engines": { - "node": ">=8" + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, "node_modules/is-map": { @@ -8830,6 +9428,18 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/is-negative-zero": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/is-negative-zero/-/is-negative-zero-2.0.3.tgz", + "integrity": "sha512-5KoIu2Ngpyek75jXodFvnafB6DJgr3u8uuK0LEZJjrU19DrMD3EVERaR8sjz8CCGgpZvxPl9SuE1GMVPFHx1mw==", + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/is-number": { "version": "7.0.0", "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", @@ -8855,6 +9465,12 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/is-promise": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/is-promise/-/is-promise-4.0.0.tgz", + "integrity": "sha512-hvpoI6korhJMnej285dSg6nu1+e6uxs7zG3BYAm5byqDsgJNWwxzM6z6iZiAgQR4TJ30JmBTOwqZUw3WlyH3AQ==", + "license": "MIT" + }, "node_modules/is-regex": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/is-regex/-/is-regex-1.2.1.tgz", @@ -8961,13 +9577,13 @@ } }, "node_modules/is-unicode-supported": { - "version": "0.1.0", - "resolved": "https://registry.npmjs.org/is-unicode-supported/-/is-unicode-supported-0.1.0.tgz", - "integrity": "sha512-knxG2q4UC3u8stRGyAVJCOdxFmv5DZiRcdlIaAQXAbSfJya+OhopNotLQrstBhququ4ZpuKbDc/8S6mgXgPFPw==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-unicode-supported/-/is-unicode-supported-2.1.0.tgz", + "integrity": "sha512-mE00Gnza5EEB3Ds0HfMyllZzbBrmLOX3vfWoj9A9PEnTfratQ/BcaJOuMhnkhjXvb2+FkY3VuHqtAGpTPmglFQ==", "dev": true, "license": "MIT", "engines": { - "node": ">=10" + "node": ">=18" }, "funding": { "url": "https://github.com/sponsors/sindresorhus" @@ -8986,12 +9602,12 @@ } }, "node_modules/is-weakref": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-weakref/-/is-weakref-1.1.0.tgz", - "integrity": "sha512-SXM8Nwyys6nT5WP6pltOwKytLV7FqQ4UiibxVmW+EIosHcmCqkkjViTb5SNssDlkCiEYRP1/pdWUKVvZBmsR2Q==", + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/is-weakref/-/is-weakref-1.1.1.tgz", + "integrity": "sha512-6i9mGWSlqzNMEqpCp93KwRS1uUOodk2OJ6b+sq7ZPDSy2WuI5NFIxp/254TytR8ftefexkWn5xNiHUNpPOfSew==", "license": "MIT", "dependencies": { - "call-bound": "^1.0.2" + "call-bound": "^1.0.3" }, "engines": { "node": ">= 0.4" @@ -9050,9 +9666,9 @@ } }, "node_modules/jackspeak": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-4.0.2.tgz", - "integrity": "sha512-bZsjR/iRjl1Nk1UkjGpAzLNfQtzuijhn2g+pbZb98HQ1Gk8vM9hfbxeMBP+M2/UUdwj0RqGG3mlvk2MsAqwvEw==", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-4.1.1.tgz", + "integrity": "sha512-zptv57P3GpL+O0I7VdMJNBZCu+BPHVQUk55Ft8/QCJjTVxrnJHuVuX/0Bl2A6/+2oyR/ZMEuFKwmzqqZ/U5nPQ==", "license": "BlueOak-1.0.0", "dependencies": { "@isaacs/cliui": "^8.0.2" @@ -9065,11 +9681,12 @@ } }, "node_modules/jiti": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/jiti/-/jiti-2.4.2.tgz", - "integrity": "sha512-rg9zJN+G4n2nfJl5MW3BMygZX56zKPNVEYYqq7adpmMh4Jn2QNEwhvQlFy6jPVdcod7txZtKHWnyZiA3a0zP7A==", - "devOptional": true, + "version": "2.5.1", + "resolved": "https://registry.npmjs.org/jiti/-/jiti-2.5.1.tgz", + "integrity": "sha512-twQoecYPiVA5K/h6SxtORw/Bs3ar+mLUtoPSc7iMXzQzK8d7eJ/R09wmTwAjiamETn1cXYPGfNnu7DMoHgu12w==", "license": "MIT", + "optional": true, + "peer": true, "bin": { "jiti": "lib/jiti-cli.mjs" } @@ -9132,6 +9749,18 @@ "integrity": "sha512-Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw==", "license": "MIT" }, + "node_modules/json5": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz", + "integrity": "sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==", + "license": "MIT", + "dependencies": { + "minimist": "^1.2.0" + }, + "bin": { + "json5": "lib/cli.js" + } + }, "node_modules/jsonwebtoken": { "version": "9.0.2", "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.2.tgz", @@ -9170,12 +9799,12 @@ } }, "node_modules/jwa": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz", - "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==", + "version": "1.4.2", + "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.2.tgz", + "integrity": "sha512-eeH5JO+21J78qMvTIDdBXidBd6nG2kZjg5Ohz/1fpa28Z4CcsWUzJ1ZZyFq/3z3N17aZy+ZuBoHljASbL1WfOw==", "license": "MIT", "dependencies": { - "buffer-equal-constant-time": "1.0.1", + "buffer-equal-constant-time": "^1.0.1", "ecdsa-sig-formatter": "1.0.11", "safe-buffer": "^5.0.1" } @@ -9211,6 +9840,16 @@ "json-buffer": "3.0.1" } }, + "node_modules/kleur": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/kleur/-/kleur-3.0.3.tgz", + "integrity": "sha512-eTIzlVOSUR+JxdDFepEYcBMtZ9Qqdef+rnzWdRZuMbOywu5tO2w2N7rqjoANZ5k9vywhL6Br1VRjUIgTQx4E8w==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=6" + } + }, "node_modules/kuler": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/kuler/-/kuler-2.0.0.tgz", @@ -9258,9 +9897,9 @@ } }, "node_modules/lightningcss": { - "version": "1.29.2", - "resolved": "https://registry.npmjs.org/lightningcss/-/lightningcss-1.29.2.tgz", - "integrity": "sha512-6b6gd/RUXKaw5keVdSEtqFVdzWnU5jMxTUjA2bVcMNPLwSQ08Sv/UodBVtETLCn7k4S1Ibxwh7k68IwLZPgKaA==", + "version": "1.30.1", + "resolved": "https://registry.npmjs.org/lightningcss/-/lightningcss-1.30.1.tgz", + "integrity": "sha512-xi6IyHML+c9+Q3W0S4fCQJOym42pyurFiJUHEcEyHS0CeKzia4yZDEsLlqOFykxOdHpNy0NmvVO31vcSqAxJCg==", "dev": true, "license": "MPL-2.0", "dependencies": { @@ -9274,22 +9913,22 @@ "url": "https://opencollective.com/parcel" }, "optionalDependencies": { - "lightningcss-darwin-arm64": "1.29.2", - "lightningcss-darwin-x64": "1.29.2", - "lightningcss-freebsd-x64": "1.29.2", - "lightningcss-linux-arm-gnueabihf": "1.29.2", - "lightningcss-linux-arm64-gnu": "1.29.2", - "lightningcss-linux-arm64-musl": "1.29.2", - "lightningcss-linux-x64-gnu": "1.29.2", - "lightningcss-linux-x64-musl": "1.29.2", - "lightningcss-win32-arm64-msvc": "1.29.2", - "lightningcss-win32-x64-msvc": "1.29.2" + "lightningcss-darwin-arm64": "1.30.1", + "lightningcss-darwin-x64": "1.30.1", + "lightningcss-freebsd-x64": "1.30.1", + "lightningcss-linux-arm-gnueabihf": "1.30.1", + "lightningcss-linux-arm64-gnu": "1.30.1", + "lightningcss-linux-arm64-musl": "1.30.1", + "lightningcss-linux-x64-gnu": "1.30.1", + "lightningcss-linux-x64-musl": "1.30.1", + "lightningcss-win32-arm64-msvc": "1.30.1", + "lightningcss-win32-x64-msvc": "1.30.1" } }, "node_modules/lightningcss-darwin-arm64": { - "version": "1.29.2", - "resolved": "https://registry.npmjs.org/lightningcss-darwin-arm64/-/lightningcss-darwin-arm64-1.29.2.tgz", - "integrity": "sha512-cK/eMabSViKn/PG8U/a7aCorpeKLMlK0bQeNHmdb7qUnBkNPnL+oV5DjJUo0kqWsJUapZsM4jCfYItbqBDvlcA==", + "version": "1.30.1", + "resolved": "https://registry.npmjs.org/lightningcss-darwin-arm64/-/lightningcss-darwin-arm64-1.30.1.tgz", + "integrity": "sha512-c8JK7hyE65X1MHMN+Viq9n11RRC7hgin3HhYKhrMyaXflk5GVplZ60IxyoVtzILeKr+xAJwg6zK6sjTBJ0FKYQ==", "cpu": [ "arm64" ], @@ -9308,9 +9947,9 @@ } }, "node_modules/lightningcss-darwin-x64": { - "version": "1.29.2", - "resolved": "https://registry.npmjs.org/lightningcss-darwin-x64/-/lightningcss-darwin-x64-1.29.2.tgz", - "integrity": "sha512-j5qYxamyQw4kDXX5hnnCKMf3mLlHvG44f24Qyi2965/Ycz829MYqjrVg2H8BidybHBp9kom4D7DR5VqCKDXS0w==", + "version": "1.30.1", + "resolved": "https://registry.npmjs.org/lightningcss-darwin-x64/-/lightningcss-darwin-x64-1.30.1.tgz", + "integrity": "sha512-k1EvjakfumAQoTfcXUcHQZhSpLlkAuEkdMBsI/ivWw9hL+7FtilQc0Cy3hrx0AAQrVtQAbMI7YjCgYgvn37PzA==", "cpu": [ "x64" ], @@ -9329,9 +9968,9 @@ } }, "node_modules/lightningcss-freebsd-x64": { - "version": "1.29.2", - "resolved": "https://registry.npmjs.org/lightningcss-freebsd-x64/-/lightningcss-freebsd-x64-1.29.2.tgz", - "integrity": "sha512-wDk7M2tM78Ii8ek9YjnY8MjV5f5JN2qNVO+/0BAGZRvXKtQrBC4/cn4ssQIpKIPP44YXw6gFdpUF+Ps+RGsCwg==", + "version": "1.30.1", + "resolved": "https://registry.npmjs.org/lightningcss-freebsd-x64/-/lightningcss-freebsd-x64-1.30.1.tgz", + "integrity": "sha512-kmW6UGCGg2PcyUE59K5r0kWfKPAVy4SltVeut+umLCFoJ53RdCUWxcRDzO1eTaxf/7Q2H7LTquFHPL5R+Gjyig==", "cpu": [ "x64" ], @@ -9350,9 +9989,9 @@ } }, "node_modules/lightningcss-linux-arm-gnueabihf": { - "version": "1.29.2", - "resolved": "https://registry.npmjs.org/lightningcss-linux-arm-gnueabihf/-/lightningcss-linux-arm-gnueabihf-1.29.2.tgz", - "integrity": "sha512-IRUrOrAF2Z+KExdExe3Rz7NSTuuJ2HvCGlMKoquK5pjvo2JY4Rybr+NrKnq0U0hZnx5AnGsuFHjGnNT14w26sg==", + "version": "1.30.1", + "resolved": "https://registry.npmjs.org/lightningcss-linux-arm-gnueabihf/-/lightningcss-linux-arm-gnueabihf-1.30.1.tgz", + "integrity": "sha512-MjxUShl1v8pit+6D/zSPq9S9dQ2NPFSQwGvxBCYaBYLPlCWuPh9/t1MRS8iUaR8i+a6w7aps+B4N0S1TYP/R+Q==", "cpu": [ "arm" ], @@ -9371,9 +10010,9 @@ } }, "node_modules/lightningcss-linux-arm64-gnu": { - "version": "1.29.2", - "resolved": "https://registry.npmjs.org/lightningcss-linux-arm64-gnu/-/lightningcss-linux-arm64-gnu-1.29.2.tgz", - "integrity": "sha512-KKCpOlmhdjvUTX/mBuaKemp0oeDIBBLFiU5Fnqxh1/DZ4JPZi4evEH7TKoSBFOSOV3J7iEmmBaw/8dpiUvRKlQ==", + "version": "1.30.1", + "resolved": "https://registry.npmjs.org/lightningcss-linux-arm64-gnu/-/lightningcss-linux-arm64-gnu-1.30.1.tgz", + "integrity": "sha512-gB72maP8rmrKsnKYy8XUuXi/4OctJiuQjcuqWNlJQ6jZiWqtPvqFziskH3hnajfvKB27ynbVCucKSm2rkQp4Bw==", "cpu": [ "arm64" ], @@ -9392,9 +10031,9 @@ } }, "node_modules/lightningcss-linux-arm64-musl": { - "version": "1.29.2", - "resolved": "https://registry.npmjs.org/lightningcss-linux-arm64-musl/-/lightningcss-linux-arm64-musl-1.29.2.tgz", - "integrity": "sha512-Q64eM1bPlOOUgxFmoPUefqzY1yV3ctFPE6d/Vt7WzLW4rKTv7MyYNky+FWxRpLkNASTnKQUaiMJ87zNODIrrKQ==", + "version": "1.30.1", + "resolved": "https://registry.npmjs.org/lightningcss-linux-arm64-musl/-/lightningcss-linux-arm64-musl-1.30.1.tgz", + "integrity": "sha512-jmUQVx4331m6LIX+0wUhBbmMX7TCfjF5FoOH6SD1CttzuYlGNVpA7QnrmLxrsub43ClTINfGSYyHe2HWeLl5CQ==", "cpu": [ "arm64" ], @@ -9413,9 +10052,9 @@ } }, "node_modules/lightningcss-linux-x64-gnu": { - "version": "1.29.2", - "resolved": "https://registry.npmjs.org/lightningcss-linux-x64-gnu/-/lightningcss-linux-x64-gnu-1.29.2.tgz", - "integrity": "sha512-0v6idDCPG6epLXtBH/RPkHvYx74CVziHo6TMYga8O2EiQApnUPZsbR9nFNrg2cgBzk1AYqEd95TlrsL7nYABQg==", + "version": "1.30.1", + "resolved": "https://registry.npmjs.org/lightningcss-linux-x64-gnu/-/lightningcss-linux-x64-gnu-1.30.1.tgz", + "integrity": "sha512-piWx3z4wN8J8z3+O5kO74+yr6ze/dKmPnI7vLqfSqI8bccaTGY5xiSGVIJBDd5K5BHlvVLpUB3S2YCfelyJ1bw==", "cpu": [ "x64" ], @@ -9434,9 +10073,9 @@ } }, "node_modules/lightningcss-linux-x64-musl": { - "version": "1.29.2", - "resolved": "https://registry.npmjs.org/lightningcss-linux-x64-musl/-/lightningcss-linux-x64-musl-1.29.2.tgz", - "integrity": "sha512-rMpz2yawkgGT8RULc5S4WiZopVMOFWjiItBT7aSfDX4NQav6M44rhn5hjtkKzB+wMTRlLLqxkeYEtQ3dd9696w==", + "version": "1.30.1", + "resolved": "https://registry.npmjs.org/lightningcss-linux-x64-musl/-/lightningcss-linux-x64-musl-1.30.1.tgz", + "integrity": "sha512-rRomAK7eIkL+tHY0YPxbc5Dra2gXlI63HL+v1Pdi1a3sC+tJTcFrHX+E86sulgAXeI7rSzDYhPSeHHjqFhqfeQ==", "cpu": [ "x64" ], @@ -9455,9 +10094,9 @@ } }, "node_modules/lightningcss-win32-arm64-msvc": { - "version": "1.29.2", - "resolved": "https://registry.npmjs.org/lightningcss-win32-arm64-msvc/-/lightningcss-win32-arm64-msvc-1.29.2.tgz", - "integrity": "sha512-nL7zRW6evGQqYVu/bKGK+zShyz8OVzsCotFgc7judbt6wnB2KbiKKJwBE4SGoDBQ1O94RjW4asrCjQL4i8Fhbw==", + "version": "1.30.1", + "resolved": "https://registry.npmjs.org/lightningcss-win32-arm64-msvc/-/lightningcss-win32-arm64-msvc-1.30.1.tgz", + "integrity": "sha512-mSL4rqPi4iXq5YVqzSsJgMVFENoa4nGTT/GjO2c0Yl9OuQfPsIfncvLrEW6RbbB24WtZ3xP/2CCmI3tNkNV4oA==", "cpu": [ "arm64" ], @@ -9476,9 +10115,9 @@ } }, "node_modules/lightningcss-win32-x64-msvc": { - "version": "1.29.2", - "resolved": "https://registry.npmjs.org/lightningcss-win32-x64-msvc/-/lightningcss-win32-x64-msvc-1.29.2.tgz", - "integrity": "sha512-EdIUW3B2vLuHmv7urfzMI/h2fmlnOQBk1xlsDxkN1tCWKjNFjfLhGxYk8C8mzpSfr+A6jFFIi8fU6LbQGsRWjA==", + "version": "1.30.1", + "resolved": "https://registry.npmjs.org/lightningcss-win32-x64-msvc/-/lightningcss-win32-x64-msvc-1.30.1.tgz", + "integrity": "sha512-PVqXh48wh4T53F/1CCu8PIPCxLzWyCnn/9T5W1Jpmdy5h9Cwd+0YQS6/LwhHXSafuc61/xg9Lv5OrCby6a++jg==", "cpu": [ "x64" ], @@ -9560,17 +10199,17 @@ "license": "MIT" }, "node_modules/log-symbols": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-4.1.0.tgz", - "integrity": "sha512-8XPvpAA8uyhfteu8pIvQxpJZ7SYYdpUivZpGy6sFsBuKRY/7rQGavedeB8aK+Zkyq6upMFVL/9AW6vOYzfRyLg==", + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-7.0.1.tgz", + "integrity": "sha512-ja1E3yCr9i/0hmBVaM0bfwDjnGy8I/s6PP4DFp+yP+a+mrHO4Rm7DtmnqROTUkHIkqffC84YY7AeqX6oFk0WFg==", "dev": true, "license": "MIT", "dependencies": { - "chalk": "^4.1.0", - "is-unicode-supported": "^0.1.0" + "is-unicode-supported": "^2.0.0", + "yoctocolors": "^2.1.1" }, "engines": { - "node": ">=10" + "node": ">=18" }, "funding": { "url": "https://github.com/sponsors/sindresorhus" @@ -9606,23 +10245,33 @@ } }, "node_modules/lru-cache": { - "version": "11.0.2", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.0.2.tgz", - "integrity": "sha512-123qHRfJBmo2jXDbo/a5YOQrJoHF/GNQTLzQ5+IdK5pWpceK17yRc6ozlWd25FxvGKQbIUs91fDFkXmDHTKcyA==", + "version": "11.1.0", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-11.1.0.tgz", + "integrity": "sha512-QIXZUBJUx+2zHUdQujWejBkcD9+cs94tLn0+YL8UrCh+D5sCXZ4c7LaEH48pNwRY3MLDgqUFyhlCyjJPf1WP0A==", "license": "ISC", "engines": { "node": "20 || >=22" } }, "node_modules/lucide-react": { - "version": "0.469.0", - "resolved": "https://registry.npmjs.org/lucide-react/-/lucide-react-0.469.0.tgz", - "integrity": "sha512-28vvUnnKQ/dBwiCQtwJw7QauYnE7yd2Cyp4tTTJpvglX4EMpbflcdBgrgToX2j71B3YvugK/NH3BGUk+E/p/Fw==", + "version": "0.539.0", + "resolved": "https://registry.npmjs.org/lucide-react/-/lucide-react-0.539.0.tgz", + "integrity": "sha512-VVISr+VF2krO91FeuCrm1rSOLACQUYVy7NQkzrOty52Y8TlTPcXcMdQFj9bYzBgXbWCiywlwSZ3Z8u6a+6bMlg==", "license": "ISC", "peerDependencies": { "react": "^16.5.1 || ^17.0.0 || ^18.0.0 || ^19.0.0" } }, + "node_modules/magic-string": { + "version": "0.30.17", + "resolved": "https://registry.npmjs.org/magic-string/-/magic-string-0.30.17.tgz", + "integrity": "sha512-sNPKHvyjVf7gyjwS4xGTaW/mCnF8wnjtifKBEhxfZ7E/S8tQ0rssrwGNn6q8JH/ohItJfSQp9mBtQYuTlH5QnA==", + "dev": true, + "license": "MIT", + "dependencies": { + "@jridgewell/sourcemap-codec": "^1.5.0" + } + }, "node_modules/marked": { "version": "7.0.4", "resolved": "https://registry.npmjs.org/marked/-/marked-7.0.4.tgz", @@ -9657,12 +10306,12 @@ } }, "node_modules/media-typer": { - "version": "0.3.0", - "resolved": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz", - "integrity": "sha512-dq+qelQ9akHpcOl/gUVRTxVIOkAJ1wR3QAvb4RsVjS8oVoFjDGTc679wJYmUmknUF5HwMLOgb5O+a3KxfWapPQ==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/media-typer/-/media-typer-1.1.0.tgz", + "integrity": "sha512-aisnrDP4GNe06UcKFnV5bfMNPBUw4jsLGaWwWfnH3v02GnBuXX2MCVn5RbrWo0j3pczUilYblq7fQ7Nw2t5XKw==", "license": "MIT", "engines": { - "node": ">= 0.6" + "node": ">= 0.8" } }, "node_modules/memfs": { @@ -9689,10 +10338,13 @@ } }, "node_modules/merge-descriptors": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.3.tgz", - "integrity": "sha512-gaNvAS7TZ897/rVaZ0nMtAyxNyi/pdbjbAwUpFQpN70GqnVfOiXpeUUMKRBmzXaSQ8DdTX4/0ms62r2K+hE6mQ==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-2.0.0.tgz", + "integrity": "sha512-Snk314V5ayFLhp3fkUREub6WtjBfPdCPY1Ln8/8munuLuiYhsABgBVWsozAG+MWMbVEvcdcpbi9R7ww22l9Q3g==", "license": "MIT", + "engines": { + "node": ">=18" + }, "funding": { "url": "https://github.com/sponsors/sindresorhus" } @@ -9713,15 +10365,6 @@ "node": ">= 8" } }, - "node_modules/methods": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz", - "integrity": "sha512-iclAHeNqNm68zFtnZ0e+1L2yUIdvzNoauKU4WBA3VvH/vPFieF7qfRlwUZU+DA9P9bPXIS90ulxoUoCH23sV2w==", - "license": "MIT", - "engines": { - "node": ">= 0.6" - } - }, "node_modules/micromatch": { "version": "4.0.8", "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", @@ -9747,34 +10390,22 @@ "url": "https://github.com/sponsors/jonschlinkert" } }, - "node_modules/mime": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/mime/-/mime-1.6.0.tgz", - "integrity": "sha512-x0Vn8spI+wuJ1O6S7gnbaQg8Pxh4NNHb7KSINmEWKiPE4RKOplvijn+NkmYmmRgP68mc70j2EbeTFRsrswaQeg==", - "license": "MIT", - "bin": { - "mime": "cli.js" - }, - "engines": { - "node": ">=4" - } - }, "node_modules/mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", + "version": "1.54.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.54.0.tgz", + "integrity": "sha512-aU5EJuIN2WDemCcAp2vFBfp/m4EAhWJnUNSSw0ixs7/kXbd6Pg64EmwJkNdFhB8aWt1sH2CTXrLxo/iAGV3oPQ==", "license": "MIT", "engines": { "node": ">= 0.6" } }, "node_modules/mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-3.0.1.tgz", + "integrity": "sha512-xRc4oEhT6eaBpU1XF7AjpOFD+xQmXNB5OVKwp4tqCuBpHLS/ZbBDrc07mYTDqVMg6PfxUjjNp85O6Cd2Z/5HWA==", "license": "MIT", "dependencies": { - "mime-db": "1.52.0" + "mime-db": "^1.54.0" }, "engines": { "node": ">= 0.6" @@ -9790,6 +10421,19 @@ "node": ">=6" } }, + "node_modules/mimic-function": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/mimic-function/-/mimic-function-5.0.1.tgz", + "integrity": "sha512-VP79XUPxV2CigYP3jWwAUFSku2aKqBH7uTAapFWCBqutsbmDo96KY5o8uh6U+/YSIn5OxJnXp73beVkpqMIGhA==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=18" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/mimic-response": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-3.1.0.tgz", @@ -9841,6 +10485,35 @@ "node": ">=16 || 14 >=14.17" } }, + "node_modules/minizlib": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-3.0.2.tgz", + "integrity": "sha512-oG62iEk+CYt5Xj2YqI5Xi9xWUeZhDI8jjQmC5oThVH5JGCTgIjr7ciJDzC7MBzYd//WvR1OTmP5Q38Q8ShQtVA==", + "dev": true, + "license": "MIT", + "dependencies": { + "minipass": "^7.1.2" + }, + "engines": { + "node": ">= 18" + } + }, + "node_modules/mkdirp": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-3.0.1.tgz", + "integrity": "sha512-+NsyUUAZDmo6YVHzL/stxSu3t9YS1iljliy3BSDrXJ/dkn1KYdmtZODGGjLcc9XLgVVpH4KshHB8XmZgMhaBXg==", + "dev": true, + "license": "MIT", + "bin": { + "mkdirp": "dist/cjs/src/bin.js" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" + } + }, "node_modules/mkdirp-classic": { "version": "0.5.3", "resolved": "https://registry.npmjs.org/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz", @@ -9877,9 +10550,9 @@ } }, "node_modules/nanoid": { - "version": "3.3.8", - "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.8.tgz", - "integrity": "sha512-WNLf5Sd8oZxOm+TzppcYk8gVOgP+l58xNy58D0nbUnOxOWRWvlcCV4kUF7ltmI6PsrLl/BgKEyS4mqsGChFN0w==", + "version": "3.3.11", + "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.11.tgz", + "integrity": "sha512-N8SpfPUnUp1bK+PMYW8qSWdl9U+wwNWI4QKxOYDy9JAro3WMX7p2OeVRF9v+347pnakNevPmiHhNmZ2HbFA76w==", "funding": [ { "type": "github", @@ -9900,6 +10573,21 @@ "integrity": "sha512-GEbrYkbfF7MoNaoh2iGG84Mnf/WZfB0GdGEsM8wz7Expx/LlWf5U8t9nvJKXSp3qr5IsEbK04cBGhol/KwOsWA==", "license": "MIT" }, + "node_modules/napi-postinstall": { + "version": "0.3.3", + "resolved": "https://registry.npmjs.org/napi-postinstall/-/napi-postinstall-0.3.3.tgz", + "integrity": "sha512-uTp172LLXSxuSYHv/kou+f6KW3SMppU9ivthaVTXian9sOt3XM/zHYHpRZiLgQoxeWfYUnslNWQHF1+G71xcow==", + "license": "MIT", + "bin": { + "napi-postinstall": "lib/cli.js" + }, + "engines": { + "node": "^12.20.0 || ^14.18.0 || >=16.0.0" + }, + "funding": { + "url": "https://opencollective.com/napi-postinstall" + } + }, "node_modules/natural-compare": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz", @@ -9907,24 +10595,22 @@ "license": "MIT" }, "node_modules/negotiator": { - "version": "0.6.3", - "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz", - "integrity": "sha512-+EUsqGPLsM+j/zdChZjsnX51g4XrHFOIXwfnCVPGlQk/k5giakcKsuxCObBRu6DSm9opw/O6slWbJdghQM4bBg==", + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-1.0.0.tgz", + "integrity": "sha512-8Ofs/AUQh8MaEcrlq5xOX0CQ9ypTF5dl78mjlMNfOK08fzpgTHQRQPBxcPlEtIw0yRpws+Zo/3r+5WRby7u3Gg==", "license": "MIT", "engines": { "node": ">= 0.6" } }, "node_modules/next": { - "version": "15.2.4", - "resolved": "https://registry.npmjs.org/next/-/next-15.2.4.tgz", - "integrity": "sha512-VwL+LAaPSxEkd3lU2xWbgEOtrM8oedmyhBqaVNmgKB+GvZlCy9rgaEc+y2on0wv+l0oSFqLtYD6dcC1eAedUaQ==", + "version": "15.4.6", + "resolved": "https://registry.npmjs.org/next/-/next-15.4.6.tgz", + "integrity": "sha512-us++E/Q80/8+UekzB3SAGs71AlLDsadpFMXVNM/uQ0BMwsh9m3mr0UNQIfjKed8vpWXsASe+Qifrnu1oLIcKEQ==", "license": "MIT", "dependencies": { - "@next/env": "15.2.4", - "@swc/counter": "0.1.3", + "@next/env": "15.4.6", "@swc/helpers": "0.5.15", - "busboy": "1.6.0", "caniuse-lite": "^1.0.30001579", "postcss": "8.4.31", "styled-jsx": "5.1.6" @@ -9936,19 +10622,19 @@ "node": "^18.18.0 || ^19.8.0 || >= 20.0.0" }, "optionalDependencies": { - "@next/swc-darwin-arm64": "15.2.4", - "@next/swc-darwin-x64": "15.2.4", - "@next/swc-linux-arm64-gnu": "15.2.4", - "@next/swc-linux-arm64-musl": "15.2.4", - "@next/swc-linux-x64-gnu": "15.2.4", - "@next/swc-linux-x64-musl": "15.2.4", - "@next/swc-win32-arm64-msvc": "15.2.4", - "@next/swc-win32-x64-msvc": "15.2.4", - "sharp": "^0.33.5" + "@next/swc-darwin-arm64": "15.4.6", + "@next/swc-darwin-x64": "15.4.6", + "@next/swc-linux-arm64-gnu": "15.4.6", + "@next/swc-linux-arm64-musl": "15.4.6", + "@next/swc-linux-x64-gnu": "15.4.6", + "@next/swc-linux-x64-musl": "15.4.6", + "@next/swc-win32-arm64-msvc": "15.4.6", + "@next/swc-win32-x64-msvc": "15.4.6", + "sharp": "^0.34.3" }, "peerDependencies": { "@opentelemetry/api": "^1.1.0", - "@playwright/test": "^1.41.2", + "@playwright/test": "^1.51.1", "babel-plugin-react-compiler": "*", "react": "^18.2.0 || 19.0.0-rc-de68d2f4-20241204 || ^19.0.0", "react-dom": "^18.2.0 || 19.0.0-rc-de68d2f4-20241204 || ^19.0.0", @@ -9969,10 +10655,37 @@ } } }, + "node_modules/next-intl": { + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/next-intl/-/next-intl-4.3.4.tgz", + "integrity": "sha512-VWLIDlGbnL/o4LnveJTJD1NOYN8lh3ZAGTWw2krhfgg53as3VsS4jzUVnArJdqvwtlpU/2BIDbWTZ7V4o1jFEw==", + "funding": [ + { + "type": "individual", + "url": "https://github.com/sponsors/amannn" + } + ], + "license": "MIT", + "dependencies": { + "@formatjs/intl-localematcher": "^0.5.4", + "negotiator": "^1.0.0", + "use-intl": "^4.3.4" + }, + "peerDependencies": { + "next": "^12.0.0 || ^13.0.0 || ^14.0.0 || ^15.0.0", + "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || >=19.0.0-rc <19.0.0 || ^19.0.0", + "typescript": "^5.0.0" + }, + "peerDependenciesMeta": { + "typescript": { + "optional": true + } + } + }, "node_modules/next-themes": { - "version": "0.4.4", - "resolved": "https://registry.npmjs.org/next-themes/-/next-themes-0.4.4.tgz", - "integrity": "sha512-LDQ2qIOJF0VnuVrrMSMLrWGjRMkq+0mpgl6e0juCLqdJ+oo8Q84JRWT6Wh11VDQKkMMe+dVzDKLWs5n87T+PkQ==", + "version": "0.4.6", + "resolved": "https://registry.npmjs.org/next-themes/-/next-themes-0.4.6.tgz", + "integrity": "sha512-pZvgD5L0IEvX5/9GWyHMf3m8BKiVQwsCMHfoFosXtXBMnaS0ZnIJ9ST4b4NqLVKDEm8QBxoNNGNaBv2JNF6XNA==", "license": "MIT", "peerDependencies": { "react": "^16.8 || ^17 || ^18 || ^19 || ^19.0.0-rc", @@ -10008,9 +10721,9 @@ } }, "node_modules/node-abi": { - "version": "3.73.0", - "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-3.73.0.tgz", - "integrity": "sha512-z8iYzQGBu35ZkTQ9mtR8RqugJZ9RCLn8fv3d7LsgDBzOijGQP3RdKTX4LA7LXw03ZhU5z0l4xfhIMgSES31+cg==", + "version": "3.75.0", + "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-3.75.0.tgz", + "integrity": "sha512-OhYaY5sDsIka7H7AtijtI9jwGYLyl29eQn/W623DiN/MIv5sUqc4g7BIDThX+gb7di9f6xK02nkp8sdfFWZLTg==", "license": "MIT", "dependencies": { "semver": "^7.3.5" @@ -10031,19 +10744,11 @@ "node": ">= 8.0.0" } }, - "node_modules/node-cache/node_modules/clone": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/clone/-/clone-2.1.2.tgz", - "integrity": "sha512-3Pe/CF1Nn94hyhIYpjtiLhdCoEoz0DqQ+988E9gmeEdQZlojxnOb74wctFyuwWQHzqyf9X7C7MG8juUpqBJT8w==", - "license": "MIT", - "engines": { - "node": ">=0.8" - } - }, "node_modules/node-domexception": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/node-domexception/-/node-domexception-1.0.0.tgz", "integrity": "sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==", + "deprecated": "Use your platform's native DOMException instead", "funding": [ { "type": "github", @@ -10078,9 +10783,9 @@ } }, "node_modules/nodemailer": { - "version": "6.9.16", - "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.9.16.tgz", - "integrity": "sha512-psAuZdTIRN08HKVd/E8ObdV6NO7NTBY3KsC30F7M4H1OnmLCUNaS56FpYxyb26zWLSyYF9Ozch9KYHhHegsiOQ==", + "version": "7.0.5", + "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-7.0.5.tgz", + "integrity": "sha512-nsrh2lO3j4GkLLXoeEksAMgAOqxOv6QumNRVQTJwKH4nuiww6iC2y7GyANs9kRAxCexg3+lTWM3PZ91iLlVjfg==", "license": "MIT-0", "engines": { "node": ">=6.0.0" @@ -10097,9 +10802,9 @@ } }, "node_modules/npm": { - "version": "11.2.0", - "resolved": "https://registry.npmjs.org/npm/-/npm-11.2.0.tgz", - "integrity": "sha512-PcnFC6gTo9VDkxVaQ1/mZAS3JoWrDjAI+a6e2NgfYQSGDwftJlbdV0jBMi2V8xQPqbGcWaa7p3UP0SKF+Bhm2g==", + "version": "11.5.2", + "resolved": "https://registry.npmjs.org/npm/-/npm-11.5.2.tgz", + "integrity": "sha512-qsEkHPw/Qdw4eA1kKVxsa5F6QeJCiLM1GaexGt/FpUpfiBxkLXVXIVtscOAeVWVe17pmYwD9Aji8dfsXR4r68w==", "bundleDependencies": [ "@isaacs/string-locale-compare", "@npmcli/arborist", @@ -10178,48 +10883,48 @@ ], "dependencies": { "@isaacs/string-locale-compare": "^1.1.0", - "@npmcli/arborist": "^9.0.1", - "@npmcli/config": "^10.1.0", + "@npmcli/arborist": "^9.1.3", + "@npmcli/config": "^10.3.1", "@npmcli/fs": "^4.0.0", "@npmcli/map-workspaces": "^4.0.2", - "@npmcli/package-json": "^6.1.1", + "@npmcli/package-json": "^6.2.0", "@npmcli/promise-spawn": "^8.0.2", - "@npmcli/redact": "^3.1.1", - "@npmcli/run-script": "^9.0.1", - "@sigstore/tuf": "^3.0.0", - "abbrev": "^3.0.0", + "@npmcli/redact": "^3.2.2", + "@npmcli/run-script": "^9.1.0", + "@sigstore/tuf": "^3.1.1", + "abbrev": "^3.0.1", "archy": "~1.0.0", "cacache": "^19.0.1", "chalk": "^5.4.1", - "ci-info": "^4.1.0", + "ci-info": "^4.3.0", "cli-columns": "^4.0.0", "fastest-levenshtein": "^1.0.16", "fs-minipass": "^3.0.3", "glob": "^10.4.5", "graceful-fs": "^4.2.11", - "hosted-git-info": "^8.0.2", + "hosted-git-info": "^8.1.0", "ini": "^5.0.0", - "init-package-json": "^8.0.0", + "init-package-json": "^8.2.1", "is-cidr": "^5.1.1", "json-parse-even-better-errors": "^4.0.0", - "libnpmaccess": "^10.0.0", - "libnpmdiff": "^8.0.1", - "libnpmexec": "^10.1.0", - "libnpmfund": "^7.0.1", + "libnpmaccess": "^10.0.1", + "libnpmdiff": "^8.0.6", + "libnpmexec": "^10.1.5", + "libnpmfund": "^7.0.6", "libnpmorg": "^8.0.0", - "libnpmpack": "^9.0.1", - "libnpmpublish": "^11.0.0", + "libnpmpack": "^9.0.6", + "libnpmpublish": "^11.1.0", "libnpmsearch": "^9.0.0", - "libnpmteam": "^8.0.0", - "libnpmversion": "^8.0.0", + "libnpmteam": "^8.0.1", + "libnpmversion": "^8.0.1", "make-fetch-happen": "^14.0.3", "minimatch": "^9.0.5", "minipass": "^7.1.1", "minipass-pipeline": "^1.2.4", "ms": "^2.1.2", - "node-gyp": "^11.1.0", + "node-gyp": "^11.2.0", "nopt": "^8.1.0", - "normalize-package-data": "^7.0.0", + "normalize-package-data": "^7.0.1", "npm-audit-report": "^6.0.0", "npm-install-checks": "^7.1.1", "npm-package-arg": "^12.0.2", @@ -10233,7 +10938,7 @@ "proc-log": "^5.0.0", "qrcode-terminal": "^0.12.0", "read": "^4.1.0", - "semver": "^7.7.1", + "semver": "^7.7.2", "spdx-expression-parse": "^4.0.0", "ssri": "^12.0.0", "supports-color": "^10.0.0", @@ -10241,7 +10946,7 @@ "text-table": "~0.2.0", "tiny-relative-date": "^1.3.0", "treeverse": "^3.0.0", - "validate-npm-package-name": "^6.0.0", + "validate-npm-package-name": "^6.0.2", "which": "^5.0.0" }, "bin": { @@ -10359,7 +11064,7 @@ } }, "node_modules/npm/node_modules/@npmcli/arborist": { - "version": "9.0.1", + "version": "9.1.3", "inBundle": true, "license": "ISC", "dependencies": { @@ -10406,7 +11111,7 @@ } }, "node_modules/npm/node_modules/@npmcli/config": { - "version": "10.1.0", + "version": "10.3.1", "inBundle": true, "license": "ISC", "dependencies": { @@ -10482,7 +11187,7 @@ } }, "node_modules/npm/node_modules/@npmcli/metavuln-calculator": { - "version": "9.0.0", + "version": "9.0.1", "inBundle": true, "license": "ISC", "dependencies": { @@ -10513,7 +11218,7 @@ } }, "node_modules/npm/node_modules/@npmcli/package-json": { - "version": "6.1.1", + "version": "6.2.0", "inBundle": true, "license": "ISC", "dependencies": { @@ -10541,18 +11246,18 @@ } }, "node_modules/npm/node_modules/@npmcli/query": { - "version": "4.0.0", + "version": "4.0.1", "inBundle": true, "license": "ISC", "dependencies": { - "postcss-selector-parser": "^6.1.2" + "postcss-selector-parser": "^7.0.0" }, "engines": { "node": "^18.17.0 || >=20.5.0" } }, "node_modules/npm/node_modules/@npmcli/redact": { - "version": "3.1.1", + "version": "3.2.2", "inBundle": true, "license": "ISC", "engines": { @@ -10560,7 +11265,7 @@ } }, "node_modules/npm/node_modules/@npmcli/run-script": { - "version": "9.0.2", + "version": "9.1.0", "inBundle": true, "license": "ISC", "dependencies": { @@ -10604,7 +11309,7 @@ } }, "node_modules/npm/node_modules/@sigstore/protobuf-specs": { - "version": "0.4.0", + "version": "0.4.3", "inBundle": true, "license": "Apache-2.0", "engines": { @@ -10628,11 +11333,11 @@ } }, "node_modules/npm/node_modules/@sigstore/tuf": { - "version": "3.1.0", + "version": "3.1.1", "inBundle": true, "license": "Apache-2.0", "dependencies": { - "@sigstore/protobuf-specs": "^0.4.0", + "@sigstore/protobuf-specs": "^0.4.1", "tuf-js": "^3.0.1" }, "engines": { @@ -10640,13 +11345,13 @@ } }, "node_modules/npm/node_modules/@sigstore/verify": { - "version": "2.1.0", + "version": "2.1.1", "inBundle": true, "license": "Apache-2.0", "dependencies": { "@sigstore/bundle": "^3.1.0", "@sigstore/core": "^2.0.0", - "@sigstore/protobuf-specs": "^0.4.0" + "@sigstore/protobuf-specs": "^0.4.1" }, "engines": { "node": "^18.17.0 || >=20.5.0" @@ -10673,7 +11378,7 @@ } }, "node_modules/npm/node_modules/abbrev": { - "version": "3.0.0", + "version": "3.0.1", "inBundle": true, "license": "ISC", "engines": { @@ -10681,7 +11386,7 @@ } }, "node_modules/npm/node_modules/agent-base": { - "version": "7.1.3", + "version": "7.1.4", "inBundle": true, "license": "MIT", "engines": { @@ -10708,7 +11413,7 @@ } }, "node_modules/npm/node_modules/aproba": { - "version": "2.0.0", + "version": "2.1.0", "inBundle": true, "license": "ISC" }, @@ -10738,7 +11443,7 @@ } }, "node_modules/npm/node_modules/binary-extensions": { - "version": "3.0.0", + "version": "3.1.0", "inBundle": true, "license": "MIT", "engines": { @@ -10749,7 +11454,7 @@ } }, "node_modules/npm/node_modules/brace-expansion": { - "version": "2.0.1", + "version": "2.0.2", "inBundle": true, "license": "MIT", "dependencies": { @@ -10787,12 +11492,11 @@ } }, "node_modules/npm/node_modules/cacache/node_modules/minizlib": { - "version": "3.0.1", + "version": "3.0.2", "inBundle": true, "license": "MIT", "dependencies": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" + "minipass": "^7.1.2" }, "engines": { "node": ">= 18" @@ -10856,7 +11560,7 @@ } }, "node_modules/npm/node_modules/ci-info": { - "version": "4.1.0", + "version": "4.3.0", "funding": [ { "type": "github", @@ -10960,7 +11664,7 @@ } }, "node_modules/npm/node_modules/debug": { - "version": "4.4.0", + "version": "4.4.1", "inBundle": true, "license": "MIT", "dependencies": { @@ -11079,7 +11783,7 @@ "license": "ISC" }, "node_modules/npm/node_modules/hosted-git-info": { - "version": "8.0.2", + "version": "8.1.0", "inBundle": true, "license": "ISC", "dependencies": { @@ -11090,7 +11794,7 @@ } }, "node_modules/npm/node_modules/http-cache-semantics": { - "version": "4.1.1", + "version": "4.2.0", "inBundle": true, "license": "BSD-2-Clause" }, @@ -11158,7 +11862,7 @@ } }, "node_modules/npm/node_modules/init-package-json": { - "version": "8.0.0", + "version": "8.2.1", "inBundle": true, "license": "ISC", "dependencies": { @@ -11275,7 +11979,7 @@ "license": "MIT" }, "node_modules/npm/node_modules/libnpmaccess": { - "version": "10.0.0", + "version": "10.0.1", "inBundle": true, "license": "ISC", "dependencies": { @@ -11287,11 +11991,11 @@ } }, "node_modules/npm/node_modules/libnpmdiff": { - "version": "8.0.1", + "version": "8.0.6", "inBundle": true, "license": "ISC", "dependencies": { - "@npmcli/arborist": "^9.0.1", + "@npmcli/arborist": "^9.1.3", "@npmcli/installed-package-contents": "^3.0.0", "binary-extensions": "^3.0.0", "diff": "^7.0.0", @@ -11305,11 +12009,11 @@ } }, "node_modules/npm/node_modules/libnpmexec": { - "version": "10.1.0", + "version": "10.1.5", "inBundle": true, "license": "ISC", "dependencies": { - "@npmcli/arborist": "^9.0.1", + "@npmcli/arborist": "^9.1.3", "@npmcli/package-json": "^6.1.1", "@npmcli/run-script": "^9.0.1", "ci-info": "^4.0.0", @@ -11326,11 +12030,11 @@ } }, "node_modules/npm/node_modules/libnpmfund": { - "version": "7.0.1", + "version": "7.0.6", "inBundle": true, "license": "ISC", "dependencies": { - "@npmcli/arborist": "^9.0.1" + "@npmcli/arborist": "^9.1.3" }, "engines": { "node": "^20.17.0 || >=22.9.0" @@ -11349,11 +12053,11 @@ } }, "node_modules/npm/node_modules/libnpmpack": { - "version": "9.0.1", + "version": "9.0.6", "inBundle": true, "license": "ISC", "dependencies": { - "@npmcli/arborist": "^9.0.1", + "@npmcli/arborist": "^9.1.3", "@npmcli/run-script": "^9.0.1", "npm-package-arg": "^12.0.0", "pacote": "^21.0.0" @@ -11363,12 +12067,12 @@ } }, "node_modules/npm/node_modules/libnpmpublish": { - "version": "11.0.0", + "version": "11.1.0", "inBundle": true, "license": "ISC", "dependencies": { + "@npmcli/package-json": "^6.2.0", "ci-info": "^4.0.0", - "normalize-package-data": "^7.0.0", "npm-package-arg": "^12.0.0", "npm-registry-fetch": "^18.0.1", "proc-log": "^5.0.0", @@ -11392,7 +12096,7 @@ } }, "node_modules/npm/node_modules/libnpmteam": { - "version": "8.0.0", + "version": "8.0.1", "inBundle": true, "license": "ISC", "dependencies": { @@ -11404,7 +12108,7 @@ } }, "node_modules/npm/node_modules/libnpmversion": { - "version": "8.0.0", + "version": "8.0.1", "inBundle": true, "license": "ISC", "dependencies": { @@ -11486,7 +12190,7 @@ } }, "node_modules/npm/node_modules/minipass-fetch": { - "version": "4.0.0", + "version": "4.0.1", "inBundle": true, "license": "MIT", "dependencies": { @@ -11502,12 +12206,11 @@ } }, "node_modules/npm/node_modules/minipass-fetch/node_modules/minizlib": { - "version": "3.0.1", + "version": "3.0.2", "inBundle": true, "license": "MIT", "dependencies": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" + "minipass": "^7.1.2" }, "engines": { "node": ">= 18" @@ -11627,19 +12330,19 @@ } }, "node_modules/npm/node_modules/node-gyp": { - "version": "11.1.0", + "version": "11.2.0", "inBundle": true, "license": "MIT", "dependencies": { "env-paths": "^2.2.0", "exponential-backoff": "^3.1.1", - "glob": "^10.3.10", "graceful-fs": "^4.2.6", "make-fetch-happen": "^14.0.3", "nopt": "^8.0.0", "proc-log": "^5.0.0", "semver": "^7.3.5", "tar": "^7.4.3", + "tinyglobby": "^0.2.12", "which": "^5.0.0" }, "bin": { @@ -11658,12 +12361,11 @@ } }, "node_modules/npm/node_modules/node-gyp/node_modules/minizlib": { - "version": "3.0.1", + "version": "3.0.2", "inBundle": true, "license": "MIT", "dependencies": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" + "minipass": "^7.1.2" }, "engines": { "node": ">= 18" @@ -11722,7 +12424,7 @@ } }, "node_modules/npm/node_modules/normalize-package-data": { - "version": "7.0.0", + "version": "7.0.1", "inBundle": true, "license": "BSD-2-Clause", "dependencies": { @@ -11842,12 +12544,11 @@ } }, "node_modules/npm/node_modules/npm-registry-fetch/node_modules/minizlib": { - "version": "3.0.1", + "version": "3.0.2", "inBundle": true, "license": "MIT", "dependencies": { - "minipass": "^7.0.4", - "rimraf": "^5.0.5" + "minipass": "^7.1.2" }, "engines": { "node": ">= 18" @@ -11944,7 +12645,7 @@ } }, "node_modules/npm/node_modules/postcss-selector-parser": { - "version": "6.1.2", + "version": "7.1.0", "inBundle": true, "license": "MIT", "dependencies": { @@ -12056,20 +12757,6 @@ "node": ">= 4" } }, - "node_modules/npm/node_modules/rimraf": { - "version": "5.0.10", - "inBundle": true, - "license": "ISC", - "dependencies": { - "glob": "^10.3.7" - }, - "bin": { - "rimraf": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/npm/node_modules/safer-buffer": { "version": "2.1.2", "inBundle": true, @@ -12077,7 +12764,7 @@ "optional": true }, "node_modules/npm/node_modules/semver": { - "version": "7.7.1", + "version": "7.7.2", "inBundle": true, "license": "ISC", "bin": { @@ -12143,7 +12830,7 @@ } }, "node_modules/npm/node_modules/socks": { - "version": "2.8.4", + "version": "2.8.6", "inBundle": true, "license": "MIT", "dependencies": { @@ -12338,6 +13025,45 @@ "inBundle": true, "license": "MIT" }, + "node_modules/npm/node_modules/tinyglobby": { + "version": "0.2.14", + "inBundle": true, + "license": "MIT", + "dependencies": { + "fdir": "^6.4.4", + "picomatch": "^4.0.2" + }, + "engines": { + "node": ">=12.0.0" + }, + "funding": { + "url": "https://github.com/sponsors/SuperchupuDev" + } + }, + "node_modules/npm/node_modules/tinyglobby/node_modules/fdir": { + "version": "6.4.6", + "inBundle": true, + "license": "MIT", + "peerDependencies": { + "picomatch": "^3 || ^4" + }, + "peerDependenciesMeta": { + "picomatch": { + "optional": true + } + } + }, + "node_modules/npm/node_modules/tinyglobby/node_modules/picomatch": { + "version": "4.0.3", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/jonschlinkert" + } + }, "node_modules/npm/node_modules/treeverse": { "version": "3.0.0", "inBundle": true, @@ -12347,13 +13073,13 @@ } }, "node_modules/npm/node_modules/tuf-js": { - "version": "3.0.1", + "version": "3.1.0", "inBundle": true, "license": "MIT", "dependencies": { "@tufjs/models": "3.0.1", - "debug": "^4.3.6", - "make-fetch-happen": "^14.0.1" + "debug": "^4.4.1", + "make-fetch-happen": "^14.0.3" }, "engines": { "node": "^18.17.0 || >=20.5.0" @@ -12405,7 +13131,7 @@ } }, "node_modules/npm/node_modules/validate-npm-package-name": { - "version": "6.0.0", + "version": "6.0.2", "inBundle": true, "license": "ISC", "engines": { @@ -12552,6 +13278,26 @@ "inBundle": true, "license": "ISC" }, + "node_modules/nypm": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/nypm/-/nypm-0.6.0.tgz", + "integrity": "sha512-mn8wBFV9G9+UFHIrq+pZ2r2zL4aPau/by3kJb3cM7+5tQHMt6HGQB8FDIeKFYp8o0D2pnH6nVsO88N4AmUxIWg==", + "dev": true, + "license": "MIT", + "dependencies": { + "citty": "^0.1.6", + "consola": "^3.4.0", + "pathe": "^2.0.3", + "pkg-types": "^2.0.0", + "tinyexec": "^0.3.2" + }, + "bin": { + "nypm": "dist/cli.mjs" + }, + "engines": { + "node": "^14.16.0 || >=16.10.0" + } + }, "node_modules/object-assign": { "version": "4.1.1", "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", @@ -12571,9 +13317,9 @@ } }, "node_modules/object-inspect": { - "version": "1.13.3", - "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.3.tgz", - "integrity": "sha512-kDCGIbxkDSXE3euJZZXzc6to7fCrKHNI/hSRQnRuQ+BWjFNzZwiFF8fj/6o2t2G9/jTj8PSIYTfCLelLZEeRpA==", + "version": "1.13.4", + "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.4.tgz", + "integrity": "sha512-W67iLl4J2EXEGTbfeHCffrjDfitvLANg0UlX3wFUUSTx92KXRFegMHUVgSqE+wvhAbi4WqjGg9czysTV2Epbew==", "license": "MIT", "engines": { "node": ">= 0.4" @@ -12622,14 +13368,15 @@ } }, "node_modules/object.entries": { - "version": "1.1.8", - "resolved": "https://registry.npmjs.org/object.entries/-/object.entries-1.1.8.tgz", - "integrity": "sha512-cmopxi8VwRIAw/fkijJohSfpef5PdN0pMQJN6VC/ZKvn0LIknWD8KtgY6KlQdEc4tIjcQ3HxSMmnvtzIscdaYQ==", + "version": "1.1.9", + "resolved": "https://registry.npmjs.org/object.entries/-/object.entries-1.1.9.tgz", + "integrity": "sha512-8u/hfXFRBD1O0hPUjioLhoWFHRmt6tKA4/vZPyckBr18l1KE9uHrFaFaUi8MDRTpi4uak2goyPTSNJLXX2k2Hw==", "license": "MIT", "dependencies": { - "call-bind": "^1.0.7", + "call-bind": "^1.0.8", + "call-bound": "^1.0.4", "define-properties": "^1.2.1", - "es-object-atoms": "^1.0.0" + "es-object-atoms": "^1.1.1" }, "engines": { "node": ">= 0.4" @@ -12732,12 +13479,12 @@ } }, "node_modules/openapi3-ts": { - "version": "4.4.0", - "resolved": "https://registry.npmjs.org/openapi3-ts/-/openapi3-ts-4.4.0.tgz", - "integrity": "sha512-9asTNB9IkKEzWMcHmVZE7Ts3kC9G7AFHfs8i7caD8HbI76gEjdkId4z/AkP83xdZsH7PLAnnbl47qZkXuxpArw==", + "version": "4.5.0", + "resolved": "https://registry.npmjs.org/openapi3-ts/-/openapi3-ts-4.5.0.tgz", + "integrity": "sha512-jaL+HgTq2Gj5jRcfdutgRGLosCy/hT8sQf6VOy+P+g36cZOjI1iukdPnijC+4CmeRzg/jEllJUboEic2FhxhtQ==", "license": "MIT", "dependencies": { - "yaml": "^2.5.0" + "yaml": "^2.8.0" } }, "node_modules/optimist": { @@ -12767,50 +13514,95 @@ } }, "node_modules/ora": { - "version": "5.4.1", - "resolved": "https://registry.npmjs.org/ora/-/ora-5.4.1.tgz", - "integrity": "sha512-5b6Y85tPxZZ7QytO+BQzysW31HJku27cRIlkbAXaNx+BdcVi+LlRFmVXzeF6a7JCwJpyw5c4b+YSVImQIrBpuQ==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/ora/-/ora-8.2.0.tgz", + "integrity": "sha512-weP+BZ8MVNnlCm8c0Qdc1WSWq4Qn7I+9CJGm7Qali6g44e/PUzbjNqJX5NJ9ljlNMosfJvg1fKEGILklK9cwnw==", "dev": true, "license": "MIT", "dependencies": { - "bl": "^4.1.0", - "chalk": "^4.1.0", - "cli-cursor": "^3.1.0", - "cli-spinners": "^2.5.0", - "is-interactive": "^1.0.0", - "is-unicode-supported": "^0.1.0", - "log-symbols": "^4.1.0", - "strip-ansi": "^6.0.0", - "wcwidth": "^1.0.1" + "chalk": "^5.3.0", + "cli-cursor": "^5.0.0", + "cli-spinners": "^2.9.2", + "is-interactive": "^2.0.0", + "is-unicode-supported": "^2.0.0", + "log-symbols": "^6.0.0", + "stdin-discarder": "^0.2.2", + "string-width": "^7.2.0", + "strip-ansi": "^7.1.0" }, "engines": { - "node": ">=10" + "node": ">=18" }, "funding": { "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/ora/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "node_modules/ora/node_modules/chalk": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-5.5.0.tgz", + "integrity": "sha512-1tm8DTaJhPBG3bIkVeZt1iZM9GfSX2lzOeDVZH9R9ffRHpmHvxZ/QhgQH/aDTkswQVt+YHdXAdS/In/30OjCbg==", "dev": true, "license": "MIT", "engines": { - "node": ">=8" + "node": "^12.17.0 || ^14.13 || >=16.0.0" + }, + "funding": { + "url": "https://github.com/chalk/chalk?sponsor=1" } }, - "node_modules/ora/node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "node_modules/ora/node_modules/emoji-regex": { + "version": "10.4.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-10.4.0.tgz", + "integrity": "sha512-EC+0oUMY1Rqm4O6LLrgjtYDvcVYTy7chDnM4Q7030tP4Kwj3u/pR6gP9ygnp2CJMK5Gq+9Q2oqmrFJAz01DXjw==", + "dev": true, + "license": "MIT" + }, + "node_modules/ora/node_modules/log-symbols": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-6.0.0.tgz", + "integrity": "sha512-i24m8rpwhmPIS4zscNzK6MSEhk0DUWa/8iYQWxhffV8jkI4Phvs3F+quL5xvS0gdQR0FyTCMMH33Y78dDTzzIw==", "dev": true, "license": "MIT", "dependencies": { - "ansi-regex": "^5.0.1" + "chalk": "^5.3.0", + "is-unicode-supported": "^1.3.0" }, "engines": { - "node": ">=8" + "node": ">=18" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/ora/node_modules/log-symbols/node_modules/is-unicode-supported": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/is-unicode-supported/-/is-unicode-supported-1.3.0.tgz", + "integrity": "sha512-43r2mRvz+8JRIKnWJ+3j8JtjRKZ6GmjzfaE/qiBJnikNnYv/6bagRJ1kUhNk8R5EX/GkobD+r+sfxCPJsiKBLQ==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/ora/node_modules/string-width": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-7.2.0.tgz", + "integrity": "sha512-tsaTIkKW9b4N+AEj+SVA+WhJzV7/zMhcSu78mLKWSk7cXMOSHsBKFWUs0fWwq8QyK3MgJBQRX6Gbi4kYbdvGkQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "emoji-regex": "^10.3.0", + "get-east-asian-width": "^1.0.0", + "strip-ansi": "^7.1.0" + }, + "engines": { + "node": ">=18" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, "node_modules/oslo": { @@ -12824,6 +13616,26 @@ "@node-rs/bcrypt": "1.9.0" } }, + "node_modules/oslo/node_modules/@emnapi/core": { + "version": "0.45.0", + "resolved": "https://registry.npmjs.org/@emnapi/core/-/core-0.45.0.tgz", + "integrity": "sha512-DPWjcUDQkCeEM4VnljEOEcXdAD7pp8zSZsgOujk/LGIwCXWbXJngin+MO4zbH429lzeC3WbYLGjE2MaUOwzpyw==", + "license": "MIT", + "optional": true, + "dependencies": { + "tslib": "^2.4.0" + } + }, + "node_modules/oslo/node_modules/@emnapi/runtime": { + "version": "0.45.0", + "resolved": "https://registry.npmjs.org/@emnapi/runtime/-/runtime-0.45.0.tgz", + "integrity": "sha512-Txumi3td7J4A/xTTwlssKieHKTGl3j4A1tglBx72auZ49YK7ePY6XZricgIg9mnZT4xPfA+UPCUdnhRuEFDL+w==", + "license": "MIT", + "optional": true, + "dependencies": { + "tslib": "^2.4.0" + } + }, "node_modules/oslo/node_modules/@node-rs/argon2": { "version": "1.7.0", "resolved": "https://registry.npmjs.org/@node-rs/argon2/-/argon2-1.7.0.tgz", @@ -12849,6 +13661,38 @@ "@node-rs/argon2-win32-x64-msvc": "1.7.0" } }, + "node_modules/oslo/node_modules/@node-rs/argon2-android-arm-eabi": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-android-arm-eabi/-/argon2-android-arm-eabi-1.7.0.tgz", + "integrity": "sha512-udDqkr5P9E+wYX1SZwAVPdyfYvaF4ry9Tm+R9LkfSHbzWH0uhU6zjIwNRp7m+n4gx691rk+lqqDAIP8RLKwbhg==", + "cpu": [ + "arm" + ], + "license": "MIT", + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/oslo/node_modules/@node-rs/argon2-android-arm64": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-android-arm64/-/argon2-android-arm64-1.7.0.tgz", + "integrity": "sha512-s9j/G30xKUx8WU50WIhF0fIl1EdhBGq0RQ06lEhZ0Gi0ap8lhqbE2Bn5h3/G2D1k0Dx+yjeVVNmt/xOQIRG38A==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "android" + ], + "engines": { + "node": ">= 10" + } + }, "node_modules/oslo/node_modules/@node-rs/argon2-darwin-arm64": { "version": "1.7.0", "resolved": "https://registry.npmjs.org/@node-rs/argon2-darwin-arm64/-/argon2-darwin-arm64-1.7.0.tgz", @@ -12865,6 +13709,86 @@ "node": ">= 10" } }, + "node_modules/oslo/node_modules/@node-rs/argon2-darwin-x64": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-darwin-x64/-/argon2-darwin-x64-1.7.0.tgz", + "integrity": "sha512-5oi/pxqVhODW/pj1+3zElMTn/YukQeywPHHYDbcAW3KsojFjKySfhcJMd1DjKTc+CHQI+4lOxZzSUzK7mI14Hw==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/oslo/node_modules/@node-rs/argon2-freebsd-x64": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-freebsd-x64/-/argon2-freebsd-x64-1.7.0.tgz", + "integrity": "sha512-Ify08683hA4QVXYoIm5SUWOY5DPIT/CMB0CQT+IdxQAg/F+qp342+lUkeAtD5bvStQuCx/dFO3bnnzoe2clMhA==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "freebsd" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/oslo/node_modules/@node-rs/argon2-linux-arm-gnueabihf": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-linux-arm-gnueabihf/-/argon2-linux-arm-gnueabihf-1.7.0.tgz", + "integrity": "sha512-7DjDZ1h5AUHAtRNjD19RnQatbhL+uuxBASuuXIBu4/w6Dx8n7YPxwTP4MXfsvuRgKuMWiOb/Ub/HJ3kXVCXRkg==", + "cpu": [ + "arm" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/oslo/node_modules/@node-rs/argon2-linux-arm64-gnu": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-linux-arm64-gnu/-/argon2-linux-arm64-gnu-1.7.0.tgz", + "integrity": "sha512-nJDoMP4Y3YcqGswE4DvP080w6O24RmnFEDnL0emdI8Nou17kNYBzP2546Nasx9GCyLzRcYQwZOUjrtUuQ+od2g==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/oslo/node_modules/@node-rs/argon2-linux-arm64-musl": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-linux-arm64-musl/-/argon2-linux-arm64-musl-1.7.0.tgz", + "integrity": "sha512-BKWS8iVconhE3jrb9mj6t1J9vwUqQPpzCbUKxfTGJfc+kNL58F1SXHBoe2cDYGnHrFEHTY0YochzXoAfm4Dm/A==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">= 10" + } + }, "node_modules/oslo/node_modules/@node-rs/argon2-linux-x64-gnu": { "version": "1.7.0", "resolved": "https://registry.npmjs.org/@node-rs/argon2-linux-x64-gnu/-/argon2-linux-x64-gnu-1.7.0.tgz", @@ -12881,6 +13805,99 @@ "node": ">= 10" } }, + "node_modules/oslo/node_modules/@node-rs/argon2-linux-x64-musl": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-linux-x64-musl/-/argon2-linux-x64-musl-1.7.0.tgz", + "integrity": "sha512-/o1efYCYIxjfuoRYyBTi2Iy+1iFfhqHCvvVsnjNSgO1xWiWrX0Rrt/xXW5Zsl7vS2Y+yu8PL8KFWRzZhaVxfKA==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "linux" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/oslo/node_modules/@node-rs/argon2-wasm32-wasi": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-wasm32-wasi/-/argon2-wasm32-wasi-1.7.0.tgz", + "integrity": "sha512-Evmk9VcxqnuwQftfAfYEr6YZYSPLzmKUsbFIMep5nTt9PT4XYRFAERj7wNYp+rOcBenF3X4xoB+LhwcOMTNE5w==", + "cpu": [ + "wasm32" + ], + "license": "MIT", + "optional": true, + "dependencies": { + "@emnapi/core": "^0.45.0", + "@emnapi/runtime": "^0.45.0", + "@tybys/wasm-util": "^0.8.1", + "memfs-browser": "^3.4.13000" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/oslo/node_modules/@node-rs/argon2-win32-arm64-msvc": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-win32-arm64-msvc/-/argon2-win32-arm64-msvc-1.7.0.tgz", + "integrity": "sha512-qgsU7T004COWWpSA0tppDqDxbPLgg8FaU09krIJ7FBl71Sz8SFO40h7fDIjfbTT5w7u6mcaINMQ5bSHu75PCaA==", + "cpu": [ + "arm64" + ], + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/oslo/node_modules/@node-rs/argon2-win32-ia32-msvc": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-win32-ia32-msvc/-/argon2-win32-ia32-msvc-1.7.0.tgz", + "integrity": "sha512-JGafwWYQ/HpZ3XSwP4adQ6W41pRvhcdXvpzIWtKvX+17+xEXAe2nmGWM6s27pVkg1iV2ZtoYLRDkOUoGqZkCcg==", + "cpu": [ + "ia32" + ], + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/oslo/node_modules/@node-rs/argon2-win32-x64-msvc": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/@node-rs/argon2-win32-x64-msvc/-/argon2-win32-x64-msvc-1.7.0.tgz", + "integrity": "sha512-9oq4ShyFakw8AG3mRls0AoCpxBFcimYx7+jvXeAf2OqKNO+mSA6eZ9z7KQeVCi0+SOEUYxMGf5UiGiDb9R6+9Q==", + "cpu": [ + "x64" + ], + "license": "MIT", + "optional": true, + "os": [ + "win32" + ], + "engines": { + "node": ">= 10" + } + }, + "node_modules/oslo/node_modules/@tybys/wasm-util": { + "version": "0.8.3", + "resolved": "https://registry.npmjs.org/@tybys/wasm-util/-/wasm-util-0.8.3.tgz", + "integrity": "sha512-Z96T/L6dUFFxgFJ+pQtkPpne9q7i6kIPYCFnQBHSgSPV9idTsKfIhCss0h5iM9irweZCatkrdeP8yi5uM1eX6Q==", + "license": "MIT", + "optional": true, + "dependencies": { + "tslib": "^2.4.0" + } + }, "node_modules/own-keys": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/own-keys/-/own-keys-1.0.1.tgz", @@ -13009,10 +14026,13 @@ } }, "node_modules/path-to-regexp": { - "version": "0.1.12", - "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.12.tgz", - "integrity": "sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==", - "license": "MIT" + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-8.2.0.tgz", + "integrity": "sha512-TdrF7fW9Rphjq4RjrW0Kp2AW0Ahwu9sRGTkS6bvDi0SCwZlEZYmcfDbEsTz8RVk0EHIS/Vd1bv3JhG+1xZuAyQ==", + "license": "MIT", + "engines": { + "node": ">=16" + } }, "node_modules/path-type": { "version": "4.0.0", @@ -13024,6 +14044,13 @@ "node": ">=8" } }, + "node_modules/pathe": { + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/pathe/-/pathe-2.0.3.tgz", + "integrity": "sha512-WUjGcAqP1gQacoQe+OBJsFA7Ld4DyXuUIjZ5cc75cLHvJ7dtNsTugphxIADwspS+AraAUePCKrSVtPLFj/F88w==", + "dev": true, + "license": "MIT" + }, "node_modules/peberminta": { "version": "0.9.0", "resolved": "https://registry.npmjs.org/peberminta/-/peberminta-0.9.0.tgz", @@ -13033,6 +14060,95 @@ "url": "https://ko-fi.com/killymxi" } }, + "node_modules/pg": { + "version": "8.16.3", + "resolved": "https://registry.npmjs.org/pg/-/pg-8.16.3.tgz", + "integrity": "sha512-enxc1h0jA/aq5oSDMvqyW3q89ra6XIIDZgCX9vkMrnz5DFTw/Ny3Li2lFQ+pt3L6MCgm/5o2o8HW9hiJji+xvw==", + "license": "MIT", + "dependencies": { + "pg-connection-string": "^2.9.1", + "pg-pool": "^3.10.1", + "pg-protocol": "^1.10.3", + "pg-types": "2.2.0", + "pgpass": "1.0.5" + }, + "engines": { + "node": ">= 16.0.0" + }, + "optionalDependencies": { + "pg-cloudflare": "^1.2.7" + }, + "peerDependencies": { + "pg-native": ">=3.0.1" + }, + "peerDependenciesMeta": { + "pg-native": { + "optional": true + } + } + }, + "node_modules/pg-cloudflare": { + "version": "1.2.7", + "resolved": "https://registry.npmjs.org/pg-cloudflare/-/pg-cloudflare-1.2.7.tgz", + "integrity": "sha512-YgCtzMH0ptvZJslLM1ffsY4EuGaU0cx4XSdXLRFae8bPP4dS5xL1tNB3k2o/N64cHJpwU7dxKli/nZ2lUa5fLg==", + "license": "MIT", + "optional": true + }, + "node_modules/pg-connection-string": { + "version": "2.9.1", + "resolved": "https://registry.npmjs.org/pg-connection-string/-/pg-connection-string-2.9.1.tgz", + "integrity": "sha512-nkc6NpDcvPVpZXxrreI/FOtX3XemeLl8E0qFr6F2Lrm/I8WOnaWNhIPK2Z7OHpw7gh5XJThi6j6ppgNoaT1w4w==", + "license": "MIT" + }, + "node_modules/pg-int8": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/pg-int8/-/pg-int8-1.0.1.tgz", + "integrity": "sha512-WCtabS6t3c8SkpDBUlb1kjOs7l66xsGdKpIPZsg4wR+B3+u9UAum2odSsF9tnvxg80h4ZxLWMy4pRjOsFIqQpw==", + "license": "ISC", + "engines": { + "node": ">=4.0.0" + } + }, + "node_modules/pg-pool": { + "version": "3.10.1", + "resolved": "https://registry.npmjs.org/pg-pool/-/pg-pool-3.10.1.tgz", + "integrity": "sha512-Tu8jMlcX+9d8+QVzKIvM/uJtp07PKr82IUOYEphaWcoBhIYkoHpLXN3qO59nAI11ripznDsEzEv8nUxBVWajGg==", + "license": "MIT", + "peerDependencies": { + "pg": ">=8.0" + } + }, + "node_modules/pg-protocol": { + "version": "1.10.3", + "resolved": "https://registry.npmjs.org/pg-protocol/-/pg-protocol-1.10.3.tgz", + "integrity": "sha512-6DIBgBQaTKDJyxnXaLiLR8wBpQQcGWuAESkRBX/t6OwA8YsqP+iVSiond2EDy6Y/dsGk8rh/jtax3js5NeV7JQ==", + "license": "MIT" + }, + "node_modules/pg-types": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/pg-types/-/pg-types-2.2.0.tgz", + "integrity": "sha512-qTAAlrEsl8s4OiEQY69wDvcMIdQN6wdz5ojQiOy6YRMuynxenON0O5oCpJI6lshc6scgAY8qvJ2On/p+CXY0GA==", + "license": "MIT", + "dependencies": { + "pg-int8": "1.0.1", + "postgres-array": "~2.0.0", + "postgres-bytea": "~1.0.0", + "postgres-date": "~1.0.4", + "postgres-interval": "^1.1.0" + }, + "engines": { + "node": ">=4" + } + }, + "node_modules/pgpass": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/pgpass/-/pgpass-1.0.5.tgz", + "integrity": "sha512-FdW9r/jQZhSeohs1Z3sI1yxFQNFvMcnmfuj4WBMUTxOrAyLMaTcE1aAMBiTlbMNaXvBCQuVi0R7hd8udDSP7ug==", + "license": "MIT", + "dependencies": { + "split2": "^4.1.0" + } + }, "node_modules/picocolors": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz", @@ -13040,10 +14156,9 @@ "license": "ISC" }, "node_modules/picomatch": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.2.tgz", - "integrity": "sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==", - "dev": true, + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz", + "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==", "license": "MIT", "engines": { "node": ">=12" @@ -13052,6 +14167,18 @@ "url": "https://github.com/sponsors/jonschlinkert" } }, + "node_modules/pkg-types": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/pkg-types/-/pkg-types-2.2.0.tgz", + "integrity": "sha512-2SM/GZGAEkPp3KWORxQZns4M+WSeXbC2HEvmOIJe3Cmiv6ieAJvdVhDldtHqM5J1Y7MrR1XhkBT/rMlhh9FdqQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "confbox": "^0.2.2", + "exsolve": "^1.0.7", + "pathe": "^2.0.3" + } + }, "node_modules/plimit-lit": { "version": "1.6.1", "resolved": "https://registry.npmjs.org/plimit-lit/-/plimit-lit-1.6.1.tgz", @@ -13066,18 +14193,18 @@ } }, "node_modules/possible-typed-array-names": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/possible-typed-array-names/-/possible-typed-array-names-1.0.0.tgz", - "integrity": "sha512-d7Uw+eZoloe0EHDIYoe+bQ5WXnGMOpmiZFTuMWCwpjzzkL2nTjcKiAk4hh8TjnGye2TwWOk3UXucZ+3rbmBa8Q==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/possible-typed-array-names/-/possible-typed-array-names-1.1.0.tgz", + "integrity": "sha512-/+5VFTchJDoVj3bhoqi6UeymcD00DAwb1nJwamzPvHEszJ4FpF6SNNbUbOS8yI56qHzdV8eK0qEfOSiodkTdxg==", "license": "MIT", "engines": { "node": ">= 0.4" } }, "node_modules/postcss": { - "version": "8.5.1", - "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.1.tgz", - "integrity": "sha512-6oz2beyjc5VMn/KV1pPw8fliQkhBXrVn1Z3TVyqZxU8kZpzEKhBdmCFqI6ZbmGtamQvQGuU1sgPTk8ZrXDD7jQ==", + "version": "8.5.6", + "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.6.tgz", + "integrity": "sha512-3Ybi1tAuwAP9s0r1UQ2J4n5Y0G05bJkpUIO0/bI9MhwmD70S5aTWbXGBwxHrelT+XM1k6dM0pk+SwNkpTRN7Pg==", "dev": true, "funding": [ { @@ -13095,7 +14222,7 @@ ], "license": "MIT", "dependencies": { - "nanoid": "^3.3.8", + "nanoid": "^3.3.11", "picocolors": "^1.1.1", "source-map-js": "^1.2.1" }, @@ -13103,6 +14230,45 @@ "node": "^10 || ^12 || >=14" } }, + "node_modules/postgres-array": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/postgres-array/-/postgres-array-2.0.0.tgz", + "integrity": "sha512-VpZrUqU5A69eQyW2c5CA1jtLecCsN2U/bD6VilrFDWq5+5UIEVO7nazS3TEcHf1zuPYO/sqGvUvW62g86RXZuA==", + "license": "MIT", + "engines": { + "node": ">=4" + } + }, + "node_modules/postgres-bytea": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/postgres-bytea/-/postgres-bytea-1.0.0.tgz", + "integrity": "sha512-xy3pmLuQqRBZBXDULy7KbaitYqLcmxigw14Q5sj8QBVLqEwXfeybIKVWiqAXTlcvdvb0+xkOtDbfQMOf4lST1w==", + "license": "MIT", + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/postgres-date": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/postgres-date/-/postgres-date-1.0.7.tgz", + "integrity": "sha512-suDmjLVQg78nMK2UZ454hAG+OAW+HQPZ6n++TNDUX+L0+uUlLywnoxJKDou51Zm+zTCjrCl0Nq6J9C5hP9vK/Q==", + "license": "MIT", + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/postgres-interval": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/postgres-interval/-/postgres-interval-1.2.0.tgz", + "integrity": "sha512-9ZhXKM/rw350N1ovuWHbGxnGh/SNJ4cnxHiM0rxE4VN41wsg8P8zWn9hv/buK00RP4WvlOyr/RBDiptyxVbkZQ==", + "license": "MIT", + "dependencies": { + "xtend": "^4.0.0" + }, + "engines": { + "node": ">=0.10.0" + } + }, "node_modules/prebuild-install": { "version": "7.1.3", "resolved": "https://registry.npmjs.org/prebuild-install/-/prebuild-install-7.1.3.tgz", @@ -13139,9 +14305,9 @@ } }, "node_modules/prettier": { - "version": "3.5.3", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.5.3.tgz", - "integrity": "sha512-QQtaxnoDJeAkDvDKWCLiwIXkTgRhwYDEQCghU9Z6q03iyek/rxRh/2lC3HB7P8sWT2xC/y5JDctPLBIGzHKbhw==", + "version": "3.6.2", + "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.6.2.tgz", + "integrity": "sha512-I7AIg5boAr5R0FFtJ6rCfD+LFsWHp81dolrFD8S79U9tb8Az2nGrJncnMSnys+bpQJfRUzqs9hnA81OAA3hCuQ==", "license": "MIT", "bin": { "prettier": "bin/prettier.cjs" @@ -13162,6 +14328,20 @@ "node": ">=6" } }, + "node_modules/prompts": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/prompts/-/prompts-2.4.2.tgz", + "integrity": "sha512-NxNv/kLguCA7p3jE8oL2aEBsrJWgAakBpgmgK6lpPWV+WuOmY6r2/zbAVnP+T8bQlA0nzHXSJSJW0Hq7ylaD2Q==", + "dev": true, + "license": "MIT", + "dependencies": { + "kleur": "^3.0.3", + "sisteransi": "^1.0.5" + }, + "engines": { + "node": ">= 6" + } + }, "node_modules/prop-types": { "version": "15.8.1", "resolved": "https://registry.npmjs.org/prop-types/-/prop-types-15.8.1.tgz", @@ -13193,9 +14373,9 @@ "license": "MIT" }, "node_modules/pump": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.2.tgz", - "integrity": "sha512-tUPXtzlGM8FE3P0ZL6DVs/3P58k9nk8/jZeQCurTJylQA8qFYzHFfhBJkuqyE0FifOsQ0uKWekiZ5g8wtr28cw==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.3.tgz", + "integrity": "sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==", "license": "MIT", "dependencies": { "end-of-stream": "^1.1.0", @@ -13211,6 +14391,24 @@ "node": ">=6" } }, + "node_modules/pvtsutils": { + "version": "1.3.6", + "resolved": "https://registry.npmjs.org/pvtsutils/-/pvtsutils-1.3.6.tgz", + "integrity": "sha512-PLgQXQ6H2FWCaeRak8vvk1GW462lMxB5s3Jm673N82zI4vqtVUPuZdffdZbPDFRoU8kAhItWFtPCWiPpp4/EDg==", + "license": "MIT", + "dependencies": { + "tslib": "^2.8.1" + } + }, + "node_modules/pvutils": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/pvutils/-/pvutils-1.1.3.tgz", + "integrity": "sha512-pMpnA0qRdFp32b1sJl1wOJNxZLQ2cbQx+k6tjNtZ8CpvVhNqEPRgivZ2WOUev2YMajecdH7ctUPDvEe87nariQ==", + "license": "MIT", + "engines": { + "node": ">=6.0.0" + } + }, "node_modules/qrcode.react": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/qrcode.react/-/qrcode.react-4.2.0.tgz", @@ -13221,12 +14419,12 @@ } }, "node_modules/qs": { - "version": "6.13.0", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.13.0.tgz", - "integrity": "sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==", + "version": "6.14.0", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.0.tgz", + "integrity": "sha512-YWWTjgABSKcvs/nWBi9PycY/JiPJqOD4JA6o9Sej2AtvSGarXxKC3OQSk4pAarbdQlKAh5D4FCQkJNkW+GAn3w==", "license": "BSD-3-Clause", "dependencies": { - "side-channel": "^1.0.6" + "side-channel": "^1.1.0" }, "engines": { "node": ">=0.6" @@ -13275,14 +14473,14 @@ } }, "node_modules/raw-body": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz", - "integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-3.0.0.tgz", + "integrity": "sha512-RmkhL8CAyCRPXCE28MMH0z2PNWQBNk2Q09ZdxM9IOOXwxwZbN+qbWaatPkdkWIKL2ZVDImrN/pK5HTRz2PcS4g==", "license": "MIT", "dependencies": { "bytes": "3.1.2", "http-errors": "2.0.0", - "iconv-lite": "0.4.24", + "iconv-lite": "0.6.3", "unpipe": "1.0.0" }, "engines": { @@ -13314,24 +14512,24 @@ } }, "node_modules/react": { - "version": "19.0.0", - "resolved": "https://registry.npmjs.org/react/-/react-19.0.0.tgz", - "integrity": "sha512-V8AVnmPIICiWpGfm6GLzCR/W5FXLchHop40W4nXBmdlEceh16rCN8O8LNWm5bh5XUX91fh7KpA+W0TgMKmgTpQ==", + "version": "19.1.1", + "resolved": "https://registry.npmjs.org/react/-/react-19.1.1.tgz", + "integrity": "sha512-w8nqGImo45dmMIfljjMwOGtbmC/mk4CMYhWIicdSflH91J9TyCyczcPFXJzrZ/ZXcgGRFeP6BU0BEJTw6tZdfQ==", "license": "MIT", "engines": { "node": ">=0.10.0" } }, "node_modules/react-dom": { - "version": "19.0.0", - "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-19.0.0.tgz", - "integrity": "sha512-4GV5sHFG0e/0AD4X+ySy6UJd3jVl1iNsNHdpad0qhABJ11twS3TTBnseqsKurKcsNqCEFeGL3uLpVChpIO3QfQ==", + "version": "19.1.1", + "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-19.1.1.tgz", + "integrity": "sha512-Dlq/5LAZgF0Gaz6yiqZCf6VCcZs1ghAJyrsu84Q/GT0gV+mCxbfmKNoGRKBYMJ8IEdGPqu49YWXD02GCknEDkw==", "license": "MIT", "dependencies": { - "scheduler": "^0.25.0" + "scheduler": "^0.26.0" }, "peerDependencies": { - "react": "^19.0.0" + "react": "^19.1.1" } }, "node_modules/react-easy-sort": { @@ -13358,596 +14556,102 @@ "license": "0BSD" }, "node_modules/react-email": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/react-email/-/react-email-4.0.6.tgz", - "integrity": "sha512-RzMDZCRd2JFFkGljhBWNWGH2ti4Qnhcx03nR1uPW1vNBptqDJx/fxSJqzCDYEEpTkWPaEe2unHM4CdzRAI7awg==", + "version": "4.2.8", + "resolved": "https://registry.npmjs.org/react-email/-/react-email-4.2.8.tgz", + "integrity": "sha512-Eqzs/xZnS881oghPO/4CQ1cULyESuUhEjfYboXmYNOokXnJ6QP5GKKJZ6zjkg9SnKXxSrIxSo5PxzCI5jReJMA==", "dev": true, "license": "MIT", "dependencies": { - "@babel/parser": "7.24.5", - "@babel/traverse": "7.25.6", - "chalk": "4.1.2", - "chokidar": "4.0.3", - "commander": "11.1.0", - "debounce": "2.0.0", - "esbuild": "0.25.0", - "glob": "10.3.4", - "log-symbols": "4.1.0", - "mime-types": "2.1.35", - "next": "15.2.4", - "normalize-path": "3.0.0", - "ora": "5.4.1", - "socket.io": "4.8.1" + "@babel/parser": "^7.27.0", + "@babel/traverse": "^7.27.0", + "chalk": "^5.0.0", + "chokidar": "^4.0.3", + "commander": "^13.0.0", + "debounce": "^2.0.0", + "esbuild": "^0.25.0", + "glob": "^11.0.0", + "jiti": "2.4.2", + "log-symbols": "^7.0.0", + "mime-types": "^3.0.0", + "normalize-path": "^3.0.0", + "nypm": "0.6.0", + "ora": "^8.0.0", + "prompts": "2.4.2", + "socket.io": "^4.8.1", + "tsconfig-paths": "4.2.0" }, "bin": { - "email": "dist/cli/index.js" + "email": "dist/index.js" }, "engines": { "node": ">=18.0.0" } }, - "node_modules/react-email/node_modules/@esbuild/aix-ppc64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.25.0.tgz", - "integrity": "sha512-O7vun9Sf8DFjH2UtqK8Ku3LkquL9SZL8OLY1T5NZkA34+wG3OQF7cl4Ql8vdNzM6fzBbYfLaiRLIOZ+2FOCgBQ==", - "cpu": [ - "ppc64" - ], + "node_modules/react-email/node_modules/chalk": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-5.5.0.tgz", + "integrity": "sha512-1tm8DTaJhPBG3bIkVeZt1iZM9GfSX2lzOeDVZH9R9ffRHpmHvxZ/QhgQH/aDTkswQVt+YHdXAdS/In/30OjCbg==", + "dev": true, + "license": "MIT", + "engines": { + "node": "^12.17.0 || ^14.13 || >=16.0.0" + }, + "funding": { + "url": "https://github.com/chalk/chalk?sponsor=1" + } + }, + "node_modules/react-email/node_modules/commander": { + "version": "13.1.0", + "resolved": "https://registry.npmjs.org/commander/-/commander-13.1.0.tgz", + "integrity": "sha512-/rFeCpNJQbhSZjGVwO9RFV3xPqbnERS8MmIQzCtD/zl6gpJuV/bMLuN92oG3F7d8oDEHHRrujSXNUr8fpjntKw==", "dev": true, "license": "MIT", - "optional": true, - "os": [ - "aix" - ], "engines": { "node": ">=18" } }, - "node_modules/react-email/node_modules/@esbuild/android-arm": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.25.0.tgz", - "integrity": "sha512-PTyWCYYiU0+1eJKmw21lWtC+d08JDZPQ5g+kFyxP0V+es6VPPSUhM6zk8iImp2jbV6GwjX4pap0JFbUQN65X1g==", - "cpu": [ - "arm" - ], + "node_modules/react-email/node_modules/jiti": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/jiti/-/jiti-2.4.2.tgz", + "integrity": "sha512-rg9zJN+G4n2nfJl5MW3BMygZX56zKPNVEYYqq7adpmMh4Jn2QNEwhvQlFy6jPVdcod7txZtKHWnyZiA3a0zP7A==", "dev": true, "license": "MIT", - "optional": true, - "os": [ - "android" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/android-arm64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.25.0.tgz", - "integrity": "sha512-grvv8WncGjDSyUBjN9yHXNt+cq0snxXbDxy5pJtzMKGmmpPxeAmAhWxXI+01lU5rwZomDgD3kJwulEnhTRUd6g==", - "cpu": [ - "arm64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "android" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/android-x64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.25.0.tgz", - "integrity": "sha512-m/ix7SfKG5buCnxasr52+LI78SQ+wgdENi9CqyCXwjVR2X4Jkz+BpC3le3AoBPYTC9NHklwngVXvbJ9/Akhrfg==", - "cpu": [ - "x64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "android" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/darwin-arm64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.25.0.tgz", - "integrity": "sha512-mVwdUb5SRkPayVadIOI78K7aAnPamoeFR2bT5nszFUZ9P8UpK4ratOdYbZZXYSqPKMHfS1wdHCJk1P1EZpRdvw==", - "cpu": [ - "arm64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/darwin-x64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.25.0.tgz", - "integrity": "sha512-DgDaYsPWFTS4S3nWpFcMn/33ZZwAAeAFKNHNa1QN0rI4pUjgqf0f7ONmXf6d22tqTY+H9FNdgeaAa+YIFUn2Rg==", - "cpu": [ - "x64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/freebsd-arm64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.25.0.tgz", - "integrity": "sha512-VN4ocxy6dxefN1MepBx/iD1dH5K8qNtNe227I0mnTRjry8tj5MRk4zprLEdG8WPyAPb93/e4pSgi1SoHdgOa4w==", - "cpu": [ - "arm64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "freebsd" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/freebsd-x64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.25.0.tgz", - "integrity": "sha512-mrSgt7lCh07FY+hDD1TxiTyIHyttn6vnjesnPoVDNmDfOmggTLXRv8Id5fNZey1gl/V2dyVK1VXXqVsQIiAk+A==", - "cpu": [ - "x64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "freebsd" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/linux-arm": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.25.0.tgz", - "integrity": "sha512-vkB3IYj2IDo3g9xX7HqhPYxVkNQe8qTK55fraQyTzTX/fxaDtXiEnavv9geOsonh2Fd2RMB+i5cbhu2zMNWJwg==", - "cpu": [ - "arm" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/linux-arm64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.25.0.tgz", - "integrity": "sha512-9QAQjTWNDM/Vk2bgBl17yWuZxZNQIF0OUUuPZRKoDtqF2k4EtYbpyiG5/Dk7nqeK6kIJWPYldkOcBqjXjrUlmg==", - "cpu": [ - "arm64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/linux-ia32": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.25.0.tgz", - "integrity": "sha512-43ET5bHbphBegyeqLb7I1eYn2P/JYGNmzzdidq/w0T8E2SsYL1U6un2NFROFRg1JZLTzdCoRomg8Rvf9M6W6Gg==", - "cpu": [ - "ia32" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/linux-loong64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.25.0.tgz", - "integrity": "sha512-fC95c/xyNFueMhClxJmeRIj2yrSMdDfmqJnyOY4ZqsALkDrrKJfIg5NTMSzVBr5YW1jf+l7/cndBfP3MSDpoHw==", - "cpu": [ - "loong64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/linux-mips64el": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.25.0.tgz", - "integrity": "sha512-nkAMFju7KDW73T1DdH7glcyIptm95a7Le8irTQNO/qtkoyypZAnjchQgooFUDQhNAy4iu08N79W4T4pMBwhPwQ==", - "cpu": [ - "mips64el" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/linux-ppc64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.25.0.tgz", - "integrity": "sha512-NhyOejdhRGS8Iwv+KKR2zTq2PpysF9XqY+Zk77vQHqNbo/PwZCzB5/h7VGuREZm1fixhs4Q/qWRSi5zmAiO4Fw==", - "cpu": [ - "ppc64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/linux-riscv64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.25.0.tgz", - "integrity": "sha512-5S/rbP5OY+GHLC5qXp1y/Mx//e92L1YDqkiBbO9TQOvuFXM+iDqUNG5XopAnXoRH3FjIUDkeGcY1cgNvnXp/kA==", - "cpu": [ - "riscv64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/linux-s390x": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.25.0.tgz", - "integrity": "sha512-XM2BFsEBz0Fw37V0zU4CXfcfuACMrppsMFKdYY2WuTS3yi8O1nFOhil/xhKTmE1nPmVyvQJjJivgDT+xh8pXJA==", - "cpu": [ - "s390x" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/linux-x64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.25.0.tgz", - "integrity": "sha512-9yl91rHw/cpwMCNytUDxwj2XjFpxML0y9HAOH9pNVQDpQrBxHy01Dx+vaMu0N1CKa/RzBD2hB4u//nfc+Sd3Cw==", - "cpu": [ - "x64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "linux" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/netbsd-arm64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.25.0.tgz", - "integrity": "sha512-RuG4PSMPFfrkH6UwCAqBzauBWTygTvb1nxWasEJooGSJ/NwRw7b2HOwyRTQIU97Hq37l3npXoZGYMy3b3xYvPw==", - "cpu": [ - "arm64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "netbsd" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/netbsd-x64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.25.0.tgz", - "integrity": "sha512-jl+qisSB5jk01N5f7sPCsBENCOlPiS/xptD5yxOx2oqQfyourJwIKLRA2yqWdifj3owQZCL2sn6o08dBzZGQzA==", - "cpu": [ - "x64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "netbsd" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/openbsd-arm64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.25.0.tgz", - "integrity": "sha512-21sUNbq2r84YE+SJDfaQRvdgznTD8Xc0oc3p3iW/a1EVWeNj/SdUCbm5U0itZPQYRuRTW20fPMWMpcrciH2EJw==", - "cpu": [ - "arm64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "openbsd" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/openbsd-x64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.25.0.tgz", - "integrity": "sha512-2gwwriSMPcCFRlPlKx3zLQhfN/2WjJ2NSlg5TKLQOJdV0mSxIcYNTMhk3H3ulL/cak+Xj0lY1Ym9ysDV1igceg==", - "cpu": [ - "x64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "openbsd" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/sunos-x64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.25.0.tgz", - "integrity": "sha512-bxI7ThgLzPrPz484/S9jLlvUAHYMzy6I0XiU1ZMeAEOBcS0VePBFxh1JjTQt3Xiat5b6Oh4x7UC7IwKQKIJRIg==", - "cpu": [ - "x64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "sunos" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/win32-arm64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.25.0.tgz", - "integrity": "sha512-ZUAc2YK6JW89xTbXvftxdnYy3m4iHIkDtK3CLce8wg8M2L+YZhIvO1DKpxrd0Yr59AeNNkTiic9YLf6FTtXWMw==", - "cpu": [ - "arm64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "win32" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/win32-ia32": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.25.0.tgz", - "integrity": "sha512-eSNxISBu8XweVEWG31/JzjkIGbGIJN/TrRoiSVZwZ6pkC6VX4Im/WV2cz559/TXLcYbcrDN8JtKgd9DJVIo8GA==", - "cpu": [ - "ia32" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "win32" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/@esbuild/win32-x64": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.25.0.tgz", - "integrity": "sha512-ZENoHJBxA20C2zFzh6AI4fT6RraMzjYw4xKWemRTRmRVtN9c5DcH9r/f2ihEkMjOW5eGgrwCslG/+Y/3bL+DHQ==", - "cpu": [ - "x64" - ], - "dev": true, - "license": "MIT", - "optional": true, - "os": [ - "win32" - ], - "engines": { - "node": ">=18" - } - }, - "node_modules/react-email/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "license": "MIT", - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/react-email/node_modules/esbuild": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.25.0.tgz", - "integrity": "sha512-BXq5mqc8ltbaN34cDqWuYKyNhX8D/Z0J1xdtdQ8UcIIIyJyz+ZMKUt58tF3SrZ85jcfN/PZYhjR5uDQAYNVbuw==", - "dev": true, - "hasInstallScript": true, - "license": "MIT", "bin": { - "esbuild": "bin/esbuild" - }, - "engines": { - "node": ">=18" - }, - "optionalDependencies": { - "@esbuild/aix-ppc64": "0.25.0", - "@esbuild/android-arm": "0.25.0", - "@esbuild/android-arm64": "0.25.0", - "@esbuild/android-x64": "0.25.0", - "@esbuild/darwin-arm64": "0.25.0", - "@esbuild/darwin-x64": "0.25.0", - "@esbuild/freebsd-arm64": "0.25.0", - "@esbuild/freebsd-x64": "0.25.0", - "@esbuild/linux-arm": "0.25.0", - "@esbuild/linux-arm64": "0.25.0", - "@esbuild/linux-ia32": "0.25.0", - "@esbuild/linux-loong64": "0.25.0", - "@esbuild/linux-mips64el": "0.25.0", - "@esbuild/linux-ppc64": "0.25.0", - "@esbuild/linux-riscv64": "0.25.0", - "@esbuild/linux-s390x": "0.25.0", - "@esbuild/linux-x64": "0.25.0", - "@esbuild/netbsd-arm64": "0.25.0", - "@esbuild/netbsd-x64": "0.25.0", - "@esbuild/openbsd-arm64": "0.25.0", - "@esbuild/openbsd-x64": "0.25.0", - "@esbuild/sunos-x64": "0.25.0", - "@esbuild/win32-arm64": "0.25.0", - "@esbuild/win32-ia32": "0.25.0", - "@esbuild/win32-x64": "0.25.0" + "jiti": "lib/jiti-cli.mjs" } }, - "node_modules/react-email/node_modules/glob": { - "version": "10.3.4", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.3.4.tgz", - "integrity": "sha512-6LFElP3A+i/Q8XQKEvZjkEWEOTgAIALR9AO2rwT8bgPhDd1anmqDJDZ6lLddI4ehxxxR1S5RIqKe1uapMQfYaQ==", + "node_modules/react-email/node_modules/json5": { + "version": "2.2.3", + "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", + "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", "dev": true, - "license": "ISC", - "dependencies": { - "foreground-child": "^3.1.0", - "jackspeak": "^2.0.3", - "minimatch": "^9.0.1", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0", - "path-scurry": "^1.10.1" - }, + "license": "MIT", "bin": { - "glob": "dist/cjs/src/bin.js" + "json5": "lib/cli.js" }, "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" + "node": ">=6" } }, - "node_modules/react-email/node_modules/jackspeak": { - "version": "2.3.6", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-2.3.6.tgz", - "integrity": "sha512-N3yCS/NegsOBokc8GAdM8UcmfsKiSS8cipheD/nivzr700H+nsMOxJjQnvwOcRYVuFkdH0wGUvW2WbXGmrZGbQ==", + "node_modules/react-email/node_modules/tsconfig-paths": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/tsconfig-paths/-/tsconfig-paths-4.2.0.tgz", + "integrity": "sha512-NoZ4roiN7LnbKn9QqE1amc9DJfzvZXxF4xDavcOWt1BPkdx+m+0gJuPM+S0vCe7zTJMYUP0R8pO2XMr+Y8oLIg==", "dev": true, - "license": "BlueOak-1.0.0", + "license": "MIT", "dependencies": { - "@isaacs/cliui": "^8.0.2" + "json5": "^2.2.2", + "minimist": "^1.2.6", + "strip-bom": "^3.0.0" }, "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - }, - "optionalDependencies": { - "@pkgjs/parseargs": "^0.11.0" - } - }, - "node_modules/react-email/node_modules/lru-cache": { - "version": "10.4.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz", - "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==", - "dev": true, - "license": "ISC" - }, - "node_modules/react-email/node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dev": true, - "license": "ISC", - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/react-email/node_modules/path-scurry": { - "version": "1.11.1", - "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz", - "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==", - "dev": true, - "license": "BlueOak-1.0.0", - "dependencies": { - "lru-cache": "^10.2.0", - "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0" - }, - "engines": { - "node": ">=16 || 14 >=14.18" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" + "node": ">=6" } }, "node_modules/react-hook-form": { - "version": "7.54.2", - "resolved": "https://registry.npmjs.org/react-hook-form/-/react-hook-form-7.54.2.tgz", - "integrity": "sha512-eHpAUgUjWbZocoQYUHposymRb4ZP6d0uwUnooL2uOybA9/3tPUvoAKqEWK1WaSiTxxOfTpffNZP7QwlnM3/gEg==", + "version": "7.62.0", + "resolved": "https://registry.npmjs.org/react-hook-form/-/react-hook-form-7.62.0.tgz", + "integrity": "sha512-7KWFejc98xqG/F4bAxpL41NB3o1nnvQO1RWZT3TqRZYL8RryQETGfEdVnJN2fy1crCiBLLjkRBVK05j24FxJGA==", "license": "MIT", "engines": { "node": ">=18.0.0" @@ -13991,9 +14695,9 @@ "license": "MIT" }, "node_modules/react-remove-scroll": { - "version": "2.6.3", - "resolved": "https://registry.npmjs.org/react-remove-scroll/-/react-remove-scroll-2.6.3.tgz", - "integrity": "sha512-pnAi91oOk8g8ABQKGF5/M9qxmmOPxaAnopyTHYfqYEwJhyFrbbBtHuSgtKEoH0jpcxx5o3hXqH1mNd9/Oi+8iQ==", + "version": "2.7.1", + "resolved": "https://registry.npmjs.org/react-remove-scroll/-/react-remove-scroll-2.7.1.tgz", + "integrity": "sha512-HpMh8+oahmIdOuS5aFKKY6Pyog+FNaZV/XyJOq7b4YFwsFHe5yYfdbIalI4k3vU2nSDql7YskmUseHsRrJqIPA==", "license": "MIT", "dependencies": { "react-remove-scroll-bar": "^2.3.7", @@ -14074,9 +14778,9 @@ } }, "node_modules/readdirp": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-4.1.1.tgz", - "integrity": "sha512-h80JrZu/MHUZCyHu5ciuoI0+WxsCxzxJTILn6Fs8rxSnFPh+UVHYfeIxK1nVGugMqkfC4vJcBOYbkfkwYK0+gw==", + "version": "4.1.2", + "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-4.1.2.tgz", + "integrity": "sha512-GDhwkLfywWL2s6vEjyhri+eXmfH6j1L7JE27WhqLeYzoh/A3DBaYGEj2H/HFZCn/kMfim73FXxEJTw06WtxQwg==", "dev": true, "license": "MIT", "engines": { @@ -14143,16 +14847,6 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/require-directory": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz", - "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=0.10.0" - } - }, "node_modules/resolve": { "version": "1.22.10", "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.10.tgz", @@ -14192,29 +14886,77 @@ } }, "node_modules/restore-cursor": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-3.1.0.tgz", - "integrity": "sha512-l+sSefzHpj5qimhFSE5a8nufZYAM3sBSVMAPtYkmC+4EH2anSGaEMXSD0izRQbu9nfyQ9y5JrVmp7E8oZrUjvA==", + "version": "5.1.0", + "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-5.1.0.tgz", + "integrity": "sha512-oMA2dcrw6u0YfxJQXm342bFKX/E4sG9rbTzO9ptUcR/e8A33cHuvStiYOwH7fszkZlZ1z/ta9AAoPk2F4qIOHA==", "dev": true, "license": "MIT", "dependencies": { - "onetime": "^5.1.0", - "signal-exit": "^3.0.2" + "onetime": "^7.0.0", + "signal-exit": "^4.1.0" }, "engines": { - "node": ">=8" + "node": ">=18" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/restore-cursor/node_modules/onetime": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/onetime/-/onetime-7.0.0.tgz", + "integrity": "sha512-VXJjc87FScF88uafS3JllDgvAm+c/Slfz06lorj2uAY34rlUu0Nt+v8wreiImcrgAjjIHp1rXpTDlLOGw29WwQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "mimic-function": "^5.0.0" + }, + "engines": { + "node": ">=18" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/restore-cursor/node_modules/signal-exit": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", + "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==", + "dev": true, + "license": "ISC", + "engines": { + "node": ">=14" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" } }, "node_modules/reusify": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/reusify/-/reusify-1.0.4.tgz", - "integrity": "sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==", + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/reusify/-/reusify-1.1.0.tgz", + "integrity": "sha512-g6QUff04oZpHs0eG5p83rFLhHeV00ug/Yf9nZM6fLeUrPguBTkTQOdpAWWspMh55TZfVQDPaN3NQJfbVRAxdIw==", "license": "MIT", "engines": { "iojs": ">=1.0.0", "node": ">=0.10.0" } }, + "node_modules/router": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/router/-/router-2.2.0.tgz", + "integrity": "sha512-nLTrUKm2UyiL7rlhapu/Zl45FwNgkZGaCpZbIHajDYgwlJCOzLSk+cIPAnsEqV955GjILJnKbdQC1nVPz+gAYQ==", + "license": "MIT", + "dependencies": { + "debug": "^4.4.0", + "depd": "^2.0.0", + "is-promise": "^4.0.0", + "parseurl": "^1.3.3", + "path-to-regexp": "^8.0.0" + }, + "engines": { + "node": ">= 18" + } + }, "node_modules/run-parallel": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz", @@ -14326,9 +15068,9 @@ "license": "MIT" }, "node_modules/scheduler": { - "version": "0.25.0", - "resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.25.0.tgz", - "integrity": "sha512-xFVuu11jh+xcO7JOAGJNOXld8/TcEHK/4CituBUeUb5hqxJLj9YuemAEuvm9gQ/+pgXYfbQuqAkiYu+u7YEsNA==", + "version": "0.26.0", + "resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.26.0.tgz", + "integrity": "sha512-NlHwttCI/l5gCPR3D1nNXtWABUmBwvZpEQiD4IXSbIDq8BzLIK/7Ir5gTFSGZDUu37K5cMNp0hFtzO38sC7gWA==", "license": "MIT" }, "node_modules/selderee": { @@ -14344,9 +15086,9 @@ } }, "node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "version": "7.7.2", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.2.tgz", + "integrity": "sha512-RF0Fw+rO5AMf9MAyaRXI4AV0Ulj5lMHqVxxdSgiVbixSCXoEmmX/jk0CuJw4+3SqroYO9VoUh+HcuJivvtJemA==", "license": "ISC", "bin": { "semver": "bin/semver.js" @@ -14356,66 +15098,40 @@ } }, "node_modules/send": { - "version": "0.19.0", - "resolved": "https://registry.npmjs.org/send/-/send-0.19.0.tgz", - "integrity": "sha512-dW41u5VfLXu8SJh5bwRmyYUbAoSB3c9uQh6L8h/KtsFREPWpbX1lrljJo186Jc4nmci/sGUZ9a0a0J2zgfq2hw==", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/send/-/send-1.2.0.tgz", + "integrity": "sha512-uaW0WwXKpL9blXE2o0bRhoL2EGXIrZxQ2ZQ4mgcfoBxdFmQold+qWsD2jLrfZ0trjKL6vOw0j//eAwcALFjKSw==", "license": "MIT", "dependencies": { - "debug": "2.6.9", - "depd": "2.0.0", - "destroy": "1.2.0", - "encodeurl": "~1.0.2", - "escape-html": "~1.0.3", - "etag": "~1.8.1", - "fresh": "0.5.2", - "http-errors": "2.0.0", - "mime": "1.6.0", - "ms": "2.1.3", - "on-finished": "2.4.1", - "range-parser": "~1.2.1", - "statuses": "2.0.1" + "debug": "^4.3.5", + "encodeurl": "^2.0.0", + "escape-html": "^1.0.3", + "etag": "^1.8.1", + "fresh": "^2.0.0", + "http-errors": "^2.0.0", + "mime-types": "^3.0.1", + "ms": "^2.1.3", + "on-finished": "^2.4.1", + "range-parser": "^1.2.1", + "statuses": "^2.0.1" }, "engines": { - "node": ">= 0.8.0" - } - }, - "node_modules/send/node_modules/debug": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", - "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", - "license": "MIT", - "dependencies": { - "ms": "2.0.0" - } - }, - "node_modules/send/node_modules/debug/node_modules/ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==", - "license": "MIT" - }, - "node_modules/send/node_modules/encodeurl": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz", - "integrity": "sha512-TPJXq8JqFaVYm2CWmPvnP2Iyo4ZSM7/QKcSmuMLDObfpH5fi7RUGmd/rTDf+rut/saiDiQEeVTNgAmJEdAOx0w==", - "license": "MIT", - "engines": { - "node": ">= 0.8" + "node": ">= 18" } }, "node_modules/serve-static": { - "version": "1.16.2", - "resolved": "https://registry.npmjs.org/serve-static/-/serve-static-1.16.2.tgz", - "integrity": "sha512-VqpjJZKadQB/PEbEwvFdO43Ax5dFBZ2UECszz8bQ7pi7wt//PWe1P6MN7eCnjsatYtBT6EuiClbjSWP2WrIoTw==", + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/serve-static/-/serve-static-2.2.0.tgz", + "integrity": "sha512-61g9pCh0Vnh7IutZjtLGGpTA355+OPn2TyDv/6ivP2h/AdAVX9azsoxmg2/M6nZeQZNYBEwIcsne1mJd9oQItQ==", "license": "MIT", "dependencies": { - "encodeurl": "~2.0.0", - "escape-html": "~1.0.3", - "parseurl": "~1.3.3", - "send": "0.19.0" + "encodeurl": "^2.0.0", + "escape-html": "^1.0.3", + "parseurl": "^1.3.3", + "send": "^1.2.0" }, "engines": { - "node": ">= 0.8.0" + "node": ">= 18" } }, "node_modules/set-function-length": { @@ -14471,16 +15187,16 @@ "license": "ISC" }, "node_modules/sharp": { - "version": "0.33.5", - "resolved": "https://registry.npmjs.org/sharp/-/sharp-0.33.5.tgz", - "integrity": "sha512-haPVm1EkS9pgvHrQ/F3Xy+hgcuMV0Wm9vfIBSiwZ05k+xgb0PkBQpGsAA/oWdDobNaZTH5ppvHtzCFbnSEwHVw==", + "version": "0.34.3", + "resolved": "https://registry.npmjs.org/sharp/-/sharp-0.34.3.tgz", + "integrity": "sha512-eX2IQ6nFohW4DbvHIOLRB3MHFpYqaqvXd3Tp5e/T/dSH83fxaNJQRvDMhASmkNTsNTVF2/OOopzRCt7xokgPfg==", "hasInstallScript": true, "license": "Apache-2.0", "optional": true, "dependencies": { "color": "^4.2.3", - "detect-libc": "^2.0.3", - "semver": "^7.6.3" + "detect-libc": "^2.0.4", + "semver": "^7.7.2" }, "engines": { "node": "^18.17.0 || ^20.3.0 || >=21.0.0" @@ -14489,25 +15205,28 @@ "url": "https://opencollective.com/libvips" }, "optionalDependencies": { - "@img/sharp-darwin-arm64": "0.33.5", - "@img/sharp-darwin-x64": "0.33.5", - "@img/sharp-libvips-darwin-arm64": "1.0.4", - "@img/sharp-libvips-darwin-x64": "1.0.4", - "@img/sharp-libvips-linux-arm": "1.0.5", - "@img/sharp-libvips-linux-arm64": "1.0.4", - "@img/sharp-libvips-linux-s390x": "1.0.4", - "@img/sharp-libvips-linux-x64": "1.0.4", - "@img/sharp-libvips-linuxmusl-arm64": "1.0.4", - "@img/sharp-libvips-linuxmusl-x64": "1.0.4", - "@img/sharp-linux-arm": "0.33.5", - "@img/sharp-linux-arm64": "0.33.5", - "@img/sharp-linux-s390x": "0.33.5", - "@img/sharp-linux-x64": "0.33.5", - "@img/sharp-linuxmusl-arm64": "0.33.5", - "@img/sharp-linuxmusl-x64": "0.33.5", - "@img/sharp-wasm32": "0.33.5", - "@img/sharp-win32-ia32": "0.33.5", - "@img/sharp-win32-x64": "0.33.5" + "@img/sharp-darwin-arm64": "0.34.3", + "@img/sharp-darwin-x64": "0.34.3", + "@img/sharp-libvips-darwin-arm64": "1.2.0", + "@img/sharp-libvips-darwin-x64": "1.2.0", + "@img/sharp-libvips-linux-arm": "1.2.0", + "@img/sharp-libvips-linux-arm64": "1.2.0", + "@img/sharp-libvips-linux-ppc64": "1.2.0", + "@img/sharp-libvips-linux-s390x": "1.2.0", + "@img/sharp-libvips-linux-x64": "1.2.0", + "@img/sharp-libvips-linuxmusl-arm64": "1.2.0", + "@img/sharp-libvips-linuxmusl-x64": "1.2.0", + "@img/sharp-linux-arm": "0.34.3", + "@img/sharp-linux-arm64": "0.34.3", + "@img/sharp-linux-ppc64": "0.34.3", + "@img/sharp-linux-s390x": "0.34.3", + "@img/sharp-linux-x64": "0.34.3", + "@img/sharp-linuxmusl-arm64": "0.34.3", + "@img/sharp-linuxmusl-x64": "0.34.3", + "@img/sharp-wasm32": "0.34.3", + "@img/sharp-win32-arm64": "0.34.3", + "@img/sharp-win32-ia32": "0.34.3", + "@img/sharp-win32-x64": "0.34.3" } }, "node_modules/shebang-command": { @@ -14531,19 +15250,6 @@ "node": ">=8" } }, - "node_modules/shell-quote": { - "version": "1.8.2", - "resolved": "https://registry.npmjs.org/shell-quote/-/shell-quote-1.8.2.tgz", - "integrity": "sha512-AzqKpGKjrj7EM6rKVQEPpB288oCfnrEIuyoT9cyF4nmGa7V8Zk6f7RRqYisX8X9m+Q7bd632aZW4ky7EhbQztA==", - "dev": true, - "license": "MIT", - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, "node_modules/side-channel": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.1.0.tgz", @@ -14677,6 +15383,13 @@ "is-arrayish": "^0.3.1" } }, + "node_modules/sisteransi": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/sisteransi/-/sisteransi-1.0.5.tgz", + "integrity": "sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==", + "dev": true, + "license": "MIT" + }, "node_modules/slash": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", @@ -14789,6 +15502,20 @@ } } }, + "node_modules/socket.io/node_modules/accepts": { + "version": "1.3.8", + "resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.8.tgz", + "integrity": "sha512-PYAthTa2m2VKxuvSD3DPC/Gy+U+sOA1LAuT8mkmRuvw+NACSaeXEQ+NHcVF7rONl6qcaxV3Uuemwawk+7+SJLw==", + "dev": true, + "license": "MIT", + "dependencies": { + "mime-types": "~2.1.34", + "negotiator": "0.6.3" + }, + "engines": { + "node": ">= 0.6" + } + }, "node_modules/socket.io/node_modules/debug": { "version": "4.3.7", "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.7.tgz", @@ -14807,11 +15534,43 @@ } } }, + "node_modules/socket.io/node_modules/mime-db": { + "version": "1.52.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", + "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/socket.io/node_modules/mime-types": { + "version": "2.1.35", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", + "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", + "dev": true, + "license": "MIT", + "dependencies": { + "mime-db": "1.52.0" + }, + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/socket.io/node_modules/negotiator": { + "version": "0.6.3", + "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz", + "integrity": "sha512-+EUsqGPLsM+j/zdChZjsnX51g4XrHFOIXwfnCVPGlQk/k5giakcKsuxCObBRu6DSm9opw/O6slWbJdghQM4bBg==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.6" + } + }, "node_modules/source-map": { "version": "0.6.1", "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", - "dev": true, "license": "BSD-3-Clause", "engines": { "node": ">=0.10.0" @@ -14830,17 +15589,25 @@ "version": "0.5.21", "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.21.tgz", "integrity": "sha512-uBHU3L3czsIyYXKX88fdrGovxdSCoTGDRZ6SYXtSRxLZUzHg5P/66Ht6uoUlHu9EZod+inXhKo3qQgwXUT/y1w==", - "dev": true, "license": "MIT", "dependencies": { "buffer-from": "^1.0.0", "source-map": "^0.6.0" } }, + "node_modules/split2": { + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/split2/-/split2-4.2.0.tgz", + "integrity": "sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==", + "license": "ISC", + "engines": { + "node": ">= 10.x" + } + }, "node_modules/stable-hash": { - "version": "0.0.4", - "resolved": "https://registry.npmjs.org/stable-hash/-/stable-hash-0.0.4.tgz", - "integrity": "sha512-LjdcbuBeLcdETCrPn9i8AYAZ1eCtu4ECAWtP7UleOiZ9LzVxRzzUZEoZ8zB24nhkQnDWyET0I+3sWokSDS3E7g==", + "version": "0.0.5", + "resolved": "https://registry.npmjs.org/stable-hash/-/stable-hash-0.0.5.tgz", + "integrity": "sha512-+L3ccpzibovGXFK+Ap/f8LOS0ahMrHTf3xu7mMLSpEGU0EO9ucaysSylKo9eRDFNhWve/y275iPmIZ4z39a9iA==", "license": "MIT" }, "node_modules/stack-trace": { @@ -14853,20 +15620,38 @@ } }, "node_modules/statuses": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz", - "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.2.tgz", + "integrity": "sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==", "license": "MIT", "engines": { "node": ">= 0.8" } }, - "node_modules/streamsearch": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/streamsearch/-/streamsearch-1.1.0.tgz", - "integrity": "sha512-Mcc5wHehp9aXz1ax6bZUyY5afg9u2rv5cqQI3mRrYkGC8rW2hM02jWuwjtL++LS5qinSyhj2QfLyNsuc+VsExg==", + "node_modules/stdin-discarder": { + "version": "0.2.2", + "resolved": "https://registry.npmjs.org/stdin-discarder/-/stdin-discarder-0.2.2.tgz", + "integrity": "sha512-UhDfHmA92YAlNnCfhmq0VeNL5bDbiZGg7sZ2IvPsXubGkiNa9EC+tUTsjBRsYUAz87btI6/1wf4XoVvQ3uRnmQ==", + "dev": true, + "license": "MIT", "engines": { - "node": ">=10.0.0" + "node": ">=18" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/stop-iteration-iterator": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/stop-iteration-iterator/-/stop-iteration-iterator-1.1.0.tgz", + "integrity": "sha512-eLoXW/DHyl62zxY4SCaIgnRhuMr6ri4juEYARS8E6sCEqzKpOiE521Ucofdx+KnDZl5xmvGYaaKCk5FEOxJCoQ==", + "license": "MIT", + "dependencies": { + "es-errors": "^1.3.0", + "internal-slot": "^1.1.0" + }, + "engines": { + "node": ">= 0.4" } }, "node_modules/string_decoder": { @@ -15160,9 +15945,9 @@ } }, "node_modules/swagger-ui-dist": { - "version": "5.21.0", - "resolved": "https://registry.npmjs.org/swagger-ui-dist/-/swagger-ui-dist-5.21.0.tgz", - "integrity": "sha512-E0K3AB6HvQd8yQNSMR7eE5bk+323AUxjtCz/4ZNKiahOlPhPJxqn3UPIGs00cyY/dhrTDJ61L7C/a8u6zhGrZg==", + "version": "5.27.1", + "resolved": "https://registry.npmjs.org/swagger-ui-dist/-/swagger-ui-dist-5.27.1.tgz", + "integrity": "sha512-oGtpYO3lnoaqyGtlJalvryl7TwzgRuxpOVWqEHx8af0YXI+Kt+4jMpLdgMtMcmWmuQ0QTCHLKExwrBFMSxvAUA==", "license": "Apache-2.0", "dependencies": { "@scarf/scarf": "=1.4.0" @@ -15184,9 +15969,9 @@ } }, "node_modules/tailwind-merge": { - "version": "2.6.0", - "resolved": "https://registry.npmjs.org/tailwind-merge/-/tailwind-merge-2.6.0.tgz", - "integrity": "sha512-P+Vu1qXfzediirmHOC3xKGAYeZtPcV9g76X+xg2FD4tYgR71ewMA35Y3sCz3zhiN/dwefRpJX0yBcgwi1fXNQA==", + "version": "3.3.1", + "resolved": "https://registry.npmjs.org/tailwind-merge/-/tailwind-merge-3.3.1.tgz", + "integrity": "sha512-gBXpgUm/3rp1lMZZrM/w7D8GKqshif0zAymAhbCyIt8KMe+0v9DQ7cdYLR4FHH/cKpdTXb+A/tKKU3eolfsI+g==", "license": "MIT", "funding": { "type": "github", @@ -15194,24 +15979,43 @@ } }, "node_modules/tailwindcss": { - "version": "4.1.4", - "resolved": "https://registry.npmjs.org/tailwindcss/-/tailwindcss-4.1.4.tgz", - "integrity": "sha512-1ZIUqtPITFbv/DxRmDr5/agPqJwF69d24m9qmM1939TJehgY539CtzeZRjbLt5G6fSy/7YqqYsfvoTEw9xUI2A==", + "version": "4.1.12", + "resolved": "https://registry.npmjs.org/tailwindcss/-/tailwindcss-4.1.12.tgz", + "integrity": "sha512-DzFtxOi+7NsFf7DBtI3BJsynR+0Yp6etH+nRPTbpWnS2pZBaSksv/JGctNwSWzbFjp0vxSqknaUylseZqMDGrA==", "license": "MIT" }, "node_modules/tapable": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/tapable/-/tapable-2.2.1.tgz", - "integrity": "sha512-GNzQvQTOIP6RyTfE2Qxb8ZVlNmw0n88vp1szwWRimP02mnTsx3Wtn5qRdqY9w2XduFNUgvOwhNnQsjwCp+kqaQ==", + "version": "2.2.2", + "resolved": "https://registry.npmjs.org/tapable/-/tapable-2.2.2.tgz", + "integrity": "sha512-Re10+NauLTMCudc7T5WLFLAwDhQ0JWdrMK+9B2M8zR5hRExKmsRDCBA7/aV/pNJFltmBFO5BAMlQFi/vq3nKOg==", + "dev": true, "license": "MIT", "engines": { "node": ">=6" } }, + "node_modules/tar": { + "version": "7.4.3", + "resolved": "https://registry.npmjs.org/tar/-/tar-7.4.3.tgz", + "integrity": "sha512-5S7Va8hKfV7W5U6g3aYxXmlPoZVAwUMy9AOKyF2fVuZa2UD3qZjg578OrLRt8PcNN1PleVaL/5/yYATNL0ICUw==", + "dev": true, + "license": "ISC", + "dependencies": { + "@isaacs/fs-minipass": "^4.0.0", + "chownr": "^3.0.0", + "minipass": "^7.1.2", + "minizlib": "^3.0.1", + "mkdirp": "^3.0.1", + "yallist": "^5.0.0" + }, + "engines": { + "node": ">=18" + } + }, "node_modules/tar-fs": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.2.tgz", - "integrity": "sha512-EsaAXwxmx8UB7FRKqeozqEPop69DXcmYwTQwXvyAPF352HJsPdkVhvTaDPYqfNgruveJIJy3TA2l+2zj8LJIJA==", + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.3.tgz", + "integrity": "sha512-090nwYJDmlhwFwEW3QQl+vaNnxsO2yVsd45eTKRBzSzu+hlb1w2K9inVq5b0ngXuLVqQ4ApvsUHHnu/zQNkWAg==", "license": "MIT", "dependencies": { "chownr": "^1.1.1", @@ -15220,6 +16024,12 @@ "tar-stream": "^2.1.4" } }, + "node_modules/tar-fs/node_modules/chownr": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.4.tgz", + "integrity": "sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==", + "license": "ISC" + }, "node_modules/tar-stream": { "version": "2.2.0", "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-2.2.0.tgz", @@ -15242,6 +16052,29 @@ "integrity": "sha512-uuVGNWzgJ4yhRaNSiubPY7OjISw4sw4E5Uv0wbjp+OzcbmVU/rsT8ujgcXJhn9ypzsgr5vlzpPqP+MBBKcGvbg==", "license": "MIT" }, + "node_modules/tinyexec": { + "version": "0.3.2", + "resolved": "https://registry.npmjs.org/tinyexec/-/tinyexec-0.3.2.tgz", + "integrity": "sha512-KQQR9yN7R5+OSwaK0XQoj22pwHoTlgYqmUscPYoknOoWCWfj/5/ABTMRi69FrKU5ffPVh5QcFikpWJI/P1ocHA==", + "dev": true, + "license": "MIT" + }, + "node_modules/tinyglobby": { + "version": "0.2.14", + "resolved": "https://registry.npmjs.org/tinyglobby/-/tinyglobby-0.2.14.tgz", + "integrity": "sha512-tX5e7OM1HnYr2+a2C/4V0htOcSQcoSTH9KgJnVvNm5zm/cyEWKJ7j7YutsH9CxMdtOkkLFy2AHrMci9IM8IPZQ==", + "license": "MIT", + "dependencies": { + "fdir": "^6.4.4", + "picomatch": "^4.0.2" + }, + "engines": { + "node": ">=12.0.0" + }, + "funding": { + "url": "https://github.com/sponsors/SuperchupuDev" + } + }, "node_modules/to-regex-range": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", @@ -15263,6 +16096,12 @@ "node": ">=0.6" } }, + "node_modules/tr46": { + "version": "0.0.3", + "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", + "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", + "license": "MIT" + }, "node_modules/triple-beam": { "version": "1.4.1", "resolved": "https://registry.npmjs.org/triple-beam/-/triple-beam-1.4.1.tgz", @@ -15273,9 +16112,9 @@ } }, "node_modules/ts-api-utils": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-2.0.0.tgz", - "integrity": "sha512-xCt/TOAc+EOHS1XPnijD3/yzpH6qg2xppZO1YDqGoVsNXfQfzHpOdNuXwrwOU8u4ITXJyDCTyt8w5g1sZv9ynQ==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-2.1.0.tgz", + "integrity": "sha512-CUgTZL1irw8u29bzrOD/nH85jqyc74D6SshFgujOIA7osm2Rz7dYH77agkx7H4FBNxDq7Cjf+IjaX/8zwFW+ZQ==", "license": "MIT", "engines": { "node": ">=18.12" @@ -15285,14 +16124,15 @@ } }, "node_modules/tsc-alias": { - "version": "1.8.10", - "resolved": "https://registry.npmjs.org/tsc-alias/-/tsc-alias-1.8.10.tgz", - "integrity": "sha512-Ibv4KAWfFkFdKJxnWfVtdOmB0Zi1RJVxcbPGiCDsFpCQSsmpWyuzHG3rQyI5YkobWwxFPEyQfu1hdo4qLG2zPw==", + "version": "1.8.16", + "resolved": "https://registry.npmjs.org/tsc-alias/-/tsc-alias-1.8.16.tgz", + "integrity": "sha512-QjCyu55NFyRSBAl6+MTFwplpFcnm2Pq01rR/uxfqJoLMm6X3O14KEGtaSDZpJYaE1bJBGDjD0eSuiIWPe2T58g==", "dev": true, "license": "MIT", "dependencies": { "chokidar": "^3.5.3", "commander": "^9.0.0", + "get-tsconfig": "^4.10.0", "globby": "^11.0.4", "mylas": "^2.1.9", "normalize-path": "^3.0.0", @@ -15300,6 +16140,9 @@ }, "bin": { "tsc-alias": "dist/bin/index.js" + }, + "engines": { + "node": ">=16.20.2" } }, "node_modules/tsc-alias/node_modules/chokidar": { @@ -15388,18 +16231,6 @@ "strip-bom": "^3.0.0" } }, - "node_modules/tsconfig-paths/node_modules/json5": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz", - "integrity": "sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==", - "license": "MIT", - "dependencies": { - "minimist": "^1.2.0" - }, - "bin": { - "json5": "lib/cli.js" - } - }, "node_modules/tslib": { "version": "2.8.1", "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz", @@ -15416,9 +16247,9 @@ } }, "node_modules/tsx": { - "version": "4.19.3", - "resolved": "https://registry.npmjs.org/tsx/-/tsx-4.19.3.tgz", - "integrity": "sha512-4H8vUNGNjQ4V2EOoGw005+c+dGuPSnhpPBPHBtsZdGZBk/iJb4kguGlPWaZTZ3q5nMtFOEsY0nRDlh9PJyd6SQ==", + "version": "4.20.5", + "resolved": "https://registry.npmjs.org/tsx/-/tsx-4.20.5.tgz", + "integrity": "sha512-+wKjMNU9w/EaQayHXb7WA7ZaHY6hN8WgfvHNQ3t1PnU91/7O8TcTnIhCDYTZwnt8JsO9IBqZ30Ln1r7pPF52Aw==", "dev": true, "license": "MIT", "dependencies": { @@ -15448,9 +16279,9 @@ } }, "node_modules/tw-animate-css": { - "version": "1.2.8", - "resolved": "https://registry.npmjs.org/tw-animate-css/-/tw-animate-css-1.2.8.tgz", - "integrity": "sha512-AxSnYRvyFnAiZCUndS3zQZhNfV/B77ZhJ+O7d3K6wfg/jKJY+yv6ahuyXwnyaYA9UdLqnpCwhTRv9pPTBnPR2g==", + "version": "1.3.7", + "resolved": "https://registry.npmjs.org/tw-animate-css/-/tw-animate-css-1.3.7.tgz", + "integrity": "sha512-lvLb3hTIpB5oGsk8JmLoAjeCHV58nKa2zHYn8yWOoG5JJusH3bhJlF2DLAZ/5NmJ+jyH3ssiAx/2KmbhavJy/A==", "license": "MIT", "funding": { "url": "https://github.com/sponsors/Wombosvideo" @@ -15469,13 +16300,14 @@ } }, "node_modules/type-is": { - "version": "1.6.18", - "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", - "integrity": "sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==", + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/type-is/-/type-is-2.0.1.tgz", + "integrity": "sha512-OZs6gsjF4vMp32qrCbiVSkrFmXtG/AZhY3t0iAMrMBiAZyV9oALtXO8hsrHbMXF9x6L3grlFuwW2oAz7cav+Gw==", "license": "MIT", "dependencies": { - "media-typer": "0.3.0", - "mime-types": "~2.1.24" + "content-type": "^1.0.5", + "media-typer": "^1.1.0", + "mime-types": "^3.0.0" }, "engines": { "node": ">= 0.6" @@ -15556,9 +16388,9 @@ } }, "node_modules/typescript": { - "version": "5.7.3", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.7.3.tgz", - "integrity": "sha512-84MVSjMEHP+FQRPy3pX9sTVV/INIex71s9TL2Gm5FG/WG1SqXeKyZ0k7/blY/4FdOzI12CBy1vGc4og/eus0fw==", + "version": "5.9.2", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.9.2.tgz", + "integrity": "sha512-CWBzXQrc/qOkhidw1OzBTQuYRbfyxDXJMVJ1XNwUHGROVmuaeiEm3OslpZ1RV96d7SKKjZKrSJu3+t/xlw3R9A==", "license": "Apache-2.0", "bin": { "tsc": "bin/tsc", @@ -15568,6 +16400,30 @@ "node": ">=14.17" } }, + "node_modules/typescript-eslint": { + "version": "8.40.0", + "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.40.0.tgz", + "integrity": "sha512-Xvd2l+ZmFDPEt4oj1QEXzA4A2uUK6opvKu3eGN9aGjB8au02lIVcLyi375w94hHyejTOmzIU77L8ol2sRg9n7Q==", + "dev": true, + "license": "MIT", + "dependencies": { + "@typescript-eslint/eslint-plugin": "8.40.0", + "@typescript-eslint/parser": "8.40.0", + "@typescript-eslint/typescript-estree": "8.40.0", + "@typescript-eslint/utils": "8.40.0" + }, + "engines": { + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" + }, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/typescript-eslint" + }, + "peerDependencies": { + "eslint": "^8.57.0 || ^9.0.0", + "typescript": ">=4.8.4 <6.0.0" + } + }, "node_modules/unbox-primitive": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/unbox-primitive/-/unbox-primitive-1.1.0.tgz", @@ -15587,9 +16443,9 @@ } }, "node_modules/undici-types": { - "version": "6.20.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.20.0.tgz", - "integrity": "sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg==", + "version": "7.10.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.10.0.tgz", + "integrity": "sha512-t5Fy/nfn+14LuOc2KNYg75vZqClpAiqscVvMygNnlsHBFpSXdJaYtXMcdNLpl/Qvc3P2cB3s6lOV51nqsFq4ag==", "devOptional": true, "license": "MIT" }, @@ -15602,6 +16458,40 @@ "node": ">= 0.8" } }, + "node_modules/unrs-resolver": { + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/unrs-resolver/-/unrs-resolver-1.11.1.tgz", + "integrity": "sha512-bSjt9pjaEBnNiGgc9rUiHGKv5l4/TGzDmYw3RhnkJGtLhbnnA/5qJj7x3dNDCRx/PJxu774LlH8lCOlB4hEfKg==", + "hasInstallScript": true, + "license": "MIT", + "dependencies": { + "napi-postinstall": "^0.3.0" + }, + "funding": { + "url": "https://opencollective.com/unrs-resolver" + }, + "optionalDependencies": { + "@unrs/resolver-binding-android-arm-eabi": "1.11.1", + "@unrs/resolver-binding-android-arm64": "1.11.1", + "@unrs/resolver-binding-darwin-arm64": "1.11.1", + "@unrs/resolver-binding-darwin-x64": "1.11.1", + "@unrs/resolver-binding-freebsd-x64": "1.11.1", + "@unrs/resolver-binding-linux-arm-gnueabihf": "1.11.1", + "@unrs/resolver-binding-linux-arm-musleabihf": "1.11.1", + "@unrs/resolver-binding-linux-arm64-gnu": "1.11.1", + "@unrs/resolver-binding-linux-arm64-musl": "1.11.1", + "@unrs/resolver-binding-linux-ppc64-gnu": "1.11.1", + "@unrs/resolver-binding-linux-riscv64-gnu": "1.11.1", + "@unrs/resolver-binding-linux-riscv64-musl": "1.11.1", + "@unrs/resolver-binding-linux-s390x-gnu": "1.11.1", + "@unrs/resolver-binding-linux-x64-gnu": "1.11.1", + "@unrs/resolver-binding-linux-x64-musl": "1.11.1", + "@unrs/resolver-binding-wasm32-wasi": "1.11.1", + "@unrs/resolver-binding-win32-arm64-msvc": "1.11.1", + "@unrs/resolver-binding-win32-ia32-msvc": "1.11.1", + "@unrs/resolver-binding-win32-x64-msvc": "1.11.1" + } + }, "node_modules/uri-js": { "version": "4.4.1", "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", @@ -15632,6 +16522,20 @@ } } }, + "node_modules/use-intl": { + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/use-intl/-/use-intl-4.3.4.tgz", + "integrity": "sha512-sHfiU0QeJ1rirNWRxvCyvlSh9+NczcOzRnPyMeo2rtHXhVnBsvMRjE+UG4eh3lRhCxrvcqei/I0lBxsc59on1w==", + "license": "MIT", + "dependencies": { + "@formatjs/fast-memoize": "^2.2.0", + "@schummar/icu-type-parser": "1.21.5", + "intl-messageformat": "^10.5.14" + }, + "peerDependencies": { + "react": "^17.0.0 || ^18.0.0 || >=19.0.0-rc <19.0.0 || ^19.0.0" + } + }, "node_modules/use-sidecar": { "version": "1.1.3", "resolved": "https://registry.npmjs.org/use-sidecar/-/use-sidecar-1.1.3.tgz", @@ -15655,9 +16559,9 @@ } }, "node_modules/use-sync-external-store": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/use-sync-external-store/-/use-sync-external-store-1.4.0.tgz", - "integrity": "sha512-9WXSPC5fMv61vaupRkCKCxsPxBocVnwakBEkMIHHpkTTg6icbJtg6jzgtLDm4bl3cSHAca52rYWih0k4K3PfHw==", + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/use-sync-external-store/-/use-sync-external-store-1.5.0.tgz", + "integrity": "sha512-Rb46I4cGGVBmjamjphe8L/UnvJD+uPPtTkNvX5mZgqdbavhI4EbgIWJiIHXJ8bc/i9EQGPRh4DwEURJ552Do0A==", "license": "MIT", "peerDependencies": { "react": "^16.8.0 || ^17.0.0 || ^18.0.0 || ^19.0.0" @@ -15669,15 +16573,6 @@ "integrity": "sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==", "license": "MIT" }, - "node_modules/utils-merge": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz", - "integrity": "sha512-pMZTvIkT1d+TFGvDOqodOclx0QWkkgi6Tdoa8gC8ffGAAqz9pzPTZWAybbsHHoED/ztMtkv/VoYTYyShUn81hA==", - "license": "MIT", - "engines": { - "node": ">= 0.4.0" - } - }, "node_modules/uuid": { "version": "11.1.0", "resolved": "https://registry.npmjs.org/uuid/-/uuid-11.1.0.tgz", @@ -15713,16 +16608,6 @@ "react-dom": "^16.8 || ^17.0 || ^18.0 || ^19.0.0 || ^19.0.0-rc" } }, - "node_modules/wcwidth": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/wcwidth/-/wcwidth-1.0.1.tgz", - "integrity": "sha512-XHPEwS0q6TaxcvG85+8EYkbiCux2XtWG2mkc47Ng2A77BQu9+DqIOJldST4HgPkuea7dvKSj5VgX3P1d4rW8Tg==", - "dev": true, - "license": "MIT", - "dependencies": { - "defaults": "^1.0.3" - } - }, "node_modules/web-streams-polyfill": { "version": "3.3.3", "resolved": "https://registry.npmjs.org/web-streams-polyfill/-/web-streams-polyfill-3.3.3.tgz", @@ -15732,6 +16617,22 @@ "node": ">= 8" } }, + "node_modules/webidl-conversions": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", + "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", + "license": "BSD-2-Clause" + }, + "node_modules/whatwg-url": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", + "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "license": "MIT", + "dependencies": { + "tr46": "~0.0.3", + "webidl-conversions": "^3.0.0" + } + }, "node_modules/which": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/which/-/which-4.0.0.tgz", @@ -15813,15 +16714,16 @@ } }, "node_modules/which-typed-array": { - "version": "1.1.18", - "resolved": "https://registry.npmjs.org/which-typed-array/-/which-typed-array-1.1.18.tgz", - "integrity": "sha512-qEcY+KJYlWyLH9vNbsr6/5j59AXk5ni5aakf8ldzBvGde6Iz4sxZGkJyWSAueTG7QhOvNRYb1lDdFmL5Td0QKA==", + "version": "1.1.19", + "resolved": "https://registry.npmjs.org/which-typed-array/-/which-typed-array-1.1.19.tgz", + "integrity": "sha512-rEvr90Bck4WZt9HHFC4DJMsjvu7x+r6bImz0/BrbWb7A2djJ8hnZMrWnHo9F8ssv0OMErasDhftrfROTyqSDrw==", "license": "MIT", "dependencies": { "available-typed-arrays": "^1.0.7", "call-bind": "^1.0.8", - "call-bound": "^1.0.3", - "for-each": "^0.3.3", + "call-bound": "^1.0.4", + "for-each": "^0.3.5", + "get-proto": "^1.0.1", "gopd": "^1.2.0", "has-tostringtag": "^1.0.2" }, @@ -15999,9 +16901,9 @@ "license": "ISC" }, "node_modules/ws": { - "version": "8.18.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.0.tgz", - "integrity": "sha512-8VbfWfHLbbwu3+N6OKsOMpBdT4kXPDDB9cJk2bJ6mh9ucxdlnNvH1e+roYkKmN9Nxw2yjz7VzeO9oOz2zJ04Pw==", + "version": "8.18.3", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", + "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", "license": "MIT", "engines": { "node": ">=10.0.0" @@ -16019,100 +16921,93 @@ } } }, + "node_modules/xtend": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.2.tgz", + "integrity": "sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==", + "license": "MIT", + "engines": { + "node": ">=0.4" + } + }, "node_modules/y18n": { "version": "5.0.8", "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz", "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==", - "dev": true, "license": "ISC", "engines": { "node": ">=10" } }, + "node_modules/yallist": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-5.0.0.tgz", + "integrity": "sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==", + "dev": true, + "license": "BlueOak-1.0.0", + "engines": { + "node": ">=18" + } + }, "node_modules/yaml": { - "version": "2.7.1", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.7.1.tgz", - "integrity": "sha512-10ULxpnOCQXxJvBgxsn9ptjq6uviG/htZKk9veJGhlqn3w/DxQ631zFF+nlQXLwmImeS5amR2dl2U8sg6U9jsQ==", + "version": "2.8.1", + "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.8.1.tgz", + "integrity": "sha512-lcYcMxX2PO9XMGvAJkJ3OsNMw+/7FKes7/hgerGUYWIoWu5j/+YQqcZr5JnPZWzOsEBgMbSbiSTn/dv/69Mkpw==", "license": "ISC", "bin": { "yaml": "bin.mjs" }, "engines": { - "node": ">= 14" + "node": ">= 14.6" } }, "node_modules/yargs": { - "version": "17.7.2", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", - "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", - "dev": true, + "version": "18.0.0", + "resolved": "https://registry.npmjs.org/yargs/-/yargs-18.0.0.tgz", + "integrity": "sha512-4UEqdc2RYGHZc7Doyqkrqiln3p9X2DZVxaGbwhn2pi7MrRagKaOcIKe8L3OxYcbhXLgLFUS3zAYuQjKBQgmuNg==", "license": "MIT", "dependencies": { - "cliui": "^8.0.1", + "cliui": "^9.0.1", "escalade": "^3.1.1", "get-caller-file": "^2.0.5", - "require-directory": "^2.1.1", - "string-width": "^4.2.3", + "string-width": "^7.2.0", "y18n": "^5.0.5", - "yargs-parser": "^21.1.1" + "yargs-parser": "^22.0.0" }, "engines": { - "node": ">=12" + "node": "^20.19.0 || ^22.12.0 || >=23" } }, "node_modules/yargs-parser": { - "version": "21.1.1", - "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz", - "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==", - "dev": true, + "version": "22.0.0", + "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-22.0.0.tgz", + "integrity": "sha512-rwu/ClNdSMpkSrUb+d6BRsSkLUq1fmfsY6TOpYzTwvwkg1/NRG85KBy3kq++A8LKQwX6lsu+aWad+2khvuXrqw==", "license": "ISC", "engines": { - "node": ">=12" - } - }, - "node_modules/yargs/node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=8" + "node": "^20.19.0 || ^22.12.0 || >=23" } }, "node_modules/yargs/node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", - "dev": true, + "version": "10.4.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-10.4.0.tgz", + "integrity": "sha512-EC+0oUMY1Rqm4O6LLrgjtYDvcVYTy7chDnM4Q7030tP4Kwj3u/pR6gP9ygnp2CJMK5Gq+9Q2oqmrFJAz01DXjw==", "license": "MIT" }, "node_modules/yargs/node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", - "dev": true, + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-7.2.0.tgz", + "integrity": "sha512-tsaTIkKW9b4N+AEj+SVA+WhJzV7/zMhcSu78mLKWSk7cXMOSHsBKFWUs0fWwq8QyK3MgJBQRX6Gbi4kYbdvGkQ==", "license": "MIT", "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" + "emoji-regex": "^10.3.0", + "get-east-asian-width": "^1.0.0", + "strip-ansi": "^7.1.0" }, "engines": { - "node": ">=8" - } - }, - "node_modules/yargs/node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", - "dev": true, - "license": "MIT", - "dependencies": { - "ansi-regex": "^5.0.1" + "node": ">=18" }, - "engines": { - "node": ">=8" + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, "node_modules/yocto-queue": { @@ -16127,25 +17022,38 @@ "url": "https://github.com/sponsors/sindresorhus" } }, + "node_modules/yoctocolors": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/yoctocolors/-/yoctocolors-2.1.1.tgz", + "integrity": "sha512-GQHQqAopRhwU8Kt1DDM8NjibDXHC8eoh1erhGAJPEyveY9qqVeXvVikNKrDz69sHowPMorbPUrH/mx8c50eiBQ==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=18" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, "node_modules/zod": { - "version": "3.24.1", - "resolved": "https://registry.npmjs.org/zod/-/zod-3.24.1.tgz", - "integrity": "sha512-muH7gBL9sI1nciMZV67X5fTKKBLtwpZ5VBp1vsOQzj1MhrBZ4wlVCm3gedKZWLp0Oyel8sIGfeiz54Su+OVT+A==", + "version": "3.25.76", + "resolved": "https://registry.npmjs.org/zod/-/zod-3.25.76.tgz", + "integrity": "sha512-gzUt/qt81nXsFGKIFcC3YnfEAx5NkunCfnDlvuBSSFS02bcXu4Lmea0AFIUwbLWxWPx3d9p8S5QoaujKcNQxcQ==", "license": "MIT", "funding": { "url": "https://github.com/sponsors/colinhacks" } }, "node_modules/zod-validation-error": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/zod-validation-error/-/zod-validation-error-3.4.0.tgz", - "integrity": "sha512-ZOPR9SVY6Pb2qqO5XHt+MkkTRxGXb4EVtnjc9JpXUOtUB1T9Ru7mZOT361AN3MsetVe7R0a1KZshJDZdgp9miQ==", + "version": "3.5.2", + "resolved": "https://registry.npmjs.org/zod-validation-error/-/zod-validation-error-3.5.2.tgz", + "integrity": "sha512-mdi7YOLtram5dzJ5aDtm1AG9+mxRma1iaMrZdYIpFO7epdKBUwLHIxTF8CPDeCQ828zAXYtizrKlEJAtzgfgrw==", "license": "MIT", "engines": { "node": ">=18.0.0" }, "peerDependencies": { - "zod": "^3.18.0" + "zod": "^3.25.0" } } } diff --git a/package.json b/package.json index f2ce2cd4..2c1c3fca 100644 --- a/package.json +++ b/package.json @@ -12,123 +12,139 @@ "license": "SEE LICENSE IN LICENSE AND README.md", "scripts": { "dev": "NODE_ENV=development ENVIRONMENT=dev tsx watch server/index.ts", - "db:generate": "drizzle-kit generate", - "db:push": "npx tsx server/db/migrate.ts", - "db:studio": "drizzle-kit studio", - "build": "mkdir -p dist && next build && node esbuild.mjs -e server/index.ts -o dist/server.mjs && node esbuild.mjs -e server/setup/migrations.ts -o dist/migrations.mjs", - "start": "NODE_OPTIONS=--enable-source-maps NODE_ENV=development ENVIRONMENT=prod sh -c 'node dist/migrations.mjs && node dist/server.mjs'", - "email": "email dev --dir server/emails/templates --port 3005" + "db:pg:generate": "drizzle-kit generate --config=./drizzle.pg.config.ts", + "db:sqlite:generate": "drizzle-kit generate --config=./drizzle.sqlite.config.ts", + "db:pg:push": "npx tsx server/db/pg/migrate.ts", + "db:sqlite:push": "npx tsx server/db/sqlite/migrate.ts", + "db:sqlite:studio": "drizzle-kit studio --config=./drizzle.sqlite.config.ts", + "db:pg:studio": "drizzle-kit studio --config=./drizzle.pg.config.ts", + "db:clear-migrations": "rm -rf server/migrations", + "build:sqlite": "mkdir -p dist && next build && node esbuild.mjs -e server/index.ts -o dist/server.mjs && node esbuild.mjs -e server/setup/migrationsSqlite.ts -o dist/migrations.mjs", + "build:pg": "mkdir -p dist && next build && node esbuild.mjs -e server/index.ts -o dist/server.mjs && node esbuild.mjs -e server/setup/migrationsPg.ts -o dist/migrations.mjs", + "start": "DB_TYPE=sqlite NODE_OPTIONS=--enable-source-maps NODE_ENV=development ENVIRONMENT=prod sh -c 'node dist/migrations.mjs && node dist/server.mjs'", + "email": "email dev --dir server/emails/templates --port 3005", + "build:cli": "node esbuild.mjs -e cli/index.ts -o dist/cli.mjs" }, "dependencies": { - "@asteasolutions/zod-to-openapi": "^7.3.0", + "@asteasolutions/zod-to-openapi": "^7.3.4", "@hookform/resolvers": "3.9.1", - "@node-rs/argon2": "2.0.2", + "@node-rs/argon2": "^2.0.2", "@oslojs/crypto": "1.0.1", "@oslojs/encoding": "1.1.0", - "@radix-ui/react-avatar": "1.1.2", - "@radix-ui/react-checkbox": "1.1.3", - "@radix-ui/react-collapsible": "1.1.2", - "@radix-ui/react-dialog": "1.1.4", - "@radix-ui/react-dropdown-menu": "2.1.4", + "@radix-ui/react-avatar": "1.1.10", + "@radix-ui/react-checkbox": "1.3.3", + "@radix-ui/react-collapsible": "1.1.12", + "@radix-ui/react-dialog": "1.1.15", + "@radix-ui/react-dropdown-menu": "2.1.16", "@radix-ui/react-icons": "1.3.2", - "@radix-ui/react-label": "2.1.1", - "@radix-ui/react-popover": "1.1.4", - "@radix-ui/react-progress": "^1.1.4", - "@radix-ui/react-radio-group": "1.2.2", - "@radix-ui/react-select": "2.1.4", - "@radix-ui/react-separator": "1.1.1", - "@radix-ui/react-slot": "1.1.1", - "@radix-ui/react-switch": "1.1.2", - "@radix-ui/react-tabs": "1.1.2", - "@radix-ui/react-toast": "1.2.4", - "@react-email/components": "0.0.36", - "@react-email/render": "^1.0.6", - "@react-email/tailwind": "1.0.4", + "@radix-ui/react-label": "2.1.7", + "@radix-ui/react-popover": "1.1.15", + "@radix-ui/react-progress": "^1.1.7", + "@radix-ui/react-radio-group": "1.3.8", + "@radix-ui/react-scroll-area": "^1.2.10", + "@radix-ui/react-select": "2.2.6", + "@radix-ui/react-separator": "1.1.7", + "@radix-ui/react-slot": "1.2.3", + "@radix-ui/react-switch": "1.2.6", + "@radix-ui/react-tabs": "1.1.13", + "@radix-ui/react-toast": "1.2.15", + "@radix-ui/react-tooltip": "^1.2.8", + "@react-email/components": "0.5.0", + "@react-email/render": "^1.2.0", + "@react-email/tailwind": "1.2.2", + "@simplewebauthn/browser": "^13.1.0", + "@simplewebauthn/server": "^9.0.3", "@tailwindcss/forms": "^0.5.10", - "@tanstack/react-table": "8.20.6", - "arctic": "^3.6.0", - "axios": "1.8.4", + "@tanstack/react-table": "8.21.3", + "arctic": "^3.7.0", + "axios": "1.11.0", "better-sqlite3": "11.7.0", "canvas-confetti": "1.9.3", - "class-variance-authority": "0.7.1", + "class-variance-authority": "^0.7.1", "clsx": "2.1.1", - "cmdk": "1.0.4", + "cmdk": "1.1.1", "cookie": "^1.0.2", "cookie-parser": "1.4.7", "cookies": "^0.9.1", "cors": "2.8.5", "crypto-js": "^4.2.0", - "drizzle-orm": "0.38.3", - "eslint": "9.17.0", - "eslint-config-next": "15.1.3", - "express": "4.21.2", - "express-rate-limit": "7.5.0", - "glob": "11.0.0", - "helmet": "8.0.0", + "drizzle-orm": "0.44.4", + "eslint": "9.33.0", + "eslint-config-next": "15.4.6", + "express": "5.1.0", + "express-rate-limit": "8.0.1", + "glob": "11.0.3", + "helmet": "8.1.0", "http-errors": "2.0.0", "i": "^0.3.7", - "input-otp": "1.4.1", + "input-otp": "1.4.2", "jmespath": "^0.16.0", "js-yaml": "4.1.0", "jsonwebtoken": "^9.0.2", - "lucide-react": "0.469.0", + "lucide-react": "0.539.0", "moment": "2.30.1", - "next": "15.2.4", - "next-themes": "0.4.4", + "next": "15.4.6", + "next-intl": "^4.3.4", + "next-themes": "0.4.6", "node-cache": "5.1.2", "node-fetch": "3.3.2", - "nodemailer": "6.9.16", - "npm": "^11.2.0", + "nodemailer": "7.0.5", + "npm": "^11.5.2", "oslo": "1.2.1", + "pg": "^8.16.2", "qrcode.react": "4.2.0", - "react": "19.0.0", - "react-dom": "19.0.0", + "react": "19.1.1", + "react-dom": "19.1.1", "react-easy-sort": "^1.6.0", - "react-hook-form": "7.54.2", + "react-hook-form": "7.62.0", "react-icons": "^5.5.0", "rebuild": "0.1.2", - "semver": "7.6.3", + "semver": "^7.7.2", + "source-map-support": "0.5.21", "swagger-ui-express": "^5.0.1", - "tailwind-merge": "2.6.0", - "tw-animate-css": "^1.2.5", + "tailwind-merge": "3.3.1", + "tw-animate-css": "^1.3.7", "uuid": "^11.1.0", "vaul": "1.1.2", "winston": "3.17.0", "winston-daily-rotate-file": "5.0.0", - "ws": "8.18.0", - "zod": "3.24.1", - "zod-validation-error": "3.4.0" + "ws": "8.18.3", + "yargs": "18.0.0", + "zod": "3.25.76", + "zod-validation-error": "3.5.2" }, "devDependencies": { - "@dotenvx/dotenvx": "1.32.0", + "@dotenvx/dotenvx": "1.49.0", "@esbuild-plugins/tsconfig-paths": "0.1.2", - "@tailwindcss/postcss": "^4.1.3", + "@tailwindcss/postcss": "^4.1.12", "@types/better-sqlite3": "7.6.12", - "@types/cookie-parser": "1.4.8", - "@types/cors": "2.8.17", + "@types/cookie-parser": "1.4.9", + "@types/cors": "2.8.19", "@types/crypto-js": "^4.2.2", - "@types/express": "5.0.0", + "@types/express": "5.0.3", + "@types/express-session": "^1.18.2", "@types/jmespath": "^0.15.2", "@types/js-yaml": "4.0.9", - "@types/jsonwebtoken": "^9.0.9", - "@types/node": "^22", + "@types/jsonwebtoken": "^9.0.10", + "@types/node": "^24", "@types/nodemailer": "6.4.17", - "@types/react": "19.1.1", - "@types/react-dom": "19.1.2", - "@types/semver": "7.5.8", + "@types/pg": "8.15.5", + "@types/react": "19.1.12", + "@types/react-dom": "19.1.9", + "@types/semver": "^7.7.0", "@types/swagger-ui-express": "^4.1.8", - "@types/ws": "8.5.13", + "@types/ws": "8.18.1", "@types/yargs": "17.0.33", - "drizzle-kit": "0.30.6", - "esbuild": "0.25.2", + "drizzle-kit": "0.31.4", + "esbuild": "0.25.9", "esbuild-node-externals": "1.18.0", "postcss": "^8", - "react-email": "4.0.6", + "react-email": "4.2.8", "tailwindcss": "^4.1.4", - "tsc-alias": "1.8.10", - "tsx": "4.19.3", + "tsc-alias": "1.8.16", + "tsx": "4.20.5", "typescript": "^5", - "yargs": "17.7.2" + "typescript-eslint": "^8.40.0" }, "overrides": { "emblor": { diff --git a/postcss.config.mjs b/postcss.config.mjs index 8dde23ef..9d3299ad 100644 --- a/postcss.config.mjs +++ b/postcss.config.mjs @@ -1,7 +1,7 @@ /** @type {import('postcss-load-config').Config} */ const config = { plugins: { - '@tailwindcss/postcss': {}, + "@tailwindcss/postcss": {}, }, }; diff --git a/public/auth-diagram1.png b/public/auth-diagram1.png new file mode 100644 index 00000000..92843a6d Binary files /dev/null and b/public/auth-diagram1.png differ diff --git a/public/clip.gif b/public/clip.gif new file mode 100644 index 00000000..4202d679 Binary files /dev/null and b/public/clip.gif differ diff --git a/public/diagram-dark.svg b/public/diagram-dark.svg new file mode 100644 index 00000000..58e44f35 --- /dev/null +++ b/public/diagram-dark.svg @@ -0,0 +1,132 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/public/diagram.svg b/public/diagram.svg new file mode 100644 index 00000000..9e9e39fb --- /dev/null +++ b/public/diagram.svg @@ -0,0 +1,132 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/public/logo/pangolin_black.svg b/public/logo/pangolin_black.svg index fd2b02ac..89f5a622 100644 --- a/public/logo/pangolin_black.svg +++ b/public/logo/pangolin_black.svg @@ -1,22 +1,21 @@ + + + + inkscape:document-units="mm" + showgrid="false" /> + + + + + diff --git a/public/logo/pangolin_orange.svg b/public/logo/pangolin_orange.svg index a8823c9d..5e81a57f 100644 --- a/public/logo/pangolin_orange.svg +++ b/public/logo/pangolin_orange.svg @@ -1,39 +1,22 @@ + + + xmlns:svg="http://www.w3.org/2000/svg"> + + + + + diff --git a/public/logo/pangolin_orange_192x192.png b/public/logo/pangolin_orange_192x192.png index 52e8659b..33fbf7b0 100644 Binary files a/public/logo/pangolin_orange_192x192.png and b/public/logo/pangolin_orange_192x192.png differ diff --git a/public/logo/pangolin_orange_512x512.png b/public/logo/pangolin_orange_512x512.png index 21f27644..ceed7e55 100644 Binary files a/public/logo/pangolin_orange_512x512.png and b/public/logo/pangolin_orange_512x512.png differ diff --git a/public/logo/pangolin_orange_96x96.png b/public/logo/pangolin_orange_96x96.png index 6d3821c2..76f23b9d 100644 Binary files a/public/logo/pangolin_orange_96x96.png and b/public/logo/pangolin_orange_96x96.png differ diff --git a/public/logo/pangolin_profile_picture.png b/public/logo/pangolin_profile_picture.png new file mode 100644 index 00000000..20c5f72b Binary files /dev/null and b/public/logo/pangolin_profile_picture.png differ diff --git a/public/logo/word_mark.png b/public/logo/word_mark.png index d75a047c..27944d9c 100644 Binary files a/public/logo/word_mark.png and b/public/logo/word_mark.png differ diff --git a/public/logo/word_mark_black.png b/public/logo/word_mark_black.png new file mode 100644 index 00000000..ba6fb84e Binary files /dev/null and b/public/logo/word_mark_black.png differ diff --git a/public/logo/word_mark_white.png b/public/logo/word_mark_white.png new file mode 100644 index 00000000..fb7a252d Binary files /dev/null and b/public/logo/word_mark_white.png differ diff --git a/public/screenshots/collage.png b/public/screenshots/collage.png deleted file mode 100644 index c791e7ea..00000000 Binary files a/public/screenshots/collage.png and /dev/null differ diff --git a/public/screenshots/create-api-key.png b/public/screenshots/create-api-key.png new file mode 100644 index 00000000..ad0ef6a4 Binary files /dev/null and b/public/screenshots/create-api-key.png differ diff --git a/public/screenshots/create-idp.png b/public/screenshots/create-idp.png new file mode 100644 index 00000000..e19ddec5 Binary files /dev/null and b/public/screenshots/create-idp.png differ diff --git a/public/screenshots/create-resource.png b/public/screenshots/create-resource.png new file mode 100644 index 00000000..3b21f22b Binary files /dev/null and b/public/screenshots/create-resource.png differ diff --git a/public/screenshots/create-share-link.png b/public/screenshots/create-share-link.png new file mode 100644 index 00000000..18849501 Binary files /dev/null and b/public/screenshots/create-share-link.png differ diff --git a/public/screenshots/create-site.png b/public/screenshots/create-site.png new file mode 100644 index 00000000..b5ff8048 Binary files /dev/null and b/public/screenshots/create-site.png differ diff --git a/public/screenshots/edit-resource.png b/public/screenshots/edit-resource.png new file mode 100644 index 00000000..2d21afa6 Binary files /dev/null and b/public/screenshots/edit-resource.png differ diff --git a/public/screenshots/hero.png b/public/screenshots/hero.png index 4e321ee1..86216cf6 100644 Binary files a/public/screenshots/hero.png and b/public/screenshots/hero.png differ diff --git a/public/screenshots/resource-auth.png b/public/screenshots/resource-auth.png new file mode 100644 index 00000000..e9d39f4c Binary files /dev/null and b/public/screenshots/resource-auth.png differ diff --git a/public/screenshots/resource-authentication.png b/public/screenshots/resource-authentication.png new file mode 100644 index 00000000..764cd616 Binary files /dev/null and b/public/screenshots/resource-authentication.png differ diff --git a/public/screenshots/resources.png b/public/screenshots/resources.png new file mode 100644 index 00000000..86216cf6 Binary files /dev/null and b/public/screenshots/resources.png differ diff --git a/public/screenshots/roles.png b/public/screenshots/roles.png new file mode 100644 index 00000000..09d27387 Binary files /dev/null and b/public/screenshots/roles.png differ diff --git a/public/screenshots/site-online.png b/public/screenshots/site-online.png new file mode 100644 index 00000000..0adef017 Binary files /dev/null and b/public/screenshots/site-online.png differ diff --git a/public/screenshots/sites-fade.png b/public/screenshots/sites-fade.png new file mode 100644 index 00000000..7e21c2cd Binary files /dev/null and b/public/screenshots/sites-fade.png differ diff --git a/public/screenshots/sites.png b/public/screenshots/sites.png new file mode 100644 index 00000000..0aaa79d0 Binary files /dev/null and b/public/screenshots/sites.png differ diff --git a/public/screenshots/users.png b/public/screenshots/users.png new file mode 100644 index 00000000..91286e02 Binary files /dev/null and b/public/screenshots/users.png differ diff --git a/server/apiServer.ts b/server/apiServer.ts index 824a860d..a400555b 100644 --- a/server/apiServer.ts +++ b/server/apiServer.ts @@ -5,23 +5,29 @@ import config from "@server/lib/config"; import logger from "@server/logger"; import { errorHandlerMiddleware, - notFoundMiddleware, - rateLimitMiddleware + notFoundMiddleware } from "@server/middlewares"; import { authenticated, unauthenticated } from "@server/routers/external"; import { router as wsRouter, handleWSUpgrade } from "@server/routers/ws"; import { logIncomingMiddleware } from "./middlewares/logIncoming"; import { csrfProtectionMiddleware } from "./middlewares/csrfProtection"; import helmet from "helmet"; +import rateLimit, { ipKeyGenerator } from "express-rate-limit"; +import createHttpError from "http-errors"; +import HttpCode from "./types/HttpCode"; +import requestTimeoutMiddleware from "./middlewares/requestTimeout"; +import { createStore } from "./lib/rateLimitStore"; const dev = config.isDev; const externalPort = config.getRawConfig().server.external_port; export function createApiServer() { const apiServer = express(); + const prefix = `/api/v1`; - if (config.getRawConfig().server.trust_proxy) { - apiServer.set("trust proxy", 1); + const trustProxy = config.getRawConfig().server.trust_proxy; + if (trustProxy) { + apiServer.set("trust proxy", trustProxy); } const corsConfig = config.getRawConfig().server.cors; @@ -53,19 +59,30 @@ export function createApiServer() { apiServer.use(cookieParser()); apiServer.use(express.json()); + // Add request timeout middleware + apiServer.use(requestTimeoutMiddleware(60000)); // 60 second timeout + if (!dev) { apiServer.use( - rateLimitMiddleware({ - windowMin: - config.getRawConfig().rate_limits.global.window_minutes, + rateLimit({ + windowMs: + config.getRawConfig().rate_limits.global.window_minutes * + 60 * + 1000, max: config.getRawConfig().rate_limits.global.max_requests, - type: "IP_AND_PATH" + keyGenerator: (req) => `apiServerGlobal:${ipKeyGenerator(req.ip || "")}:${req.path}`, + handler: (req, res, next) => { + const message = `Rate limit exceeded. You can make ${config.getRawConfig().rate_limits.global.max_requests} requests every ${config.getRawConfig().rate_limits.global.window_minutes} minute(s).`; + return next( + createHttpError(HttpCode.TOO_MANY_REQUESTS, message) + ); + }, + store: createStore() }) ); } // API routes - const prefix = `/api/v1`; apiServer.use(logIncomingMiddleware); apiServer.use(prefix, unauthenticated); apiServer.use(prefix, authenticated); diff --git a/server/auth/actions.ts b/server/auth/actions.ts index d974f03b..b5e4bbb3 100644 --- a/server/auth/actions.ts +++ b/server/auth/actions.ts @@ -1,6 +1,6 @@ import { Request } from "express"; import { db } from "@server/db"; -import { userActions, roleActions, userOrgs } from "@server/db/schemas"; +import { userActions, roleActions, userOrgs } from "@server/db"; import { and, eq, inArray } from "drizzle-orm"; import createHttpError from "http-errors"; import HttpCode from "@server/types/HttpCode"; @@ -57,6 +57,8 @@ export enum ActionsEnum { // removeUserAction = "removeUserAction", // removeUserSite = "removeUserSite", getOrgUser = "getOrgUser", + updateUser = "updateUser", + getUser = "getUser", setResourcePassword = "setResourcePassword", setResourcePincode = "setResourcePincode", setResourceWhitelist = "setResourceWhitelist", @@ -68,6 +70,16 @@ export enum ActionsEnum { deleteResourceRule = "deleteResourceRule", listResourceRules = "listResourceRules", updateResourceRule = "updateResourceRule", + createSiteResource = "createSiteResource", + deleteSiteResource = "deleteSiteResource", + getSiteResource = "getSiteResource", + listSiteResources = "listSiteResources", + updateSiteResource = "updateSiteResource", + createClient = "createClient", + deleteClient = "deleteClient", + updateClient = "updateClient", + listClients = "listClients", + getClient = "getClient", listOrgDomains = "listOrgDomains", createNewt = "createNewt", createIdp = "createIdp", @@ -86,7 +98,10 @@ export enum ActionsEnum { setApiKeyOrgs = "setApiKeyOrgs", listApiKeyActions = "listApiKeyActions", listApiKeys = "listApiKeys", - getApiKey = "getApiKey" + getApiKey = "getApiKey", + createOrgDomain = "createOrgDomain", + deleteOrgDomain = "deleteOrgDomain", + restartOrgDomain = "restartOrgDomain" } export async function checkUserActionPermission( @@ -109,7 +124,7 @@ export async function checkUserActionPermission( try { let userRoleIds = req.userRoleIds; - // If userOrgRoleId is not available on the request, fetch it + // If userRoleIds is not available on the request, fetch it if (userRoleIds === undefined) { const userOrgRoles = await db .select({ roleId: userOrgs.roleId }) diff --git a/server/auth/canUserAccessResource.ts b/server/auth/canUserAccessResource.ts index f322529c..a493148e 100644 --- a/server/auth/canUserAccessResource.ts +++ b/server/auth/canUserAccessResource.ts @@ -1,6 +1,6 @@ -import db from "@server/db"; +import { db } from "@server/db"; import { and, eq, inArray } from "drizzle-orm"; -import { roleResources, userResources } from "@server/db/schemas"; +import { roleResources, userResources } from "@server/db"; export async function canUserAccessResource({ userId, diff --git a/server/auth/checkValidInvite.ts b/server/auth/checkValidInvite.ts index bda12c9f..e8dee8a8 100644 --- a/server/auth/checkValidInvite.ts +++ b/server/auth/checkValidInvite.ts @@ -1,5 +1,5 @@ -import db from "@server/db"; -import { UserInvite, userInvites } from "@server/db/schemas"; +import { db } from "@server/db"; +import { UserInvite, userInvites } from "@server/db"; import { isWithinExpirationDate } from "oslo"; import { verifyPassword } from "./password"; import { eq } from "drizzle-orm"; diff --git a/server/auth/limits.ts b/server/auth/limits.ts deleted file mode 100644 index c7c19398..00000000 --- a/server/auth/limits.ts +++ /dev/null @@ -1,40 +0,0 @@ -import { db } from '@server/db'; -import { limitsTable } from '@server/db/schemas'; -import { and, eq } from 'drizzle-orm'; -import createHttpError from 'http-errors'; -import HttpCode from '@server/types/HttpCode'; - -interface CheckLimitOptions { - orgId: string; - limitName: string; - currentValue: number; - increment?: number; -} - -export async function checkOrgLimit({ orgId, limitName, currentValue, increment = 0 }: CheckLimitOptions): Promise { - try { - const limit = await db.select() - .from(limitsTable) - .where( - and( - eq(limitsTable.orgId, orgId), - eq(limitsTable.name, limitName) - ) - ) - .limit(1); - - if (limit.length === 0) { - throw createHttpError(HttpCode.NOT_FOUND, `Limit "${limitName}" not found for organization`); - } - - const limitValue = limit[0].value; - - // Check if the current value plus the increment is within the limit - return (currentValue + increment) <= limitValue; - } catch (error) { - if (error instanceof Error) { - throw createHttpError(HttpCode.INTERNAL_SERVER_ERROR, `Error checking limit: ${error.message}`); - } - throw createHttpError(HttpCode.INTERNAL_SERVER_ERROR, 'Unknown error occurred while checking limit'); - } -} diff --git a/server/auth/resourceOtp.ts b/server/auth/resourceOtp.ts index 2539bf38..3a0753e0 100644 --- a/server/auth/resourceOtp.ts +++ b/server/auth/resourceOtp.ts @@ -1,5 +1,5 @@ -import db from "@server/db"; -import { resourceOtp } from "@server/db/schemas"; +import { db } from "@server/db"; +import { resourceOtp } from "@server/db"; import { and, eq } from "drizzle-orm"; import { createDate, isWithinExpirationDate, TimeSpan } from "oslo"; import { alphabet, generateRandomString, sha256 } from "oslo/crypto"; diff --git a/server/auth/sendEmailVerificationCode.ts b/server/auth/sendEmailVerificationCode.ts index 788c1358..71112922 100644 --- a/server/auth/sendEmailVerificationCode.ts +++ b/server/auth/sendEmailVerificationCode.ts @@ -1,7 +1,7 @@ import { TimeSpan, createDate } from "oslo"; import { generateRandomString, alphabet } from "oslo/crypto"; -import db from "@server/db"; -import { users, emailVerificationCodes } from "@server/db/schemas"; +import { db } from "@server/db"; +import { users, emailVerificationCodes } from "@server/db"; import { eq } from "drizzle-orm"; import { sendEmail } from "@server/emails"; import config from "@server/lib/config"; diff --git a/server/auth/sessions/app.ts b/server/auth/sessions/app.ts index be43d7a8..514bee00 100644 --- a/server/auth/sessions/app.ts +++ b/server/auth/sessions/app.ts @@ -9,8 +9,8 @@ import { sessions, User, users -} from "@server/db/schemas"; -import db from "@server/db"; +} from "@server/db"; +import { db } from "@server/db"; import { eq, inArray } from "drizzle-orm"; import config from "@server/lib/config"; import type { RandomReader } from "@oslojs/crypto/random"; @@ -24,8 +24,8 @@ export const SESSION_COOKIE_EXPIRES = 60 * 60 * config.getRawConfig().server.dashboard_session_length_hours; -export const COOKIE_DOMAIN = - "." + new URL(config.getRawConfig().app.dashboard_url).hostname; +export const COOKIE_DOMAIN = config.getRawConfig().app.dashboard_url ? + "." + new URL(config.getRawConfig().app.dashboard_url!).hostname : undefined; export function generateSessionToken(): string { const bytes = new Uint8Array(20); diff --git a/server/auth/sessions/newt.ts b/server/auth/sessions/newt.ts index 7d2ef8ab..5e55c491 100644 --- a/server/auth/sessions/newt.ts +++ b/server/auth/sessions/newt.ts @@ -2,8 +2,8 @@ import { encodeHexLowerCase, } from "@oslojs/encoding"; import { sha256 } from "@oslojs/crypto/sha2"; -import { Newt, newts, newtSessions, NewtSession } from "@server/db/schemas"; -import db from "@server/db"; +import { Newt, newts, newtSessions, NewtSession } from "@server/db"; +import { db } from "@server/db"; import { eq } from "drizzle-orm"; export const EXPIRES = 1000 * 60 * 60 * 24 * 30; diff --git a/server/auth/sessions/olm.ts b/server/auth/sessions/olm.ts new file mode 100644 index 00000000..89a0e81e --- /dev/null +++ b/server/auth/sessions/olm.ts @@ -0,0 +1,72 @@ +import { + encodeHexLowerCase, +} from "@oslojs/encoding"; +import { sha256 } from "@oslojs/crypto/sha2"; +import { Olm, olms, olmSessions, OlmSession } from "@server/db"; +import { db } from "@server/db"; +import { eq } from "drizzle-orm"; + +export const EXPIRES = 1000 * 60 * 60 * 24 * 30; + +export async function createOlmSession( + token: string, + olmId: string, +): Promise { + const sessionId = encodeHexLowerCase( + sha256(new TextEncoder().encode(token)), + ); + const session: OlmSession = { + sessionId: sessionId, + olmId, + expiresAt: new Date(Date.now() + EXPIRES).getTime(), + }; + await db.insert(olmSessions).values(session); + return session; +} + +export async function validateOlmSessionToken( + token: string, +): Promise { + const sessionId = encodeHexLowerCase( + sha256(new TextEncoder().encode(token)), + ); + const result = await db + .select({ olm: olms, session: olmSessions }) + .from(olmSessions) + .innerJoin(olms, eq(olmSessions.olmId, olms.olmId)) + .where(eq(olmSessions.sessionId, sessionId)); + if (result.length < 1) { + return { session: null, olm: null }; + } + const { olm, session } = result[0]; + if (Date.now() >= session.expiresAt) { + await db + .delete(olmSessions) + .where(eq(olmSessions.sessionId, session.sessionId)); + return { session: null, olm: null }; + } + if (Date.now() >= session.expiresAt - (EXPIRES / 2)) { + session.expiresAt = new Date( + Date.now() + EXPIRES, + ).getTime(); + await db + .update(olmSessions) + .set({ + expiresAt: session.expiresAt, + }) + .where(eq(olmSessions.sessionId, session.sessionId)); + } + return { session, olm }; +} + +export async function invalidateOlmSession(sessionId: string): Promise { + await db.delete(olmSessions).where(eq(olmSessions.sessionId, sessionId)); +} + +export async function invalidateAllOlmSessions(olmId: string): Promise { + await db.delete(olmSessions).where(eq(olmSessions.olmId, olmId)); +} + +export type SessionValidationResult = + | { session: OlmSession; olm: Olm } + | { session: null; olm: null }; diff --git a/server/auth/sessions/resource.ts b/server/auth/sessions/resource.ts index b95bece3..511dadda 100644 --- a/server/auth/sessions/resource.ts +++ b/server/auth/sessions/resource.ts @@ -1,9 +1,12 @@ import { encodeHexLowerCase } from "@oslojs/encoding"; import { sha256 } from "@oslojs/crypto/sha2"; -import { resourceSessions, ResourceSession } from "@server/db/schemas"; -import db from "@server/db"; +import { resourceSessions, ResourceSession } from "@server/db"; +import { db } from "@server/db"; import { eq, and } from "drizzle-orm"; import config from "@server/lib/config"; +import axios from "axios"; +import logger from "@server/logger"; +import { tokenManager } from "@server/lib/tokenManager"; export const SESSION_COOKIE_NAME = config.getRawConfig().server.session_cookie_name; @@ -62,6 +65,29 @@ export async function validateResourceSessionToken( token: string, resourceId: number ): Promise { + if (config.isManagedMode()) { + try { + const response = await axios.post(`${config.getRawConfig().managed?.endpoint}/api/v1/hybrid/resource/${resourceId}/session/validate`, { + token: token + }, await tokenManager.getAuthHeader()); + return response.data.data; + } catch (error) { + if (axios.isAxiosError(error)) { + logger.error("Error validating resource session token in hybrid mode:", { + message: error.message, + code: error.code, + status: error.response?.status, + statusText: error.response?.statusText, + url: error.config?.url, + method: error.config?.method + }); + } else { + logger.error("Error validating resource session token in hybrid mode:", error); + } + return { resourceSession: null }; + } + } + const sessionId = encodeHexLowerCase( sha256(new TextEncoder().encode(token)) ); diff --git a/server/auth/totp.ts b/server/auth/totp.ts index 3ca183a0..efe2b64b 100644 --- a/server/auth/totp.ts +++ b/server/auth/totp.ts @@ -1,6 +1,6 @@ import { verify } from "@node-rs/argon2"; -import db from "@server/db"; -import { twoFactorBackupCodes } from "@server/db/schemas"; +import { db } from "@server/db"; +import { twoFactorBackupCodes } from "@server/db"; import { eq } from "drizzle-orm"; import { decodeHex } from "oslo/encoding"; import { TOTPController } from "oslo/otp"; diff --git a/server/auth/verifyResourceAccessToken.ts b/server/auth/verifyResourceAccessToken.ts index 8ddb5018..f1b587b7 100644 --- a/server/auth/verifyResourceAccessToken.ts +++ b/server/auth/verifyResourceAccessToken.ts @@ -1,10 +1,10 @@ -import db from "@server/db"; +import { db } from "@server/db"; import { Resource, ResourceAccessToken, resourceAccessToken, resources -} from "@server/db/schemas"; +} from "@server/db"; import { and, eq } from "drizzle-orm"; import { isWithinExpirationDate } from "oslo"; import { verifyPassword } from "./password"; diff --git a/server/build.ts b/server/build.ts new file mode 100644 index 00000000..babe5e8b --- /dev/null +++ b/server/build.ts @@ -0,0 +1 @@ +export const build = "oss" as any; diff --git a/server/db/README.md b/server/db/README.md new file mode 100644 index 00000000..36c3730b --- /dev/null +++ b/server/db/README.md @@ -0,0 +1,72 @@ +# Database + +Pangolin can use a Postgres or SQLite database to store its data. + +## Development + +### Postgres + +To use Postgres, edit `server/db/index.ts` to export all from `server/db/pg/index.ts`: + +```typescript +export * from "./pg"; +``` + +Make sure you have a valid config file with a connection string: + +```yaml +postgres: + connection_string: postgresql://postgres:postgres@localhost:5432 +``` + +You can run an ephemeral Postgres database for local development using Docker: + +```bash +docker run -d \ + --name postgres \ + --rm \ + -p 5432:5432 \ + -e POSTGRES_PASSWORD=postgres \ + -v $(mktemp -d):/var/lib/postgresql/data \ + postgres:17 +``` + +### Schema + +`server/db/pg/schema.ts` and `server/db/sqlite/schema.ts` contain the database schema definitions. These need to be kept in sync with with each other. + +Stick to common data types and avoid Postgres-specific features to ensure compatibility with SQLite. + +### SQLite + +To use SQLite, edit `server/db/index.ts` to export all from `server/db/sqlite/index.ts`: + +```typescript +export * from "./sqlite"; +``` + +No edits to the config are needed. If you keep the Postgres config, it will be ignored. + +## Generate and Push Migrations + +Ensure drizzle-kit is installed. + +### Postgres + +You must have a connection string in your config file, as shown above. + +```bash +npm run db:pg:generate +npm run db:pg:push +``` + +### SQLite + +```bash +npm run db:sqlite:generate +npm run db:sqlite:push +``` + +## Build Time + +There is a dockerfile for each database type. The dockerfile swaps out the `server/db/index.ts` file to use the correct database type. diff --git a/server/db/names.ts b/server/db/names.ts index 21a37c9a..41f4c170 100644 --- a/server/db/names.ts +++ b/server/db/names.ts @@ -1,7 +1,7 @@ import { join } from "path"; import { readFileSync } from "fs"; import { db } from "@server/db"; -import { exitNodes, sites } from "./schemas/schema"; +import { exitNodes, sites } from "@server/db"; import { eq, and } from "drizzle-orm"; import { __DIRNAME } from "@server/lib/consts"; @@ -59,7 +59,7 @@ export async function getUniqueExitNodeEndpointName(): Promise { export function generateName(): string { - return ( + const name = ( names.descriptors[ Math.floor(Math.random() * names.descriptors.length) ] + @@ -68,4 +68,7 @@ export function generateName(): string { ) .toLowerCase() .replace(/\s/g, "-"); + + // clean out any non-alphanumeric characters except for dashes + return name.replace(/[^a-z0-9-]/g, ""); } diff --git a/server/db/pg/driver.ts b/server/db/pg/driver.ts new file mode 100644 index 00000000..9625867d --- /dev/null +++ b/server/db/pg/driver.ts @@ -0,0 +1,52 @@ +import { drizzle as DrizzlePostgres } from "drizzle-orm/node-postgres"; +import { Pool } from "pg"; +import { readConfigFile } from "@server/lib/readConfigFile"; +import { withReplicas } from "drizzle-orm/pg-core"; + +function createDb() { + const config = readConfigFile(); + + if (!config.postgres) { + throw new Error( + "Postgres configuration is missing in the configuration file." + ); + } + + const connectionString = config.postgres?.connection_string; + const replicaConnections = config.postgres?.replicas || []; + + if (!connectionString) { + throw new Error( + "A primary db connection string is required in the configuration file." + ); + } + + // Create connection pools instead of individual connections + const primaryPool = new Pool({ + connectionString, + max: 20, + idleTimeoutMillis: 30000, + connectionTimeoutMillis: 2000, + }); + + const replicas = []; + + if (!replicaConnections.length) { + replicas.push(DrizzlePostgres(primaryPool)); + } else { + for (const conn of replicaConnections) { + const replicaPool = new Pool({ + connectionString: conn.connection_string, + max: 10, + idleTimeoutMillis: 30000, + connectionTimeoutMillis: 2000, + }); + replicas.push(DrizzlePostgres(replicaPool)); + } + } + + return withReplicas(DrizzlePostgres(primaryPool), replicas as any); +} + +export const db = createDb(); +export default db; diff --git a/server/db/pg/index.ts b/server/db/pg/index.ts new file mode 100644 index 00000000..4829c04c --- /dev/null +++ b/server/db/pg/index.ts @@ -0,0 +1,2 @@ +export * from "./driver"; +export * from "./schema"; \ No newline at end of file diff --git a/server/db/pg/migrate.ts b/server/db/pg/migrate.ts new file mode 100644 index 00000000..70b2ef54 --- /dev/null +++ b/server/db/pg/migrate.ts @@ -0,0 +1,20 @@ +import { migrate } from "drizzle-orm/node-postgres/migrator"; +import { db } from "./driver"; +import path from "path"; + +const migrationsFolder = path.join("server/migrations"); + +const runMigrations = async () => { + console.log("Running migrations..."); + try { + await migrate(db as any, { + migrationsFolder: migrationsFolder + }); + console.log("Migrations completed successfully."); + } catch (error) { + console.error("Error running migrations:", error); + process.exit(1); + } +}; + +runMigrations(); diff --git a/server/db/pg/schema.ts b/server/db/pg/schema.ts new file mode 100644 index 00000000..8e725ab1 --- /dev/null +++ b/server/db/pg/schema.ts @@ -0,0 +1,674 @@ +import { + pgTable, + serial, + varchar, + boolean, + integer, + bigint, + real, + text +} from "drizzle-orm/pg-core"; +import { InferSelectModel } from "drizzle-orm"; + +export const domains = pgTable("domains", { + domainId: varchar("domainId").primaryKey(), + baseDomain: varchar("baseDomain").notNull(), + configManaged: boolean("configManaged").notNull().default(false), + type: varchar("type"), // "ns", "cname", "wildcard" + verified: boolean("verified").notNull().default(false), + failed: boolean("failed").notNull().default(false), + tries: integer("tries").notNull().default(0) +}); + +export const orgs = pgTable("orgs", { + orgId: varchar("orgId").primaryKey(), + name: varchar("name").notNull(), + subnet: varchar("subnet"), + createdAt: text("createdAt") +}); + +export const orgDomains = pgTable("orgDomains", { + orgId: varchar("orgId") + .notNull() + .references(() => orgs.orgId, { onDelete: "cascade" }), + domainId: varchar("domainId") + .notNull() + .references(() => domains.domainId, { onDelete: "cascade" }) +}); + +export const sites = pgTable("sites", { + siteId: serial("siteId").primaryKey(), + orgId: varchar("orgId") + .references(() => orgs.orgId, { + onDelete: "cascade" + }) + .notNull(), + niceId: varchar("niceId").notNull(), + exitNodeId: integer("exitNode").references(() => exitNodes.exitNodeId, { + onDelete: "set null" + }), + name: varchar("name").notNull(), + pubKey: varchar("pubKey"), + subnet: varchar("subnet"), + megabytesIn: real("bytesIn").default(0), + megabytesOut: real("bytesOut").default(0), + lastBandwidthUpdate: varchar("lastBandwidthUpdate"), + type: varchar("type").notNull(), // "newt" or "wireguard" + online: boolean("online").notNull().default(false), + address: varchar("address"), + endpoint: varchar("endpoint"), + publicKey: varchar("publicKey"), + lastHolePunch: bigint("lastHolePunch", { mode: "number" }), + listenPort: integer("listenPort"), + dockerSocketEnabled: boolean("dockerSocketEnabled").notNull().default(true), + remoteSubnets: text("remoteSubnets") // comma-separated list of subnets that this site can access +}); + +export const resources = pgTable("resources", { + resourceId: serial("resourceId").primaryKey(), + orgId: varchar("orgId") + .references(() => orgs.orgId, { + onDelete: "cascade" + }) + .notNull(), + name: varchar("name").notNull(), + subdomain: varchar("subdomain"), + fullDomain: varchar("fullDomain"), + domainId: varchar("domainId").references(() => domains.domainId, { + onDelete: "set null" + }), + ssl: boolean("ssl").notNull().default(false), + blockAccess: boolean("blockAccess").notNull().default(false), + sso: boolean("sso").notNull().default(true), + http: boolean("http").notNull().default(true), + protocol: varchar("protocol").notNull(), + proxyPort: integer("proxyPort"), + emailWhitelistEnabled: boolean("emailWhitelistEnabled") + .notNull() + .default(false), + applyRules: boolean("applyRules").notNull().default(false), + enabled: boolean("enabled").notNull().default(true), + stickySession: boolean("stickySession").notNull().default(false), + tlsServerName: varchar("tlsServerName"), + setHostHeader: varchar("setHostHeader"), + enableProxy: boolean("enableProxy").default(true), + skipToIdpId: integer("skipToIdpId").references(() => idp.idpId, { + onDelete: "cascade" + }), +}); + +export const targets = pgTable("targets", { + targetId: serial("targetId").primaryKey(), + resourceId: integer("resourceId") + .references(() => resources.resourceId, { + onDelete: "cascade" + }) + .notNull(), + siteId: integer("siteId") + .references(() => sites.siteId, { + onDelete: "cascade" + }) + .notNull(), + ip: varchar("ip").notNull(), + method: varchar("method"), + port: integer("port").notNull(), + internalPort: integer("internalPort"), + enabled: boolean("enabled").notNull().default(true) +}); + +export const exitNodes = pgTable("exitNodes", { + exitNodeId: serial("exitNodeId").primaryKey(), + name: varchar("name").notNull(), + address: varchar("address").notNull(), + endpoint: varchar("endpoint").notNull(), + publicKey: varchar("publicKey").notNull(), + listenPort: integer("listenPort").notNull(), + reachableAt: varchar("reachableAt"), + maxConnections: integer("maxConnections"), + online: boolean("online").notNull().default(false), + lastPing: integer("lastPing"), + type: text("type").default("gerbil") // gerbil, remoteExitNode +}); + +export const siteResources = pgTable("siteResources", { // this is for the clients + siteResourceId: serial("siteResourceId").primaryKey(), + siteId: integer("siteId") + .notNull() + .references(() => sites.siteId, { onDelete: "cascade" }), + orgId: varchar("orgId") + .notNull() + .references(() => orgs.orgId, { onDelete: "cascade" }), + name: varchar("name").notNull(), + protocol: varchar("protocol").notNull(), + proxyPort: integer("proxyPort").notNull(), + destinationPort: integer("destinationPort").notNull(), + destinationIp: varchar("destinationIp").notNull(), + enabled: boolean("enabled").notNull().default(true), +}); + +export const users = pgTable("user", { + userId: varchar("id").primaryKey(), + email: varchar("email"), + username: varchar("username").notNull(), + name: varchar("name"), + type: varchar("type").notNull(), // "internal", "oidc" + idpId: integer("idpId").references(() => idp.idpId, { + onDelete: "cascade" + }), + passwordHash: varchar("passwordHash"), + twoFactorEnabled: boolean("twoFactorEnabled").notNull().default(false), + twoFactorSetupRequested: boolean("twoFactorSetupRequested").default(false), + twoFactorSecret: varchar("twoFactorSecret"), + emailVerified: boolean("emailVerified").notNull().default(false), + dateCreated: varchar("dateCreated").notNull(), + termsAcceptedTimestamp: varchar("termsAcceptedTimestamp"), + termsVersion: varchar("termsVersion"), + serverAdmin: boolean("serverAdmin").notNull().default(false) +}); + +export const newts = pgTable("newt", { + newtId: varchar("id").primaryKey(), + secretHash: varchar("secretHash").notNull(), + dateCreated: varchar("dateCreated").notNull(), + version: varchar("version"), + siteId: integer("siteId").references(() => sites.siteId, { + onDelete: "cascade" + }) +}); + +export const twoFactorBackupCodes = pgTable("twoFactorBackupCodes", { + codeId: serial("id").primaryKey(), + userId: varchar("userId") + .notNull() + .references(() => users.userId, { onDelete: "cascade" }), + codeHash: varchar("codeHash").notNull() +}); + +export const sessions = pgTable("session", { + sessionId: varchar("id").primaryKey(), + userId: varchar("userId") + .notNull() + .references(() => users.userId, { onDelete: "cascade" }), + expiresAt: bigint("expiresAt", { mode: "number" }).notNull() +}); + +export const newtSessions = pgTable("newtSession", { + sessionId: varchar("id").primaryKey(), + newtId: varchar("newtId") + .notNull() + .references(() => newts.newtId, { onDelete: "cascade" }), + expiresAt: bigint("expiresAt", { mode: "number" }).notNull() +}); + +export const userOrgs = pgTable("userOrgs", { + userId: varchar("userId") + .notNull() + .references(() => users.userId, { onDelete: "cascade" }), + orgId: varchar("orgId") + .references(() => orgs.orgId, { + onDelete: "cascade" + }) + .notNull(), + roleId: integer("roleId") + .notNull() + .references(() => roles.roleId), + isOwner: boolean("isOwner").notNull().default(false) +}); + +export const emailVerificationCodes = pgTable("emailVerificationCodes", { + codeId: serial("id").primaryKey(), + userId: varchar("userId") + .notNull() + .references(() => users.userId, { onDelete: "cascade" }), + email: varchar("email").notNull(), + code: varchar("code").notNull(), + expiresAt: bigint("expiresAt", { mode: "number" }).notNull() +}); + +export const passwordResetTokens = pgTable("passwordResetTokens", { + tokenId: serial("id").primaryKey(), + email: varchar("email").notNull(), + userId: varchar("userId") + .notNull() + .references(() => users.userId, { onDelete: "cascade" }), + tokenHash: varchar("tokenHash").notNull(), + expiresAt: bigint("expiresAt", { mode: "number" }).notNull() +}); + +export const actions = pgTable("actions", { + actionId: varchar("actionId").primaryKey(), + name: varchar("name"), + description: varchar("description") +}); + +export const roles = pgTable("roles", { + roleId: serial("roleId").primaryKey(), + orgId: varchar("orgId") + .references(() => orgs.orgId, { + onDelete: "cascade" + }) + .notNull(), + isAdmin: boolean("isAdmin"), + name: varchar("name").notNull(), + description: varchar("description") +}); + +export const roleActions = pgTable("roleActions", { + roleId: integer("roleId") + .notNull() + .references(() => roles.roleId, { onDelete: "cascade" }), + actionId: varchar("actionId") + .notNull() + .references(() => actions.actionId, { onDelete: "cascade" }), + orgId: varchar("orgId") + .notNull() + .references(() => orgs.orgId, { onDelete: "cascade" }) +}); + +export const userActions = pgTable("userActions", { + userId: varchar("userId") + .notNull() + .references(() => users.userId, { onDelete: "cascade" }), + actionId: varchar("actionId") + .notNull() + .references(() => actions.actionId, { onDelete: "cascade" }), + orgId: varchar("orgId") + .notNull() + .references(() => orgs.orgId, { onDelete: "cascade" }) +}); + +export const roleSites = pgTable("roleSites", { + roleId: integer("roleId") + .notNull() + .references(() => roles.roleId, { onDelete: "cascade" }), + siteId: integer("siteId") + .notNull() + .references(() => sites.siteId, { onDelete: "cascade" }) +}); + +export const userSites = pgTable("userSites", { + userId: varchar("userId") + .notNull() + .references(() => users.userId, { onDelete: "cascade" }), + siteId: integer("siteId") + .notNull() + .references(() => sites.siteId, { onDelete: "cascade" }) +}); + +export const roleResources = pgTable("roleResources", { + roleId: integer("roleId") + .notNull() + .references(() => roles.roleId, { onDelete: "cascade" }), + resourceId: integer("resourceId") + .notNull() + .references(() => resources.resourceId, { onDelete: "cascade" }) +}); + +export const userResources = pgTable("userResources", { + userId: varchar("userId") + .notNull() + .references(() => users.userId, { onDelete: "cascade" }), + resourceId: integer("resourceId") + .notNull() + .references(() => resources.resourceId, { onDelete: "cascade" }) +}); + +export const userInvites = pgTable("userInvites", { + inviteId: varchar("inviteId").primaryKey(), + orgId: varchar("orgId") + .notNull() + .references(() => orgs.orgId, { onDelete: "cascade" }), + email: varchar("email").notNull(), + expiresAt: bigint("expiresAt", { mode: "number" }).notNull(), + tokenHash: varchar("token").notNull(), + roleId: integer("roleId") + .notNull() + .references(() => roles.roleId, { onDelete: "cascade" }) +}); + +export const resourcePincode = pgTable("resourcePincode", { + pincodeId: serial("pincodeId").primaryKey(), + resourceId: integer("resourceId") + .notNull() + .references(() => resources.resourceId, { onDelete: "cascade" }), + pincodeHash: varchar("pincodeHash").notNull(), + digitLength: integer("digitLength").notNull() +}); + +export const resourcePassword = pgTable("resourcePassword", { + passwordId: serial("passwordId").primaryKey(), + resourceId: integer("resourceId") + .notNull() + .references(() => resources.resourceId, { onDelete: "cascade" }), + passwordHash: varchar("passwordHash").notNull() +}); + +export const resourceAccessToken = pgTable("resourceAccessToken", { + accessTokenId: varchar("accessTokenId").primaryKey(), + orgId: varchar("orgId") + .notNull() + .references(() => orgs.orgId, { onDelete: "cascade" }), + resourceId: integer("resourceId") + .notNull() + .references(() => resources.resourceId, { onDelete: "cascade" }), + tokenHash: varchar("tokenHash").notNull(), + sessionLength: bigint("sessionLength", { mode: "number" }).notNull(), + expiresAt: bigint("expiresAt", { mode: "number" }), + title: varchar("title"), + description: varchar("description"), + createdAt: bigint("createdAt", { mode: "number" }).notNull() +}); + +export const resourceSessions = pgTable("resourceSessions", { + sessionId: varchar("id").primaryKey(), + resourceId: integer("resourceId") + .notNull() + .references(() => resources.resourceId, { onDelete: "cascade" }), + expiresAt: bigint("expiresAt", { mode: "number" }).notNull(), + sessionLength: bigint("sessionLength", { mode: "number" }).notNull(), + doNotExtend: boolean("doNotExtend").notNull().default(false), + isRequestToken: boolean("isRequestToken"), + userSessionId: varchar("userSessionId").references( + () => sessions.sessionId, + { + onDelete: "cascade" + } + ), + passwordId: integer("passwordId").references( + () => resourcePassword.passwordId, + { + onDelete: "cascade" + } + ), + pincodeId: integer("pincodeId").references( + () => resourcePincode.pincodeId, + { + onDelete: "cascade" + } + ), + whitelistId: integer("whitelistId").references( + () => resourceWhitelist.whitelistId, + { + onDelete: "cascade" + } + ), + accessTokenId: varchar("accessTokenId").references( + () => resourceAccessToken.accessTokenId, + { + onDelete: "cascade" + } + ) +}); + +export const resourceWhitelist = pgTable("resourceWhitelist", { + whitelistId: serial("id").primaryKey(), + email: varchar("email").notNull(), + resourceId: integer("resourceId") + .notNull() + .references(() => resources.resourceId, { onDelete: "cascade" }) +}); + +export const resourceOtp = pgTable("resourceOtp", { + otpId: serial("otpId").primaryKey(), + resourceId: integer("resourceId") + .notNull() + .references(() => resources.resourceId, { onDelete: "cascade" }), + email: varchar("email").notNull(), + otpHash: varchar("otpHash").notNull(), + expiresAt: bigint("expiresAt", { mode: "number" }).notNull() +}); + +export const versionMigrations = pgTable("versionMigrations", { + version: varchar("version").primaryKey(), + executedAt: bigint("executedAt", { mode: "number" }).notNull() +}); + +export const resourceRules = pgTable("resourceRules", { + ruleId: serial("ruleId").primaryKey(), + resourceId: integer("resourceId") + .notNull() + .references(() => resources.resourceId, { onDelete: "cascade" }), + enabled: boolean("enabled").notNull().default(true), + priority: integer("priority").notNull(), + action: varchar("action").notNull(), // ACCEPT, DROP, PASS + match: varchar("match").notNull(), // CIDR, PATH, IP + value: varchar("value").notNull() +}); + +export const supporterKey = pgTable("supporterKey", { + keyId: serial("keyId").primaryKey(), + key: varchar("key").notNull(), + githubUsername: varchar("githubUsername").notNull(), + phrase: varchar("phrase"), + tier: varchar("tier"), + valid: boolean("valid").notNull().default(false) +}); + +export const idp = pgTable("idp", { + idpId: serial("idpId").primaryKey(), + name: varchar("name").notNull(), + type: varchar("type").notNull(), + defaultRoleMapping: varchar("defaultRoleMapping"), + defaultOrgMapping: varchar("defaultOrgMapping"), + autoProvision: boolean("autoProvision").notNull().default(false) +}); + +export const idpOidcConfig = pgTable("idpOidcConfig", { + idpOauthConfigId: serial("idpOauthConfigId").primaryKey(), + idpId: integer("idpId") + .notNull() + .references(() => idp.idpId, { onDelete: "cascade" }), + clientId: varchar("clientId").notNull(), + clientSecret: varchar("clientSecret").notNull(), + authUrl: varchar("authUrl").notNull(), + tokenUrl: varchar("tokenUrl").notNull(), + identifierPath: varchar("identifierPath").notNull(), + emailPath: varchar("emailPath"), + namePath: varchar("namePath"), + scopes: varchar("scopes").notNull() +}); + +export const licenseKey = pgTable("licenseKey", { + licenseKeyId: varchar("licenseKeyId").primaryKey().notNull(), + instanceId: varchar("instanceId").notNull(), + token: varchar("token").notNull() +}); + +export const hostMeta = pgTable("hostMeta", { + hostMetaId: varchar("hostMetaId").primaryKey().notNull(), + createdAt: bigint("createdAt", { mode: "number" }).notNull() +}); + +export const apiKeys = pgTable("apiKeys", { + apiKeyId: varchar("apiKeyId").primaryKey(), + name: varchar("name").notNull(), + apiKeyHash: varchar("apiKeyHash").notNull(), + lastChars: varchar("lastChars").notNull(), + createdAt: varchar("dateCreated").notNull(), + isRoot: boolean("isRoot").notNull().default(false) +}); + +export const apiKeyActions = pgTable("apiKeyActions", { + apiKeyId: varchar("apiKeyId") + .notNull() + .references(() => apiKeys.apiKeyId, { onDelete: "cascade" }), + actionId: varchar("actionId") + .notNull() + .references(() => actions.actionId, { onDelete: "cascade" }) +}); + +export const apiKeyOrg = pgTable("apiKeyOrg", { + apiKeyId: varchar("apiKeyId") + .notNull() + .references(() => apiKeys.apiKeyId, { onDelete: "cascade" }), + orgId: varchar("orgId") + .references(() => orgs.orgId, { + onDelete: "cascade" + }) + .notNull() +}); + +export const idpOrg = pgTable("idpOrg", { + idpId: integer("idpId") + .notNull() + .references(() => idp.idpId, { onDelete: "cascade" }), + orgId: varchar("orgId") + .notNull() + .references(() => orgs.orgId, { onDelete: "cascade" }), + roleMapping: varchar("roleMapping"), + orgMapping: varchar("orgMapping") +}); + +export const clients = pgTable("clients", { + clientId: serial("id").primaryKey(), + orgId: varchar("orgId") + .references(() => orgs.orgId, { + onDelete: "cascade" + }) + .notNull(), + exitNodeId: integer("exitNode").references(() => exitNodes.exitNodeId, { + onDelete: "set null" + }), + name: varchar("name").notNull(), + pubKey: varchar("pubKey"), + subnet: varchar("subnet").notNull(), + megabytesIn: real("bytesIn"), + megabytesOut: real("bytesOut"), + lastBandwidthUpdate: varchar("lastBandwidthUpdate"), + lastPing: integer("lastPing"), + type: varchar("type").notNull(), // "olm" + online: boolean("online").notNull().default(false), + // endpoint: varchar("endpoint"), + lastHolePunch: integer("lastHolePunch"), + maxConnections: integer("maxConnections") +}); + +export const clientSites = pgTable("clientSites", { + clientId: integer("clientId") + .notNull() + .references(() => clients.clientId, { onDelete: "cascade" }), + siteId: integer("siteId") + .notNull() + .references(() => sites.siteId, { onDelete: "cascade" }), + isRelayed: boolean("isRelayed").notNull().default(false), + endpoint: varchar("endpoint") +}); + +export const olms = pgTable("olms", { + olmId: varchar("id").primaryKey(), + secretHash: varchar("secretHash").notNull(), + dateCreated: varchar("dateCreated").notNull(), + version: text("version"), + clientId: integer("clientId").references(() => clients.clientId, { + onDelete: "cascade" + }) +}); + +export const olmSessions = pgTable("clientSession", { + sessionId: varchar("id").primaryKey(), + olmId: varchar("olmId") + .notNull() + .references(() => olms.olmId, { onDelete: "cascade" }), + expiresAt: bigint("expiresAt", { mode: "number" }).notNull() +}); + +export const userClients = pgTable("userClients", { + userId: varchar("userId") + .notNull() + .references(() => users.userId, { onDelete: "cascade" }), + clientId: integer("clientId") + .notNull() + .references(() => clients.clientId, { onDelete: "cascade" }) +}); + +export const roleClients = pgTable("roleClients", { + roleId: integer("roleId") + .notNull() + .references(() => roles.roleId, { onDelete: "cascade" }), + clientId: integer("clientId") + .notNull() + .references(() => clients.clientId, { onDelete: "cascade" }) +}); + +export const securityKeys = pgTable("webauthnCredentials", { + credentialId: varchar("credentialId").primaryKey(), + userId: varchar("userId") + .notNull() + .references(() => users.userId, { + onDelete: "cascade" + }), + publicKey: varchar("publicKey").notNull(), + signCount: integer("signCount").notNull(), + transports: varchar("transports"), + name: varchar("name"), + lastUsed: varchar("lastUsed").notNull(), + dateCreated: varchar("dateCreated").notNull(), + securityKeyName: varchar("securityKeyName") +}); + +export const webauthnChallenge = pgTable("webauthnChallenge", { + sessionId: varchar("sessionId").primaryKey(), + challenge: varchar("challenge").notNull(), + securityKeyName: varchar("securityKeyName"), + userId: varchar("userId").references(() => users.userId, { + onDelete: "cascade" + }), + expiresAt: bigint("expiresAt", { mode: "number" }).notNull() // Unix timestamp +}); + +export const setupTokens = pgTable("setupTokens", { + tokenId: varchar("tokenId").primaryKey(), + token: varchar("token").notNull(), + used: boolean("used").notNull().default(false), + dateCreated: varchar("dateCreated").notNull(), + dateUsed: varchar("dateUsed") +}); + +export type Org = InferSelectModel; +export type User = InferSelectModel; +export type Site = InferSelectModel; +export type Resource = InferSelectModel; +export type ExitNode = InferSelectModel; +export type Target = InferSelectModel; +export type Session = InferSelectModel; +export type Newt = InferSelectModel; +export type NewtSession = InferSelectModel; +export type EmailVerificationCode = InferSelectModel< + typeof emailVerificationCodes +>; +export type TwoFactorBackupCode = InferSelectModel; +export type PasswordResetToken = InferSelectModel; +export type Role = InferSelectModel; +export type Action = InferSelectModel; +export type RoleAction = InferSelectModel; +export type UserAction = InferSelectModel; +export type RoleSite = InferSelectModel; +export type UserSite = InferSelectModel; +export type RoleResource = InferSelectModel; +export type UserResource = InferSelectModel; +export type UserInvite = InferSelectModel; +export type UserOrg = InferSelectModel; +export type ResourceSession = InferSelectModel; +export type ResourcePincode = InferSelectModel; +export type ResourcePassword = InferSelectModel; +export type ResourceOtp = InferSelectModel; +export type ResourceAccessToken = InferSelectModel; +export type ResourceWhitelist = InferSelectModel; +export type VersionMigration = InferSelectModel; +export type ResourceRule = InferSelectModel; +export type Domain = InferSelectModel; +export type SupporterKey = InferSelectModel; +export type Idp = InferSelectModel; +export type ApiKey = InferSelectModel; +export type ApiKeyAction = InferSelectModel; +export type ApiKeyOrg = InferSelectModel; +export type Client = InferSelectModel; +export type ClientSite = InferSelectModel; +export type Olm = InferSelectModel; +export type OlmSession = InferSelectModel; +export type UserClient = InferSelectModel; +export type RoleClient = InferSelectModel; +export type OrgDomains = InferSelectModel; +export type SiteResource = InferSelectModel; +export type SetupToken = InferSelectModel; +export type HostMeta = InferSelectModel; diff --git a/server/db/queries/verifySessionQueries.ts b/server/db/queries/verifySessionQueries.ts new file mode 100644 index 00000000..eefd11f7 --- /dev/null +++ b/server/db/queries/verifySessionQueries.ts @@ -0,0 +1,310 @@ +import { db, RoleResource, UserOrg } from "@server/db"; +import { + Resource, + ResourcePassword, + ResourcePincode, + ResourceRule, + resourcePassword, + resourcePincode, + resourceRules, + resources, + roleResources, + sessions, + userOrgs, + userResources, + users +} from "@server/db"; +import { and, eq, inArray } from "drizzle-orm"; +import axios from "axios"; +import config from "@server/lib/config"; +import logger from "@server/logger"; +import { tokenManager } from "@server/lib/tokenManager"; + +export type ResourceWithAuth = { + resource: Resource | null; + pincode: ResourcePincode | null; + password: ResourcePassword | null; +}; + +export type UserSessionWithUser = { + session: any; + user: any; +}; + +/** + * Get resource by domain with pincode and password information + */ +export async function getResourceByDomain( + domain: string +): Promise { + if (config.isManagedMode()) { + try { + const response = await axios.get( + `${config.getRawConfig().managed?.endpoint}/api/v1/hybrid/resource/domain/${domain}`, + await tokenManager.getAuthHeader() + ); + return response.data.data; + } catch (error) { + if (axios.isAxiosError(error)) { + logger.error("Error fetching config in verify session:", { + message: error.message, + code: error.code, + status: error.response?.status, + statusText: error.response?.statusText, + url: error.config?.url, + method: error.config?.method + }); + } else { + logger.error("Error fetching config in verify session:", error); + } + return null; + } + } + + const [result] = await db + .select() + .from(resources) + .leftJoin( + resourcePincode, + eq(resourcePincode.resourceId, resources.resourceId) + ) + .leftJoin( + resourcePassword, + eq(resourcePassword.resourceId, resources.resourceId) + ) + .where(eq(resources.fullDomain, domain)) + .limit(1); + + if (!result) { + return null; + } + + return { + resource: result.resources, + pincode: result.resourcePincode, + password: result.resourcePassword + }; +} + +/** + * Get user session with user information + */ +export async function getUserSessionWithUser( + userSessionId: string +): Promise { + if (config.isManagedMode()) { + try { + const response = await axios.get( + `${config.getRawConfig().managed?.endpoint}/api/v1/hybrid/session/${userSessionId}`, + await tokenManager.getAuthHeader() + ); + return response.data.data; + } catch (error) { + if (axios.isAxiosError(error)) { + logger.error("Error fetching config in verify session:", { + message: error.message, + code: error.code, + status: error.response?.status, + statusText: error.response?.statusText, + url: error.config?.url, + method: error.config?.method + }); + } else { + logger.error("Error fetching config in verify session:", error); + } + return null; + } + } + + const [res] = await db + .select() + .from(sessions) + .leftJoin(users, eq(users.userId, sessions.userId)) + .where(eq(sessions.sessionId, userSessionId)); + + if (!res) { + return null; + } + + return { + session: res.session, + user: res.user + }; +} + +/** + * Get user organization roles + */ +export async function getUserOrgRoles( + userId: string, + orgId: string +): Promise { + if (config.isManagedMode()) { + try { + const response = await axios.get( + `${config.getRawConfig().managed?.endpoint}/api/v1/hybrid/user/${userId}/org/${orgId}/role`, + await tokenManager.getAuthHeader() + ); + return response.data.data; + } catch (error) { + if (axios.isAxiosError(error)) { + logger.error("Error fetching config in verify session:", { + message: error.message, + code: error.code, + status: error.response?.status, + statusText: error.response?.statusText, + url: error.config?.url, + method: error.config?.method + }); + } else { + logger.error("Error fetching config in verify session:", error); + } + return []; + } + } + + const userOrgRes = await db + .select() + .from(userOrgs) + .where(and(eq(userOrgs.userId, userId), eq(userOrgs.orgId, orgId))); + return userOrgRes.map((r) => r.roleId); +} + +/** + * Check if role has access to resource + */ +export async function getRoleResourceAccess( + resourceId: number, + roleIds: number[] +): Promise { + if (config.isManagedMode()) { + const requests = roleIds.map(async (roleId) => { + const response = await axios.get( + `${config.getRawConfig().managed?.endpoint}/api/v1/hybrid/role/${roleId}/resource/${resourceId}/access`, + await tokenManager.getAuthHeader() + ); + return response.data.data; + }); + const results = await Promise.allSettled(requests); + + for (const result of results) { + if (result.status === "fulfilled") { + if (result.value) return result.value; + } else { + const error = result.reason; + if (axios.isAxiosError(error)) { + logger.error("Error fetching config in verify session:", { + message: error.message, + code: error.code, + status: error.response?.status, + statusText: error.response?.statusText, + url: error.config?.url, + method: error.config?.method + }); + } else { + logger.error( + "Error fetching config in verify session:", + error + ); + } + } + } + return null; + } + + const roleResourceAccess = await db + .select() + .from(roleResources) + .where( + and( + eq(roleResources.resourceId, resourceId), + inArray(roleResources.roleId, roleIds) + ) + ) + .limit(1); + + return roleResourceAccess.length > 0 ? roleResourceAccess[0] : null; +} + +/** + * Check if user has direct access to resource + */ +export async function getUserResourceAccess( + userId: string, + resourceId: number +) { + if (config.isManagedMode()) { + try { + const response = await axios.get( + `${config.getRawConfig().managed?.endpoint}/api/v1/hybrid/user/${userId}/resource/${resourceId}/access`, + await tokenManager.getAuthHeader() + ); + return response.data.data; + } catch (error) { + if (axios.isAxiosError(error)) { + logger.error("Error fetching config in verify session:", { + message: error.message, + code: error.code, + status: error.response?.status, + statusText: error.response?.statusText, + url: error.config?.url, + method: error.config?.method + }); + } else { + logger.error("Error fetching config in verify session:", error); + } + return null; + } + } + + const userResourceAccess = await db + .select() + .from(userResources) + .where( + and( + eq(userResources.userId, userId), + eq(userResources.resourceId, resourceId) + ) + ) + .limit(1); + + return userResourceAccess.length > 0 ? userResourceAccess[0] : null; +} + +/** + * Get resource rules for a given resource + */ +export async function getResourceRules( + resourceId: number +): Promise { + if (config.isManagedMode()) { + try { + const response = await axios.get( + `${config.getRawConfig().managed?.endpoint}/api/v1/hybrid/resource/${resourceId}/rules`, + await tokenManager.getAuthHeader() + ); + return response.data.data; + } catch (error) { + if (axios.isAxiosError(error)) { + logger.error("Error fetching config in verify session:", { + message: error.message, + code: error.code, + status: error.response?.status, + statusText: error.response?.statusText, + url: error.config?.url, + method: error.config?.method + }); + } else { + logger.error("Error fetching config in verify session:", error); + } + return []; + } + } + + const rules = await db + .select() + .from(resourceRules) + .where(eq(resourceRules.resourceId, resourceId)); + + return rules; +} diff --git a/server/db/schemas/hostMeta.ts b/server/db/schemas/hostMeta.ts deleted file mode 100644 index e69de29b..00000000 diff --git a/server/db/index.ts b/server/db/sqlite/driver.ts similarity index 72% rename from server/db/index.ts rename to server/db/sqlite/driver.ts index 6cf40fec..124bd885 100644 --- a/server/db/index.ts +++ b/server/db/sqlite/driver.ts @@ -1,24 +1,27 @@ -import { drizzle } from "drizzle-orm/better-sqlite3"; +import { drizzle as DrizzleSqlite } from "drizzle-orm/better-sqlite3"; import Database from "better-sqlite3"; -import * as schema from "@server/db/schemas"; +import * as schema from "./schema"; import path from "path"; -import fs from "fs/promises"; +import fs from "fs"; import { APP_PATH } from "@server/lib/consts"; import { existsSync, mkdirSync } from "fs"; export const location = path.join(APP_PATH, "db", "db.sqlite"); -export const exists = await checkFileExists(location); +export const exists = checkFileExists(location); bootstrapVolume(); -const sqlite = new Database(location); -export const db = drizzle(sqlite, { schema }); +function createDb() { + const sqlite = new Database(location); + return DrizzleSqlite(sqlite, { schema }); +} +export const db = createDb(); export default db; -async function checkFileExists(filePath: string): Promise { +function checkFileExists(filePath: string): boolean { try { - await fs.access(filePath); + fs.accessSync(filePath); return true; } catch { return false; diff --git a/server/db/schemas/index.ts b/server/db/sqlite/index.ts similarity index 50% rename from server/db/schemas/index.ts rename to server/db/sqlite/index.ts index 686fbd9e..9ad4678c 100644 --- a/server/db/schemas/index.ts +++ b/server/db/sqlite/index.ts @@ -1 +1,2 @@ +export * from "./driver"; export * from "./schema"; diff --git a/server/db/migrate.ts b/server/db/sqlite/migrate.ts similarity index 89% rename from server/db/migrate.ts rename to server/db/sqlite/migrate.ts index d39f4ae9..e4a730d0 100644 --- a/server/db/migrate.ts +++ b/server/db/sqlite/migrate.ts @@ -1,5 +1,5 @@ import { migrate } from "drizzle-orm/better-sqlite3/migrator"; -import db from "@server/db"; +import { db } from "./driver"; import path from "path"; const migrationsFolder = path.join("server/migrations"); @@ -7,7 +7,7 @@ const migrationsFolder = path.join("server/migrations"); const runMigrations = async () => { console.log("Running migrations..."); try { - migrate(db, { + migrate(db as any, { migrationsFolder: migrationsFolder, }); console.log("Migrations completed successfully."); diff --git a/server/db/schemas/schema.ts b/server/db/sqlite/schema.ts similarity index 72% rename from server/db/schemas/schema.ts rename to server/db/sqlite/schema.ts index 7c790ebe..579ff7b4 100644 --- a/server/db/schemas/schema.ts +++ b/server/db/sqlite/schema.ts @@ -6,12 +6,27 @@ export const domains = sqliteTable("domains", { baseDomain: text("baseDomain").notNull(), configManaged: integer("configManaged", { mode: "boolean" }) .notNull() - .default(false) + .default(false), + type: text("type"), // "ns", "cname", "wildcard" + verified: integer("verified", { mode: "boolean" }).notNull().default(false), + failed: integer("failed", { mode: "boolean" }).notNull().default(false), + tries: integer("tries").notNull().default(0) }); export const orgs = sqliteTable("orgs", { orgId: text("orgId").primaryKey(), - name: text("name").notNull() + name: text("name").notNull(), + subnet: text("subnet"), + createdAt: text("createdAt") +}); + +export const userDomains = sqliteTable("userDomains", { + userId: text("userId") + .notNull() + .references(() => users.userId, { onDelete: "cascade" }), + domainId: text("domainId") + .notNull() + .references(() => domains.domainId, { onDelete: "cascade" }) }); export const orgDomains = sqliteTable("orgDomains", { @@ -36,21 +51,27 @@ export const sites = sqliteTable("sites", { }), name: text("name").notNull(), pubKey: text("pubKey"), - subnet: text("subnet").notNull(), - megabytesIn: integer("bytesIn"), - megabytesOut: integer("bytesOut"), + subnet: text("subnet"), + megabytesIn: integer("bytesIn").default(0), + megabytesOut: integer("bytesOut").default(0), lastBandwidthUpdate: text("lastBandwidthUpdate"), type: text("type").notNull(), // "newt" or "wireguard" - online: integer("online", { mode: "boolean" }).notNull().default(false) + online: integer("online", { mode: "boolean" }).notNull().default(false), + + // exit node stuff that is how to connect to the site when it has a wg server + address: text("address"), // this is the address of the wireguard interface in newt + endpoint: text("endpoint"), // this is how to reach gerbil externally - gets put into the wireguard config + publicKey: text("publicKey"), // TODO: Fix typo in publicKey + lastHolePunch: integer("lastHolePunch"), + listenPort: integer("listenPort"), + dockerSocketEnabled: integer("dockerSocketEnabled", { mode: "boolean" }) + .notNull() + .default(true), + remoteSubnets: text("remoteSubnets") // comma-separated list of subnets that this site can access }); export const resources = sqliteTable("resources", { resourceId: integer("resourceId").primaryKey({ autoIncrement: true }), - siteId: integer("siteId") - .references(() => sites.siteId, { - onDelete: "cascade" - }) - .notNull(), orgId: text("orgId") .references(() => orgs.orgId, { onDelete: "cascade" @@ -73,7 +94,6 @@ export const resources = sqliteTable("resources", { emailWhitelistEnabled: integer("emailWhitelistEnabled", { mode: "boolean" }) .notNull() .default(false), - isBaseDomain: integer("isBaseDomain", { mode: "boolean" }), applyRules: integer("applyRules", { mode: "boolean" }) .notNull() .default(false), @@ -82,7 +102,11 @@ export const resources = sqliteTable("resources", { .notNull() .default(false), tlsServerName: text("tlsServerName"), - setHostHeader: text("setHostHeader") + setHostHeader: text("setHostHeader"), + enableProxy: integer("enableProxy", { mode: "boolean" }).default(true), + skipToIdpId: integer("skipToIdpId").references(() => idp.idpId, { + onDelete: "cascade" + }), }); export const targets = sqliteTable("targets", { @@ -92,6 +116,11 @@ export const targets = sqliteTable("targets", { onDelete: "cascade" }) .notNull(), + siteId: integer("siteId") + .references(() => sites.siteId, { + onDelete: "cascade" + }) + .notNull(), ip: text("ip").notNull(), method: text("method"), port: integer("port").notNull(), @@ -106,7 +135,27 @@ export const exitNodes = sqliteTable("exitNodes", { endpoint: text("endpoint").notNull(), // this is how to reach gerbil externally - gets put into the wireguard config publicKey: text("publicKey").notNull(), listenPort: integer("listenPort").notNull(), - reachableAt: text("reachableAt") // this is the internal address of the gerbil http server for command control + reachableAt: text("reachableAt"), // this is the internal address of the gerbil http server for command control + maxConnections: integer("maxConnections"), + online: integer("online", { mode: "boolean" }).notNull().default(false), + lastPing: integer("lastPing"), + type: text("type").default("gerbil") // gerbil, remoteExitNode +}); + +export const siteResources = sqliteTable("siteResources", { // this is for the clients + siteResourceId: integer("siteResourceId").primaryKey({ autoIncrement: true }), + siteId: integer("siteId") + .notNull() + .references(() => sites.siteId, { onDelete: "cascade" }), + orgId: text("orgId") + .notNull() + .references(() => orgs.orgId, { onDelete: "cascade" }), + name: text("name").notNull(), + protocol: text("protocol").notNull(), + proxyPort: integer("proxyPort").notNull(), + destinationPort: integer("destinationPort").notNull(), + destinationIp: text("destinationIp").notNull(), + enabled: integer("enabled", { mode: "boolean" }).notNull().default(true), }); export const users = sqliteTable("user", { @@ -122,25 +171,108 @@ export const users = sqliteTable("user", { twoFactorEnabled: integer("twoFactorEnabled", { mode: "boolean" }) .notNull() .default(false), + twoFactorSetupRequested: integer("twoFactorSetupRequested", { + mode: "boolean" + }).default(false), twoFactorSecret: text("twoFactorSecret"), emailVerified: integer("emailVerified", { mode: "boolean" }) .notNull() .default(false), dateCreated: text("dateCreated").notNull(), + termsAcceptedTimestamp: text("termsAcceptedTimestamp"), + termsVersion: text("termsVersion"), serverAdmin: integer("serverAdmin", { mode: "boolean" }) .notNull() .default(false) }); +export const securityKeys = sqliteTable("webauthnCredentials", { + credentialId: text("credentialId").primaryKey(), + userId: text("userId") + .notNull() + .references(() => users.userId, { + onDelete: "cascade" + }), + publicKey: text("publicKey").notNull(), + signCount: integer("signCount").notNull(), + transports: text("transports"), + name: text("name"), + lastUsed: text("lastUsed").notNull(), + dateCreated: text("dateCreated").notNull() +}); + +export const webauthnChallenge = sqliteTable("webauthnChallenge", { + sessionId: text("sessionId").primaryKey(), + challenge: text("challenge").notNull(), + securityKeyName: text("securityKeyName"), + userId: text("userId").references(() => users.userId, { + onDelete: "cascade" + }), + expiresAt: integer("expiresAt").notNull() // Unix timestamp +}); + +export const setupTokens = sqliteTable("setupTokens", { + tokenId: text("tokenId").primaryKey(), + token: text("token").notNull(), + used: integer("used", { mode: "boolean" }).notNull().default(false), + dateCreated: text("dateCreated").notNull(), + dateUsed: text("dateUsed") +}); + export const newts = sqliteTable("newt", { newtId: text("id").primaryKey(), secretHash: text("secretHash").notNull(), dateCreated: text("dateCreated").notNull(), + version: text("version"), siteId: integer("siteId").references(() => sites.siteId, { onDelete: "cascade" }) }); +export const clients = sqliteTable("clients", { + clientId: integer("id").primaryKey({ autoIncrement: true }), + orgId: text("orgId") + .references(() => orgs.orgId, { + onDelete: "cascade" + }) + .notNull(), + exitNodeId: integer("exitNode").references(() => exitNodes.exitNodeId, { + onDelete: "set null" + }), + name: text("name").notNull(), + pubKey: text("pubKey"), + subnet: text("subnet").notNull(), + megabytesIn: integer("bytesIn"), + megabytesOut: integer("bytesOut"), + lastBandwidthUpdate: text("lastBandwidthUpdate"), + lastPing: integer("lastPing"), + type: text("type").notNull(), // "olm" + online: integer("online", { mode: "boolean" }).notNull().default(false), + // endpoint: text("endpoint"), + lastHolePunch: integer("lastHolePunch") +}); + +export const clientSites = sqliteTable("clientSites", { + clientId: integer("clientId") + .notNull() + .references(() => clients.clientId, { onDelete: "cascade" }), + siteId: integer("siteId") + .notNull() + .references(() => sites.siteId, { onDelete: "cascade" }), + isRelayed: integer("isRelayed", { mode: "boolean" }).notNull().default(false), + endpoint: text("endpoint") +}); + +export const olms = sqliteTable("olms", { + olmId: text("id").primaryKey(), + secretHash: text("secretHash").notNull(), + dateCreated: text("dateCreated").notNull(), + version: text("version"), + clientId: integer("clientId").references(() => clients.clientId, { + onDelete: "cascade" + }) +}); + export const twoFactorBackupCodes = sqliteTable("twoFactorBackupCodes", { codeId: integer("id").primaryKey({ autoIncrement: true }), userId: text("userId") @@ -165,6 +297,14 @@ export const newtSessions = sqliteTable("newtSession", { expiresAt: integer("expiresAt").notNull() }); +export const olmSessions = sqliteTable("clientSession", { + sessionId: text("id").primaryKey(), + olmId: text("olmId") + .notNull() + .references(() => olms.olmId, { onDelete: "cascade" }), + expiresAt: integer("expiresAt").notNull() +}); + export const userOrgs = sqliteTable("userOrgs", { userId: text("userId") .notNull() @@ -260,6 +400,24 @@ export const userSites = sqliteTable("userSites", { .references(() => sites.siteId, { onDelete: "cascade" }) }); +export const userClients = sqliteTable("userClients", { + userId: text("userId") + .notNull() + .references(() => users.userId, { onDelete: "cascade" }), + clientId: integer("clientId") + .notNull() + .references(() => clients.clientId, { onDelete: "cascade" }) +}); + +export const roleClients = sqliteTable("roleClients", { + roleId: integer("roleId") + .notNull() + .references(() => roles.roleId, { onDelete: "cascade" }), + clientId: integer("clientId") + .notNull() + .references(() => clients.clientId, { onDelete: "cascade" }) +}); + export const roleResources = sqliteTable("roleResources", { roleId: integer("roleId") .notNull() @@ -412,7 +570,7 @@ export const resourceRules = sqliteTable("resourceRules", { .references(() => resources.resourceId, { onDelete: "cascade" }), enabled: integer("enabled", { mode: "boolean" }).notNull().default(true), priority: integer("priority").notNull(), - action: text("action").notNull(), // ACCEPT, DROP + action: text("action").notNull(), // ACCEPT, DROP, PASS match: text("match").notNull(), // CIDR, PATH, IP value: text("value").notNull() }); @@ -503,6 +661,8 @@ export type Target = InferSelectModel; export type Session = InferSelectModel; export type Newt = InferSelectModel; export type NewtSession = InferSelectModel; +export type Olm = InferSelectModel; +export type OlmSession = InferSelectModel; export type EmailVerificationCode = InferSelectModel< typeof emailVerificationCodes >; @@ -528,8 +688,16 @@ export type ResourceWhitelist = InferSelectModel; export type VersionMigration = InferSelectModel; export type ResourceRule = InferSelectModel; export type Domain = InferSelectModel; +export type Client = InferSelectModel; +export type ClientSite = InferSelectModel; +export type RoleClient = InferSelectModel; +export type UserClient = InferSelectModel; export type Idp = InferSelectModel; export type IdpOrg = InferSelectModel; export type ApiKey = InferSelectModel; export type ApiKeyAction = InferSelectModel; export type ApiKeyOrg = InferSelectModel; +export type SiteResource = InferSelectModel; +export type OrgDomains = InferSelectModel; +export type SetupToken = InferSelectModel; +export type HostMeta = InferSelectModel; diff --git a/server/emails/index.ts b/server/emails/index.ts index 46d1df69..2cdef8a1 100644 --- a/server/emails/index.ts +++ b/server/emails/index.ts @@ -6,6 +6,11 @@ import logger from "@server/logger"; import SMTPTransport from "nodemailer/lib/smtp-transport"; function createEmailClient() { + if (config.isManagedMode()) { + // LETS NOT WORRY ABOUT EMAILS IN HYBRID + return; + } + const emailConfig = config.getRawConfig().email; if (!emailConfig) { logger.warn( @@ -18,10 +23,10 @@ function createEmailClient() { host: emailConfig.smtp_host, port: emailConfig.smtp_port, secure: emailConfig.smtp_secure || false, - auth: { + auth: (emailConfig.smtp_user && emailConfig.smtp_pass) ? { user: emailConfig.smtp_user, pass: emailConfig.smtp_pass - } + } : null } as SMTPTransport.Options; if (emailConfig.smtp_tls_reject_unauthorized !== undefined) { diff --git a/server/emails/sendEmail.ts b/server/emails/sendEmail.ts index d7a59608..9b99d18e 100644 --- a/server/emails/sendEmail.ts +++ b/server/emails/sendEmail.ts @@ -2,6 +2,7 @@ import { render } from "@react-email/render"; import { ReactElement } from "react"; import emailClient from "@server/emails"; import logger from "@server/logger"; +import config from "@server/lib/config"; export async function sendEmail( template: ReactElement, @@ -24,9 +25,11 @@ export async function sendEmail( const emailHtml = await render(template); + const appName = "Pangolin"; + await emailClient.sendMail({ from: { - name: opts.name || "Pangolin", + name: opts.name || appName, address: opts.from, }, to: opts.to, diff --git a/server/emails/templates/NotifyResetPassword.tsx b/server/emails/templates/NotifyResetPassword.tsx index aaa1cbdd..66ea2430 100644 --- a/server/emails/templates/NotifyResetPassword.tsx +++ b/server/emails/templates/NotifyResetPassword.tsx @@ -1,11 +1,5 @@ -import { - Body, - Head, - Html, - Preview, - Tailwind -} from "@react-email/components"; -import * as React from "react"; +import React from "react"; +import { Body, Head, Html, Preview, Tailwind } from "@react-email/components"; import { themeColors } from "./lib/theme"; import { EmailContainer, @@ -22,29 +16,29 @@ interface Props { } export const ConfirmPasswordReset = ({ email }: Props) => { - const previewText = `Your password has been reset`; + const previewText = `Your password has been successfully reset.`; return ( {previewText} - + - Password Reset Confirmation + {/* Password Successfully Reset */} - Hi {email || "there"}, + Hi there, - This email confirms that your password has just been - reset. If you made this change, no further action is - required. + Your password has been successfully reset. You can + now sign in to your account using your new password. - Thank you for keeping your account secure. + If you didn't make this change, please contact our + support team immediately to secure your account. diff --git a/server/emails/templates/ResetPasswordCode.tsx b/server/emails/templates/ResetPasswordCode.tsx index 1a79527b..df14b8be 100644 --- a/server/emails/templates/ResetPasswordCode.tsx +++ b/server/emails/templates/ResetPasswordCode.tsx @@ -1,11 +1,5 @@ -import { - Body, - Head, - Html, - Preview, - Tailwind -} from "@react-email/components"; -import * as React from "react"; +import React from "react"; +import { Body, Head, Html, Preview, Tailwind } from "@react-email/components"; import { themeColors } from "./lib/theme"; import { EmailContainer, @@ -18,6 +12,7 @@ import { EmailText } from "./components/Email"; import CopyCodeBox from "./components/CopyCodeBox"; +import ButtonLink from "./components/ButtonLink"; interface Props { email: string; @@ -26,37 +21,39 @@ interface Props { } export const ResetPasswordCode = ({ email, code, link }: Props) => { - const previewText = `Your password reset code is ${code}`; + const previewText = `Reset your password with code: ${code}`; return ( {previewText} - + - Password Reset Request + {/* Reset Your Password */} - Hi {email || "there"}, + Hi there, - You’ve requested to reset your password. Please{" "} - - click here - {" "} - and follow the instructions to reset your password, - or manually enter the following code: + You've requested to reset your password. Click the + button below to reset your password, or use the + verification code provided if prompted. + + Reset Password + + - If you didn’t request this, you can safely ignore - this email. + This reset code will expire in 2 hours. If you + didn't request a password reset, you can safely + ignore this email. diff --git a/server/emails/templates/ResourceOTPCode.tsx b/server/emails/templates/ResourceOTPCode.tsx index 086dc444..4f68d9df 100644 --- a/server/emails/templates/ResourceOTPCode.tsx +++ b/server/emails/templates/ResourceOTPCode.tsx @@ -1,11 +1,5 @@ -import { - Body, - Head, - Html, - Preview, - Tailwind -} from "@react-email/components"; -import * as React from "react"; +import React from "react"; +import { Body, Head, Html, Preview, Tailwind } from "@react-email/components"; import { EmailContainer, EmailLetterHead, @@ -32,34 +26,40 @@ export const ResourceOTPCode = ({ orgName: organizationName, otp }: ResourceOTPCodeProps) => { - const previewText = `Your one-time password for ${resourceName} is ${otp}`; + const previewText = `Your access code for ${resourceName}: ${otp}`; return ( {previewText} - + - - Your One-Time Code for {resourceName} - + {/* */} + {/* Access Code for {resourceName} */} + {/* */} - Hi {email || "there"}, + Hi there, - You’ve requested a one-time password to access{" "} + You've requested access to{" "} {resourceName} in{" "} - {organizationName}. Use the code - below to complete your authentication: + {organizationName}. Use the + verification code below to complete your + authentication. + + This code will expire in 15 minutes. If you didn't + request this code, please ignore this email. + + diff --git a/server/emails/templates/SendInviteLink.tsx b/server/emails/templates/SendInviteLink.tsx index ed3c7b53..c859d3d7 100644 --- a/server/emails/templates/SendInviteLink.tsx +++ b/server/emails/templates/SendInviteLink.tsx @@ -1,11 +1,5 @@ -import { - Body, - Head, - Html, - Preview, - Tailwind, -} from "@react-email/components"; -import * as React from "react"; +import React from "react"; +import { Body, Head, Html, Preview, Tailwind } from "@react-email/components"; import { themeColors } from "./lib/theme"; import { EmailContainer, @@ -41,35 +35,44 @@ export const SendInviteLink = ({ {previewText} - + - Invited to Join {orgName} + {/* */} + {/* You're Invited to Join {orgName} */} + {/* */} - Hi {email || "there"}, + Hi there, - You’ve been invited to join the organization{" "} + You've been invited to join{" "} {orgName} - {inviterName ? ` by ${inviterName}.` : "."} Please - access the link below to accept the invite. - - - - This invite will expire in{" "} - - {expiresInDays}{" "} - {expiresInDays === "1" ? "day" : "days"}. - + {inviterName ? ` by ${inviterName}` : ""}. Click the + button below to accept your invitation and get + started. - Accept Invite to {orgName} + Accept Invitation + {/* */} + {/* If you're having trouble clicking the button, copy */} + {/* and paste the URL below into your web browser: */} + {/*
*/} + {/* {inviteLink} */} + {/* */} + + + This invite expires in {expiresInDays}{" "} + {expiresInDays === "1" ? "day" : "days"}. If the + link has expired, please contact the owner of the + organization to request a new invitation. + + diff --git a/server/emails/templates/TwoFactorAuthNotification.tsx b/server/emails/templates/TwoFactorAuthNotification.tsx index 8993a3bd..3261023e 100644 --- a/server/emails/templates/TwoFactorAuthNotification.tsx +++ b/server/emails/templates/TwoFactorAuthNotification.tsx @@ -1,11 +1,5 @@ -import { - Body, - Head, - Html, - Preview, - Tailwind -} from "@react-email/components"; -import * as React from "react"; +import React from "react"; +import { Body, Head, Html, Preview, Tailwind } from "@react-email/components"; import { themeColors } from "./lib/theme"; import { EmailContainer, @@ -23,44 +17,52 @@ interface Props { } export const TwoFactorAuthNotification = ({ email, enabled }: Props) => { - const previewText = `Two-Factor Authentication has been ${enabled ? "enabled" : "disabled"}`; + const previewText = `Two-Factor Authentication ${enabled ? "enabled" : "disabled"} for your account`; return ( {previewText} - + - - Two-Factor Authentication{" "} - {enabled ? "Enabled" : "Disabled"} - + {/* */} + {/* Security Update: 2FA{" "} */} + {/* {enabled ? "Enabled" : "Disabled"} */} + {/* */} - Hi {email || "there"}, + Hi there, - This email confirms that Two-Factor Authentication - has been successfully{" "} - {enabled ? "enabled" : "disabled"} on your account. + Two-factor authentication has been successfully{" "} + {enabled ? "enabled" : "disabled"}{" "} + on your account. {enabled ? ( - - With Two-Factor Authentication enabled, your - account is now more secure. Please ensure you - keep your authentication method safe. - + <> + + Your account is now protected with an + additional layer of security. Keep your + authentication method safe and accessible. + + ) : ( - - With Two-Factor Authentication disabled, your - account may be less secure. We recommend - enabling it to protect your account. - + <> + + We recommend re-enabling two-factor + authentication to keep your account secure. + + )} + + If you didn't make this change, please contact our + support team immediately. + + diff --git a/server/emails/templates/VerifyEmailCode.tsx b/server/emails/templates/VerifyEmailCode.tsx index ad0ef053..6a361648 100644 --- a/server/emails/templates/VerifyEmailCode.tsx +++ b/server/emails/templates/VerifyEmailCode.tsx @@ -1,5 +1,5 @@ +import React from "react"; import { Body, Head, Html, Preview, Tailwind } from "@react-email/components"; -import * as React from "react"; import { themeColors } from "./lib/theme"; import { EmailContainer, @@ -24,25 +24,24 @@ export const VerifyEmail = ({ verificationCode, verifyLink }: VerifyEmailProps) => { - const previewText = `Your verification code is ${verificationCode}`; + const previewText = `Verify your email with code: ${verificationCode}`; return ( {previewText} - + - Please Verify Your Email + {/* Verify Your Email Address */} - Hi {username || "there"}, + Hi there, - You’ve requested to verify your email. Please use - the code below to complete the verification process - upon logging in. + Welcome! To complete your account setup, please + verify your email address using the code below. @@ -50,7 +49,8 @@ export const VerifyEmail = ({ - If you didn’t request this, you can safely ignore + This verification code will expire in 15 minutes. If + you didn't create an account, you can safely ignore this email. diff --git a/server/emails/templates/WelcomeQuickStart.tsx b/server/emails/templates/WelcomeQuickStart.tsx new file mode 100644 index 00000000..cd18f8b5 --- /dev/null +++ b/server/emails/templates/WelcomeQuickStart.tsx @@ -0,0 +1,131 @@ +import React from "react"; +import { Body, Head, Html, Preview, Tailwind } from "@react-email/components"; +import { themeColors } from "./lib/theme"; +import { + EmailContainer, + EmailFooter, + EmailGreeting, + EmailHeading, + EmailLetterHead, + EmailSection, + EmailSignature, + EmailText, + EmailInfoSection +} from "./components/Email"; +import ButtonLink from "./components/ButtonLink"; +import CopyCodeBox from "./components/CopyCodeBox"; + +interface WelcomeQuickStartProps { + username?: string; + link: string; + fallbackLink: string; + resourceMethod: string; + resourceHostname: string; + resourcePort: string | number; + resourceUrl: string; + cliCommand: string; +} + +export const WelcomeQuickStart = ({ + username, + link, + fallbackLink, + resourceMethod, + resourceHostname, + resourcePort, + resourceUrl, + cliCommand +}: WelcomeQuickStartProps) => { + const previewText = "Welcome! Here's what to do next"; + + return ( + + + {previewText} + + + + + + Hi there, + + + Thank you for trying out Pangolin! We're excited to + have you on board. + + + + To continue to configure your site, resources, and + other features, complete your account setup to + access the full dashboard. + + + + + View Your Dashboard + + {/*

*/} + {/* If the button above doesn't work, you can also */} + {/* use this{" "} */} + {/* */} + {/* link */} + {/* */} + {/* . */} + {/*

*/} + + + +
+ Connect your site using Newt +
+
+
+ + {cliCommand} + +
+

+ To learn how to use Newt, including more + installation methods, visit the{" "} + + docs + + . +

+
+ + + + {resourceUrl} + + ) + } + ]} + /> + + + + + + + + + ); +}; + +export default WelcomeQuickStart; diff --git a/server/emails/templates/components/ButtonLink.tsx b/server/emails/templates/components/ButtonLink.tsx index e32e1810..618fed15 100644 --- a/server/emails/templates/components/ButtonLink.tsx +++ b/server/emails/templates/components/ButtonLink.tsx @@ -12,7 +12,11 @@ export default function ButtonLink({ return ( {children} diff --git a/server/emails/templates/components/CopyCodeBox.tsx b/server/emails/templates/components/CopyCodeBox.tsx index ef48b383..3e4d1d08 100644 --- a/server/emails/templates/components/CopyCodeBox.tsx +++ b/server/emails/templates/components/CopyCodeBox.tsx @@ -2,10 +2,15 @@ import React from "react"; export default function CopyCodeBox({ text }: { text: string }) { return ( -
- - {text} - +
+
+ + {text} + +
+

+ Copy and paste this code when prompted +

); } diff --git a/server/emails/templates/components/Email.tsx b/server/emails/templates/components/Email.tsx index c73e4c85..ef5c37f8 100644 --- a/server/emails/templates/components/Email.tsx +++ b/server/emails/templates/components/Email.tsx @@ -1,47 +1,27 @@ -import { Container } from "@react-email/components"; import React from "react"; +import { Container, Img } from "@react-email/components"; +import { build } from "@server/build"; // EmailContainer: Wraps the entire email layout export function EmailContainer({ children }: { children: React.ReactNode }) { return ( - + {children} ); } -// EmailLetterHead: For branding or logo at the top +// EmailLetterHead: For branding with logo on dark background export function EmailLetterHead() { return ( -
- - - - - -
- Pangolin - - {new Date().getFullYear()} -
+
+ Fossorial
); } @@ -49,14 +29,22 @@ export function EmailLetterHead() { // EmailHeading: For the primary message or headline export function EmailHeading({ children }: { children: React.ReactNode }) { return ( -

- {children} -

+
+

+ {children} +

+
); } export function EmailGreeting({ children }: { children: React.ReactNode }) { - return

{children}

; + return ( +
+

+ {children} +

+
+ ); } // EmailText: For general text content @@ -68,9 +56,13 @@ export function EmailText({ className?: string; }) { return ( -

- {children} -

+
+

+ {children} +

+
); } @@ -82,20 +74,74 @@ export function EmailSection({ children: React.ReactNode; className?: string; }) { - return
{children}
; + return ( +
{children}
+ ); } // EmailFooter: For closing or signature export function EmailFooter({ children }: { children: React.ReactNode }) { - return
{children}
; + return ( + <> + {build === "saas" && ( +
+ {children} +

+ For any questions or support, please contact us at: +
+ support@fossorial.io +

+

+ © {new Date().getFullYear()} Fossorial, Inc. All + rights reserved. +

+
+ )} + + ); } export function EmailSignature() { return ( -

- Best regards, -
- Fossorial -

+
+

+ Best regards, +
+ The Fossorial Team +

+
+ ); +} + +// EmailInfoSection: For structured key-value info (like resource details) +export function EmailInfoSection({ + title, + items +}: { + title?: string; + items: { label: string; value: React.ReactNode }[]; +}) { + return ( +
+ {title && ( +
+ {title} +
+ )} + + + {items.map((item, idx) => ( + + + + + ))} + +
+ {item.label} + + {item.value} +
+
); } diff --git a/server/emails/templates/lib/theme.ts b/server/emails/templates/lib/theme.ts index ada77fd2..a10ff77a 100644 --- a/server/emails/templates/lib/theme.ts +++ b/server/emails/templates/lib/theme.ts @@ -1,3 +1,5 @@ +import React from "react"; + export const themeColors = { theme: { extend: { diff --git a/server/hybridServer.ts b/server/hybridServer.ts new file mode 100644 index 00000000..bb26489d --- /dev/null +++ b/server/hybridServer.ts @@ -0,0 +1,151 @@ +import logger from "@server/logger"; +import config from "@server/lib/config"; +import { createWebSocketClient } from "./routers/ws/client"; +import { addPeer, deletePeer } from "./routers/gerbil/peers"; +import { db, exitNodes } from "./db"; +import { TraefikConfigManager } from "./lib/traefikConfig"; +import { tokenManager } from "./lib/tokenManager"; +import { APP_VERSION } from "./lib/consts"; +import axios from "axios"; + +export async function createHybridClientServer() { + logger.info("Starting hybrid client server..."); + + // Start the token manager + await tokenManager.start(); + + const token = await tokenManager.getToken(); + + const monitor = new TraefikConfigManager(); + + await monitor.start(); + + // Create client + const client = createWebSocketClient( + token, + config.getRawConfig().managed!.endpoint!, + { + reconnectInterval: 5000, + pingInterval: 30000, + pingTimeout: 10000 + } + ); + + // Register message handlers + client.registerHandler("remoteExitNode/peers/add", async (message) => { + const { publicKey, allowedIps } = message.data; + + // TODO: we are getting the exit node twice here + // NOTE: there should only be one gerbil registered so... + const [exitNode] = await db.select().from(exitNodes).limit(1); + await addPeer(exitNode.exitNodeId, { + publicKey: publicKey, + allowedIps: allowedIps || [] + }); + }); + + client.registerHandler("remoteExitNode/peers/remove", async (message) => { + const { publicKey } = message.data; + + // TODO: we are getting the exit node twice here + // NOTE: there should only be one gerbil registered so... + const [exitNode] = await db.select().from(exitNodes).limit(1); + await deletePeer(exitNode.exitNodeId, publicKey); + }); + + // /update-proxy-mapping + client.registerHandler("remoteExitNode/update-proxy-mapping", async (message) => { + try { + const [exitNode] = await db.select().from(exitNodes).limit(1); + if (!exitNode) { + logger.error("No exit node found for proxy mapping update"); + return; + } + + const response = await axios.post(`${exitNode.endpoint}/update-proxy-mapping`, message.data); + logger.info(`Successfully updated proxy mapping: ${response.status}`); + } catch (error) { + // pull data out of the axios error to log + if (axios.isAxiosError(error)) { + logger.error("Error updating proxy mapping:", { + message: error.message, + code: error.code, + status: error.response?.status, + statusText: error.response?.statusText, + url: error.config?.url, + method: error.config?.method + }); + } else { + logger.error("Error updating proxy mapping:", error); + } + } + }); + + // /update-destinations + client.registerHandler("remoteExitNode/update-destinations", async (message) => { + try { + const [exitNode] = await db.select().from(exitNodes).limit(1); + if (!exitNode) { + logger.error("No exit node found for destinations update"); + return; + } + + const response = await axios.post(`${exitNode.endpoint}/update-destinations`, message.data); + logger.info(`Successfully updated destinations: ${response.status}`); + } catch (error) { + // pull data out of the axios error to log + if (axios.isAxiosError(error)) { + logger.error("Error updating destinations:", { + message: error.message, + code: error.code, + status: error.response?.status, + statusText: error.response?.statusText, + url: error.config?.url, + method: error.config?.method + }); + } else { + logger.error("Error updating destinations:", error); + } + } + }); + + client.registerHandler("remoteExitNode/traefik/reload", async (message) => { + await monitor.HandleTraefikConfig(); + }); + + // Listen to connection events + client.on("connect", () => { + logger.info("Connected to WebSocket server"); + client.sendMessage("remoteExitNode/register", { + remoteExitNodeVersion: APP_VERSION + }); + }); + + client.on("disconnect", () => { + logger.info("Disconnected from WebSocket server"); + }); + + client.on("message", (message) => { + logger.info( + `Received message: ${message.type} ${JSON.stringify(message.data)}` + ); + }); + + // Connect to the server + try { + await client.connect(); + logger.info("Connection initiated"); + } catch (error) { + logger.error("Failed to connect:", error); + } + + // Store the ping interval stop function for cleanup if needed + const stopPingInterval = client.sendMessageInterval( + "remoteExitNode/ping", + { timestamp: Date.now() / 1000 }, + 60000 + ); // send every minute + + // Return client and cleanup function for potential use + return { client, stopPingInterval }; +} diff --git a/server/index.ts b/server/index.ts index 7dacae1f..fb2ad396 100644 --- a/server/index.ts +++ b/server/index.ts @@ -1,28 +1,51 @@ +#! /usr/bin/env node import "./extendZod.ts"; +import 'source-map-support/register.js' import { runSetupFunctions } from "./setup"; import { createApiServer } from "./apiServer"; import { createNextServer } from "./nextServer"; import { createInternalServer } from "./internalServer"; -import { ApiKey, ApiKeyOrg, Session, User, UserOrg } from "./db/schemas"; -// import { createIntegrationApiServer } from "./integrationApiServer"; +import { ApiKey, ApiKeyOrg, Session, User, UserOrg } from "@server/db"; +import { createIntegrationApiServer } from "./integrationApiServer"; +import { createHybridClientServer } from "./hybridServer"; +import config from "@server/lib/config"; +import { setHostMeta } from "@server/lib/hostMeta"; +import { TraefikConfigManager } from "./lib/traefikConfig.js"; async function startServers() { + await setHostMeta(); + + await config.initServer(); await runSetupFunctions(); // Start all servers const apiServer = createApiServer(); const internalServer = createInternalServer(); - const nextServer = await createNextServer(); + + let hybridClientServer; + let nextServer; + if (config.isManagedMode()) { + hybridClientServer = await createHybridClientServer(); + } else { + nextServer = await createNextServer(); + if (config.getRawConfig().traefik.file_mode) { + const monitor = new TraefikConfigManager(); + await monitor.start(); + } + } let integrationServer; - // integrationServer = createIntegrationApiServer(); + if (config.getRawConfig().flags?.enable_integration_api) { + integrationServer = createIntegrationApiServer(); + } return { apiServer, nextServer, internalServer, - integrationServer + integrationServer, + hybridClientServer }; } @@ -32,7 +55,7 @@ declare global { interface Request { apiKey?: ApiKey; user?: User; - session?: Session; + session: Session; userOrg?: UserOrg; apiKeyOrg?: ApiKeyOrg; userRoleIds?: number[]; diff --git a/server/integrationApiServer.ts b/server/integrationApiServer.ts new file mode 100644 index 00000000..eefaacd8 --- /dev/null +++ b/server/integrationApiServer.ts @@ -0,0 +1,103 @@ +import express from "express"; +import cors from "cors"; +import cookieParser from "cookie-parser"; +import config from "@server/lib/config"; +import logger from "@server/logger"; +import { + errorHandlerMiddleware, + notFoundMiddleware, +} from "@server/middlewares"; +import { authenticated, unauthenticated } from "@server/routers/integration"; +import { logIncomingMiddleware } from "./middlewares/logIncoming"; +import helmet from "helmet"; +import swaggerUi from "swagger-ui-express"; +import { OpenApiGeneratorV3 } from "@asteasolutions/zod-to-openapi"; +import { registry } from "./openApi"; + +const dev = process.env.ENVIRONMENT !== "prod"; +const externalPort = config.getRawConfig().server.integration_port; + +export function createIntegrationApiServer() { + const apiServer = express(); + + const trustProxy = config.getRawConfig().server.trust_proxy; + if (trustProxy) { + apiServer.set("trust proxy", trustProxy); + } + + apiServer.use(cors()); + + if (!dev) { + apiServer.use(helmet()); + } + + apiServer.use(cookieParser()); + apiServer.use(express.json()); + + apiServer.use( + "/v1/docs", + swaggerUi.serve, + swaggerUi.setup(getOpenApiDocumentation()) + ); + + // API routes + const prefix = `/v1`; + apiServer.use(logIncomingMiddleware); + apiServer.use(prefix, unauthenticated); + apiServer.use(prefix, authenticated); + + // Error handling + apiServer.use(notFoundMiddleware); + apiServer.use(errorHandlerMiddleware); + + // Create HTTP server + const httpServer = apiServer.listen(externalPort, (err?: any) => { + if (err) throw err; + logger.info( + `Integration API server is running on http://localhost:${externalPort}` + ); + }); + + return httpServer; +} + +function getOpenApiDocumentation() { + const bearerAuth = registry.registerComponent( + "securitySchemes", + "Bearer Auth", + { + type: "http", + scheme: "bearer" + } + ); + + for (const def of registry.definitions) { + if (def.type === "route") { + def.route.security = [ + { + [bearerAuth.name]: [] + } + ]; + } + } + + registry.registerPath({ + method: "get", + path: "/", + description: "Health check", + tags: [], + request: {}, + responses: {} + }); + + const generator = new OpenApiGeneratorV3(registry.definitions); + + return generator.generateDocument({ + openapi: "3.0.0", + info: { + version: "v1", + title: "Pangolin Integration API" + }, + servers: [{ url: "/v1" }] + }); +} diff --git a/server/lib/canUserAccessResource.ts b/server/lib/canUserAccessResource.ts index f322529c..a493148e 100644 --- a/server/lib/canUserAccessResource.ts +++ b/server/lib/canUserAccessResource.ts @@ -1,6 +1,6 @@ -import db from "@server/db"; +import { db } from "@server/db"; import { and, eq, inArray } from "drizzle-orm"; -import { roleResources, userResources } from "@server/db/schemas"; +import { roleResources, userResources } from "@server/db"; export async function canUserAccessResource({ userId, diff --git a/server/lib/config.ts b/server/lib/config.ts index 1937d41c..077cf7b1 100644 --- a/server/lib/config.ts +++ b/server/lib/config.ts @@ -1,169 +1,7 @@ -import fs from "fs"; -import yaml from "js-yaml"; import { z } from "zod"; +import { __DIRNAME, APP_VERSION } from "@server/lib/consts"; +import { configSchema, readConfigFile } from "./readConfigFile"; import { fromError } from "zod-validation-error"; -import { - __DIRNAME, - APP_VERSION, - configFilePath1, - configFilePath2 -} from "@server/lib/consts"; -import { passwordSchema } from "@server/auth/passwordSchema"; -import stoi from "./stoi"; - -const portSchema = z.number().positive().gt(0).lte(65535); - -const getEnvOrYaml = (envVar: string) => (valFromYaml: any) => { - return process.env[envVar] ?? valFromYaml; -}; - -const configSchema = z.object({ - app: z.object({ - dashboard_url: z - .string() - .url() - .optional() - .pipe(z.string().url()) - .transform((url) => url.toLowerCase()), - log_level: z.enum(["debug", "info", "warn", "error"]), - save_logs: z.boolean(), - log_failed_attempts: z.boolean().optional() - }), - domains: z - .record( - z.string(), - z.object({ - base_domain: z - .string() - .nonempty("base_domain must not be empty") - .transform((url) => url.toLowerCase()), - cert_resolver: z.string().optional(), - prefer_wildcard_cert: z.boolean().optional() - }) - ) - .refine( - (domains) => { - const keys = Object.keys(domains); - - if (keys.length === 0) { - return false; - } - - return true; - }, - { - message: "At least one domain must be defined" - } - ), - server: z.object({ - integration_port: portSchema - .optional() - .transform(stoi) - .pipe(portSchema.optional()), - external_port: portSchema.optional().transform(stoi).pipe(portSchema), - internal_port: portSchema.optional().transform(stoi).pipe(portSchema), - next_port: portSchema.optional().transform(stoi).pipe(portSchema), - internal_hostname: z.string().transform((url) => url.toLowerCase()), - session_cookie_name: z.string(), - resource_access_token_param: z.string(), - resource_access_token_headers: z.object({ - id: z.string(), - token: z.string() - }), - resource_session_request_param: z.string(), - dashboard_session_length_hours: z - .number() - .positive() - .gt(0) - .optional() - .default(720), - resource_session_length_hours: z - .number() - .positive() - .gt(0) - .optional() - .default(720), - cors: z - .object({ - origins: z.array(z.string()).optional(), - methods: z.array(z.string()).optional(), - allowed_headers: z.array(z.string()).optional(), - credentials: z.boolean().optional() - }) - .optional(), - trust_proxy: z.boolean().optional().default(true), - secret: z - .string() - .optional() - .transform(getEnvOrYaml("SERVER_SECRET")) - .pipe(z.string().min(8)) - }), - traefik: z.object({ - http_entrypoint: z.string(), - https_entrypoint: z.string().optional(), - additional_middlewares: z.array(z.string()).optional() - }), - gerbil: z.object({ - start_port: portSchema.optional().transform(stoi).pipe(portSchema), - base_endpoint: z - .string() - .optional() - .pipe(z.string()) - .transform((url) => url.toLowerCase()), - use_subdomain: z.boolean(), - subnet_group: z.string(), - block_size: z.number().positive().gt(0), - site_block_size: z.number().positive().gt(0) - }), - rate_limits: z.object({ - global: z.object({ - window_minutes: z.number().positive().gt(0), - max_requests: z.number().positive().gt(0) - }), - auth: z - .object({ - window_minutes: z.number().positive().gt(0), - max_requests: z.number().positive().gt(0) - }) - .optional() - }), - email: z - .object({ - smtp_host: z.string().optional(), - smtp_port: portSchema.optional(), - smtp_user: z.string().optional(), - smtp_pass: z.string().optional(), - smtp_secure: z.boolean().optional(), - smtp_tls_reject_unauthorized: z.boolean().optional(), - no_reply: z.string().email().optional() - }) - .optional(), - users: z.object({ - server_admin: z.object({ - email: z - .string() - .email() - .optional() - .transform(getEnvOrYaml("USERS_SERVERADMIN_EMAIL")) - .pipe(z.string().email()) - .transform((v) => v.toLowerCase()), - password: passwordSchema - .optional() - .transform(getEnvOrYaml("USERS_SERVERADMIN_PASSWORD")) - .pipe(passwordSchema) - }) - }), - flags: z - .object({ - require_email_verification: z.boolean().optional(), - disable_signup_without_invite: z.boolean().optional(), - disable_user_create_org: z.boolean().optional(), - allow_raw_resources: z.boolean().optional(), - allow_base_domain_resources: z.boolean().optional(), - allow_local_sites: z.boolean().optional() - }) - .optional() -}); export class Config { private rawConfig!: z.infer; @@ -171,92 +9,85 @@ export class Config { isDev: boolean = process.env.ENVIRONMENT !== "prod"; constructor() { - this.loadConfig(); - } + const environment = readConfigFile(); - public loadConfig() { - const loadConfig = (configPath: string) => { - try { - const yamlContent = fs.readFileSync(configPath, "utf8"); - const config = yaml.load(yamlContent); - return config; - } catch (error) { - if (error instanceof Error) { - throw new Error( - `Error loading configuration file: ${error.message}` - ); - } - throw error; - } - }; + const { + data: parsedConfig, + success, + error + } = configSchema.safeParse(environment); - let environment: any; - if (fs.existsSync(configFilePath1)) { - environment = loadConfig(configFilePath1); - } else if (fs.existsSync(configFilePath2)) { - environment = loadConfig(configFilePath2); - } - - if (process.env.APP_BASE_DOMAIN) { - console.log( - "You're using deprecated environment variables. Transition to the configuration file. https://docs.fossorial.io/" - ); - } - - if (!environment) { - throw new Error( - "No configuration file found. Please create one. https://docs.fossorial.io/" - ); - } - - const parsedConfig = configSchema.safeParse(environment); - - if (!parsedConfig.success) { - const errors = fromError(parsedConfig.error); + if (!success) { + const errors = fromError(error); throw new Error(`Invalid configuration file: ${errors}`); } + if ( + // @ts-ignore + parsedConfig.users || + process.env.USERS_SERVERADMIN_EMAIL || + process.env.USERS_SERVERADMIN_PASSWORD + ) { + console.log( + "WARNING: Your admin credentials are still in the config file or environment variables. This method of setting admin credentials is no longer supported. It is recommended to remove them." + ); + } + process.env.APP_VERSION = APP_VERSION; - process.env.NEXT_PORT = parsedConfig.data.server.next_port.toString(); + process.env.NEXT_PORT = parsedConfig.server.next_port.toString(); process.env.SERVER_EXTERNAL_PORT = - parsedConfig.data.server.external_port.toString(); + parsedConfig.server.external_port.toString(); process.env.SERVER_INTERNAL_PORT = - parsedConfig.data.server.internal_port.toString(); - process.env.FLAGS_EMAIL_VERIFICATION_REQUIRED = parsedConfig.data.flags + parsedConfig.server.internal_port.toString(); + process.env.FLAGS_EMAIL_VERIFICATION_REQUIRED = parsedConfig.flags ?.require_email_verification ? "true" : "false"; - process.env.FLAGS_ALLOW_RAW_RESOURCES = parsedConfig.data.flags + process.env.FLAGS_ALLOW_RAW_RESOURCES = parsedConfig.flags ?.allow_raw_resources ? "true" : "false"; process.env.SESSION_COOKIE_NAME = - parsedConfig.data.server.session_cookie_name; - process.env.EMAIL_ENABLED = parsedConfig.data.email ? "true" : "false"; - process.env.DISABLE_SIGNUP_WITHOUT_INVITE = parsedConfig.data.flags + parsedConfig.server.session_cookie_name; + process.env.EMAIL_ENABLED = parsedConfig.email ? "true" : "false"; + process.env.DISABLE_SIGNUP_WITHOUT_INVITE = parsedConfig.flags ?.disable_signup_without_invite ? "true" : "false"; - process.env.DISABLE_USER_CREATE_ORG = parsedConfig.data.flags + process.env.DISABLE_USER_CREATE_ORG = parsedConfig.flags ?.disable_user_create_org ? "true" : "false"; process.env.RESOURCE_ACCESS_TOKEN_PARAM = - parsedConfig.data.server.resource_access_token_param; + parsedConfig.server.resource_access_token_param; process.env.RESOURCE_ACCESS_TOKEN_HEADERS_ID = - parsedConfig.data.server.resource_access_token_headers.id; + parsedConfig.server.resource_access_token_headers.id; process.env.RESOURCE_ACCESS_TOKEN_HEADERS_TOKEN = - parsedConfig.data.server.resource_access_token_headers.token; + parsedConfig.server.resource_access_token_headers.token; process.env.RESOURCE_SESSION_REQUEST_PARAM = - parsedConfig.data.server.resource_session_request_param; - process.env.FLAGS_ALLOW_BASE_DOMAIN_RESOURCES = parsedConfig.data.flags - ?.allow_base_domain_resources + parsedConfig.server.resource_session_request_param; + process.env.DASHBOARD_URL = parsedConfig.app.dashboard_url; + process.env.FLAGS_DISABLE_LOCAL_SITES = parsedConfig.flags + ?.disable_local_sites + ? "true" + : "false"; + process.env.FLAGS_DISABLE_BASIC_WIREGUARD_SITES = parsedConfig.flags + ?.disable_basic_wireguard_sites ? "true" : "false"; - process.env.DASHBOARD_URL = parsedConfig.data.app.dashboard_url; - this.rawConfig = parsedConfig.data; + process.env.FLAGS_ENABLE_CLIENTS = parsedConfig.flags?.enable_clients + ? "true" + : "false"; + + this.rawConfig = parsedConfig; + } + + public async initServer() { + if (!this.rawConfig) { + throw new Error("Config not loaded. Call load() first."); + } } public getRawConfig() { @@ -270,8 +101,15 @@ export class Config { } public getDomain(domainId: string) { + if (!this.rawConfig.domains || !this.rawConfig.domains[domainId]) { + return null; + } return this.rawConfig.domains[domainId]; } + + public isManagedMode() { + return typeof this.rawConfig?.managed === "object"; + } } export const config = new Config(); diff --git a/server/lib/consts.ts b/server/lib/consts.ts index 94d2716e..b9afa792 100644 --- a/server/lib/consts.ts +++ b/server/lib/consts.ts @@ -2,7 +2,7 @@ import path from "path"; import { fileURLToPath } from "url"; // This is a placeholder value replaced by the build process -export const APP_VERSION = "1.3.0"; +export const APP_VERSION = "1.9.0"; export const __FILENAME = fileURLToPath(import.meta.url); export const __DIRNAME = path.dirname(__FILENAME); diff --git a/server/lib/exitNodeComms.ts b/server/lib/exitNodeComms.ts new file mode 100644 index 00000000..f79b718f --- /dev/null +++ b/server/lib/exitNodeComms.ts @@ -0,0 +1,86 @@ +import axios from "axios"; +import logger from "@server/logger"; +import { ExitNode } from "@server/db"; + +interface ExitNodeRequest { + remoteType: string; + localPath: string; + method?: "POST" | "DELETE" | "GET" | "PUT"; + data?: any; + queryParams?: Record; +} + +/** + * Sends a request to an exit node, handling both remote and local exit nodes + * @param exitNode The exit node to send the request to + * @param request The request configuration + * @returns Promise Response data for local nodes, undefined for remote nodes + */ +export async function sendToExitNode( + exitNode: ExitNode, + request: ExitNodeRequest +): Promise { + if (!exitNode.reachableAt) { + throw new Error( + `Exit node with ID ${exitNode.exitNodeId} is not reachable` + ); + } + + // Handle local exit node with HTTP API + const method = request.method || "POST"; + let url = `${exitNode.reachableAt}${request.localPath}`; + + // Add query parameters if provided + if (request.queryParams) { + const params = new URLSearchParams(request.queryParams); + url += `?${params.toString()}`; + } + + try { + let response; + + switch (method) { + case "POST": + response = await axios.post(url, request.data, { + headers: { + "Content-Type": "application/json" + } + }); + break; + case "DELETE": + response = await axios.delete(url); + break; + case "GET": + response = await axios.get(url); + break; + case "PUT": + response = await axios.put(url, request.data, { + headers: { + "Content-Type": "application/json" + } + }); + break; + default: + throw new Error(`Unsupported HTTP method: ${method}`); + } + + logger.info(`Exit node request successful:`, { + method, + url, + status: response.data.status + }); + + return response.data; + } catch (error) { + if (axios.isAxiosError(error)) { + logger.error( + `Error making ${method} request (can Pangolin see Gerbil HTTP API?) for exit node at ${exitNode.reachableAt} (status: ${error.response?.status}): ${error.message}` + ); + } else { + logger.error( + `Error making ${method} request for exit node at ${exitNode.reachableAt}: ${error}` + ); + } + throw error; + } +} diff --git a/server/lib/exitNodes/exitNodes.ts b/server/lib/exitNodes/exitNodes.ts new file mode 100644 index 00000000..06539bb0 --- /dev/null +++ b/server/lib/exitNodes/exitNodes.ts @@ -0,0 +1,59 @@ +import { db, exitNodes } from "@server/db"; +import logger from "@server/logger"; +import { ExitNodePingResult } from "@server/routers/newt"; +import { eq } from "drizzle-orm"; + +export async function verifyExitNodeOrgAccess( + exitNodeId: number, + orgId: string +) { + const [exitNode] = await db + .select() + .from(exitNodes) + .where(eq(exitNodes.exitNodeId, exitNodeId)); + + // For any other type, deny access + return { hasAccess: true, exitNode }; +} + +export async function listExitNodes(orgId: string, filterOnline = false) { + // TODO: pick which nodes to send and ping better than just all of them that are not remote + const allExitNodes = await db + .select({ + exitNodeId: exitNodes.exitNodeId, + name: exitNodes.name, + address: exitNodes.address, + endpoint: exitNodes.endpoint, + publicKey: exitNodes.publicKey, + listenPort: exitNodes.listenPort, + reachableAt: exitNodes.reachableAt, + maxConnections: exitNodes.maxConnections, + online: exitNodes.online, + lastPing: exitNodes.lastPing, + type: exitNodes.type + }) + .from(exitNodes); + + // Filter the nodes. If there are NO remoteExitNodes then do nothing. If there are then remove all of the non-remoteExitNodes + if (allExitNodes.length === 0) { + logger.warn("No exit nodes found!"); + return []; + } + + return allExitNodes; +} + +export function selectBestExitNode( + pingResults: ExitNodePingResult[] +): ExitNodePingResult | null { + if (!pingResults || pingResults.length === 0) { + logger.warn("No ping results provided"); + return null; + } + + return pingResults[0]; +} + +export async function checkExitNodeOrg(exitNodeId: number, orgId: string) { + return false; +} \ No newline at end of file diff --git a/server/lib/exitNodes/index.ts b/server/lib/exitNodes/index.ts new file mode 100644 index 00000000..8889bc35 --- /dev/null +++ b/server/lib/exitNodes/index.ts @@ -0,0 +1,2 @@ +export * from "./exitNodes"; +export * from "./shared"; \ No newline at end of file diff --git a/server/lib/exitNodes/shared.ts b/server/lib/exitNodes/shared.ts new file mode 100644 index 00000000..c06f1d05 --- /dev/null +++ b/server/lib/exitNodes/shared.ts @@ -0,0 +1,30 @@ +import { db, exitNodes } from "@server/db"; +import config from "@server/lib/config"; +import { findNextAvailableCidr } from "@server/lib/ip"; + +export async function getNextAvailableSubnet(): Promise { + // Get all existing subnets from routes table + const existingAddresses = await db + .select({ + address: exitNodes.address + }) + .from(exitNodes); + + const addresses = existingAddresses.map((a) => a.address); + let subnet = findNextAvailableCidr( + addresses, + config.getRawConfig().gerbil.block_size, + config.getRawConfig().gerbil.subnet_group + ); + if (!subnet) { + throw new Error("No available subnets remaining in space"); + } + + // replace the last octet with 1 + subnet = + subnet.split(".").slice(0, 3).join(".") + + ".1" + + "/" + + subnet.split("/")[1]; + return subnet; +} \ No newline at end of file diff --git a/server/lib/geoip.ts b/server/lib/geoip.ts new file mode 100644 index 00000000..042e53c9 --- /dev/null +++ b/server/lib/geoip.ts @@ -0,0 +1,32 @@ +import axios from "axios"; +import config from "./config"; +import { tokenManager } from "./tokenManager"; +import logger from "@server/logger"; + +export async function getCountryCodeForIp( + ip: string +): Promise { + try { + const response = await axios.get( + `${config.getRawConfig().managed?.endpoint}/api/v1/hybrid/geoip/${ip}`, + await tokenManager.getAuthHeader() + ); + + return response.data.data.countryCode; + } catch (error) { + if (axios.isAxiosError(error)) { + logger.error("Error fetching config in verify session:", { + message: error.message, + code: error.code, + status: error.response?.status, + statusText: error.response?.statusText, + url: error.config?.url, + method: error.config?.method + }); + } else { + logger.error("Error fetching config in verify session:", error); + } + } + + return; +} diff --git a/server/setup/setHostMeta.ts b/server/lib/hostMeta.ts similarity index 51% rename from server/setup/setHostMeta.ts rename to server/lib/hostMeta.ts index 2a5b16a5..2f2c7ed7 100644 --- a/server/setup/setHostMeta.ts +++ b/server/lib/hostMeta.ts @@ -1,7 +1,9 @@ -import db from "@server/db"; -import { hostMeta } from "@server/db/schemas"; +import { db, HostMeta } from "@server/db"; +import { hostMeta } from "@server/db"; import { v4 as uuidv4 } from "uuid"; +let gotHostMeta: HostMeta | undefined; + export async function setHostMeta() { const [existing] = await db.select().from(hostMeta).limit(1); @@ -15,3 +17,12 @@ export async function setHostMeta() { .insert(hostMeta) .values({ hostMetaId: id, createdAt: new Date().getTime() }); } + +export async function getHostMeta() { + if (gotHostMeta) { + return gotHostMeta; + } + const [meta] = await db.select().from(hostMeta).limit(1); + gotHostMeta = meta; + return meta; +} diff --git a/server/lib/index.ts b/server/lib/index.ts index 9d2cfb1f..db1a73da 100644 --- a/server/lib/index.ts +++ b/server/lib/index.ts @@ -1 +1,3 @@ export * from "./response"; +export { tokenManager, TokenManager } from "./tokenManager"; +export * from "./geoip"; diff --git a/server/lib/ip.test.ts b/server/lib/ip.test.ts index 2c2dd057..67a2faaa 100644 --- a/server/lib/ip.test.ts +++ b/server/lib/ip.test.ts @@ -4,7 +4,14 @@ import { assertEquals } from "@test/assert"; // Test cases function testFindNextAvailableCidr() { console.log("Running findNextAvailableCidr tests..."); - + + // Test 0: Basic IPv4 allocation with a subnet in the wrong range + { + const existing = ["100.90.130.1/30", "100.90.128.4/30"]; + const result = findNextAvailableCidr(existing, 30, "100.90.130.1/24"); + assertEquals(result, "100.90.130.4/30", "Basic IPv4 allocation failed"); + } + // Test 1: Basic IPv4 allocation { const existing = ["10.0.0.0/16", "10.1.0.0/16"]; @@ -26,6 +33,12 @@ function testFindNextAvailableCidr() { assertEquals(result, null, "No available space test failed"); } + // Test 4: Empty existing + { + const existing: string[] = []; + const result = findNextAvailableCidr(existing, 30, "10.0.0.0/8"); + assertEquals(result, "10.0.0.0/30", "Empty existing test failed"); + } // // Test 4: IPv6 allocation // { // const existing = ["2001:db8::/32", "2001:db8:1::/32"]; diff --git a/server/lib/ip.ts b/server/lib/ip.ts index fd6f07ab..c929f025 100644 --- a/server/lib/ip.ts +++ b/server/lib/ip.ts @@ -1,3 +1,8 @@ +import { db } from "@server/db"; +import { clients, orgs, sites } from "@server/db"; +import { and, eq, isNotNull } from "drizzle-orm"; +import config from "@server/lib/config"; + interface IPRange { start: bigint; end: bigint; @@ -9,7 +14,7 @@ type IPVersion = 4 | 6; * Detects IP version from address string */ function detectIpVersion(ip: string): IPVersion { - return ip.includes(':') ? 6 : 4; + return ip.includes(":") ? 6 : 4; } /** @@ -19,34 +24,34 @@ function ipToBigInt(ip: string): bigint { const version = detectIpVersion(ip); if (version === 4) { - return ip.split('.') - .reduce((acc, octet) => { - const num = parseInt(octet); - if (isNaN(num) || num < 0 || num > 255) { - throw new Error(`Invalid IPv4 octet: ${octet}`); - } - return BigInt.asUintN(64, (acc << BigInt(8)) + BigInt(num)); - }, BigInt(0)); + return ip.split(".").reduce((acc, octet) => { + const num = parseInt(octet); + if (isNaN(num) || num < 0 || num > 255) { + throw new Error(`Invalid IPv4 octet: ${octet}`); + } + return BigInt.asUintN(64, (acc << BigInt(8)) + BigInt(num)); + }, BigInt(0)); } else { // Handle IPv6 // Expand :: notation let fullAddress = ip; - if (ip.includes('::')) { - const parts = ip.split('::'); - if (parts.length > 2) throw new Error('Invalid IPv6 address: multiple :: found'); - const missing = 8 - (parts[0].split(':').length + parts[1].split(':').length); - const padding = Array(missing).fill('0').join(':'); + if (ip.includes("::")) { + const parts = ip.split("::"); + if (parts.length > 2) + throw new Error("Invalid IPv6 address: multiple :: found"); + const missing = + 8 - (parts[0].split(":").length + parts[1].split(":").length); + const padding = Array(missing).fill("0").join(":"); fullAddress = `${parts[0]}:${padding}:${parts[1]}`; } - return fullAddress.split(':') - .reduce((acc, hextet) => { - const num = parseInt(hextet || '0', 16); - if (isNaN(num) || num < 0 || num > 65535) { - throw new Error(`Invalid IPv6 hextet: ${hextet}`); - } - return BigInt.asUintN(128, (acc << BigInt(16)) + BigInt(num)); - }, BigInt(0)); + return fullAddress.split(":").reduce((acc, hextet) => { + const num = parseInt(hextet || "0", 16); + if (isNaN(num) || num < 0 || num > 65535) { + throw new Error(`Invalid IPv6 hextet: ${hextet}`); + } + return BigInt.asUintN(128, (acc << BigInt(16)) + BigInt(num)); + }, BigInt(0)); } } @@ -60,11 +65,15 @@ function bigIntToIp(num: bigint, version: IPVersion): string { octets.unshift(Number(num & BigInt(255))); num = num >> BigInt(8); } - return octets.join('.'); + return octets.join("."); } else { const hextets: string[] = []; for (let i = 0; i < 8; i++) { - hextets.unshift(Number(num & BigInt(65535)).toString(16).padStart(4, '0')); + hextets.unshift( + Number(num & BigInt(65535)) + .toString(16) + .padStart(4, "0") + ); num = num >> BigInt(16); } // Compress zero sequences @@ -74,7 +83,7 @@ function bigIntToIp(num: bigint, version: IPVersion): string { let currentZeroLength = 0; for (let i = 0; i < hextets.length; i++) { - if (hextets[i] === '0000') { + if (hextets[i] === "0000") { if (currentZeroStart === -1) currentZeroStart = i; currentZeroLength++; if (currentZeroLength > maxZeroLength) { @@ -88,12 +97,14 @@ function bigIntToIp(num: bigint, version: IPVersion): string { } if (maxZeroLength > 1) { - hextets.splice(maxZeroStart, maxZeroLength, ''); - if (maxZeroStart === 0) hextets.unshift(''); - if (maxZeroStart + maxZeroLength === 8) hextets.push(''); + hextets.splice(maxZeroStart, maxZeroLength, ""); + if (maxZeroStart === 0) hextets.unshift(""); + if (maxZeroStart + maxZeroLength === 8) hextets.push(""); } - return hextets.map(h => h === '0000' ? '0' : h.replace(/^0+/, '')).join(':'); + return hextets + .map((h) => (h === "0000" ? "0" : h.replace(/^0+/, ""))) + .join(":"); } } @@ -101,7 +112,7 @@ function bigIntToIp(num: bigint, version: IPVersion): string { * Converts CIDR to IP range */ export function cidrToRange(cidr: string): IPRange { - const [ip, prefix] = cidr.split('/'); + const [ip, prefix] = cidr.split("/"); const version = detectIpVersion(ip); const prefixBits = parseInt(prefix); const ipBigInt = ipToBigInt(ip); @@ -113,7 +124,10 @@ export function cidrToRange(cidr: string): IPRange { } const shiftBits = BigInt(maxPrefix - prefixBits); - const mask = BigInt.asUintN(version === 4 ? 64 : 128, (BigInt(1) << shiftBits) - BigInt(1)); + const mask = BigInt.asUintN( + version === 4 ? 64 : 128, + (BigInt(1) << shiftBits) - BigInt(1) + ); const start = ipBigInt & ~mask; const end = start | mask; @@ -132,28 +146,32 @@ export function findNextAvailableCidr( blockSize: number, startCidr?: string ): string | null { - if (!startCidr && existingCidrs.length === 0) { return null; } // If no existing CIDRs, use the IP version from startCidr - const version = startCidr - ? detectIpVersion(startCidr.split('/')[0]) - : 4; // Default to IPv4 if no startCidr provided + const version = startCidr ? detectIpVersion(startCidr.split("/")[0]) : 4; // Default to IPv4 if no startCidr provided // Use appropriate default startCidr if none provided startCidr = startCidr || (version === 4 ? "0.0.0.0/0" : "::/0"); // If there are existing CIDRs, ensure all are same version - if (existingCidrs.length > 0 && - existingCidrs.some(cidr => detectIpVersion(cidr.split('/')[0]) !== version)) { - throw new Error('All CIDRs must be of the same IP version'); + if ( + existingCidrs.length > 0 && + existingCidrs.some( + (cidr) => detectIpVersion(cidr.split("/")[0]) !== version + ) + ) { + throw new Error("All CIDRs must be of the same IP version"); } + // Extract the network part from startCidr to ensure we stay in the right subnet + const startCidrRange = cidrToRange(startCidr); + // Convert existing CIDRs to ranges and sort them const existingRanges = existingCidrs - .map(cidr => cidrToRange(cidr)) + .map((cidr) => cidrToRange(cidr)) .sort((a, b) => (a.start < b.start ? -1 : 1)); // Calculate block size @@ -161,14 +179,17 @@ export function findNextAvailableCidr( const blockSizeBigInt = BigInt(1) << BigInt(maxPrefix - blockSize); // Start from the beginning of the given CIDR - let current = cidrToRange(startCidr).start; - const maxIp = cidrToRange(startCidr).end; + let current = startCidrRange.start; + const maxIp = startCidrRange.end; // Iterate through existing ranges for (let i = 0; i <= existingRanges.length; i++) { const nextRange = existingRanges[i]; + // Align current to block size - const alignedCurrent = current + ((blockSizeBigInt - (current % blockSizeBigInt)) % blockSizeBigInt); + const alignedCurrent = + current + + ((blockSizeBigInt - (current % blockSizeBigInt)) % blockSizeBigInt); // Check if we've gone beyond the maximum allowed IP if (alignedCurrent + blockSizeBigInt - BigInt(1) > maxIp) { @@ -176,12 +197,18 @@ export function findNextAvailableCidr( } // If we're at the end of existing ranges or found a gap - if (!nextRange || alignedCurrent + blockSizeBigInt - BigInt(1) < nextRange.start) { + if ( + !nextRange || + alignedCurrent + blockSizeBigInt - BigInt(1) < nextRange.start + ) { return `${bigIntToIp(alignedCurrent, version)}/${blockSize}`; } - // Move current pointer to after the current range - current = nextRange.end + BigInt(1); + // If next range overlaps with our search space, move past it + if (nextRange.end >= startCidrRange.start && nextRange.start <= maxIp) { + // Move current pointer to after the current range + current = nextRange.end + BigInt(1); + } } return null; @@ -195,7 +222,7 @@ export function findNextAvailableCidr( */ export function isIpInCidr(ip: string, cidr: string): boolean { const ipVersion = detectIpVersion(ip); - const cidrVersion = detectIpVersion(cidr.split('/')[0]); + const cidrVersion = detectIpVersion(cidr.split("/")[0]); // If IP versions don't match, the IP cannot be in the CIDR range if (ipVersion !== cidrVersion) { @@ -207,3 +234,69 @@ export function isIpInCidr(ip: string, cidr: string): boolean { const range = cidrToRange(cidr); return ipBigInt >= range.start && ipBigInt <= range.end; } + +export async function getNextAvailableClientSubnet( + orgId: string +): Promise { + const [org] = await db.select().from(orgs).where(eq(orgs.orgId, orgId)); + + if (!org) { + throw new Error(`Organization with ID ${orgId} not found`); + } + + if (!org.subnet) { + throw new Error(`Organization with ID ${orgId} has no subnet defined`); + } + + const existingAddressesSites = await db + .select({ + address: sites.address + }) + .from(sites) + .where(and(isNotNull(sites.address), eq(sites.orgId, orgId))); + + const existingAddressesClients = await db + .select({ + address: clients.subnet + }) + .from(clients) + .where(and(isNotNull(clients.subnet), eq(clients.orgId, orgId))); + + const addresses = [ + ...existingAddressesSites.map( + (site) => `${site.address?.split("/")[0]}/32` + ), // we are overriding the 32 so that we pick individual addresses in the subnet of the org for the site and the client even though they are stored with the /block_size of the org + ...existingAddressesClients.map( + (client) => `${client.address.split("/")}/32` + ) + ].filter((address) => address !== null) as string[]; + + const subnet = findNextAvailableCidr(addresses, 32, org.subnet); // pick the sites address in the org + if (!subnet) { + throw new Error("No available subnets remaining in space"); + } + + return subnet; +} + +export async function getNextAvailableOrgSubnet(): Promise { + const existingAddresses = await db + .select({ + subnet: orgs.subnet + }) + .from(orgs) + .where(isNotNull(orgs.subnet)); + + const addresses = existingAddresses.map((org) => org.subnet!); + + const subnet = findNextAvailableCidr( + addresses, + config.getRawConfig().orgs.block_size, + config.getRawConfig().orgs.subnet_group + ); + if (!subnet) { + throw new Error("No available subnets remaining in space"); + } + + return subnet; +} diff --git a/server/lib/rateLimitStore.ts b/server/lib/rateLimitStore.ts new file mode 100644 index 00000000..56adad98 --- /dev/null +++ b/server/lib/rateLimitStore.ts @@ -0,0 +1,6 @@ +import { MemoryStore, Store } from "express-rate-limit"; + +export function createStore(): Store { + const rateLimitStore: Store = new MemoryStore(); + return rateLimitStore; +} diff --git a/server/lib/readConfigFile.ts b/server/lib/readConfigFile.ts new file mode 100644 index 00000000..ae2cc120 --- /dev/null +++ b/server/lib/readConfigFile.ts @@ -0,0 +1,372 @@ +import fs from "fs"; +import yaml from "js-yaml"; +import { configFilePath1, configFilePath2 } from "./consts"; +import { z } from "zod"; +import stoi from "./stoi"; + +const portSchema = z.number().positive().gt(0).lte(65535); + +const getEnvOrYaml = (envVar: string) => (valFromYaml: any) => { + return process.env[envVar] ?? valFromYaml; +}; + +export const configSchema = z + .object({ + app: z.object({ + dashboard_url: z + .string() + .url() + .pipe(z.string().url()) + .transform((url) => url.toLowerCase()) + .optional(), + log_level: z + .enum(["debug", "info", "warn", "error"]) + .optional() + .default("info"), + save_logs: z.boolean().optional().default(false), + log_failed_attempts: z.boolean().optional().default(false), + }).optional().default({ + log_level: "info", + save_logs: false, + log_failed_attempts: false, + }), + managed: z + .object({ + name: z.string().optional(), + id: z.string().optional(), + secret: z.string().optional(), + endpoint: z.string().optional().default("https://pangolin.fossorial.io"), + redirect_endpoint: z.string().optional() + }) + .optional(), + domains: z + .record( + z.string(), + z.object({ + base_domain: z + .string() + .nonempty("base_domain must not be empty") + .transform((url) => url.toLowerCase()), + cert_resolver: z.string().optional().default("letsencrypt"), + prefer_wildcard_cert: z.boolean().optional().default(false) + }) + ) + .optional(), + server: z.object({ + integration_port: portSchema + .optional() + .default(3004) + .transform(stoi) + .pipe(portSchema.optional()), + external_port: portSchema + .optional() + .default(3000) + .transform(stoi) + .pipe(portSchema), + internal_port: portSchema + .optional() + .default(3001) + .transform(stoi) + .pipe(portSchema), + next_port: portSchema + .optional() + .default(3002) + .transform(stoi) + .pipe(portSchema), + internal_hostname: z + .string() + .optional() + .default("pangolin") + .transform((url) => url.toLowerCase()), + session_cookie_name: z + .string() + .optional() + .default("p_session_token"), + resource_access_token_param: z + .string() + .optional() + .default("p_token"), + resource_access_token_headers: z + .object({ + id: z.string().optional().default("P-Access-Token-Id"), + token: z.string().optional().default("P-Access-Token") + }) + .optional() + .default({}), + resource_session_request_param: z + .string() + .optional() + .default("resource_session_request_param"), + dashboard_session_length_hours: z + .number() + .positive() + .gt(0) + .optional() + .default(720), + resource_session_length_hours: z + .number() + .positive() + .gt(0) + .optional() + .default(720), + cors: z + .object({ + origins: z.array(z.string()).optional(), + methods: z.array(z.string()).optional(), + allowed_headers: z.array(z.string()).optional(), + credentials: z.boolean().optional() + }) + .optional(), + trust_proxy: z.number().int().gte(0).optional().default(1), + secret: z + .string() + .pipe(z.string().min(8)) + .optional() + }).optional().default({ + integration_port: 3003, + external_port: 3000, + internal_port: 3001, + next_port: 3002, + internal_hostname: "pangolin", + session_cookie_name: "p_session_token", + resource_access_token_param: "p_token", + resource_access_token_headers: { + id: "P-Access-Token-Id", + token: "P-Access-Token" + }, + resource_session_request_param: "resource_session_request_param", + dashboard_session_length_hours: 720, + resource_session_length_hours: 720, + trust_proxy: 1 + }), + postgres: z + .object({ + connection_string: z.string(), + replicas: z + .array( + z.object({ + connection_string: z.string() + }) + ) + .optional() + }) + .optional(), + traefik: z + .object({ + http_entrypoint: z.string().optional().default("web"), + https_entrypoint: z.string().optional().default("websecure"), + additional_middlewares: z.array(z.string()).optional(), + cert_resolver: z.string().optional().default("letsencrypt"), + prefer_wildcard_cert: z.boolean().optional().default(false), + certificates_path: z.string().default("/var/certificates"), + monitor_interval: z.number().default(5000), + dynamic_cert_config_path: z + .string() + .optional() + .default("/var/dynamic/cert_config.yml"), + dynamic_router_config_path: z + .string() + .optional() + .default("/var/dynamic/router_config.yml"), + static_domains: z.array(z.string()).optional().default([]), + site_types: z.array(z.string()).optional().default(["newt", "wireguard", "local"]), + allow_raw_resources: z.boolean().optional().default(true), + file_mode: z.boolean().optional().default(false) + }) + .optional() + .default({}), + gerbil: z + .object({ + exit_node_name: z.string().optional(), + start_port: portSchema + .optional() + .default(51820) + .transform(stoi) + .pipe(portSchema), + base_endpoint: z + .string() + .optional() + .pipe(z.string()) + .transform((url) => url.toLowerCase()), + use_subdomain: z.boolean().optional().default(false), + subnet_group: z.string().optional().default("100.89.137.0/20"), + block_size: z.number().positive().gt(0).optional().default(24), + site_block_size: z + .number() + .positive() + .gt(0) + .optional() + .default(30) + }) + .optional() + .default({}), + orgs: z + .object({ + block_size: z.number().positive().gt(0).optional().default(24), + subnet_group: z.string().optional().default("100.90.128.0/24") + }) + .optional() + .default({ + block_size: 24, + subnet_group: "100.90.128.0/24" + }), + rate_limits: z + .object({ + global: z + .object({ + window_minutes: z + .number() + .positive() + .gt(0) + .optional() + .default(1), + max_requests: z + .number() + .positive() + .gt(0) + .optional() + .default(500) + }) + .optional() + .default({}), + auth: z + .object({ + window_minutes: z + .number() + .positive() + .gt(0) + .optional() + .default(1), + max_requests: z + .number() + .positive() + .gt(0) + .optional() + .default(500) + }) + .optional() + .default({}) + }) + .optional() + .default({}), + email: z + .object({ + smtp_host: z.string().optional(), + smtp_port: portSchema.optional(), + smtp_user: z.string().optional(), + smtp_pass: z + .string() + .optional() + .transform(getEnvOrYaml("EMAIL_SMTP_PASS")), + smtp_secure: z.boolean().optional(), + smtp_tls_reject_unauthorized: z.boolean().optional(), + no_reply: z.string().email().optional() + }) + .optional(), + flags: z + .object({ + require_email_verification: z.boolean().optional(), + disable_signup_without_invite: z.boolean().optional(), + disable_user_create_org: z.boolean().optional(), + allow_raw_resources: z.boolean().optional(), + enable_integration_api: z.boolean().optional(), + disable_local_sites: z.boolean().optional(), + disable_basic_wireguard_sites: z.boolean().optional(), + disable_config_managed_domains: z.boolean().optional(), + enable_clients: z.boolean().optional().default(true) + }) + .optional(), + dns: z + .object({ + nameservers: z + .array(z.string().optional().optional()) + .optional() + .default(["ns1.fossorial.io", "ns2.fossorial.io"]), + cname_extension: z.string().optional().default("fossorial.io") + }) + .optional() + .default({ + nameservers: ["ns1.fossorial.io", "ns2.fossorial.io"], + cname_extension: "fossorial.io" + }) + }) + .refine( + (data) => { + const keys = Object.keys(data.domains || {}); + if (data.flags?.disable_config_managed_domains) { + return true; + } + // If hybrid is defined, domains are not required + if (data.managed) { + return true; + } + if (keys.length === 0) { + return false; + } + return true; + }, + { + message: "At least one domain must be defined" + } + ) + .refine( + (data) => { + // If hybrid is defined, server secret is not required + if (data.managed) { + return true; + } + // If hybrid is not defined, server secret must be defined. If its not defined already then pull it from env + if (data.server?.secret === undefined) { + data.server.secret = process.env.SERVER_SECRET; + } + return data.server?.secret !== undefined && data.server.secret.length > 0; + }, + { + message: "Server secret must be defined" + } + ) + .refine( + (data) => { + // If hybrid is defined, dashboard_url is not required + if (data.managed) { + return true; + } + // If hybrid is not defined, dashboard_url must be defined + return data.app.dashboard_url !== undefined && data.app.dashboard_url.length > 0; + }, + { + message: "Dashboard URL must be defined" + } + ); + +export function readConfigFile() { + const loadConfig = (configPath: string) => { + try { + const yamlContent = fs.readFileSync(configPath, "utf8"); + const config = yaml.load(yamlContent); + return config; + } catch (error) { + if (error instanceof Error) { + throw new Error( + `Error loading configuration file: ${error.message}` + ); + } + throw error; + } + }; + + let environment: any; + if (fs.existsSync(configFilePath1)) { + environment = loadConfig(configFilePath1); + } else if (fs.existsSync(configFilePath2)) { + environment = loadConfig(configFilePath2); + } + + if (!environment) { + throw new Error( + "No configuration file found. Please create one. https://docs.digpangolin.com/self-host/advanced/config-file" + ); + } + + return environment; +} diff --git a/server/lib/remoteCertificates/certificates.ts b/server/lib/remoteCertificates/certificates.ts new file mode 100644 index 00000000..9a4ce001 --- /dev/null +++ b/server/lib/remoteCertificates/certificates.ts @@ -0,0 +1,80 @@ +import axios from "axios"; +import { tokenManager } from "../tokenManager"; +import logger from "@server/logger"; +import config from "../config"; + +/** + * Get valid certificates for the specified domains + */ +export async function getValidCertificatesForDomainsHybrid(domains: Set): Promise< + Array<{ + id: number; + domain: string; + wildcard: boolean | null; + certFile: string | null; + keyFile: string | null; + expiresAt: Date | null; + updatedAt?: Date | null; + }> +> { + if (domains.size === 0) { + return []; + } + + const domainArray = Array.from(domains); + + try { + const response = await axios.get( + `${config.getRawConfig().managed?.endpoint}/api/v1/hybrid/certificates/domains`, + { + params: { + domains: domainArray + }, + headers: (await tokenManager.getAuthHeader()).headers + } + ); + + if (response.status !== 200) { + logger.error( + `Failed to fetch certificates for domains: ${response.status} ${response.statusText}`, + { responseData: response.data, domains: domainArray } + ); + return []; + } + + // logger.debug( + // `Successfully retrieved ${response.data.data?.length || 0} certificates for ${domainArray.length} domains` + // ); + + return response.data.data; + } catch (error) { + // pull data out of the axios error to log + if (axios.isAxiosError(error)) { + logger.error("Error getting certificates:", { + message: error.message, + code: error.code, + status: error.response?.status, + statusText: error.response?.statusText, + url: error.config?.url, + method: error.config?.method + }); + } else { + logger.error("Error getting certificates:", error); + } + return []; + } +} + +export async function getValidCertificatesForDomains(domains: Set): Promise< + Array<{ + id: number; + domain: string; + wildcard: boolean | null; + certFile: string | null; + keyFile: string | null; + expiresAt: Date | null; + updatedAt?: Date | null; + }> +> { + return []; // stub +} \ No newline at end of file diff --git a/server/lib/remoteCertificates/index.ts b/server/lib/remoteCertificates/index.ts new file mode 100644 index 00000000..53051b6c --- /dev/null +++ b/server/lib/remoteCertificates/index.ts @@ -0,0 +1 @@ +export * from "./certificates"; \ No newline at end of file diff --git a/server/lib/remoteProxy.ts b/server/lib/remoteProxy.ts new file mode 100644 index 00000000..c9016071 --- /dev/null +++ b/server/lib/remoteProxy.ts @@ -0,0 +1,73 @@ +import { Request, Response, NextFunction } from "express"; +import { Router } from "express"; +import axios from "axios"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import config from "@server/lib/config"; +import { tokenManager } from "./tokenManager"; + +/** + * Proxy function that forwards requests to the remote cloud server + */ + +export const proxyToRemote = async ( + req: Request, + res: Response, + next: NextFunction, + endpoint: string +): Promise => { + try { + const remoteUrl = `${config.getRawConfig().managed?.endpoint?.replace(/\/$/, '')}/api/v1/${endpoint}`; + + logger.debug(`Proxying request to remote server: ${remoteUrl}`); + + // Forward the request to the remote server + const response = await axios({ + method: req.method as any, + url: remoteUrl, + data: req.body, + headers: { + 'Content-Type': 'application/json', + ...(await tokenManager.getAuthHeader()).headers + }, + params: req.query, + timeout: 30000, // 30 second timeout + validateStatus: () => true // Don't throw on non-2xx status codes + }); + + logger.debug(`Proxy response: ${JSON.stringify(response.data)}`); + + // Forward the response status and data + return res.status(response.status).json(response.data); + + } catch (error) { + logger.error("Error proxying request to remote server:", error); + + if (axios.isAxiosError(error)) { + if (error.code === 'ECONNREFUSED' || error.code === 'ENOTFOUND') { + return next( + createHttpError( + HttpCode.SERVICE_UNAVAILABLE, + "Remote server is unavailable" + ) + ); + } + if (error.code === 'ECONNABORTED') { + return next( + createHttpError( + HttpCode.REQUEST_TIMEOUT, + "Request to remote server timed out" + ) + ); + } + } + + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error communicating with remote server" + ) + ); + } +}; \ No newline at end of file diff --git a/server/lib/schemas.ts b/server/lib/schemas.ts index cf1b40c8..0888ff31 100644 --- a/server/lib/schemas.ts +++ b/server/lib/schemas.ts @@ -3,7 +3,7 @@ import { z } from "zod"; export const subdomainSchema = z .string() .regex( - /^(?!:\/\/)([a-zA-Z0-9-_]+\.)*[a-zA-Z0-9-_]+$/, + /^(?!:\/\/)([a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?\.)*[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$/, "Invalid subdomain format" ) .min(1, "Subdomain must be at least 1 character long") @@ -12,7 +12,8 @@ export const subdomainSchema = z export const tlsNameSchema = z .string() .regex( - /^(?!:\/\/)([a-zA-Z0-9-_]+\.)*[a-zA-Z0-9-_]+$|^$/, + /^(?!:\/\/)([a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?\.)*[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$|^$/, "Invalid subdomain format" ) - .transform((val) => val.toLowerCase()); \ No newline at end of file + .transform((val) => val.toLowerCase()); + diff --git a/server/lib/stoi.ts b/server/lib/stoi.ts index 8fa42b54..ebc789e6 100644 --- a/server/lib/stoi.ts +++ b/server/lib/stoi.ts @@ -1,6 +1,6 @@ export default function stoi(val: any) { if (typeof val === "string") { - return parseInt(val) + return parseInt(val); } else { return val; diff --git a/server/lib/tokenManager.ts b/server/lib/tokenManager.ts new file mode 100644 index 00000000..2e0e1118 --- /dev/null +++ b/server/lib/tokenManager.ts @@ -0,0 +1,274 @@ +import axios from "axios"; +import config from "@server/lib/config"; +import logger from "@server/logger"; + +export interface TokenResponse { + success: boolean; + message?: string; + data: { + token: string; + }; +} + +/** + * Token Manager - Handles automatic token refresh for hybrid server authentication + * + * Usage throughout the application: + * ```typescript + * import { tokenManager } from "@server/lib/tokenManager"; + * + * // Get the current valid token + * const token = await tokenManager.getToken(); + * + * // Force refresh if needed + * await tokenManager.refreshToken(); + * ``` + * + * The token manager automatically refreshes tokens every 24 hours by default + * and is started once in the privateHybridServer.ts file. + */ + +export class TokenManager { + private token: string | null = null; + private refreshInterval: NodeJS.Timeout | null = null; + private isRefreshing: boolean = false; + private refreshIntervalMs: number; + private retryInterval: NodeJS.Timeout | null = null; + private retryIntervalMs: number; + private tokenAvailablePromise: Promise | null = null; + private tokenAvailableResolve: (() => void) | null = null; + + constructor(refreshIntervalMs: number = 24 * 60 * 60 * 1000, retryIntervalMs: number = 5000) { + // Default to 24 hours for refresh, 5 seconds for retry + this.refreshIntervalMs = refreshIntervalMs; + this.retryIntervalMs = retryIntervalMs; + this.setupTokenAvailablePromise(); + } + + /** + * Set up promise that resolves when token becomes available + */ + private setupTokenAvailablePromise(): void { + this.tokenAvailablePromise = new Promise((resolve) => { + this.tokenAvailableResolve = resolve; + }); + } + + /** + * Resolve the token available promise + */ + private resolveTokenAvailable(): void { + if (this.tokenAvailableResolve) { + this.tokenAvailableResolve(); + this.tokenAvailableResolve = null; + } + } + + /** + * Start the token manager - gets initial token and sets up refresh interval + * If initial token fetch fails, keeps retrying every few seconds until successful + */ + async start(): Promise { + logger.info("Starting token manager..."); + + try { + await this.refreshToken(); + this.setupRefreshInterval(); + this.resolveTokenAvailable(); + logger.info("Token manager started successfully"); + } catch (error) { + logger.warn(`Failed to get initial token, will retry in ${this.retryIntervalMs / 1000} seconds:`, error); + this.setupRetryInterval(); + } + } + + /** + * Set up retry interval for initial token acquisition + */ + private setupRetryInterval(): void { + if (this.retryInterval) { + clearInterval(this.retryInterval); + } + + this.retryInterval = setInterval(async () => { + try { + logger.debug("Retrying initial token acquisition"); + await this.refreshToken(); + this.setupRefreshInterval(); + this.clearRetryInterval(); + this.resolveTokenAvailable(); + logger.info("Token manager started successfully after retry"); + } catch (error) { + logger.debug("Token acquisition retry failed, will try again"); + } + }, this.retryIntervalMs); + } + + /** + * Clear retry interval + */ + private clearRetryInterval(): void { + if (this.retryInterval) { + clearInterval(this.retryInterval); + this.retryInterval = null; + } + } + + /** + * Stop the token manager and clear all intervals + */ + stop(): void { + if (this.refreshInterval) { + clearInterval(this.refreshInterval); + this.refreshInterval = null; + } + this.clearRetryInterval(); + logger.info("Token manager stopped"); + } + + /** + * Get the current valid token + */ + + // TODO: WE SHOULD NOT BE GETTING A TOKEN EVERY TIME WE REQUEST IT + async getToken(): Promise { + // If we don't have a token yet, wait for it to become available + if (!this.token && this.tokenAvailablePromise) { + await this.tokenAvailablePromise; + } + + if (!this.token) { + if (this.isRefreshing) { + // Wait for current refresh to complete + await this.waitForRefresh(); + } else { + throw new Error("No valid token available"); + } + } + + if (!this.token) { + throw new Error("No valid token available"); + } + + return this.token; + } + + async getAuthHeader() { + return { + headers: { + Authorization: `Bearer ${await this.getToken()}`, + "X-CSRF-Token": "x-csrf-protection", + } + }; + } + + /** + * Force refresh the token + */ + async refreshToken(): Promise { + if (this.isRefreshing) { + await this.waitForRefresh(); + return; + } + + this.isRefreshing = true; + + try { + const hybridConfig = config.getRawConfig().managed; + + if ( + !hybridConfig?.id || + !hybridConfig?.secret || + !hybridConfig?.endpoint + ) { + throw new Error("Hybrid configuration is not defined"); + } + + const tokenEndpoint = `${hybridConfig.endpoint}/api/v1/auth/remoteExitNode/get-token`; + + const tokenData = { + remoteExitNodeId: hybridConfig.id, + secret: hybridConfig.secret + }; + + logger.debug("Requesting new token from server"); + + const response = await axios.post( + tokenEndpoint, + tokenData, + { + headers: { + "Content-Type": "application/json", + "X-CSRF-Token": "x-csrf-protection" + }, + timeout: 10000 // 10 second timeout + } + ); + + if (!response.data.success) { + throw new Error( + `Failed to get token: ${response.data.message}` + ); + } + + if (!response.data.data.token) { + throw new Error("Received empty token from server"); + } + + this.token = response.data.data.token; + logger.debug("Token refreshed successfully"); + } catch (error) { + if (axios.isAxiosError(error)) { + logger.error("Error updating proxy mapping:", { + message: error.message, + code: error.code, + status: error.response?.status, + statusText: error.response?.statusText, + url: error.config?.url, + method: error.config?.method + }); + } else { + logger.error("Error updating proxy mapping:", error); + } + + throw new Error("Failed to refresh token"); + } finally { + this.isRefreshing = false; + } + } + + /** + * Set up automatic token refresh interval + */ + private setupRefreshInterval(): void { + if (this.refreshInterval) { + clearInterval(this.refreshInterval); + } + + this.refreshInterval = setInterval(async () => { + try { + logger.debug("Auto-refreshing token"); + await this.refreshToken(); + } catch (error) { + logger.error("Failed to auto-refresh token:", error); + } + }, this.refreshIntervalMs); + } + + /** + * Wait for current refresh operation to complete + */ + private async waitForRefresh(): Promise { + return new Promise((resolve) => { + const checkInterval = setInterval(() => { + if (!this.isRefreshing) { + clearInterval(checkInterval); + resolve(); + } + }, 100); + }); + } +} + +// Export a singleton instance for use throughout the application +export const tokenManager = new TokenManager(); diff --git a/server/lib/totp.ts b/server/lib/totp.ts new file mode 100644 index 00000000..d9f819ab --- /dev/null +++ b/server/lib/totp.ts @@ -0,0 +1,10 @@ +import { alphabet, generateRandomString } from "oslo/crypto"; + +export async function generateBackupCodes(): Promise { + const codes = []; + for (let i = 0; i < 10; i++) { + const code = generateRandomString(6, alphabet("0-9", "A-Z", "a-z")); + codes.push(code); + } + return codes; +} diff --git a/server/lib/traefikConfig.test.ts b/server/lib/traefikConfig.test.ts new file mode 100644 index 00000000..55d19647 --- /dev/null +++ b/server/lib/traefikConfig.test.ts @@ -0,0 +1,235 @@ +import { assertEquals } from "@test/assert"; +import { isDomainCoveredByWildcard } from "./traefikConfig"; + +function runTests() { + console.log('Running wildcard domain coverage tests...'); + + // Test case 1: Basic wildcard certificate at example.com + const basicWildcardCerts = new Map([ + ['example.com', { exists: true, wildcard: true }] + ]); + + // Should match first-level subdomains + assertEquals( + isDomainCoveredByWildcard('level1.example.com', basicWildcardCerts), + true, + 'Wildcard cert at example.com should match level1.example.com' + ); + + assertEquals( + isDomainCoveredByWildcard('api.example.com', basicWildcardCerts), + true, + 'Wildcard cert at example.com should match api.example.com' + ); + + assertEquals( + isDomainCoveredByWildcard('www.example.com', basicWildcardCerts), + true, + 'Wildcard cert at example.com should match www.example.com' + ); + + // Should match the root domain (exact match) + assertEquals( + isDomainCoveredByWildcard('example.com', basicWildcardCerts), + true, + 'Wildcard cert at example.com should match example.com itself' + ); + + // Should NOT match second-level subdomains + assertEquals( + isDomainCoveredByWildcard('level2.level1.example.com', basicWildcardCerts), + false, + 'Wildcard cert at example.com should NOT match level2.level1.example.com' + ); + + assertEquals( + isDomainCoveredByWildcard('deep.nested.subdomain.example.com', basicWildcardCerts), + false, + 'Wildcard cert at example.com should NOT match deep.nested.subdomain.example.com' + ); + + // Should NOT match different domains + assertEquals( + isDomainCoveredByWildcard('test.otherdomain.com', basicWildcardCerts), + false, + 'Wildcard cert at example.com should NOT match test.otherdomain.com' + ); + + assertEquals( + isDomainCoveredByWildcard('notexample.com', basicWildcardCerts), + false, + 'Wildcard cert at example.com should NOT match notexample.com' + ); + + // Test case 2: Multiple wildcard certificates + const multipleWildcardCerts = new Map([ + ['example.com', { exists: true, wildcard: true }], + ['test.org', { exists: true, wildcard: true }], + ['api.service.net', { exists: true, wildcard: true }] + ]); + + assertEquals( + isDomainCoveredByWildcard('app.example.com', multipleWildcardCerts), + true, + 'Should match subdomain of first wildcard cert' + ); + + assertEquals( + isDomainCoveredByWildcard('staging.test.org', multipleWildcardCerts), + true, + 'Should match subdomain of second wildcard cert' + ); + + assertEquals( + isDomainCoveredByWildcard('v1.api.service.net', multipleWildcardCerts), + true, + 'Should match subdomain of third wildcard cert' + ); + + assertEquals( + isDomainCoveredByWildcard('deep.nested.api.service.net', multipleWildcardCerts), + false, + 'Should NOT match multi-level subdomain of third wildcard cert' + ); + + // Test exact domain matches for multiple certs + assertEquals( + isDomainCoveredByWildcard('example.com', multipleWildcardCerts), + true, + 'Should match exact domain of first wildcard cert' + ); + + assertEquals( + isDomainCoveredByWildcard('test.org', multipleWildcardCerts), + true, + 'Should match exact domain of second wildcard cert' + ); + + assertEquals( + isDomainCoveredByWildcard('api.service.net', multipleWildcardCerts), + true, + 'Should match exact domain of third wildcard cert' + ); + + // Test case 3: Non-wildcard certificates (should not match anything) + const nonWildcardCerts = new Map([ + ['example.com', { exists: true, wildcard: false }], + ['specific.domain.com', { exists: true, wildcard: false }] + ]); + + assertEquals( + isDomainCoveredByWildcard('sub.example.com', nonWildcardCerts), + false, + 'Non-wildcard cert should not match subdomains' + ); + + assertEquals( + isDomainCoveredByWildcard('example.com', nonWildcardCerts), + false, + 'Non-wildcard cert should not match even exact domain via this function' + ); + + // Test case 4: Non-existent certificates (should not match) + const nonExistentCerts = new Map([ + ['example.com', { exists: false, wildcard: true }], + ['missing.com', { exists: false, wildcard: true }] + ]); + + assertEquals( + isDomainCoveredByWildcard('sub.example.com', nonExistentCerts), + false, + 'Non-existent wildcard cert should not match' + ); + + // Test case 5: Edge cases with special domain names + const specialDomainCerts = new Map([ + ['localhost', { exists: true, wildcard: true }], + ['127-0-0-1.nip.io', { exists: true, wildcard: true }], + ['xn--e1afmkfd.xn--p1ai', { exists: true, wildcard: true }] // IDN domain + ]); + + assertEquals( + isDomainCoveredByWildcard('app.localhost', specialDomainCerts), + true, + 'Should match subdomain of localhost wildcard' + ); + + assertEquals( + isDomainCoveredByWildcard('test.127-0-0-1.nip.io', specialDomainCerts), + true, + 'Should match subdomain of nip.io wildcard' + ); + + assertEquals( + isDomainCoveredByWildcard('sub.xn--e1afmkfd.xn--p1ai', specialDomainCerts), + true, + 'Should match subdomain of IDN wildcard' + ); + + // Test case 6: Empty input and edge cases + const emptyCerts = new Map(); + + assertEquals( + isDomainCoveredByWildcard('any.domain.com', emptyCerts), + false, + 'Empty certificate map should not match any domain' + ); + + // Test case 7: Domains with single character components + const singleCharCerts = new Map([ + ['a.com', { exists: true, wildcard: true }], + ['x.y.z', { exists: true, wildcard: true }] + ]); + + assertEquals( + isDomainCoveredByWildcard('b.a.com', singleCharCerts), + true, + 'Should match single character subdomain' + ); + + assertEquals( + isDomainCoveredByWildcard('w.x.y.z', singleCharCerts), + true, + 'Should match single character subdomain of multi-part domain' + ); + + assertEquals( + isDomainCoveredByWildcard('v.w.x.y.z', singleCharCerts), + false, + 'Should NOT match multi-level subdomain of single char domain' + ); + + // Test case 8: Domains with numbers and hyphens + const numericCerts = new Map([ + ['api-v2.service-1.com', { exists: true, wildcard: true }], + ['123.456.net', { exists: true, wildcard: true }] + ]); + + assertEquals( + isDomainCoveredByWildcard('staging.api-v2.service-1.com', numericCerts), + true, + 'Should match subdomain with hyphens and numbers' + ); + + assertEquals( + isDomainCoveredByWildcard('test.123.456.net', numericCerts), + true, + 'Should match subdomain with numeric components' + ); + + assertEquals( + isDomainCoveredByWildcard('deep.staging.api-v2.service-1.com', numericCerts), + false, + 'Should NOT match multi-level subdomain with hyphens and numbers' + ); + + console.log('All wildcard domain coverage tests passed!'); +} + +// Run all tests +try { + runTests(); +} catch (error) { + console.error('Test failed:', error); + process.exit(1); +} diff --git a/server/lib/traefikConfig.ts b/server/lib/traefikConfig.ts new file mode 100644 index 00000000..e16b93d2 --- /dev/null +++ b/server/lib/traefikConfig.ts @@ -0,0 +1,1061 @@ +import * as fs from "fs"; +import * as path from "path"; +import config from "@server/lib/config"; +import logger from "@server/logger"; +import * as yaml from "js-yaml"; +import axios from "axios"; +import { db, exitNodes } from "@server/db"; +import { eq } from "drizzle-orm"; +import { tokenManager } from "./tokenManager"; +import { + getCurrentExitNodeId, + getTraefikConfig +} from "@server/routers/traefik"; +import { + getValidCertificatesForDomains, + getValidCertificatesForDomainsHybrid +} from "./remoteCertificates"; + +export class TraefikConfigManager { + private intervalId: NodeJS.Timeout | null = null; + private isRunning = false; + private activeDomains = new Set(); + private timeoutId: NodeJS.Timeout | null = null; + private lastCertificateFetch: Date | null = null; + private lastKnownDomains = new Set(); + private lastLocalCertificateState = new Map< + string, + { + exists: boolean; + lastModified: Date | null; + expiresAt: Date | null; + wildcard: boolean | null; + } + >(); + + constructor() {} + + /** + * Start monitoring certificates + */ + private scheduleNextExecution(): void { + const intervalMs = config.getRawConfig().traefik.monitor_interval; + const now = Date.now(); + const nextExecution = Math.ceil(now / intervalMs) * intervalMs; + const delay = nextExecution - now; + + this.timeoutId = setTimeout(async () => { + try { + await this.HandleTraefikConfig(); + } catch (error) { + logger.error("Error during certificate monitoring:", error); + } + + if (this.isRunning) { + this.scheduleNextExecution(); // Schedule the next execution + } + }, delay); + } + + async start(): Promise { + if (this.isRunning) { + logger.info("Certificate monitor is already running"); + return; + } + this.isRunning = true; + logger.info(`Starting certificate monitor for exit node`); + + // Ensure certificates directory exists + await this.ensureDirectoryExists( + config.getRawConfig().traefik.certificates_path + ); + + // Initialize local certificate state + this.lastLocalCertificateState = await this.scanLocalCertificateState(); + logger.info( + `Found ${this.lastLocalCertificateState.size} existing certificate directories` + ); + + // Run initial check + await this.HandleTraefikConfig(); + + // Start synchronized scheduling + this.scheduleNextExecution(); + + logger.info( + `Certificate monitor started with synchronized ${ + config.getRawConfig().traefik.monitor_interval + }ms interval` + ); + } + /** + * Stop monitoring certificates + */ + stop(): void { + if (!this.isRunning) { + logger.info("Certificate monitor is not running"); + return; + } + + if (this.intervalId) { + clearInterval(this.intervalId); + this.intervalId = null; + } + + this.isRunning = false; + logger.info("Certificate monitor stopped"); + } + + /** + * Scan local certificate directories to build current state + */ + private async scanLocalCertificateState(): Promise< + Map< + string, + { + exists: boolean; + lastModified: Date | null; + expiresAt: Date | null; + wildcard: boolean; + } + > + > { + const state = new Map(); + const certsPath = config.getRawConfig().traefik.certificates_path; + + try { + if (!fs.existsSync(certsPath)) { + return state; + } + + const certDirs = fs.readdirSync(certsPath, { withFileTypes: true }); + + for (const dirent of certDirs) { + if (!dirent.isDirectory()) continue; + + const domain = dirent.name; + const domainDir = path.join(certsPath, domain); + const certPath = path.join(domainDir, "cert.pem"); + const keyPath = path.join(domainDir, "key.pem"); + const lastUpdatePath = path.join(domainDir, ".last_update"); + const wildcardPath = path.join(domainDir, ".wildcard"); + + const certExists = await this.fileExists(certPath); + const keyExists = await this.fileExists(keyPath); + const lastUpdateExists = await this.fileExists(lastUpdatePath); + const wildcardExists = await this.fileExists(wildcardPath); + + let lastModified: Date | null = null; + const expiresAt: Date | null = null; + let wildcard = false; + + if (lastUpdateExists) { + try { + const lastUpdateStr = fs + .readFileSync(lastUpdatePath, "utf8") + .trim(); + lastModified = new Date(lastUpdateStr); + } catch { + // If we can't read the last update, fall back to file stats + try { + const stats = fs.statSync(certPath); + lastModified = stats.mtime; + } catch { + lastModified = null; + } + } + } + + // Check if this is a wildcard certificate + if (wildcardExists) { + try { + const wildcardContent = fs + .readFileSync(wildcardPath, "utf8") + .trim(); + wildcard = wildcardContent === "true"; + } catch (error) { + logger.warn( + `Could not read wildcard file for ${domain}:`, + error + ); + } + } + + state.set(domain, { + exists: certExists && keyExists, + lastModified, + expiresAt, + wildcard + }); + } + } catch (error) { + logger.error("Error scanning local certificate state:", error); + } + + return state; + } + + /** + * Check if we need to fetch certificates from remote + */ + private shouldFetchCertificates(currentDomains: Set): boolean { + // Always fetch on first run + if (!this.lastCertificateFetch) { + return true; + } + + // Fetch if it's been more than 24 hours (for renewals) + const dayInMs = 24 * 60 * 60 * 1000; + const timeSinceLastFetch = + Date.now() - this.lastCertificateFetch.getTime(); + if (timeSinceLastFetch > dayInMs) { + logger.info("Fetching certificates due to 24-hour renewal check"); + return true; + } + + // Filter out domains covered by wildcard certificates + const domainsNeedingCerts = new Set(); + for (const domain of currentDomains) { + if (!isDomainCoveredByWildcard(domain, this.lastLocalCertificateState)) { + domainsNeedingCerts.add(domain); + } + } + + // Fetch if domains needing certificates have changed + const lastDomainsNeedingCerts = new Set(); + for (const domain of this.lastKnownDomains) { + if (!isDomainCoveredByWildcard(domain, this.lastLocalCertificateState)) { + lastDomainsNeedingCerts.add(domain); + } + } + + if ( + domainsNeedingCerts.size !== lastDomainsNeedingCerts.size || + !Array.from(domainsNeedingCerts).every((domain) => + lastDomainsNeedingCerts.has(domain) + ) + ) { + logger.info( + "Fetching certificates due to domain changes (after wildcard filtering)" + ); + return true; + } + + // Check if any local certificates are missing or appear to be outdated + for (const domain of domainsNeedingCerts) { + const localState = this.lastLocalCertificateState.get(domain); + if (!localState || !localState.exists) { + logger.info( + `Fetching certificates due to missing local cert for ${domain}` + ); + return true; + } + + // Check if certificate is expiring soon (within 30 days) + if (localState.expiresAt) { + const daysUntilExpiry = + (localState.expiresAt.getTime() - Date.now()) / + (1000 * 60 * 60 * 24); + if (daysUntilExpiry < 30) { + logger.info( + `Fetching certificates due to upcoming expiry for ${domain} (${Math.round(daysUntilExpiry)} days remaining)` + ); + return true; + } + } + } + + return false; + } + + /** + * Main monitoring logic + */ + lastActiveDomains: Set = new Set(); + public async HandleTraefikConfig(): Promise { + try { + // Get all active domains for this exit node via HTTP call + const getTraefikConfig = await this.getTraefikConfig(); + + if (!getTraefikConfig) { + logger.error( + "Failed to fetch active domains from traefik config" + ); + return; + } + + const { domains, traefikConfig } = getTraefikConfig; + + // Add static domains from config + // const staticDomains = [config.getRawConfig().app.dashboard_url]; + // staticDomains.forEach((domain) => domains.add(domain)); + + // Log if domains changed + if ( + this.lastActiveDomains.size !== domains.size || + !Array.from(this.lastActiveDomains).every((domain) => + domains.has(domain) + ) + ) { + logger.info( + `Active domains changed for exit node: ${Array.from(domains).join(", ")}` + ); + this.lastActiveDomains = new Set(domains); + } + + // Scan current local certificate state + this.lastLocalCertificateState = + await this.scanLocalCertificateState(); + + // Only fetch certificates if needed (domain changes, missing certs, or daily renewal check) + let validCertificates: Array<{ + id: number; + domain: string; + wildcard: boolean | null; + certFile: string | null; + keyFile: string | null; + expiresAt: Date | null; + updatedAt?: Date | null; + }> = []; + + if (this.shouldFetchCertificates(domains)) { + // Filter out domains that are already covered by wildcard certificates + const domainsToFetch = new Set(); + for (const domain of domains) { + if (!isDomainCoveredByWildcard(domain, this.lastLocalCertificateState)) { + domainsToFetch.add(domain); + } else { + logger.debug( + `Domain ${domain} is covered by existing wildcard certificate, skipping fetch` + ); + } + } + + if (domainsToFetch.size > 0) { + // Get valid certificates for domains not covered by wildcards + if (config.isManagedMode()) { + validCertificates = + await getValidCertificatesForDomainsHybrid( + domainsToFetch + ); + } else { + validCertificates = + await getValidCertificatesForDomains( + domainsToFetch + ); + } + this.lastCertificateFetch = new Date(); + this.lastKnownDomains = new Set(domains); + + logger.info( + `Fetched ${validCertificates.length} certificates from remote (${domains.size - domainsToFetch.size} domains covered by wildcards)` + ); + + // Download and decrypt new certificates + await this.processValidCertificates(validCertificates); + } else { + logger.info( + "All domains are covered by existing wildcard certificates, no fetch needed" + ); + this.lastCertificateFetch = new Date(); + this.lastKnownDomains = new Set(domains); + } + + // Always ensure all existing certificates (including wildcards) are in the config + await this.updateDynamicConfigFromLocalCerts(domains); + } else { + const timeSinceLastFetch = this.lastCertificateFetch + ? Math.round( + (Date.now() - this.lastCertificateFetch.getTime()) / + (1000 * 60) + ) + : 0; + + // logger.debug( + // `Skipping certificate fetch - no changes detected and within 24-hour window (last fetch: ${timeSinceLastFetch} minutes ago)` + // ); + + // Still need to ensure config is up to date with existing certificates + await this.updateDynamicConfigFromLocalCerts(domains); + } + + // Clean up certificates for domains no longer in use + await this.cleanupUnusedCertificates(domains); + + // wait 1 second for traefik to pick up the new certificates + await new Promise((resolve) => setTimeout(resolve, 500)); + + // Write traefik config as YAML to a second dynamic config file if changed + await this.writeTraefikDynamicConfig(traefikConfig); + + // Send domains to SNI proxy + try { + let exitNode; + if (config.getRawConfig().gerbil.exit_node_name) { + const exitNodeName = + config.getRawConfig().gerbil.exit_node_name!; + [exitNode] = await db + .select() + .from(exitNodes) + .where(eq(exitNodes.name, exitNodeName)) + .limit(1); + } else { + [exitNode] = await db.select().from(exitNodes).limit(1); + } + if (exitNode) { + try { + await axios.post( + `${exitNode.reachableAt}/update-local-snis`, + { fullDomains: Array.from(domains) }, + { headers: { "Content-Type": "application/json" } } + ); + } catch (error) { + // pull data out of the axios error to log + if (axios.isAxiosError(error)) { + logger.error("Error updating local SNI:", { + message: error.message, + code: error.code, + status: error.response?.status, + statusText: error.response?.statusText, + url: error.config?.url, + method: error.config?.method + }); + } else { + logger.error("Error updating local SNI:", error); + } + } + } else { + logger.error( + "No exit node found. Has gerbil registered yet?" + ); + } + } catch (err) { + logger.error("Failed to post domains to SNI proxy:", err); + } + + // Update active domains tracking + this.activeDomains = domains; + } catch (error) { + logger.error("Error in traefik config monitoring cycle:", error); + } + } + + /** + * Get all domains currently in use from traefik config API + */ + private async getTraefikConfig(): Promise<{ + domains: Set; + traefikConfig: any; + } | null> { + let traefikConfig; + try { + if (config.isManagedMode()) { + const resp = await axios.get( + `${config.getRawConfig().managed?.endpoint}/api/v1/hybrid/traefik-config`, + await tokenManager.getAuthHeader() + ); + + if (resp.status !== 200) { + logger.error( + `Failed to fetch traefik config: ${resp.status} ${resp.statusText}`, + { responseData: resp.data } + ); + return null; + } + + traefikConfig = resp.data.data; + } else { + const currentExitNode = await getCurrentExitNodeId(); + traefikConfig = await getTraefikConfig( + currentExitNode, + config.getRawConfig().traefik.site_types + ); + } + + const domains = new Set(); + + if (traefikConfig?.http?.routers) { + for (const router of Object.values( + traefikConfig.http.routers + )) { + if (router.rule && typeof router.rule === "string") { + // Match Host(`domain`) + const match = router.rule.match(/Host\(`([^`]+)`\)/); + if (match && match[1]) { + domains.add(match[1]); + } + } + } + } + + // logger.debug( + // `Successfully retrieved traefik config: ${JSON.stringify(traefikConfig)}` + // ); + + const badgerMiddlewareName = "badger"; + if (traefikConfig?.http?.middlewares) { + traefikConfig.http.middlewares[badgerMiddlewareName] = { + plugin: { + [badgerMiddlewareName]: { + apiBaseUrl: new URL( + "/api/v1", + `http://${ + config.getRawConfig().server + .internal_hostname + }:${config.getRawConfig().server.internal_port}` + ).href, + userSessionCookieName: + config.getRawConfig().server + .session_cookie_name, + + // deprecated + accessTokenQueryParam: + config.getRawConfig().server + .resource_access_token_param, + + resourceSessionRequestParam: + config.getRawConfig().server + .resource_session_request_param + } + } + }; + } + + return { domains, traefikConfig }; + } catch (error) { + // pull data out of the axios error to log + if (axios.isAxiosError(error)) { + logger.error("Error fetching traefik config:", { + message: error.message, + code: error.code, + status: error.response?.status, + statusText: error.response?.statusText, + url: error.config?.url, + method: error.config?.method + }); + } else { + logger.error("Error fetching traefik config:", error); + } + return null; + } + } + + /** + * Write traefik config as YAML to a second dynamic config file if changed + */ + private async writeTraefikDynamicConfig(traefikConfig: any): Promise { + const traefikDynamicConfigPath = + config.getRawConfig().traefik.dynamic_router_config_path; + let shouldWrite = false; + let oldJson = ""; + if (fs.existsSync(traefikDynamicConfigPath)) { + try { + const oldContent = fs.readFileSync( + traefikDynamicConfigPath, + "utf8" + ); + // Try to parse as YAML then JSON.stringify for comparison + const oldObj = yaml.load(oldContent); + oldJson = JSON.stringify(oldObj); + } catch { + oldJson = ""; + } + } + const newJson = JSON.stringify(traefikConfig); + if (oldJson !== newJson) { + shouldWrite = true; + } + if (shouldWrite) { + try { + fs.writeFileSync( + traefikDynamicConfigPath, + yaml.dump(traefikConfig, { noRefs: true }), + "utf8" + ); + logger.info("Traefik dynamic config updated"); + } catch (err) { + logger.error("Failed to write traefik dynamic config:", err); + } + } + } + + /** + * Update dynamic config from existing local certificates without fetching from remote + */ + private async updateDynamicConfigFromLocalCerts( + domains: Set + ): Promise { + const dynamicConfigPath = + config.getRawConfig().traefik.dynamic_cert_config_path; + + // Load existing dynamic config if it exists, otherwise initialize + let dynamicConfig: any = { tls: { certificates: [] } }; + if (fs.existsSync(dynamicConfigPath)) { + try { + const fileContent = fs.readFileSync(dynamicConfigPath, "utf8"); + dynamicConfig = yaml.load(fileContent) || dynamicConfig; + if (!dynamicConfig.tls) + dynamicConfig.tls = { certificates: [] }; + if (!Array.isArray(dynamicConfig.tls.certificates)) { + dynamicConfig.tls.certificates = []; + } + } catch (err) { + logger.error("Failed to load existing dynamic config:", err); + } + } + + // Keep a copy of the original config for comparison + const originalConfigYaml = yaml.dump(dynamicConfig, { noRefs: true }); + + // Clear existing certificates and rebuild from local state + dynamicConfig.tls.certificates = []; + + // Keep track of certificates we've already added to avoid duplicates + const addedCertPaths = new Set(); + + for (const domain of domains) { + // First, try to find an exact match certificate + const localState = this.lastLocalCertificateState.get(domain); + if (localState && localState.exists) { + const domainDir = path.join( + config.getRawConfig().traefik.certificates_path, + domain + ); + const certPath = path.join(domainDir, "cert.pem"); + const keyPath = path.join(domainDir, "key.pem"); + + if (!addedCertPaths.has(certPath)) { + const certEntry = { + certFile: certPath, + keyFile: keyPath + }; + dynamicConfig.tls.certificates.push(certEntry); + addedCertPaths.add(certPath); + } + continue; + } + + // If no exact match, check for wildcard certificates that cover this domain + for (const [certDomain, certState] of this.lastLocalCertificateState) { + if (certState.exists && certState.wildcard) { + // Check if this wildcard certificate covers the domain + if (domain.endsWith("." + certDomain)) { + // Verify it's only one level deep (wildcard only covers one level) + const prefix = domain.substring( + 0, + domain.length - ("." + certDomain).length + ); + if (!prefix.includes(".")) { + const domainDir = path.join( + config.getRawConfig().traefik.certificates_path, + certDomain + ); + const certPath = path.join(domainDir, "cert.pem"); + const keyPath = path.join(domainDir, "key.pem"); + + if (!addedCertPaths.has(certPath)) { + const certEntry = { + certFile: certPath, + keyFile: keyPath + }; + dynamicConfig.tls.certificates.push(certEntry); + addedCertPaths.add(certPath); + } + break; // Found a wildcard that covers this domain + } + } + } + } + } + + // Only write the config if it has changed + const newConfigYaml = yaml.dump(dynamicConfig, { noRefs: true }); + if (newConfigYaml !== originalConfigYaml) { + fs.writeFileSync(dynamicConfigPath, newConfigYaml, "utf8"); + logger.info("Dynamic cert config updated from local certificates"); + } + } + + /** + * Process valid certificates - download and decrypt them + */ + private async processValidCertificates( + validCertificates: Array<{ + id: number; + domain: string; + wildcard: boolean | null; + certFile: string | null; + keyFile: string | null; + expiresAt: Date | null; + updatedAt?: Date | null; + }> + ): Promise { + const dynamicConfigPath = + config.getRawConfig().traefik.dynamic_cert_config_path; + + // Load existing dynamic config if it exists, otherwise initialize + let dynamicConfig: any = { tls: { certificates: [] } }; + if (fs.existsSync(dynamicConfigPath)) { + try { + const fileContent = fs.readFileSync(dynamicConfigPath, "utf8"); + dynamicConfig = yaml.load(fileContent) || dynamicConfig; + if (!dynamicConfig.tls) + dynamicConfig.tls = { certificates: [] }; + if (!Array.isArray(dynamicConfig.tls.certificates)) { + dynamicConfig.tls.certificates = []; + } + } catch (err) { + logger.error("Failed to load existing dynamic config:", err); + } + } + + // Keep a copy of the original config for comparison + const originalConfigYaml = yaml.dump(dynamicConfig, { noRefs: true }); + + for (const cert of validCertificates) { + try { + if (!cert.certFile || !cert.keyFile) { + logger.warn( + `Certificate for domain ${cert.domain} is missing cert or key file` + ); + continue; + } + + const domainDir = path.join( + config.getRawConfig().traefik.certificates_path, + cert.domain + ); + await this.ensureDirectoryExists(domainDir); + + const certPath = path.join(domainDir, "cert.pem"); + const keyPath = path.join(domainDir, "key.pem"); + const lastUpdatePath = path.join(domainDir, ".last_update"); + + // Check if we need to update the certificate + const shouldUpdate = await this.shouldUpdateCertificate( + cert, + certPath, + keyPath, + lastUpdatePath + ); + + if (shouldUpdate) { + logger.info( + `Processing certificate for domain: ${cert.domain}` + ); + + fs.writeFileSync(certPath, cert.certFile, "utf8"); + fs.writeFileSync(keyPath, cert.keyFile, "utf8"); + + // Set appropriate permissions (readable by owner only for key file) + fs.chmodSync(certPath, 0o644); + fs.chmodSync(keyPath, 0o600); + + // Write/update .last_update file with current timestamp + fs.writeFileSync( + lastUpdatePath, + new Date().toISOString(), + "utf8" + ); + + // Check if this is a wildcard certificate and store it + const wildcardPath = path.join(domainDir, ".wildcard"); + fs.writeFileSync( + wildcardPath, + cert.wildcard ? "true" : "false", + "utf8" + ); + + logger.info( + `Certificate updated for domain: ${cert.domain}${cert.wildcard ? " (wildcard)" : ""}` + ); + + // Update local state tracking + this.lastLocalCertificateState.set(cert.domain, { + exists: true, + lastModified: new Date(), + expiresAt: cert.expiresAt, + wildcard: cert.wildcard + }); + } + + // Always ensure the config entry exists and is up to date + const certEntry = { + certFile: certPath, + keyFile: keyPath + }; + // Remove any existing entry for this cert/key path + dynamicConfig.tls.certificates = + dynamicConfig.tls.certificates.filter( + (entry: any) => + entry.certFile !== certEntry.certFile || + entry.keyFile !== certEntry.keyFile + ); + dynamicConfig.tls.certificates.push(certEntry); + } catch (error) { + logger.error( + `Error processing certificate for domain ${cert.domain}:`, + error + ); + } + } + + // Only write the config if it has changed + const newConfigYaml = yaml.dump(dynamicConfig, { noRefs: true }); + if (newConfigYaml !== originalConfigYaml) { + fs.writeFileSync(dynamicConfigPath, newConfigYaml, "utf8"); + logger.info("Dynamic cert config updated"); + } + } + + /** + * Check if certificate should be updated + */ + private async shouldUpdateCertificate( + cert: { + id: number; + domain: string; + expiresAt: Date | null; + updatedAt?: Date | null; + }, + certPath: string, + keyPath: string, + lastUpdatePath: string + ): Promise { + try { + // If files don't exist, we need to create them + const certExists = await this.fileExists(certPath); + const keyExists = await this.fileExists(keyPath); + const lastUpdateExists = await this.fileExists(lastUpdatePath); + + if (!certExists || !keyExists || !lastUpdateExists) { + return true; + } + + // Read last update time from .last_update file + let lastUpdateTime: Date | null = null; + try { + const lastUpdateStr = fs + .readFileSync(lastUpdatePath, "utf8") + .trim(); + lastUpdateTime = new Date(lastUpdateStr); + } catch { + lastUpdateTime = null; + } + + // Use updatedAt from cert, fallback to expiresAt if not present + const dbUpdateTime = cert.updatedAt ?? cert.expiresAt; + + if (!dbUpdateTime) { + // If no update time in DB, always update + return true; + } + + // If DB updatedAt is newer than last update file, update + if (!lastUpdateTime || dbUpdateTime > lastUpdateTime) { + return true; + } + + return false; + } catch (error) { + logger.error( + `Error checking certificate update status for ${cert.domain}:`, + error + ); + return true; // When in doubt, update + } + } + + /** + * Clean up certificates for domains no longer in use + */ + private async cleanupUnusedCertificates( + currentActiveDomains: Set + ): Promise { + try { + const certsPath = config.getRawConfig().traefik.certificates_path; + const dynamicConfigPath = + config.getRawConfig().traefik.dynamic_cert_config_path; + + // Load existing dynamic config if it exists + let dynamicConfig: any = { tls: { certificates: [] } }; + if (fs.existsSync(dynamicConfigPath)) { + try { + const fileContent = fs.readFileSync( + dynamicConfigPath, + "utf8" + ); + dynamicConfig = yaml.load(fileContent) || dynamicConfig; + if (!dynamicConfig.tls) + dynamicConfig.tls = { certificates: [] }; + if (!Array.isArray(dynamicConfig.tls.certificates)) { + dynamicConfig.tls.certificates = []; + } + } catch (err) { + logger.error( + "Failed to load existing dynamic config:", + err + ); + } + } + + const certDirs = fs.readdirSync(certsPath, { + withFileTypes: true + }); + + let configChanged = false; + + for (const dirent of certDirs) { + if (!dirent.isDirectory()) continue; + + const dirName = dirent.name; + // Only delete if NO current domain is exactly the same or ends with `.${dirName}` + const shouldDelete = !Array.from(currentActiveDomains).some( + (domain) => + domain === dirName || domain.endsWith(`.${dirName}`) + ); + + if (shouldDelete) { + const domainDir = path.join(certsPath, dirName); + logger.info( + `Cleaning up unused certificate directory: ${dirName}` + ); + fs.rmSync(domainDir, { recursive: true, force: true }); + + // Remove from local state tracking + this.lastLocalCertificateState.delete(dirName); + + // Remove from dynamic config + const certFilePath = path.join(domainDir, "cert.pem"); + const keyFilePath = path.join(domainDir, "key.pem"); + const before = dynamicConfig.tls.certificates.length; + dynamicConfig.tls.certificates = + dynamicConfig.tls.certificates.filter( + (entry: any) => + entry.certFile !== certFilePath && + entry.keyFile !== keyFilePath + ); + if (dynamicConfig.tls.certificates.length !== before) { + configChanged = true; + } + } + } + + if (configChanged) { + try { + fs.writeFileSync( + dynamicConfigPath, + yaml.dump(dynamicConfig, { noRefs: true }), + "utf8" + ); + logger.info("Dynamic config updated after cleanup"); + } catch (err) { + logger.error( + "Failed to update dynamic config after cleanup:", + err + ); + } + } + } catch (error) { + logger.error("Error during certificate cleanup:", error); + } + } + + /** + * Ensure directory exists + */ + private async ensureDirectoryExists(dirPath: string): Promise { + try { + fs.mkdirSync(dirPath, { recursive: true }); + } catch (error) { + logger.error(`Error creating directory ${dirPath}:`, error); + throw error; + } + } + + /** + * Check if file exists + */ + private async fileExists(filePath: string): Promise { + try { + fs.accessSync(filePath); + return true; + } catch { + return false; + } + } + + /** + * Force a certificate refresh regardless of cache state + */ + public async forceCertificateRefresh(): Promise { + logger.info("Forcing certificate refresh"); + this.lastCertificateFetch = null; + this.lastKnownDomains = new Set(); + await this.HandleTraefikConfig(); + } + + /** + * Get current status + */ + getStatus(): { + isRunning: boolean; + activeDomains: string[]; + monitorInterval: number; + lastCertificateFetch: Date | null; + localCertificateCount: number; + wildcardCertificates: string[]; + domainsCoveredByWildcards: string[]; + } { + const wildcardCertificates: string[] = []; + const domainsCoveredByWildcards: string[] = []; + + // Find wildcard certificates + for (const [domain, state] of this.lastLocalCertificateState) { + if (state.exists && state.wildcard) { + wildcardCertificates.push(domain); + } + } + + // Find domains covered by wildcards + for (const domain of this.activeDomains) { + if (isDomainCoveredByWildcard(domain, this.lastLocalCertificateState)) { + domainsCoveredByWildcards.push(domain); + } + } + + return { + isRunning: this.isRunning, + activeDomains: Array.from(this.activeDomains), + monitorInterval: + config.getRawConfig().traefik.monitor_interval || 5000, + lastCertificateFetch: this.lastCertificateFetch, + localCertificateCount: this.lastLocalCertificateState.size, + wildcardCertificates, + domainsCoveredByWildcards + }; + } +} + +/** + * Check if a domain is covered by existing wildcard certificates + */ +export function isDomainCoveredByWildcard(domain: string, lastLocalCertificateState: Map): boolean { + for (const [certDomain, state] of lastLocalCertificateState) { + if (state.exists && state.wildcard) { + // If stored as example.com but is wildcard, check subdomains + if (domain.endsWith("." + certDomain)) { + // Check that it's only one level deep (wildcard only covers one level) + const prefix = domain.substring( + 0, + domain.length - ("." + certDomain).length + ); + // If prefix contains a dot, it's more than one level deep + if (!prefix.includes(".")) { + return true; + } + } + } + } + return false; +} diff --git a/server/lib/validators.ts b/server/lib/validators.ts index e33c9181..6c581e47 100644 --- a/server/lib/validators.ts +++ b/server/lib/validators.ts @@ -9,6 +9,10 @@ export function isValidIP(ip: string): boolean { } export function isValidUrlGlobPattern(pattern: string): boolean { + if (pattern === "/") { + return true; + } + // Remove leading slash if present pattern = pattern.startsWith("/") ? pattern.slice(1) : pattern; @@ -89,3 +93,1482 @@ export function isTargetValid(value: string | undefined) { return DOMAIN_REGEX.test(value); } + +export function isValidDomain(domain: string): boolean { + // Check overall length + if (domain.length > 253) return false; + + // Check for invalid characters or patterns + if ( + domain.startsWith(".") || + domain.endsWith(".") || + domain.includes("..") + ) { + return false; + } + + const labels = domain.split("."); + + // Must have at least 2 labels (domain + TLD) + if (labels.length < 2) return false; + + // Validate each label + for (const label of labels) { + if (label.length === 0 || label.length > 63) return false; + if (label.startsWith("-") || label.endsWith("-")) return false; + if (!/^[a-zA-Z0-9-]+$/.test(label)) return false; + } + + // TLD should be at least 2 characters and contain only letters + const tld = labels[labels.length - 1]; + if (tld.length < 2 || !/^[a-zA-Z]+$/.test(tld)) return false; + + // Check if TLD is in the list of valid TLDs + if (!validTlds.includes(tld.toUpperCase())) return false; + + return true; +} + +const validTlds = [ + "AAA", + "AARP", + "ABB", + "ABBOTT", + "ABBVIE", + "ABC", + "ABLE", + "ABOGADO", + "ABUDHABI", + "AC", + "ACADEMY", + "ACCENTURE", + "ACCOUNTANT", + "ACCOUNTANTS", + "ACO", + "ACTOR", + "AD", + "ADS", + "ADULT", + "AE", + "AEG", + "AERO", + "AETNA", + "AF", + "AFL", + "AFRICA", + "AG", + "AGAKHAN", + "AGENCY", + "AI", + "AIG", + "AIRBUS", + "AIRFORCE", + "AIRTEL", + "AKDN", + "AL", + "ALIBABA", + "ALIPAY", + "ALLFINANZ", + "ALLSTATE", + "ALLY", + "ALSACE", + "ALSTOM", + "AM", + "AMAZON", + "AMERICANEXPRESS", + "AMERICANFAMILY", + "AMEX", + "AMFAM", + "AMICA", + "AMSTERDAM", + "ANALYTICS", + "ANDROID", + "ANQUAN", + "ANZ", + "AO", + "AOL", + "APARTMENTS", + "APP", + "APPLE", + "AQ", + "AQUARELLE", + "AR", + "ARAB", + "ARAMCO", + "ARCHI", + "ARMY", + "ARPA", + "ART", + "ARTE", + "AS", + "ASDA", + "ASIA", + "ASSOCIATES", + "AT", + "ATHLETA", + "ATTORNEY", + "AU", + "AUCTION", + "AUDI", + "AUDIBLE", + "AUDIO", + "AUSPOST", + "AUTHOR", + "AUTO", + "AUTOS", + "AW", + "AWS", + "AX", + "AXA", + "AZ", + "AZURE", + "BA", + "BABY", + "BAIDU", + "BANAMEX", + "BAND", + "BANK", + "BAR", + "BARCELONA", + "BARCLAYCARD", + "BARCLAYS", + "BAREFOOT", + "BARGAINS", + "BASEBALL", + "BASKETBALL", + "BAUHAUS", + "BAYERN", + "BB", + "BBC", + "BBT", + "BBVA", + "BCG", + "BCN", + "BD", + "BE", + "BEATS", + "BEAUTY", + "BEER", + "BERLIN", + "BEST", + "BESTBUY", + "BET", + "BF", + "BG", + "BH", + "BHARTI", + "BI", + "BIBLE", + "BID", + "BIKE", + "BING", + "BINGO", + "BIO", + "BIZ", + "BJ", + "BLACK", + "BLACKFRIDAY", + "BLOCKBUSTER", + "BLOG", + "BLOOMBERG", + "BLUE", + "BM", + "BMS", + "BMW", + "BN", + "BNPPARIBAS", + "BO", + "BOATS", + "BOEHRINGER", + "BOFA", + "BOM", + "BOND", + "BOO", + "BOOK", + "BOOKING", + "BOSCH", + "BOSTIK", + "BOSTON", + "BOT", + "BOUTIQUE", + "BOX", + "BR", + "BRADESCO", + "BRIDGESTONE", + "BROADWAY", + "BROKER", + "BROTHER", + "BRUSSELS", + "BS", + "BT", + "BUILD", + "BUILDERS", + "BUSINESS", + "BUY", + "BUZZ", + "BV", + "BW", + "BY", + "BZ", + "BZH", + "CA", + "CAB", + "CAFE", + "CAL", + "CALL", + "CALVINKLEIN", + "CAM", + "CAMERA", + "CAMP", + "CANON", + "CAPETOWN", + "CAPITAL", + "CAPITALONE", + "CAR", + "CARAVAN", + "CARDS", + "CARE", + "CAREER", + "CAREERS", + "CARS", + "CASA", + "CASE", + "CASH", + "CASINO", + "CAT", + "CATERING", + "CATHOLIC", + "CBA", + "CBN", + "CBRE", + "CC", + "CD", + "CENTER", + "CEO", + "CERN", + "CF", + "CFA", + "CFD", + "CG", + "CH", + "CHANEL", + "CHANNEL", + "CHARITY", + "CHASE", + "CHAT", + "CHEAP", + "CHINTAI", + "CHRISTMAS", + "CHROME", + "CHURCH", + "CI", + "CIPRIANI", + "CIRCLE", + "CISCO", + "CITADEL", + "CITI", + "CITIC", + "CITY", + "CK", + "CL", + "CLAIMS", + "CLEANING", + "CLICK", + "CLINIC", + "CLINIQUE", + "CLOTHING", + "CLOUD", + "CLUB", + "CLUBMED", + "CM", + "CN", + "CO", + "COACH", + "CODES", + "COFFEE", + "COLLEGE", + "COLOGNE", + "COM", + "COMMBANK", + "COMMUNITY", + "COMPANY", + "COMPARE", + "COMPUTER", + "COMSEC", + "CONDOS", + "CONSTRUCTION", + "CONSULTING", + "CONTACT", + "CONTRACTORS", + "COOKING", + "COOL", + "COOP", + "CORSICA", + "COUNTRY", + "COUPON", + "COUPONS", + "COURSES", + "CPA", + "CR", + "CREDIT", + "CREDITCARD", + "CREDITUNION", + "CRICKET", + "CROWN", + "CRS", + "CRUISE", + "CRUISES", + "CU", + "CUISINELLA", + "CV", + "CW", + "CX", + "CY", + "CYMRU", + "CYOU", + "CZ", + "DAD", + "DANCE", + "DATA", + "DATE", + "DATING", + "DATSUN", + "DAY", + "DCLK", + "DDS", + "DE", + "DEAL", + "DEALER", + "DEALS", + "DEGREE", + "DELIVERY", + "DELL", + "DELOITTE", + "DELTA", + "DEMOCRAT", + "DENTAL", + "DENTIST", + "DESI", + "DESIGN", + "DEV", + "DHL", + "DIAMONDS", + "DIET", + "DIGITAL", + "DIRECT", + "DIRECTORY", + "DISCOUNT", + "DISCOVER", + "DISH", + "DIY", + "DJ", + "DK", + "DM", + "DNP", + "DO", + "DOCS", + "DOCTOR", + "DOG", + "DOMAINS", + "DOT", + "DOWNLOAD", + "DRIVE", + "DTV", + "DUBAI", + "DUNLOP", + "DUPONT", + "DURBAN", + "DVAG", + "DVR", + "DZ", + "EARTH", + "EAT", + "EC", + "ECO", + "EDEKA", + "EDU", + "EDUCATION", + "EE", + "EG", + "EMAIL", + "EMERCK", + "ENERGY", + "ENGINEER", + "ENGINEERING", + "ENTERPRISES", + "EPSON", + "EQUIPMENT", + "ER", + "ERICSSON", + "ERNI", + "ES", + "ESQ", + "ESTATE", + "ET", + "EU", + "EUROVISION", + "EUS", + "EVENTS", + "EXCHANGE", + "EXPERT", + "EXPOSED", + "EXPRESS", + "EXTRASPACE", + "FAGE", + "FAIL", + "FAIRWINDS", + "FAITH", + "FAMILY", + "FAN", + "FANS", + "FARM", + "FARMERS", + "FASHION", + "FAST", + "FEDEX", + "FEEDBACK", + "FERRARI", + "FERRERO", + "FI", + "FIDELITY", + "FIDO", + "FILM", + "FINAL", + "FINANCE", + "FINANCIAL", + "FIRE", + "FIRESTONE", + "FIRMDALE", + "FISH", + "FISHING", + "FIT", + "FITNESS", + "FJ", + "FK", + "FLICKR", + "FLIGHTS", + "FLIR", + "FLORIST", + "FLOWERS", + "FLY", + "FM", + "FO", + "FOO", + "FOOD", + "FOOTBALL", + "FORD", + "FOREX", + "FORSALE", + "FORUM", + "FOUNDATION", + "FOX", + "FR", + "FREE", + "FRESENIUS", + "FRL", + "FROGANS", + "FRONTIER", + "FTR", + "FUJITSU", + "FUN", + "FUND", + "FURNITURE", + "FUTBOL", + "FYI", + "GA", + "GAL", + "GALLERY", + "GALLO", + "GALLUP", + "GAME", + "GAMES", + "GAP", + "GARDEN", + "GAY", + "GB", + "GBIZ", + "GD", + "GDN", + "GE", + "GEA", + "GENT", + "GENTING", + "GEORGE", + "GF", + "GG", + "GGEE", + "GH", + "GI", + "GIFT", + "GIFTS", + "GIVES", + "GIVING", + "GL", + "GLASS", + "GLE", + "GLOBAL", + "GLOBO", + "GM", + "GMAIL", + "GMBH", + "GMO", + "GMX", + "GN", + "GODADDY", + "GOLD", + "GOLDPOINT", + "GOLF", + "GOO", + "GOODYEAR", + "GOOG", + "GOOGLE", + "GOP", + "GOT", + "GOV", + "GP", + "GQ", + "GR", + "GRAINGER", + "GRAPHICS", + "GRATIS", + "GREEN", + "GRIPE", + "GROCERY", + "GROUP", + "GS", + "GT", + "GU", + "GUCCI", + "GUGE", + "GUIDE", + "GUITARS", + "GURU", + "GW", + "GY", + "HAIR", + "HAMBURG", + "HANGOUT", + "HAUS", + "HBO", + "HDFC", + "HDFCBANK", + "HEALTH", + "HEALTHCARE", + "HELP", + "HELSINKI", + "HERE", + "HERMES", + "HIPHOP", + "HISAMITSU", + "HITACHI", + "HIV", + "HK", + "HKT", + "HM", + "HN", + "HOCKEY", + "HOLDINGS", + "HOLIDAY", + "HOMEDEPOT", + "HOMEGOODS", + "HOMES", + "HOMESENSE", + "HONDA", + "HORSE", + "HOSPITAL", + "HOST", + "HOSTING", + "HOT", + "HOTELS", + "HOTMAIL", + "HOUSE", + "HOW", + "HR", + "HSBC", + "HT", + "HU", + "HUGHES", + "HYATT", + "HYUNDAI", + "IBM", + "ICBC", + "ICE", + "ICU", + "ID", + "IE", + "IEEE", + "IFM", + "IKANO", + "IL", + "IM", + "IMAMAT", + "IMDB", + "IMMO", + "IMMOBILIEN", + "IN", + "INC", + "INDUSTRIES", + "INFINITI", + "INFO", + "ING", + "INK", + "INSTITUTE", + "INSURANCE", + "INSURE", + "INT", + "INTERNATIONAL", + "INTUIT", + "INVESTMENTS", + "IO", + "IPIRANGA", + "IQ", + "IR", + "IRISH", + "IS", + "ISMAILI", + "IST", + "ISTANBUL", + "IT", + "ITAU", + "ITV", + "JAGUAR", + "JAVA", + "JCB", + "JE", + "JEEP", + "JETZT", + "JEWELRY", + "JIO", + "JLL", + "JM", + "JMP", + "JNJ", + "JO", + "JOBS", + "JOBURG", + "JOT", + "JOY", + "JP", + "JPMORGAN", + "JPRS", + "JUEGOS", + "JUNIPER", + "KAUFEN", + "KDDI", + "KE", + "KERRYHOTELS", + "KERRYPROPERTIES", + "KFH", + "KG", + "KH", + "KI", + "KIA", + "KIDS", + "KIM", + "KINDLE", + "KITCHEN", + "KIWI", + "KM", + "KN", + "KOELN", + "KOMATSU", + "KOSHER", + "KP", + "KPMG", + "KPN", + "KR", + "KRD", + "KRED", + "KUOKGROUP", + "KW", + "KY", + "KYOTO", + "KZ", + "LA", + "LACAIXA", + "LAMBORGHINI", + "LAMER", + "LAND", + "LANDROVER", + "LANXESS", + "LASALLE", + "LAT", + "LATINO", + "LATROBE", + "LAW", + "LAWYER", + "LB", + "LC", + "LDS", + "LEASE", + "LECLERC", + "LEFRAK", + "LEGAL", + "LEGO", + "LEXUS", + "LGBT", + "LI", + "LIDL", + "LIFE", + "LIFEINSURANCE", + "LIFESTYLE", + "LIGHTING", + "LIKE", + "LILLY", + "LIMITED", + "LIMO", + "LINCOLN", + "LINK", + "LIVE", + "LIVING", + "LK", + "LLC", + "LLP", + "LOAN", + "LOANS", + "LOCKER", + "LOCUS", + "LOL", + "LONDON", + "LOTTE", + "LOTTO", + "LOVE", + "LPL", + "LPLFINANCIAL", + "LR", + "LS", + "LT", + "LTD", + "LTDA", + "LU", + "LUNDBECK", + "LUXE", + "LUXURY", + "LV", + "LY", + "MA", + "MADRID", + "MAIF", + "MAISON", + "MAKEUP", + "MAN", + "MANAGEMENT", + "MANGO", + "MAP", + "MARKET", + "MARKETING", + "MARKETS", + "MARRIOTT", + "MARSHALLS", + "MATTEL", + "MBA", + "MC", + "MCKINSEY", + "MD", + "ME", + "MED", + "MEDIA", + "MEET", + "MELBOURNE", + "MEME", + "MEMORIAL", + "MEN", + "MENU", + "MERCKMSD", + "MG", + "MH", + "MIAMI", + "MICROSOFT", + "MIL", + "MINI", + "MINT", + "MIT", + "MITSUBISHI", + "MK", + "ML", + "MLB", + "MLS", + "MM", + "MMA", + "MN", + "MO", + "MOBI", + "MOBILE", + "MODA", + "MOE", + "MOI", + "MOM", + "MONASH", + "MONEY", + "MONSTER", + "MORMON", + "MORTGAGE", + "MOSCOW", + "MOTO", + "MOTORCYCLES", + "MOV", + "MOVIE", + "MP", + "MQ", + "MR", + "MS", + "MSD", + "MT", + "MTN", + "MTR", + "MU", + "MUSEUM", + "MUSIC", + "MV", + "MW", + "MX", + "MY", + "MZ", + "NA", + "NAB", + "NAGOYA", + "NAME", + "NAVY", + "NBA", + "NC", + "NE", + "NEC", + "NET", + "NETBANK", + "NETFLIX", + "NETWORK", + "NEUSTAR", + "NEW", + "NEWS", + "NEXT", + "NEXTDIRECT", + "NEXUS", + "NF", + "NFL", + "NG", + "NGO", + "NHK", + "NI", + "NICO", + "NIKE", + "NIKON", + "NINJA", + "NISSAN", + "NISSAY", + "NL", + "NO", + "NOKIA", + "NORTON", + "NOW", + "NOWRUZ", + "NOWTV", + "NP", + "NR", + "NRA", + "NRW", + "NTT", + "NU", + "NYC", + "NZ", + "OBI", + "OBSERVER", + "OFFICE", + "OKINAWA", + "OLAYAN", + "OLAYANGROUP", + "OLLO", + "OM", + "OMEGA", + "ONE", + "ONG", + "ONL", + "ONLINE", + "OOO", + "OPEN", + "ORACLE", + "ORANGE", + "ORG", + "ORGANIC", + "ORIGINS", + "OSAKA", + "OTSUKA", + "OTT", + "OVH", + "PA", + "PAGE", + "PANASONIC", + "PARIS", + "PARS", + "PARTNERS", + "PARTS", + "PARTY", + "PAY", + "PCCW", + "PE", + "PET", + "PF", + "PFIZER", + "PG", + "PH", + "PHARMACY", + "PHD", + "PHILIPS", + "PHONE", + "PHOTO", + "PHOTOGRAPHY", + "PHOTOS", + "PHYSIO", + "PICS", + "PICTET", + "PICTURES", + "PID", + "PIN", + "PING", + "PINK", + "PIONEER", + "PIZZA", + "PK", + "PL", + "PLACE", + "PLAY", + "PLAYSTATION", + "PLUMBING", + "PLUS", + "PM", + "PN", + "PNC", + "POHL", + "POKER", + "POLITIE", + "PORN", + "POST", + "PR", + "PRAXI", + "PRESS", + "PRIME", + "PRO", + "PROD", + "PRODUCTIONS", + "PROF", + "PROGRESSIVE", + "PROMO", + "PROPERTIES", + "PROPERTY", + "PROTECTION", + "PRU", + "PRUDENTIAL", + "PS", + "PT", + "PUB", + "PW", + "PWC", + "PY", + "QA", + "QPON", + "QUEBEC", + "QUEST", + "RACING", + "RADIO", + "RE", + "READ", + "REALESTATE", + "REALTOR", + "REALTY", + "RECIPES", + "RED", + "REDSTONE", + "REDUMBRELLA", + "REHAB", + "REISE", + "REISEN", + "REIT", + "RELIANCE", + "REN", + "RENT", + "RENTALS", + "REPAIR", + "REPORT", + "REPUBLICAN", + "REST", + "RESTAURANT", + "REVIEW", + "REVIEWS", + "REXROTH", + "RICH", + "RICHARDLI", + "RICOH", + "RIL", + "RIO", + "RIP", + "RO", + "ROCKS", + "RODEO", + "ROGERS", + "ROOM", + "RS", + "RSVP", + "RU", + "RUGBY", + "RUHR", + "RUN", + "RW", + "RWE", + "RYUKYU", + "SA", + "SAARLAND", + "SAFE", + "SAFETY", + "SAKURA", + "SALE", + "SALON", + "SAMSCLUB", + "SAMSUNG", + "SANDVIK", + "SANDVIKCOROMANT", + "SANOFI", + "SAP", + "SARL", + "SAS", + "SAVE", + "SAXO", + "SB", + "SBI", + "SBS", + "SC", + "SCB", + "SCHAEFFLER", + "SCHMIDT", + "SCHOLARSHIPS", + "SCHOOL", + "SCHULE", + "SCHWARZ", + "SCIENCE", + "SCOT", + "SD", + "SE", + "SEARCH", + "SEAT", + "SECURE", + "SECURITY", + "SEEK", + "SELECT", + "SENER", + "SERVICES", + "SEVEN", + "SEW", + "SEX", + "SEXY", + "SFR", + "SG", + "SH", + "SHANGRILA", + "SHARP", + "SHELL", + "SHIA", + "SHIKSHA", + "SHOES", + "SHOP", + "SHOPPING", + "SHOUJI", + "SHOW", + "SI", + "SILK", + "SINA", + "SINGLES", + "SITE", + "SJ", + "SK", + "SKI", + "SKIN", + "SKY", + "SKYPE", + "SL", + "SLING", + "SM", + "SMART", + "SMILE", + "SN", + "SNCF", + "SO", + "SOCCER", + "SOCIAL", + "SOFTBANK", + "SOFTWARE", + "SOHU", + "SOLAR", + "SOLUTIONS", + "SONG", + "SONY", + "SOY", + "SPA", + "SPACE", + "SPORT", + "SPOT", + "SR", + "SRL", + "SS", + "ST", + "STADA", + "STAPLES", + "STAR", + "STATEBANK", + "STATEFARM", + "STC", + "STCGROUP", + "STOCKHOLM", + "STORAGE", + "STORE", + "STREAM", + "STUDIO", + "STUDY", + "STYLE", + "SU", + "SUCKS", + "SUPPLIES", + "SUPPLY", + "SUPPORT", + "SURF", + "SURGERY", + "SUZUKI", + "SV", + "SWATCH", + "SWISS", + "SX", + "SY", + "SYDNEY", + "SYSTEMS", + "SZ", + "TAB", + "TAIPEI", + "TALK", + "TAOBAO", + "TARGET", + "TATAMOTORS", + "TATAR", + "TATTOO", + "TAX", + "TAXI", + "TC", + "TCI", + "TD", + "TDK", + "TEAM", + "TECH", + "TECHNOLOGY", + "TEL", + "TEMASEK", + "TENNIS", + "TEVA", + "TF", + "TG", + "TH", + "THD", + "THEATER", + "THEATRE", + "TIAA", + "TICKETS", + "TIENDA", + "TIPS", + "TIRES", + "TIROL", + "TJ", + "TJMAXX", + "TJX", + "TK", + "TKMAXX", + "TL", + "TM", + "TMALL", + "TN", + "TO", + "TODAY", + "TOKYO", + "TOOLS", + "TOP", + "TORAY", + "TOSHIBA", + "TOTAL", + "TOURS", + "TOWN", + "TOYOTA", + "TOYS", + "TR", + "TRADE", + "TRADING", + "TRAINING", + "TRAVEL", + "TRAVELERS", + "TRAVELERSINSURANCE", + "TRUST", + "TRV", + "TT", + "TUBE", + "TUI", + "TUNES", + "TUSHU", + "TV", + "TVS", + "TW", + "TZ", + "UA", + "UBANK", + "UBS", + "UG", + "UK", + "UNICOM", + "UNIVERSITY", + "UNO", + "UOL", + "UPS", + "US", + "UY", + "UZ", + "VA", + "VACATIONS", + "VANA", + "VANGUARD", + "VC", + "VE", + "VEGAS", + "VENTURES", + "VERISIGN", + "VERSICHERUNG", + "VET", + "VG", + "VI", + "VIAJES", + "VIDEO", + "VIG", + "VIKING", + "VILLAS", + "VIN", + "VIP", + "VIRGIN", + "VISA", + "VISION", + "VIVA", + "VIVO", + "VLAANDEREN", + "VN", + "VODKA", + "VOLVO", + "VOTE", + "VOTING", + "VOTO", + "VOYAGE", + "VU", + "WALES", + "WALMART", + "WALTER", + "WANG", + "WANGGOU", + "WATCH", + "WATCHES", + "WEATHER", + "WEATHERCHANNEL", + "WEBCAM", + "WEBER", + "WEBSITE", + "WED", + "WEDDING", + "WEIBO", + "WEIR", + "WF", + "WHOSWHO", + "WIEN", + "WIKI", + "WILLIAMHILL", + "WIN", + "WINDOWS", + "WINE", + "WINNERS", + "WME", + "WOLTERSKLUWER", + "WOODSIDE", + "WORK", + "WORKS", + "WORLD", + "WOW", + "WS", + "WTC", + "WTF", + "XBOX", + "XEROX", + "XIHUAN", + "XIN", + "XN--11B4C3D", + "XN--1CK2E1B", + "XN--1QQW23A", + "XN--2SCRJ9C", + "XN--30RR7Y", + "XN--3BST00M", + "XN--3DS443G", + "XN--3E0B707E", + "XN--3HCRJ9C", + "XN--3PXU8K", + "XN--42C2D9A", + "XN--45BR5CYL", + "XN--45BRJ9C", + "XN--45Q11C", + "XN--4DBRK0CE", + "XN--4GBRIM", + "XN--54B7FTA0CC", + "XN--55QW42G", + "XN--55QX5D", + "XN--5SU34J936BGSG", + "XN--5TZM5G", + "XN--6FRZ82G", + "XN--6QQ986B3XL", + "XN--80ADXHKS", + "XN--80AO21A", + "XN--80AQECDR1A", + "XN--80ASEHDB", + "XN--80ASWG", + "XN--8Y0A063A", + "XN--90A3AC", + "XN--90AE", + "XN--90AIS", + "XN--9DBQ2A", + "XN--9ET52U", + "XN--9KRT00A", + "XN--B4W605FERD", + "XN--BCK1B9A5DRE4C", + "XN--C1AVG", + "XN--C2BR7G", + "XN--CCK2B3B", + "XN--CCKWCXETD", + "XN--CG4BKI", + "XN--CLCHC0EA0B2G2A9GCD", + "XN--CZR694B", + "XN--CZRS0T", + "XN--CZRU2D", + "XN--D1ACJ3B", + "XN--D1ALF", + "XN--E1A4C", + "XN--ECKVDTC9D", + "XN--EFVY88H", + "XN--FCT429K", + "XN--FHBEI", + "XN--FIQ228C5HS", + "XN--FIQ64B", + "XN--FIQS8S", + "XN--FIQZ9S", + "XN--FJQ720A", + "XN--FLW351E", + "XN--FPCRJ9C3D", + "XN--FZC2C9E2C", + "XN--FZYS8D69UVGM", + "XN--G2XX48C", + "XN--GCKR3F0F", + "XN--GECRJ9C", + "XN--GK3AT1E", + "XN--H2BREG3EVE", + "XN--H2BRJ9C", + "XN--H2BRJ9C8C", + "XN--HXT814E", + "XN--I1B6B1A6A2E", + "XN--IMR513N", + "XN--IO0A7I", + "XN--J1AEF", + "XN--J1AMH", + "XN--J6W193G", + "XN--JLQ480N2RG", + "XN--JVR189M", + "XN--KCRX77D1X4A", + "XN--KPRW13D", + "XN--KPRY57D", + "XN--KPUT3I", + "XN--L1ACC", + "XN--LGBBAT1AD8J", + "XN--MGB9AWBF", + "XN--MGBA3A3EJT", + "XN--MGBA3A4F16A", + "XN--MGBA7C0BBN0A", + "XN--MGBAAM7A8H", + "XN--MGBAB2BD", + "XN--MGBAH1A3HJKRD", + "XN--MGBAI9AZGQP6J", + "XN--MGBAYH7GPA", + "XN--MGBBH1A", + "XN--MGBBH1A71E", + "XN--MGBC0A9AZCG", + "XN--MGBCA7DZDO", + "XN--MGBCPQ6GPA1A", + "XN--MGBERP4A5D4AR", + "XN--MGBGU82A", + "XN--MGBI4ECEXP", + "XN--MGBPL2FH", + "XN--MGBT3DHD", + "XN--MGBTX2B", + "XN--MGBX4CD0AB", + "XN--MIX891F", + "XN--MK1BU44C", + "XN--MXTQ1M", + "XN--NGBC5AZD", + "XN--NGBE9E0A", + "XN--NGBRX", + "XN--NODE", + "XN--NQV7F", + "XN--NQV7FS00EMA", + "XN--NYQY26A", + "XN--O3CW4H", + "XN--OGBPF8FL", + "XN--OTU796D", + "XN--P1ACF", + "XN--P1AI", + "XN--PGBS0DH", + "XN--PSSY2U", + "XN--Q7CE6A", + "XN--Q9JYB4C", + "XN--QCKA1PMC", + "XN--QXA6A", + "XN--QXAM", + "XN--RHQV96G", + "XN--ROVU88B", + "XN--RVC1E0AM3E", + "XN--S9BRJ9C", + "XN--SES554G", + "XN--T60B56A", + "XN--TCKWE", + "XN--TIQ49XQYJ", + "XN--UNUP4Y", + "XN--VERMGENSBERATER-CTB", + "XN--VERMGENSBERATUNG-PWB", + "XN--VHQUV", + "XN--VUQ861B", + "XN--W4R85EL8FHU5DNRA", + "XN--W4RS40L", + "XN--WGBH1C", + "XN--WGBL6A", + "XN--XHQ521B", + "XN--XKC2AL3HYE2A", + "XN--XKC2DL3A5EE0H", + "XN--Y9A3AQ", + "XN--YFRO4I67O", + "XN--YGBI2AMMX", + "XN--ZFR164B", + "XXX", + "XYZ", + "YACHTS", + "YAHOO", + "YAMAXUN", + "YANDEX", + "YE", + "YODOBASHI", + "YOGA", + "YOKOHAMA", + "YOU", + "YOUTUBE", + "YT", + "YUN", + "ZA", + "ZAPPOS", + "ZARA", + "ZERO", + "ZIP", + "ZM", + "ZONE", + "ZUERICH", + "ZW", + "" +]; diff --git a/server/middlewares/getUserOrgs.ts b/server/middlewares/getUserOrgs.ts index 7d5c08f7..449690f5 100644 --- a/server/middlewares/getUserOrgs.ts +++ b/server/middlewares/getUserOrgs.ts @@ -1,6 +1,5 @@ import { Request, Response, NextFunction } from "express"; -import { db } from "@server/db"; -import { userOrgs, orgs } from "@server/db/schemas"; +import { db, userOrgs } from "@server/db"; import { eq } from "drizzle-orm"; import createHttpError from "http-errors"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/middlewares/index.ts b/server/middlewares/index.ts index 6dbdcd6f..629cafe9 100644 --- a/server/middlewares/index.ts +++ b/server/middlewares/index.ts @@ -1,5 +1,4 @@ export * from "./notFound"; -export * from "./rateLimit"; export * from "./formatError"; export * from "./verifySession"; export * from "./verifyUser"; @@ -14,8 +13,17 @@ export * from "./verifyAdmin"; export * from "./verifySetResourceUsers"; export * from "./verifyUserInRole"; export * from "./verifyAccessTokenAccess"; +export * from "./requestTimeout"; +export * from "./verifyClientAccess"; +export * from "./verifyUserHasAction"; export * from "./verifyUserIsServerAdmin"; export * from "./verifyIsLoggedInUser"; -// export * from "./integration"; +export * from "./verifyIsLoggedInUser"; +export * from "./verifyClientAccess"; +export * from "./integration"; export * from "./verifyUserHasAction"; -// export * from "./verifyApiKeyAccess"; +export * from "./verifyApiKeyAccess"; +export * from "./verifyDomainAccess"; +export * from "./verifyClientsEnabled"; +export * from "./verifyUserIsOrgOwner"; +export * from "./verifySiteResourceAccess"; diff --git a/server/middlewares/integration/index.ts b/server/middlewares/integration/index.ts new file mode 100644 index 00000000..747cddee --- /dev/null +++ b/server/middlewares/integration/index.ts @@ -0,0 +1,14 @@ +export * from "./verifyApiKey"; +export * from "./verifyApiKeyOrgAccess"; +export * from "./verifyApiKeyHasAction"; +export * from "./verifyApiKeySiteAccess"; +export * from "./verifyApiKeyResourceAccess"; +export * from "./verifyApiKeyTargetAccess"; +export * from "./verifyApiKeyRoleAccess"; +export * from "./verifyApiKeyUserAccess"; +export * from "./verifyApiKeySetResourceUsers"; +export * from "./verifyAccessTokenAccess"; +export * from "./verifyApiKeyIsRoot"; +export * from "./verifyApiKeyApiKeyAccess"; +export * from "./verifyApiKeyClientAccess"; +export * from "./verifyApiKeySiteResourceAccess"; \ No newline at end of file diff --git a/server/middlewares/integration/verifyAccessTokenAccess.ts b/server/middlewares/integration/verifyAccessTokenAccess.ts new file mode 100644 index 00000000..f5ae8746 --- /dev/null +++ b/server/middlewares/integration/verifyAccessTokenAccess.ts @@ -0,0 +1,110 @@ +import { Request, Response, NextFunction } from "express"; +import { db } from "@server/db"; +import { resourceAccessToken, resources, apiKeyOrg } from "@server/db"; +import { and, eq } from "drizzle-orm"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; + +export async function verifyApiKeyAccessTokenAccess( + req: Request, + res: Response, + next: NextFunction +) { + try { + const apiKey = req.apiKey; + const accessTokenId = req.params.accessTokenId; + + if (!apiKey) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "Key not authenticated") + ); + } + + const [accessToken] = await db + .select() + .from(resourceAccessToken) + .where(eq(resourceAccessToken.accessTokenId, accessTokenId)) + .limit(1); + + if (!accessToken) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `Access token with ID ${accessTokenId} not found` + ) + ); + } + + const resourceId = accessToken.resourceId; + + if (!resourceId) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + `Access token with ID ${accessTokenId} does not have a resource ID` + ) + ); + } + + const [resource] = await db + .select() + .from(resources) + .where(eq(resources.resourceId, resourceId)) + .limit(1); + + if (!resource) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `Resource with ID ${resourceId} not found` + ) + ); + } + + if (!resource.orgId) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + `Resource with ID ${resourceId} does not have an organization ID` + ) + ); + } + + // Verify that the API key is linked to the resource's organization + if (!req.apiKeyOrg) { + const apiKeyOrgResult = await db + .select() + .from(apiKeyOrg) + .where( + and( + eq(apiKeyOrg.apiKeyId, apiKey.apiKeyId), + eq(apiKeyOrg.orgId, resource.orgId) + ) + ) + .limit(1); + + if (apiKeyOrgResult.length > 0) { + req.apiKeyOrg = apiKeyOrgResult[0]; + } + } + + if (!req.apiKeyOrg) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "Key does not have access to this organization" + ) + ); + } + + + return next(); + } catch (e) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error verifying access token access" + ) + ); + } +} diff --git a/server/middlewares/integration/verifyApiKey.ts b/server/middlewares/integration/verifyApiKey.ts new file mode 100644 index 00000000..719b609f --- /dev/null +++ b/server/middlewares/integration/verifyApiKey.ts @@ -0,0 +1,60 @@ +import { verifyPassword } from "@server/auth/password"; +import { db } from "@server/db"; +import { apiKeys } from "@server/db"; +import logger from "@server/logger"; +import HttpCode from "@server/types/HttpCode"; +import { eq } from "drizzle-orm"; +import { Request, Response, NextFunction } from "express"; +import createHttpError from "http-errors"; + +export async function verifyApiKey( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const authHeader = req.headers["authorization"]; + + if (!authHeader || !authHeader.startsWith("Bearer ")) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "API key required") + ); + } + + const key = authHeader.split(" ")[1]; // Get the token part after "Bearer" + const [apiKeyId, apiKeySecret] = key.split("."); + + const [apiKey] = await db + .select() + .from(apiKeys) + .where(eq(apiKeys.apiKeyId, apiKeyId)) + .limit(1); + + if (!apiKey) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "Invalid API key") + ); + } + + const secretHash = apiKey.apiKeyHash; + const valid = await verifyPassword(apiKeySecret, secretHash); + + if (!valid) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "Invalid API key") + ); + } + + req.apiKey = apiKey; + + return next(); + } catch (error) { + logger.error(error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "An error occurred checking API key" + ) + ); + } +} diff --git a/server/middlewares/integration/verifyApiKeyApiKeyAccess.ts b/server/middlewares/integration/verifyApiKeyApiKeyAccess.ts new file mode 100644 index 00000000..ad5b7fc4 --- /dev/null +++ b/server/middlewares/integration/verifyApiKeyApiKeyAccess.ts @@ -0,0 +1,86 @@ +import { Request, Response, NextFunction } from "express"; +import { db } from "@server/db"; +import { apiKeys, apiKeyOrg } from "@server/db"; +import { and, eq, or } from "drizzle-orm"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; + +export async function verifyApiKeyApiKeyAccess( + req: Request, + res: Response, + next: NextFunction +) { + try { + const {apiKey: callerApiKey } = req; + + const apiKeyId = + req.params.apiKeyId || req.body.apiKeyId || req.query.apiKeyId; + const orgId = req.params.orgId; + + if (!callerApiKey) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "Key not authenticated") + ); + } + + if (!orgId) { + return next( + createHttpError(HttpCode.BAD_REQUEST, "Invalid organization ID") + ); + } + + if (!apiKeyId) { + return next( + createHttpError(HttpCode.BAD_REQUEST, "Invalid key ID") + ); + } + + if (callerApiKey.isRoot) { + // Root keys can access any key in any org + return next(); + } + + const [callerApiKeyOrg] = await db + .select() + .from(apiKeyOrg) + .where( + and(eq(apiKeys.apiKeyId, callerApiKey.apiKeyId), eq(apiKeyOrg.orgId, orgId)) + ) + .limit(1); + + if (!callerApiKeyOrg) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + `API key with ID ${apiKeyId} does not have an organization ID` + ) + ); + } + + const [otherApiKeyOrg] = await db + .select() + .from(apiKeyOrg) + .where( + and(eq(apiKeys.apiKeyId, apiKeyId), eq(apiKeyOrg.orgId, orgId)) + ) + .limit(1); + + if (!otherApiKeyOrg) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + `API key with ID ${apiKeyId} does not have access to organization with ID ${orgId}` + ) + ); + } + + return next(); + } catch (error) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error verifying key access" + ) + ); + } +} diff --git a/server/middlewares/integration/verifyApiKeyClientAccess.ts b/server/middlewares/integration/verifyApiKeyClientAccess.ts new file mode 100644 index 00000000..e5ed624d --- /dev/null +++ b/server/middlewares/integration/verifyApiKeyClientAccess.ts @@ -0,0 +1,91 @@ +import { Request, Response, NextFunction } from "express"; +import { clients, db } from "@server/db"; +import { apiKeyOrg } from "@server/db"; +import { and, eq } from "drizzle-orm"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; + +export async function verifyApiKeyClientAccess( + req: Request, + res: Response, + next: NextFunction +) { + try { + const apiKey = req.apiKey; + const clientId = parseInt( + req.params.clientId || req.body.clientId || req.query.clientId + ); + + if (!apiKey) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "Key not authenticated") + ); + } + + if (isNaN(clientId)) { + return next( + createHttpError(HttpCode.BAD_REQUEST, "Invalid client ID") + ); + } + + if (apiKey.isRoot) { + // Root keys can access any key in any org + return next(); + } + + const client = await db + .select() + .from(clients) + .where(eq(clients.clientId, clientId)) + .limit(1); + + if (client.length === 0) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `Client with ID ${clientId} not found` + ) + ); + } + + if (!client[0].orgId) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + `Client with ID ${clientId} does not have an organization ID` + ) + ); + } + + if (!req.apiKeyOrg) { + const apiKeyOrgRes = await db + .select() + .from(apiKeyOrg) + .where( + and( + eq(apiKeyOrg.apiKeyId, apiKey.apiKeyId), + eq(apiKeyOrg.orgId, client[0].orgId) + ) + ); + req.apiKeyOrg = apiKeyOrgRes[0]; + } + + if (!req.apiKeyOrg) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "Key does not have access to this organization" + ) + ); + } + + return next(); + } catch (error) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error verifying site access" + ) + ); + } +} diff --git a/server/middlewares/integration/verifyApiKeyHasAction.ts b/server/middlewares/integration/verifyApiKeyHasAction.ts new file mode 100644 index 00000000..428aeed2 --- /dev/null +++ b/server/middlewares/integration/verifyApiKeyHasAction.ts @@ -0,0 +1,56 @@ +import { Request, Response, NextFunction } from "express"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; +import logger from "@server/logger"; +import { ActionsEnum } from "@server/auth/actions"; +import { db } from "@server/db"; +import { apiKeyActions } from "@server/db"; +import { and, eq } from "drizzle-orm"; + +export function verifyApiKeyHasAction(action: ActionsEnum) { + return async function ( + req: Request, + res: Response, + next: NextFunction + ): Promise { + try { + if (!req.apiKey) { + return next( + createHttpError( + HttpCode.UNAUTHORIZED, + "API Key not authenticated" + ) + ); + } + + const [actionRes] = await db + .select() + .from(apiKeyActions) + .where( + and( + eq(apiKeyActions.apiKeyId, req.apiKey.apiKeyId), + eq(apiKeyActions.actionId, action) + ) + ); + + if (!actionRes) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "Key does not have permission perform this action" + ) + ); + } + + return next(); + } catch (error) { + logger.error("Error verifying key action access:", error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error verifying key action access" + ) + ); + } + }; +} diff --git a/server/middlewares/integration/verifyApiKeyIsRoot.ts b/server/middlewares/integration/verifyApiKeyIsRoot.ts new file mode 100644 index 00000000..2ce9c84d --- /dev/null +++ b/server/middlewares/integration/verifyApiKeyIsRoot.ts @@ -0,0 +1,39 @@ +import logger from "@server/logger"; +import HttpCode from "@server/types/HttpCode"; +import { Request, Response, NextFunction } from "express"; +import createHttpError from "http-errors"; + +export async function verifyApiKeyIsRoot( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const { apiKey } = req; + + if (!apiKey) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "Key not authenticated") + ); + } + + if (!apiKey.isRoot) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "Key does not have root access" + ) + ); + } + + return next(); + } catch (error) { + logger.error(error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "An error occurred checking API key" + ) + ); + } +} diff --git a/server/middlewares/integration/verifyApiKeyOrgAccess.ts b/server/middlewares/integration/verifyApiKeyOrgAccess.ts new file mode 100644 index 00000000..c705dc0f --- /dev/null +++ b/server/middlewares/integration/verifyApiKeyOrgAccess.ts @@ -0,0 +1,66 @@ +import { Request, Response, NextFunction } from "express"; +import { db } from "@server/db"; +import { apiKeyOrg } from "@server/db"; +import { and, eq } from "drizzle-orm"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; +import logger from "@server/logger"; + +export async function verifyApiKeyOrgAccess( + req: Request, + res: Response, + next: NextFunction +) { + try { + const apiKeyId = req.apiKey?.apiKeyId; + const orgId = req.params.orgId; + + if (!apiKeyId) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "Key not authenticated") + ); + } + + if (!orgId) { + return next( + createHttpError(HttpCode.BAD_REQUEST, "Invalid organization ID") + ); + } + + if (req.apiKey?.isRoot) { + // Root keys can access any key in any org + return next(); + } + + if (!req.apiKeyOrg) { + const apiKeyOrgRes = await db + .select() + .from(apiKeyOrg) + .where( + and( + eq(apiKeyOrg.apiKeyId, apiKeyId), + eq(apiKeyOrg.orgId, orgId) + ) + ); + req.apiKeyOrg = apiKeyOrgRes[0]; + } + + if (!req.apiKeyOrg) { + next( + createHttpError( + HttpCode.FORBIDDEN, + "Key does not have access to this organization" + ) + ); + } + + return next(); + } catch (e) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error verifying organization access" + ) + ); + } +} diff --git a/server/middlewares/integration/verifyApiKeyResourceAccess.ts b/server/middlewares/integration/verifyApiKeyResourceAccess.ts new file mode 100644 index 00000000..184ee73c --- /dev/null +++ b/server/middlewares/integration/verifyApiKeyResourceAccess.ts @@ -0,0 +1,90 @@ +import { Request, Response, NextFunction } from "express"; +import { db } from "@server/db"; +import { resources, apiKeyOrg } from "@server/db"; +import { eq, and } from "drizzle-orm"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; + +export async function verifyApiKeyResourceAccess( + req: Request, + res: Response, + next: NextFunction +) { + const apiKey = req.apiKey; + const resourceId = + req.params.resourceId || req.body.resourceId || req.query.resourceId; + + if (!apiKey) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "Key not authenticated") + ); + } + + try { + // Retrieve the resource + const [resource] = await db + .select() + .from(resources) + .where(eq(resources.resourceId, resourceId)) + .limit(1); + + if (!resource) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `Resource with ID ${resourceId} not found` + ) + ); + } + + if (apiKey.isRoot) { + // Root keys can access any key in any org + return next(); + } + + if (!resource.orgId) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + `Resource with ID ${resourceId} does not have an organization ID` + ) + ); + } + + // Verify that the API key is linked to the resource's organization + if (!req.apiKeyOrg) { + const apiKeyOrgResult = await db + .select() + .from(apiKeyOrg) + .where( + and( + eq(apiKeyOrg.apiKeyId, apiKey.apiKeyId), + eq(apiKeyOrg.orgId, resource.orgId) + ) + ) + .limit(1); + + if (apiKeyOrgResult.length > 0) { + req.apiKeyOrg = apiKeyOrgResult[0]; + } + } + + if (!req.apiKeyOrg) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "Key does not have access to this organization" + ) + ); + } + + return next(); + } catch (error) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error verifying resource access" + ) + ); + } +} diff --git a/server/middlewares/integration/verifyApiKeyRoleAccess.ts b/server/middlewares/integration/verifyApiKeyRoleAccess.ts new file mode 100644 index 00000000..ffe223a6 --- /dev/null +++ b/server/middlewares/integration/verifyApiKeyRoleAccess.ts @@ -0,0 +1,132 @@ +import { Request, Response, NextFunction } from "express"; +import { db } from "@server/db"; +import { roles, apiKeyOrg } from "@server/db"; +import { and, eq, inArray } from "drizzle-orm"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; +import logger from "@server/logger"; + +export async function verifyApiKeyRoleAccess( + req: Request, + res: Response, + next: NextFunction +) { + try { + const apiKey = req.apiKey; + const singleRoleId = parseInt( + req.params.roleId || req.body.roleId || req.query.roleId + ); + + if (!apiKey) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "Key not authenticated") + ); + } + + const { roleIds } = req.body; + const allRoleIds = + roleIds || (isNaN(singleRoleId) ? [] : [singleRoleId]); + + if (allRoleIds.length === 0) { + return next(); + } + + const rolesData = await db + .select() + .from(roles) + .where(inArray(roles.roleId, allRoleIds)); + + if (rolesData.length !== allRoleIds.length) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + "One or more roles not found" + ) + ); + } + + if (apiKey.isRoot) { + // Root keys can access any key in any org + return next(); + } + + const orgIds = new Set(rolesData.map((role) => role.orgId)); + + for (const role of rolesData) { + const apiKeyOrgAccess = await db + .select() + .from(apiKeyOrg) + .where( + and( + eq(apiKeyOrg.apiKeyId, apiKey.apiKeyId), + eq(apiKeyOrg.orgId, role.orgId!) + ) + ) + .limit(1); + + if (apiKeyOrgAccess.length === 0) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + `Key does not have access to organization for role ID ${role.roleId}` + ) + ); + } + } + + if (orgIds.size > 1) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "Roles must belong to the same organization" + ) + ); + } + + const orgId = orgIds.values().next().value; + + if (!orgId) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Roles do not have an organization ID" + ) + ); + } + + if (!req.apiKeyOrg) { + // Retrieve the API key's organization link if not already set + const apiKeyOrgRes = await db + .select() + .from(apiKeyOrg) + .where( + and( + eq(apiKeyOrg.apiKeyId, apiKey.apiKeyId), + eq(apiKeyOrg.orgId, orgId) + ) + ) + .limit(1); + + if (apiKeyOrgRes.length === 0) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "Key does not have access to this organization" + ) + ); + } + + req.apiKeyOrg = apiKeyOrgRes[0]; + } + + return next(); + } catch (error) { + logger.error("Error verifying role access:", error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error verifying role access" + ) + ); + } +} diff --git a/server/middlewares/integration/verifyApiKeySetResourceUsers.ts b/server/middlewares/integration/verifyApiKeySetResourceUsers.ts new file mode 100644 index 00000000..9c96e6ec --- /dev/null +++ b/server/middlewares/integration/verifyApiKeySetResourceUsers.ts @@ -0,0 +1,74 @@ +import { Request, Response, NextFunction } from "express"; +import { db } from "@server/db"; +import { userOrgs } from "@server/db"; +import { and, eq, inArray } from "drizzle-orm"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; + +export async function verifyApiKeySetResourceUsers( + req: Request, + res: Response, + next: NextFunction +) { + const apiKey = req.apiKey; + const userIds = req.body.userIds; + + if (!apiKey) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "Key not authenticated") + ); + } + + if (!req.apiKeyOrg) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "Key does not have access to this organization" + ) + ); + } + + if (!userIds) { + return next(createHttpError(HttpCode.BAD_REQUEST, "Invalid user IDs")); + } + + if (apiKey.isRoot) { + // Root keys can access any key in any org + return next(); + } + + if (userIds.length === 0) { + return next(); + } + + try { + const orgId = req.apiKeyOrg.orgId; + const userOrgsData = await db + .select() + .from(userOrgs) + .where( + and( + inArray(userOrgs.userId, userIds), + eq(userOrgs.orgId, orgId) + ) + ); + + if (userOrgsData.length !== userIds.length) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "Key does not have access to one or more specified users" + ) + ); + } + + return next(); + } catch (error) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error checking if key has access to the specified users" + ) + ); + } +} diff --git a/server/middlewares/integration/verifyApiKeySiteAccess.ts b/server/middlewares/integration/verifyApiKeySiteAccess.ts new file mode 100644 index 00000000..0a310d15 --- /dev/null +++ b/server/middlewares/integration/verifyApiKeySiteAccess.ts @@ -0,0 +1,91 @@ +import { Request, Response, NextFunction } from "express"; +import { db } from "@server/db"; +import { sites, apiKeyOrg } from "@server/db"; +import { and, eq, or } from "drizzle-orm"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; + +export async function verifyApiKeySiteAccess( + req: Request, + res: Response, + next: NextFunction +) { + try { + const apiKey = req.apiKey; + const siteId = parseInt( + req.params.siteId || req.body.siteId || req.query.siteId + ); + + if (!apiKey) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "Key not authenticated") + ); + } + + if (isNaN(siteId)) { + return next( + createHttpError(HttpCode.BAD_REQUEST, "Invalid site ID") + ); + } + + if (apiKey.isRoot) { + // Root keys can access any key in any org + return next(); + } + + const site = await db + .select() + .from(sites) + .where(eq(sites.siteId, siteId)) + .limit(1); + + if (site.length === 0) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `Site with ID ${siteId} not found` + ) + ); + } + + if (!site[0].orgId) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + `Site with ID ${siteId} does not have an organization ID` + ) + ); + } + + if (!req.apiKeyOrg) { + const apiKeyOrgRes = await db + .select() + .from(apiKeyOrg) + .where( + and( + eq(apiKeyOrg.apiKeyId, apiKey.apiKeyId), + eq(apiKeyOrg.orgId, site[0].orgId) + ) + ); + req.apiKeyOrg = apiKeyOrgRes[0]; + } + + if (!req.apiKeyOrg) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "Key does not have access to this organization" + ) + ); + } + + return next(); + } catch (error) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error verifying site access" + ) + ); + } +} diff --git a/server/middlewares/integration/verifyApiKeySiteResourceAccess.ts b/server/middlewares/integration/verifyApiKeySiteResourceAccess.ts new file mode 100644 index 00000000..cba94cd1 --- /dev/null +++ b/server/middlewares/integration/verifyApiKeySiteResourceAccess.ts @@ -0,0 +1,97 @@ +import { Request, Response, NextFunction } from "express"; +import { db } from "@server/db"; +import { siteResources, apiKeyOrg } from "@server/db"; +import { and, eq } from "drizzle-orm"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; + +export async function verifyApiKeySiteResourceAccess( + req: Request, + res: Response, + next: NextFunction +) { + try { + const apiKey = req.apiKey; + const siteResourceId = parseInt(req.params.siteResourceId); + const siteId = parseInt(req.params.siteId); + const orgId = req.params.orgId; + + if (!apiKey) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "Key not authenticated") + ); + } + + if (!siteResourceId || !siteId || !orgId) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Missing required parameters" + ) + ); + } + + if (apiKey.isRoot) { + // Root keys can access any resource in any org + return next(); + } + + // Check if the site resource exists and belongs to the specified site and org + const [siteResource] = await db + .select() + .from(siteResources) + .where(and( + eq(siteResources.siteResourceId, siteResourceId), + eq(siteResources.siteId, siteId), + eq(siteResources.orgId, orgId) + )) + .limit(1); + + if (!siteResource) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + "Site resource not found" + ) + ); + } + + // Verify that the API key has access to the organization + if (!req.apiKeyOrg) { + const apiKeyOrgRes = await db + .select() + .from(apiKeyOrg) + .where( + and( + eq(apiKeyOrg.apiKeyId, apiKey.apiKeyId), + eq(apiKeyOrg.orgId, orgId) + ) + ) + .limit(1); + + if (apiKeyOrgRes.length === 0) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "Key does not have access to this organization" + ) + ); + } + + req.apiKeyOrg = apiKeyOrgRes[0]; + } + + // Attach the siteResource to the request for use in the next middleware/route + // @ts-ignore - Extending Request type + req.siteResource = siteResource; + + return next(); + } catch (error) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error verifying site resource access" + ) + ); + } +} diff --git a/server/middlewares/integration/verifyApiKeyTargetAccess.ts b/server/middlewares/integration/verifyApiKeyTargetAccess.ts new file mode 100644 index 00000000..71146c15 --- /dev/null +++ b/server/middlewares/integration/verifyApiKeyTargetAccess.ts @@ -0,0 +1,117 @@ +import { Request, Response, NextFunction } from "express"; +import { db } from "@server/db"; +import { resources, targets, apiKeyOrg } from "@server/db"; +import { and, eq } from "drizzle-orm"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; + +export async function verifyApiKeyTargetAccess( + req: Request, + res: Response, + next: NextFunction +) { + try { + const apiKey = req.apiKey; + const targetId = parseInt(req.params.targetId); + + if (!apiKey) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "Key not authenticated") + ); + } + + if (isNaN(targetId)) { + return next( + createHttpError(HttpCode.BAD_REQUEST, "Invalid target ID") + ); + } + + const [target] = await db + .select() + .from(targets) + .where(eq(targets.targetId, targetId)) + .limit(1); + + if (!target) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `Target with ID ${targetId} not found` + ) + ); + } + + const resourceId = target.resourceId; + if (!resourceId) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + `Target with ID ${targetId} does not have a resource ID` + ) + ); + } + + const [resource] = await db + .select() + .from(resources) + .where(eq(resources.resourceId, resourceId)) + .limit(1); + + if (!resource) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `Resource with ID ${resourceId} not found` + ) + ); + } + + if (apiKey.isRoot) { + // Root keys can access any key in any org + return next(); + } + + if (!resource.orgId) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + `Resource with ID ${resourceId} does not have an organization ID` + ) + ); + } + + if (!req.apiKeyOrg) { + const apiKeyOrgResult = await db + .select() + .from(apiKeyOrg) + .where( + and( + eq(apiKeyOrg.apiKeyId, apiKey.apiKeyId), + eq(apiKeyOrg.orgId, resource.orgId) + ) + ) + .limit(1); + if (apiKeyOrgResult.length > 0) { + req.apiKeyOrg = apiKeyOrgResult[0]; + } + } + + if (!req.apiKeyOrg) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "Key does not have access to this organization" + ) + ); + } + + return next(); + } catch (error) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error verifying target access" + ) + ); + } +} diff --git a/server/middlewares/integration/verifyApiKeyUserAccess.ts b/server/middlewares/integration/verifyApiKeyUserAccess.ts new file mode 100644 index 00000000..a69489bf --- /dev/null +++ b/server/middlewares/integration/verifyApiKeyUserAccess.ts @@ -0,0 +1,72 @@ +import { Request, Response, NextFunction } from "express"; +import { db } from "@server/db"; +import { userOrgs } from "@server/db"; +import { and, eq } from "drizzle-orm"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; + +export async function verifyApiKeyUserAccess( + req: Request, + res: Response, + next: NextFunction +) { + try { + const apiKey = req.apiKey; + const reqUserId = + req.params.userId || req.body.userId || req.query.userId; + + if (!apiKey) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "Key not authenticated") + ); + } + + if (!reqUserId) { + return next( + createHttpError(HttpCode.BAD_REQUEST, "Invalid user ID") + ); + } + + if (apiKey.isRoot) { + // Root keys can access any key in any org + return next(); + } + + if (!req.apiKeyOrg || !req.apiKeyOrg.orgId) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "Key does not have organization access" + ) + ); + } + + const orgId = req.apiKeyOrg.orgId; + + const [userOrgRecord] = await db + .select() + .from(userOrgs) + .where( + and(eq(userOrgs.userId, reqUserId), eq(userOrgs.orgId, orgId)) + ) + .limit(1); + + if (!userOrgRecord) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "Key does not have access to this user" + ) + ); + } + + return next(); + } catch (error) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error checking if key has access to this user" + ) + ); + } +} diff --git a/server/middlewares/rateLimit.ts b/server/middlewares/rateLimit.ts deleted file mode 100644 index 2098288f..00000000 --- a/server/middlewares/rateLimit.ts +++ /dev/null @@ -1,49 +0,0 @@ -import { rateLimit } from "express-rate-limit"; -import createHttpError from "http-errors"; -import { NextFunction, Request, Response } from "express"; -import logger from "@server/logger"; -import HttpCode from "@server/types/HttpCode"; - -export function rateLimitMiddleware({ - windowMin, - max, - type, - skipCondition, -}: { - windowMin: number; - max: number; - type: "IP_ONLY" | "IP_AND_PATH"; - skipCondition?: (req: Request, res: Response) => boolean; -}) { - if (type === "IP_AND_PATH") { - return rateLimit({ - windowMs: windowMin * 60 * 1000, - max, - skip: skipCondition, - keyGenerator: (req: Request) => { - return `${req.ip}-${req.path}`; - }, - handler: (req: Request, res: Response, next: NextFunction) => { - const message = `Rate limit exceeded. You can make ${max} requests every ${windowMin} minute(s).`; - logger.warn( - `Rate limit exceeded for IP ${req.ip} on path ${req.path}`, - ); - return next( - createHttpError(HttpCode.TOO_MANY_REQUESTS, message), - ); - }, - }); - } - return rateLimit({ - windowMs: windowMin * 60 * 1000, - max, - skip: skipCondition, - handler: (req: Request, res: Response, next: NextFunction) => { - const message = `Rate limit exceeded. You can make ${max} requests every ${windowMin} minute(s).`; - logger.warn(`Rate limit exceeded for IP ${req.ip}`); - return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); - }, - }); -} - -export default rateLimitMiddleware; diff --git a/server/middlewares/requestTimeout.ts b/server/middlewares/requestTimeout.ts new file mode 100644 index 00000000..8b5852b7 --- /dev/null +++ b/server/middlewares/requestTimeout.ts @@ -0,0 +1,35 @@ +import { Request, Response, NextFunction } from 'express'; +import logger from '@server/logger'; +import createHttpError from 'http-errors'; +import HttpCode from '@server/types/HttpCode'; + +export function requestTimeoutMiddleware(timeoutMs: number = 30000) { + return (req: Request, res: Response, next: NextFunction) => { + // Set a timeout for the request + const timeout = setTimeout(() => { + if (!res.headersSent) { + logger.error(`Request timeout: ${req.method} ${req.url} from ${req.ip}`); + return next( + createHttpError( + HttpCode.REQUEST_TIMEOUT, + 'Request timeout - operation took too long to complete' + ) + ); + } + }, timeoutMs); + + // Clear timeout when response finishes + res.on('finish', () => { + clearTimeout(timeout); + }); + + // Clear timeout when response closes + res.on('close', () => { + clearTimeout(timeout); + }); + + next(); + }; +} + +export default requestTimeoutMiddleware; diff --git a/server/middlewares/verifyAccessTokenAccess.ts b/server/middlewares/verifyAccessTokenAccess.ts index 66c84391..457548ae 100644 --- a/server/middlewares/verifyAccessTokenAccess.ts +++ b/server/middlewares/verifyAccessTokenAccess.ts @@ -1,6 +1,6 @@ import { Request, Response, NextFunction } from "express"; import { db } from "@server/db"; -import { resourceAccessToken, resources, userOrgs } from "@server/db/schemas"; +import { resourceAccessToken, resources, userOrgs } from "@server/db"; import { and, eq } from "drizzle-orm"; import createHttpError from "http-errors"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/middlewares/verifyAdmin.ts b/server/middlewares/verifyAdmin.ts index 240888e2..22863e12 100644 --- a/server/middlewares/verifyAdmin.ts +++ b/server/middlewares/verifyAdmin.ts @@ -1,6 +1,6 @@ import { Request, Response, NextFunction } from "express"; import { db } from "@server/db"; -import { roles, userOrgs } from "@server/db/schemas"; +import { roles, userOrgs } from "@server/db"; import { and, eq, inArray } from "drizzle-orm"; import createHttpError from "http-errors"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/middlewares/verifyApiKeyAccess.ts b/server/middlewares/verifyApiKeyAccess.ts new file mode 100644 index 00000000..ba3717f0 --- /dev/null +++ b/server/middlewares/verifyApiKeyAccess.ts @@ -0,0 +1,96 @@ +import { Request, Response, NextFunction } from "express"; +import { db } from "@server/db"; +import { userOrgs, apiKeys, apiKeyOrg } from "@server/db"; +import { and, eq, or } from "drizzle-orm"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; + +export async function verifyApiKeyAccess( + req: Request, + res: Response, + next: NextFunction +) { + try { + const userId = req.user!.userId; + const apiKeyId = + req.params.apiKeyId || req.body.apiKeyId || req.query.apiKeyId; + const orgId = req.params.orgId; + + if (!userId) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "User not authenticated") + ); + } + + if (!orgId) { + return next( + createHttpError(HttpCode.BAD_REQUEST, "Invalid organization ID") + ); + } + + if (!apiKeyId) { + return next( + createHttpError(HttpCode.BAD_REQUEST, "Invalid key ID") + ); + } + + const [apiKey] = await db + .select() + .from(apiKeys) + .innerJoin(apiKeyOrg, eq(apiKeys.apiKeyId, apiKeyOrg.apiKeyId)) + .where( + and(eq(apiKeys.apiKeyId, apiKeyId), eq(apiKeyOrg.orgId, orgId)) + ) + .limit(1); + + if (!apiKey.apiKeys) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `API key with ID ${apiKeyId} not found` + ) + ); + } + + if (!apiKeyOrg.orgId) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + `API key with ID ${apiKeyId} does not have an organization ID` + ) + ); + } + + if (!req.userOrg) { + const userOrgRes = await db + .select() + .from(userOrgs) + .where( + and( + eq(userOrgs.userId, userId), + eq(userOrgs.orgId, apiKeyOrg.orgId) + ) + ); + req.userOrg = userOrgRes[0]; + req.userRoleIds = userOrgRes.map((r) => r.roleId); + } + + if (!req.userOrg) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "User does not have access to this organization" + ) + ); + } + + return next(); + } catch (error) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error verifying key access" + ) + ); + } +} diff --git a/server/middlewares/verifyClientAccess.ts b/server/middlewares/verifyClientAccess.ts new file mode 100644 index 00000000..e46d3452 --- /dev/null +++ b/server/middlewares/verifyClientAccess.ts @@ -0,0 +1,129 @@ +import { Request, Response, NextFunction } from "express"; +import { db } from "@server/db"; +import { userOrgs, clients, roleClients, userClients } from "@server/db"; +import { and, eq, inArray } from "drizzle-orm"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; + +export async function verifyClientAccess( + req: Request, + res: Response, + next: NextFunction +) { + const userId = req.user!.userId; // Assuming you have user information in the request + const clientId = parseInt( + req.params.clientId || req.body.clientId || req.query.clientId + ); + + if (!userId) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "User not authenticated") + ); + } + + if (isNaN(clientId)) { + return next(createHttpError(HttpCode.BAD_REQUEST, "Invalid client ID")); + } + + try { + // Get the client + const [client] = await db + .select() + .from(clients) + .where(eq(clients.clientId, clientId)) + .limit(1); + + if (!client) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `Client with ID ${clientId} not found` + ) + ); + } + + if (!client.orgId) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + `Client with ID ${clientId} does not have an organization ID` + ) + ); + } + + if (!req.userOrg) { + // Get user's role ID in the organization + const userOrgRes = await db + .select() + .from(userOrgs) + .where( + and( + eq(userOrgs.userId, userId), + eq(userOrgs.orgId, client.orgId) + ) + ); + req.userOrg = userOrgRes[0]; + req.userRoleIds = userOrgRes.map((r) => r.roleId); + } + + if (!req.userOrg) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "User does not have access to this organization" + ) + ); + } + + req.userOrgId = client.orgId; + + // Check role-based site access first + const [roleClientAccess] = await db + .select() + .from(roleClients) + .where( + and( + eq(roleClients.clientId, clientId), + inArray(roleClients.roleId, req.userRoleIds!) + ) + ) + .limit(1); + + if (roleClientAccess) { + // User has access to the site through their role + return next(); + } + + // If role doesn't have access, check user-specific site access + const [userClientAccess] = await db + .select() + .from(userClients) + .where( + and( + eq(userClients.userId, userId), + eq(userClients.clientId, clientId) + ) + ) + .limit(1); + + if (userClientAccess) { + // User has direct access to the site + return next(); + } + + // If we reach here, the user doesn't have access to the site + return next( + createHttpError( + HttpCode.FORBIDDEN, + "User does not have access to this client" + ) + ); + } catch (error) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error verifying site access" + ) + ); + } +} diff --git a/server/middlewares/verifyClientsEnabled.ts b/server/middlewares/verifyClientsEnabled.ts new file mode 100644 index 00000000..6e8070da --- /dev/null +++ b/server/middlewares/verifyClientsEnabled.ts @@ -0,0 +1,29 @@ +import { Request, Response, NextFunction } from "express"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; +import config from "@server/lib/config"; + +export async function verifyClientsEnabled( + req: Request, + res: Response, + next: NextFunction +) { + try { + if (!config.getRawConfig().flags?.enable_clients) { + return next( + createHttpError( + HttpCode.NOT_IMPLEMENTED, + "Clients are not enabled on this server." + ) + ); + } + return next(); + } catch (error) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to check if clients are enabled" + ) + ); + } +} diff --git a/server/middlewares/verifyDomainAccess.ts b/server/middlewares/verifyDomainAccess.ts new file mode 100644 index 00000000..8980fb9f --- /dev/null +++ b/server/middlewares/verifyDomainAccess.ts @@ -0,0 +1,90 @@ +import { Request, Response, NextFunction } from "express"; +import { db, domains, orgDomains } from "@server/db"; +import { userOrgs, apiKeyOrg } from "@server/db"; +import { and, eq } from "drizzle-orm"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; + +export async function verifyDomainAccess( + req: Request, + res: Response, + next: NextFunction +) { + try { + const userId = req.user!.userId; + const domainId = + req.params.domainId || req.body.apiKeyId || req.query.apiKeyId; + const orgId = req.params.orgId; + + if (!userId) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "User not authenticated") + ); + } + + if (!orgId) { + return next( + createHttpError(HttpCode.BAD_REQUEST, "Invalid organization ID") + ); + } + + if (!domainId) { + return next( + createHttpError(HttpCode.BAD_REQUEST, "Invalid domain ID") + ); + } + + const [domain] = await db + .select() + .from(domains) + .innerJoin(orgDomains, eq(orgDomains.domainId, domains.domainId)) + .where( + and( + eq(orgDomains.domainId, domainId), + eq(orgDomains.orgId, orgId) + ) + ) + .limit(1); + + if (!domain.orgDomains) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `Domain with ID ${domainId} not found` + ) + ); + } + + if (!req.userOrg) { + const userOrgRes = await db + .select() + .from(userOrgs) + .where( + and( + eq(userOrgs.userId, userId), + eq(userOrgs.orgId, apiKeyOrg.orgId) + ) + ); + req.userOrg = userOrgRes[0]; + req.userRoleIds = userOrgRes.map((r) => r.roleId); + } + + if (!req.userOrg) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "User does not have access to this organization" + ) + ); + } + + return next(); + } catch (error) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error verifying domain access" + ) + ); + } +} diff --git a/server/middlewares/verifyOrgAccess.ts b/server/middlewares/verifyOrgAccess.ts index 9af4fe5d..1ea6087d 100644 --- a/server/middlewares/verifyOrgAccess.ts +++ b/server/middlewares/verifyOrgAccess.ts @@ -1,6 +1,6 @@ import { Request, Response, NextFunction } from "express"; import { db } from "@server/db"; -import { userOrgs } from "@server/db/schemas"; +import { userOrgs } from "@server/db"; import { and, eq } from "drizzle-orm"; import createHttpError from "http-errors"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/middlewares/verifyResourceAccess.ts b/server/middlewares/verifyResourceAccess.ts index 43ab908e..52216e94 100644 --- a/server/middlewares/verifyResourceAccess.ts +++ b/server/middlewares/verifyResourceAccess.ts @@ -4,8 +4,8 @@ import { resources, userOrgs, userResources, - roleResources -} from "@server/db/schemas"; + roleResources, +} from "@server/db"; import { and, eq, inArray } from "drizzle-orm"; import createHttpError from "http-errors"; import HttpCode from "@server/types/HttpCode"; @@ -51,7 +51,7 @@ export async function verifyResourceAccess( } if (!req.userOrg) { - const userOrgRole = await db + const userOrgRes = await db .select() .from(userOrgs) .where( @@ -60,8 +60,8 @@ export async function verifyResourceAccess( eq(userOrgs.orgId, resource[0].orgId) ) ); - req.userOrg = userOrgRole[0]; - req.userRoleIds = userOrgRole.map((r) => r.roleId); + req.userOrg = userOrgRes[0]; + req.userRoleIds = userOrgRes.map((r) => r.roleId); } if (!req.userOrg) { diff --git a/server/middlewares/verifyRoleAccess.ts b/server/middlewares/verifyRoleAccess.ts index fac348d6..7ab330ec 100644 --- a/server/middlewares/verifyRoleAccess.ts +++ b/server/middlewares/verifyRoleAccess.ts @@ -1,6 +1,6 @@ import { Request, Response, NextFunction } from "express"; import { db } from "@server/db"; -import { roles, userOrgs } from "@server/db/schemas"; +import { roles, userOrgs } from "@server/db"; import { and, eq, inArray } from "drizzle-orm"; import createHttpError from "http-errors"; import HttpCode from "@server/types/HttpCode"; @@ -22,7 +22,7 @@ export async function verifyRoleAccess( ); } - const { roleIds } = req.body; + const roleIds = req.body?.roleIds; const allRoleIds = roleIds || (isNaN(singleRoleId) ? [] : [singleRoleId]); if (allRoleIds.length === 0) { @@ -48,7 +48,7 @@ export async function verifyRoleAccess( // Check user access to each role's organization for (const role of rolesData) { - const userOrgRole = await db + const userOrgRes = await db .select() .from(userOrgs) .where( @@ -56,10 +56,9 @@ export async function verifyRoleAccess( eq(userOrgs.userId, userId), eq(userOrgs.orgId, role.orgId!) ) - ) - .limit(1); + ); - if (userOrgRole.length === 0) { + if (userOrgRes.length === 0) { return next( createHttpError( HttpCode.FORBIDDEN, @@ -69,6 +68,8 @@ export async function verifyRoleAccess( } req.userOrgId = role.orgId; + req.userOrg = userOrgRes[0]; + req.userRoleIds = userOrgRes.map((r) => r.roleId); } if (orgIds.size > 1) { diff --git a/server/middlewares/verifySession.ts b/server/middlewares/verifySession.ts index 9d284394..6af34e4c 100644 --- a/server/middlewares/verifySession.ts +++ b/server/middlewares/verifySession.ts @@ -1,7 +1,7 @@ import { NextFunction, Response } from "express"; import ErrorResponse from "@server/types/ErrorResponse"; import { db } from "@server/db"; -import { users } from "@server/db/schemas"; +import { users } from "@server/db"; import { eq } from "drizzle-orm"; import createHttpError from "http-errors"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/middlewares/verifySetResourceUsers.ts b/server/middlewares/verifySetResourceUsers.ts index 0f351069..be6d21fc 100644 --- a/server/middlewares/verifySetResourceUsers.ts +++ b/server/middlewares/verifySetResourceUsers.ts @@ -1,6 +1,6 @@ import { Request, Response, NextFunction } from "express"; import { db } from "@server/db"; -import { userOrgs } from "@server/db/schemas"; +import { userOrgs } from "@server/db"; import { and, eq, inArray, or } from "drizzle-orm"; import createHttpError from "http-errors"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/middlewares/verifySiteAccess.ts b/server/middlewares/verifySiteAccess.ts index 640985de..14469f77 100644 --- a/server/middlewares/verifySiteAccess.ts +++ b/server/middlewares/verifySiteAccess.ts @@ -5,8 +5,8 @@ import { userOrgs, userSites, roleSites, - roles -} from "@server/db/schemas"; + roles, +} from "@server/db"; import { and, eq, inArray } from "drizzle-orm"; import createHttpError from "http-errors"; import HttpCode from "@server/types/HttpCode"; @@ -60,7 +60,7 @@ export async function verifySiteAccess( if (!req.userOrg) { // Get user's role ID in the organization - const userOrgRole = await db + const userOrgRes = await db .select() .from(userOrgs) .where( @@ -68,10 +68,9 @@ export async function verifySiteAccess( eq(userOrgs.userId, userId), eq(userOrgs.orgId, site[0].orgId) ) - ) - .limit(1); - req.userOrg = userOrgRole[0]; - req.userRoleIds = userOrgRole.map((r) => r.roleId); + ); + req.userOrg = userOrgRes[0]; + req.userRoleIds = userOrgRes.map((r) => r.roleId); } if (!req.userOrg) { diff --git a/server/middlewares/verifySiteResourceAccess.ts b/server/middlewares/verifySiteResourceAccess.ts new file mode 100644 index 00000000..e7fefd24 --- /dev/null +++ b/server/middlewares/verifySiteResourceAccess.ts @@ -0,0 +1,62 @@ +import { Request, Response, NextFunction } from "express"; +import { db } from "@server/db"; +import { siteResources } from "@server/db"; +import { eq, and } from "drizzle-orm"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; +import logger from "@server/logger"; + +export async function verifySiteResourceAccess( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const siteResourceId = parseInt(req.params.siteResourceId); + const siteId = parseInt(req.params.siteId); + const orgId = req.params.orgId; + + if (!siteResourceId || !siteId || !orgId) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Missing required parameters" + ) + ); + } + + // Check if the site resource exists and belongs to the specified site and org + const [siteResource] = await db + .select() + .from(siteResources) + .where(and( + eq(siteResources.siteResourceId, siteResourceId), + eq(siteResources.siteId, siteId), + eq(siteResources.orgId, orgId) + )) + .limit(1); + + if (!siteResource) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + "Site resource not found" + ) + ); + } + + // Attach the siteResource to the request for use in the next middleware/route + // @ts-ignore - Extending Request type + req.siteResource = siteResource; + + next(); + } catch (error) { + logger.error("Error verifying site resource access:", error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Error verifying site resource access" + ) + ); + } +} diff --git a/server/middlewares/verifyTargetAccess.ts b/server/middlewares/verifyTargetAccess.ts index 4065ce52..424812ac 100644 --- a/server/middlewares/verifyTargetAccess.ts +++ b/server/middlewares/verifyTargetAccess.ts @@ -1,6 +1,6 @@ import { Request, Response, NextFunction } from "express"; import { db } from "@server/db"; -import { resources, targets, userOrgs } from "@server/db/schemas"; +import { resources, targets, userOrgs } from "@server/db"; import { and, eq } from "drizzle-orm"; import createHttpError from "http-errors"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/middlewares/verifyUser.ts b/server/middlewares/verifyUser.ts index 06b08601..8fd38b24 100644 --- a/server/middlewares/verifyUser.ts +++ b/server/middlewares/verifyUser.ts @@ -1,7 +1,7 @@ import { NextFunction, Response } from "express"; import ErrorResponse from "@server/types/ErrorResponse"; import { db } from "@server/db"; -import { users } from "@server/db/schemas"; +import { users } from "@server/db"; import { eq } from "drizzle-orm"; import createHttpError from "http-errors"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/middlewares/verifyUserAccess.ts b/server/middlewares/verifyUserAccess.ts index 9cc30cf1..7375ad76 100644 --- a/server/middlewares/verifyUserAccess.ts +++ b/server/middlewares/verifyUserAccess.ts @@ -1,6 +1,6 @@ import { Request, Response, NextFunction } from "express"; import { db } from "@server/db"; -import { userOrgs } from "@server/db/schemas"; +import { userOrgs } from "@server/db"; import { and, eq, or } from "drizzle-orm"; import createHttpError from "http-errors"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/middlewares/verifyUserIsOrgOwner.ts b/server/middlewares/verifyUserIsOrgOwner.ts index c1d766e4..318c82ec 100644 --- a/server/middlewares/verifyUserIsOrgOwner.ts +++ b/server/middlewares/verifyUserIsOrgOwner.ts @@ -1,6 +1,6 @@ import { Request, Response, NextFunction } from "express"; import { db } from "@server/db"; -import { userOrgs } from "@server/db/schemas"; +import { userOrgs } from "@server/db"; import { and, eq } from "drizzle-orm"; import createHttpError from "http-errors"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/nextServer.ts b/server/nextServer.ts index e12c06e6..4c96d04f 100644 --- a/server/nextServer.ts +++ b/server/nextServer.ts @@ -15,7 +15,7 @@ export async function createNextServer() { const nextServer = express(); - nextServer.all("*", (req, res) => { + nextServer.all("/{*splat}", (req, res) => { const parsedUrl = parse(req.url!, true); return handle(req, res, parsedUrl); }); diff --git a/server/openApi.ts b/server/openApi.ts index 4df6cbdd..32cdb67b 100644 --- a/server/openApi.ts +++ b/server/openApi.ts @@ -14,5 +14,6 @@ export enum OpenAPITags { AccessToken = "Access Token", Idp = "Identity Provider", Client = "Client", - ApiKey = "API Key" + ApiKey = "API Key", + Domain = "Domain" } diff --git a/server/routers/accessToken/deleteAccessToken.ts b/server/routers/accessToken/deleteAccessToken.ts index 783c5fc8..60d8789e 100644 --- a/server/routers/accessToken/deleteAccessToken.ts +++ b/server/routers/accessToken/deleteAccessToken.ts @@ -5,9 +5,9 @@ import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -import { resourceAccessToken } from "@server/db/schemas"; +import { resourceAccessToken } from "@server/db"; import { and, eq } from "drizzle-orm"; -import db from "@server/db"; +import { db } from "@server/db"; import { OpenAPITags, registry } from "@server/openApi"; const deleteAccessTokenParamsSchema = z diff --git a/server/routers/accessToken/generateAccessToken.ts b/server/routers/accessToken/generateAccessToken.ts index 738c230e..631b5924 100644 --- a/server/routers/accessToken/generateAccessToken.ts +++ b/server/routers/accessToken/generateAccessToken.ts @@ -4,12 +4,12 @@ import { generateIdFromEntropySize, SESSION_COOKIE_EXPIRES } from "@server/auth/sessions/app"; -import db from "@server/db"; +import { db } from "@server/db"; import { ResourceAccessToken, resourceAccessToken, resources -} from "@server/db/schemas"; +} from "@server/db"; import HttpCode from "@server/types/HttpCode"; import response from "@server/lib/response"; import { eq } from "drizzle-orm"; diff --git a/server/routers/accessToken/listAccessTokens.ts b/server/routers/accessToken/listAccessTokens.ts index daa09a4d..b15041e4 100644 --- a/server/routers/accessToken/listAccessTokens.ts +++ b/server/routers/accessToken/listAccessTokens.ts @@ -7,7 +7,7 @@ import { roleResources, resourceAccessToken, sites -} from "@server/db/schemas"; +} from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; @@ -222,7 +222,7 @@ export async function listAccessTokens( (resource) => resource.resourceId ); - let countQuery: any = db + const countQuery: any = db .select({ count: count() }) .from(resources) .where(inArray(resources.resourceId, accessibleResourceIds)); diff --git a/server/routers/apiKeys/createOrgApiKey.ts b/server/routers/apiKeys/createOrgApiKey.ts new file mode 100644 index 00000000..d61a364b --- /dev/null +++ b/server/routers/apiKeys/createOrgApiKey.ts @@ -0,0 +1,128 @@ +import { NextFunction, Request, Response } from "express"; +import { db } from "@server/db"; +import HttpCode from "@server/types/HttpCode"; +import { z } from "zod"; +import { apiKeyOrg, apiKeys } from "@server/db"; +import { fromError } from "zod-validation-error"; +import createHttpError from "http-errors"; +import response from "@server/lib/response"; +import moment from "moment"; +import { + generateId, + generateIdFromEntropySize +} from "@server/auth/sessions/app"; +import logger from "@server/logger"; +import { hashPassword } from "@server/auth/password"; +import { OpenAPITags, registry } from "@server/openApi"; + +const paramsSchema = z.object({ + orgId: z.string().nonempty() +}); + +const bodySchema = z.object({ + name: z.string().min(1).max(255) +}); + +export type CreateOrgApiKeyBody = z.infer; + +export type CreateOrgApiKeyResponse = { + apiKeyId: string; + name: string; + apiKey: string; + lastChars: string; + createdAt: string; +}; + +registry.registerPath({ + method: "put", + path: "/org/{orgId}/api-key", + description: "Create a new API key scoped to the organization.", + tags: [OpenAPITags.Org, OpenAPITags.ApiKey], + request: { + params: paramsSchema, + body: { + content: { + "application/json": { + schema: bodySchema + } + } + } + }, + responses: {} +}); + +export async function createOrgApiKey( + req: Request, + res: Response, + next: NextFunction +): Promise { + const parsedParams = paramsSchema.safeParse(req.params); + + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const parsedBody = bodySchema.safeParse(req.body); + + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { orgId } = parsedParams.data; + const { name } = parsedBody.data; + + const apiKeyId = generateId(15); + const apiKey = generateIdFromEntropySize(25); + const apiKeyHash = await hashPassword(apiKey); + const lastChars = apiKey.slice(-4); + const createdAt = moment().toISOString(); + + await db.transaction(async (trx) => { + await trx.insert(apiKeys).values({ + name, + apiKeyId, + apiKeyHash, + createdAt, + lastChars + }); + + await trx.insert(apiKeyOrg).values({ + apiKeyId, + orgId + }); + }); + + try { + return response(res, { + data: { + apiKeyId, + apiKey, + name, + lastChars, + createdAt + }, + success: true, + error: false, + message: "API key created", + status: HttpCode.CREATED + }); + } catch (e) { + logger.error(e); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to create API key" + ) + ); + } +} diff --git a/server/routers/apiKeys/createRootApiKey.ts b/server/routers/apiKeys/createRootApiKey.ts new file mode 100644 index 00000000..0754574a --- /dev/null +++ b/server/routers/apiKeys/createRootApiKey.ts @@ -0,0 +1,91 @@ +import { NextFunction, Request, Response } from "express"; +import { db } from "@server/db"; +import HttpCode from "@server/types/HttpCode"; +import { z } from "zod"; +import { apiKeyOrg, apiKeys, orgs } from "@server/db"; +import { fromError } from "zod-validation-error"; +import createHttpError from "http-errors"; +import response from "@server/lib/response"; +import moment from "moment"; +import { + generateId, + generateIdFromEntropySize +} from "@server/auth/sessions/app"; +import logger from "@server/logger"; +import { hashPassword } from "@server/auth/password"; + +const bodySchema = z + .object({ + name: z.string().min(1).max(255) + }) + .strict(); + +export type CreateRootApiKeyBody = z.infer; + +export type CreateRootApiKeyResponse = { + apiKeyId: string; + name: string; + apiKey: string; + lastChars: string; + createdAt: string; +}; + +export async function createRootApiKey( + req: Request, + res: Response, + next: NextFunction +): Promise { + const parsedBody = bodySchema.safeParse(req.body); + + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { name } = parsedBody.data; + + const apiKeyId = generateId(15); + const apiKey = generateIdFromEntropySize(25); + const apiKeyHash = await hashPassword(apiKey); + const lastChars = apiKey.slice(-4); + const createdAt = moment().toISOString(); + + await db.transaction(async (trx) => { + await trx.insert(apiKeys).values({ + apiKeyId, + name, + apiKeyHash, + createdAt, + lastChars, + isRoot: true + }); + }); + + try { + return response(res, { + data: { + apiKeyId, + name, + apiKey, + lastChars, + createdAt + }, + success: true, + error: false, + message: "API key created", + status: HttpCode.CREATED + }); + } catch (e) { + logger.error(e); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to create API key" + ) + ); + } +} diff --git a/server/routers/apiKeys/deleteApiKey.ts b/server/routers/apiKeys/deleteApiKey.ts new file mode 100644 index 00000000..4b97b353 --- /dev/null +++ b/server/routers/apiKeys/deleteApiKey.ts @@ -0,0 +1,76 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db } from "@server/db"; +import { apiKeys } from "@server/db"; +import { eq } from "drizzle-orm"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { fromError } from "zod-validation-error"; +import { OpenAPITags, registry } from "@server/openApi"; + +const paramsSchema = z.object({ + apiKeyId: z.string().nonempty() +}); + +registry.registerPath({ + method: "delete", + path: "/org/{orgId}/api-key/{apiKeyId}", + description: "Delete an API key.", + tags: [OpenAPITags.Org, OpenAPITags.ApiKey], + request: { + params: paramsSchema + }, + responses: {} +}); + +export async function deleteApiKey( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedParams = paramsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const { apiKeyId } = parsedParams.data; + + const [apiKey] = await db + .select() + .from(apiKeys) + .where(eq(apiKeys.apiKeyId, apiKeyId)) + .limit(1); + + if (!apiKey) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `API Key with ID ${apiKeyId} not found` + ) + ); + } + + await db.delete(apiKeys).where(eq(apiKeys.apiKeyId, apiKeyId)); + + return response(res, { + data: null, + success: true, + error: false, + message: "API key deleted successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/apiKeys/deleteOrgApiKey.ts b/server/routers/apiKeys/deleteOrgApiKey.ts new file mode 100644 index 00000000..22e776ca --- /dev/null +++ b/server/routers/apiKeys/deleteOrgApiKey.ts @@ -0,0 +1,99 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db } from "@server/db"; +import { apiKeyOrg, apiKeys } from "@server/db"; +import { and, eq } from "drizzle-orm"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { fromError } from "zod-validation-error"; + +const paramsSchema = z.object({ + apiKeyId: z.string().nonempty(), + orgId: z.string().nonempty() +}); + +export async function deleteOrgApiKey( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedParams = paramsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const { apiKeyId, orgId } = parsedParams.data; + + const [apiKey] = await db + .select() + .from(apiKeys) + .where(eq(apiKeys.apiKeyId, apiKeyId)) + .innerJoin( + apiKeyOrg, + and( + eq(apiKeys.apiKeyId, apiKeyOrg.apiKeyId), + eq(apiKeyOrg.orgId, orgId) + ) + ) + .limit(1); + + if (!apiKey) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `API Key with ID ${apiKeyId} not found` + ) + ); + } + + if (apiKey.apiKeys.isRoot) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "Cannot delete root API key" + ) + ); + } + + await db.transaction(async (trx) => { + await trx + .delete(apiKeyOrg) + .where( + and( + eq(apiKeyOrg.apiKeyId, apiKeyId), + eq(apiKeyOrg.orgId, orgId) + ) + ); + + const apiKeyOrgs = await db + .select() + .from(apiKeyOrg) + .where(eq(apiKeyOrg.apiKeyId, apiKeyId)); + + if (apiKeyOrgs.length === 0) { + await trx.delete(apiKeys).where(eq(apiKeys.apiKeyId, apiKeyId)); + } + }); + + return response(res, { + data: null, + success: true, + error: false, + message: "API removed from organization", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/apiKeys/getApiKey.ts b/server/routers/apiKeys/getApiKey.ts new file mode 100644 index 00000000..2bb3b65c --- /dev/null +++ b/server/routers/apiKeys/getApiKey.ts @@ -0,0 +1,76 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db } from "@server/db"; +import { apiKeys } from "@server/db"; +import { eq } from "drizzle-orm"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { fromError } from "zod-validation-error"; + +const paramsSchema = z.object({ + apiKeyId: z.string().nonempty() +}); + +async function query(apiKeyId: string) { + return await db + .select({ + apiKeyId: apiKeys.apiKeyId, + lastChars: apiKeys.lastChars, + createdAt: apiKeys.createdAt, + isRoot: apiKeys.isRoot, + name: apiKeys.name + }) + .from(apiKeys) + .where(eq(apiKeys.apiKeyId, apiKeyId)) + .limit(1); +} + +export type GetApiKeyResponse = NonNullable< + Awaited>[0] +>; + +export async function getApiKey( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedParams = paramsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const { apiKeyId } = parsedParams.data; + + const [apiKey] = await query(apiKeyId); + + if (!apiKey) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `API Key with ID ${apiKeyId} not found` + ) + ); + } + + return response(res, { + data: apiKey, + success: true, + error: false, + message: "API key deleted successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/apiKeys/index.ts b/server/routers/apiKeys/index.ts new file mode 100644 index 00000000..62ede75c --- /dev/null +++ b/server/routers/apiKeys/index.ts @@ -0,0 +1,11 @@ +export * from "./createRootApiKey"; +export * from "./deleteApiKey"; +export * from "./getApiKey"; +export * from "./listApiKeyActions"; +export * from "./listOrgApiKeys"; +export * from "./listApiKeyActions"; +export * from "./listRootApiKeys"; +export * from "./setApiKeyActions"; +export * from "./setApiKeyOrgs"; +export * from "./createOrgApiKey"; +export * from "./deleteOrgApiKey"; diff --git a/server/routers/apiKeys/listApiKeyActions.ts b/server/routers/apiKeys/listApiKeyActions.ts new file mode 100644 index 00000000..51d20b24 --- /dev/null +++ b/server/routers/apiKeys/listApiKeyActions.ts @@ -0,0 +1,113 @@ +import { db } from "@server/db"; +import { actions, apiKeyActions, apiKeyOrg, apiKeys } from "@server/db"; +import logger from "@server/logger"; +import HttpCode from "@server/types/HttpCode"; +import response from "@server/lib/response"; +import { NextFunction, Request, Response } from "express"; +import createHttpError from "http-errors"; +import { z } from "zod"; +import { fromError } from "zod-validation-error"; +import { eq } from "drizzle-orm"; +import { OpenAPITags, registry } from "@server/openApi"; + +const paramsSchema = z.object({ + apiKeyId: z.string().nonempty() +}); + +const querySchema = z.object({ + limit: z + .string() + .optional() + .default("1000") + .transform(Number) + .pipe(z.number().int().positive()), + offset: z + .string() + .optional() + .default("0") + .transform(Number) + .pipe(z.number().int().nonnegative()) +}); + +function queryActions(apiKeyId: string) { + return db + .select({ + actionId: actions.actionId + }) + .from(apiKeyActions) + .where(eq(apiKeyActions.apiKeyId, apiKeyId)) + .innerJoin(actions, eq(actions.actionId, apiKeyActions.actionId)); +} + +export type ListApiKeyActionsResponse = { + actions: Awaited>; + pagination: { total: number; limit: number; offset: number }; +}; + +registry.registerPath({ + method: "get", + path: "/org/{orgId}/api-key/{apiKeyId}/actions", + description: + "List all actions set for an API key.", + tags: [OpenAPITags.Org, OpenAPITags.ApiKey], + request: { + params: paramsSchema, + query: querySchema + }, + responses: {} +}); + +export async function listApiKeyActions( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedQuery = querySchema.safeParse(req.query); + if (!parsedQuery.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedQuery.error) + ) + ); + } + + const parsedParams = paramsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error) + ) + ); + } + + const { limit, offset } = parsedQuery.data; + const { apiKeyId } = parsedParams.data; + + const baseQuery = queryActions(apiKeyId); + + const actionsList = await baseQuery.limit(limit).offset(offset); + + return response(res, { + data: { + actions: actionsList, + pagination: { + total: actionsList.length, + limit, + offset + } + }, + success: true, + error: false, + message: "API keys retrieved successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/apiKeys/listOrgApiKeys.ts b/server/routers/apiKeys/listOrgApiKeys.ts new file mode 100644 index 00000000..e8c8bc1c --- /dev/null +++ b/server/routers/apiKeys/listOrgApiKeys.ts @@ -0,0 +1,116 @@ +import { db } from "@server/db"; +import { apiKeyOrg, apiKeys } from "@server/db"; +import logger from "@server/logger"; +import HttpCode from "@server/types/HttpCode"; +import response from "@server/lib/response"; +import { NextFunction, Request, Response } from "express"; +import createHttpError from "http-errors"; +import { z } from "zod"; +import { fromError } from "zod-validation-error"; +import { eq, and } from "drizzle-orm"; +import { OpenAPITags, registry } from "@server/openApi"; + +const querySchema = z.object({ + limit: z + .string() + .optional() + .default("1000") + .transform(Number) + .pipe(z.number().int().positive()), + offset: z + .string() + .optional() + .default("0") + .transform(Number) + .pipe(z.number().int().nonnegative()) +}); + +const paramsSchema = z.object({ + orgId: z.string() +}); + +function queryApiKeys(orgId: string) { + return db + .select({ + apiKeyId: apiKeys.apiKeyId, + orgId: apiKeyOrg.orgId, + lastChars: apiKeys.lastChars, + createdAt: apiKeys.createdAt, + name: apiKeys.name + }) + .from(apiKeyOrg) + .where(and(eq(apiKeyOrg.orgId, orgId), eq(apiKeys.isRoot, false))) + .innerJoin(apiKeys, eq(apiKeys.apiKeyId, apiKeyOrg.apiKeyId)); +} + +export type ListOrgApiKeysResponse = { + apiKeys: Awaited>; + pagination: { total: number; limit: number; offset: number }; +}; + +registry.registerPath({ + method: "get", + path: "/org/{orgId}/api-keys", + description: "List all API keys for an organization", + tags: [OpenAPITags.Org, OpenAPITags.ApiKey], + request: { + params: paramsSchema, + query: querySchema + }, + responses: {} +}); + +export async function listOrgApiKeys( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedQuery = querySchema.safeParse(req.query); + if (!parsedQuery.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedQuery.error) + ) + ); + } + + const parsedParams = paramsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error) + ) + ); + } + + const { limit, offset } = parsedQuery.data; + const { orgId } = parsedParams.data; + + const baseQuery = queryApiKeys(orgId); + + const apiKeysList = await baseQuery.limit(limit).offset(offset); + + return response(res, { + data: { + apiKeys: apiKeysList, + pagination: { + total: apiKeysList.length, + limit, + offset + } + }, + success: true, + error: false, + message: "API keys retrieved successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/apiKeys/listRootApiKeys.ts b/server/routers/apiKeys/listRootApiKeys.ts new file mode 100644 index 00000000..ddfade3c --- /dev/null +++ b/server/routers/apiKeys/listRootApiKeys.ts @@ -0,0 +1,85 @@ +import { db } from "@server/db"; +import { apiKeys } from "@server/db"; +import logger from "@server/logger"; +import HttpCode from "@server/types/HttpCode"; +import response from "@server/lib/response"; +import { NextFunction, Request, Response } from "express"; +import createHttpError from "http-errors"; +import { z } from "zod"; +import { fromError } from "zod-validation-error"; +import { eq } from "drizzle-orm"; + +const querySchema = z.object({ + limit: z + .string() + .optional() + .default("1000") + .transform(Number) + .pipe(z.number().int().positive()), + offset: z + .string() + .optional() + .default("0") + .transform(Number) + .pipe(z.number().int().nonnegative()) +}); + +function queryApiKeys() { + return db + .select({ + apiKeyId: apiKeys.apiKeyId, + lastChars: apiKeys.lastChars, + createdAt: apiKeys.createdAt, + name: apiKeys.name + }) + .from(apiKeys) + .where(eq(apiKeys.isRoot, true)); +} + +export type ListRootApiKeysResponse = { + apiKeys: Awaited>; + pagination: { total: number; limit: number; offset: number }; +}; + +export async function listRootApiKeys( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedQuery = querySchema.safeParse(req.query); + if (!parsedQuery.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedQuery.error) + ) + ); + } + const { limit, offset } = parsedQuery.data; + + const baseQuery = queryApiKeys(); + + const apiKeysList = await baseQuery.limit(limit).offset(offset); + + return response(res, { + data: { + apiKeys: apiKeysList, + pagination: { + total: apiKeysList.length, + limit, + offset + } + }, + success: true, + error: false, + message: "API keys retrieved successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/apiKeys/setApiKeyActions.ts b/server/routers/apiKeys/setApiKeyActions.ts new file mode 100644 index 00000000..bb16deb5 --- /dev/null +++ b/server/routers/apiKeys/setApiKeyActions.ts @@ -0,0 +1,136 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db } from "@server/db"; +import { actions, apiKeyActions } from "@server/db"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { fromError } from "zod-validation-error"; +import { eq, and, inArray } from "drizzle-orm"; +import { OpenAPITags, registry } from "@server/openApi"; + +const bodySchema = z + .object({ + actionIds: z + .array(z.string().nonempty()) + .transform((v) => Array.from(new Set(v))) + }) + .strict(); + +const paramsSchema = z.object({ + apiKeyId: z.string().nonempty() +}); + +registry.registerPath({ + method: "post", + path: "/org/{orgId}/api-key/{apiKeyId}/actions", + description: + "Set actions for an API key. This will replace any existing actions.", + tags: [OpenAPITags.Org, OpenAPITags.ApiKey], + request: { + params: paramsSchema, + body: { + content: { + "application/json": { + schema: bodySchema + } + } + } + }, + responses: {} +}); + +export async function setApiKeyActions( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedBody = bodySchema.safeParse(req.body); + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { actionIds: newActionIds } = parsedBody.data; + + const parsedParams = paramsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const { apiKeyId } = parsedParams.data; + + const actionsExist = await db + .select() + .from(actions) + .where(inArray(actions.actionId, newActionIds)); + + if (actionsExist.length !== newActionIds.length) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "One or more actions do not exist" + ) + ); + } + + await db.transaction(async (trx) => { + const existingActions = await trx + .select() + .from(apiKeyActions) + .where(eq(apiKeyActions.apiKeyId, apiKeyId)); + + const existingActionIds = existingActions.map((a) => a.actionId); + + const actionIdsToAdd = newActionIds.filter( + (id) => !existingActionIds.includes(id) + ); + const actionIdsToRemove = existingActionIds.filter( + (id) => !newActionIds.includes(id) + ); + + if (actionIdsToRemove.length > 0) { + await trx + .delete(apiKeyActions) + .where( + and( + eq(apiKeyActions.apiKeyId, apiKeyId), + inArray(apiKeyActions.actionId, actionIdsToRemove) + ) + ); + } + + if (actionIdsToAdd.length > 0) { + const insertValues = actionIdsToAdd.map((actionId) => ({ + apiKeyId, + actionId + })); + await trx.insert(apiKeyActions).values(insertValues); + } + }); + + return response(res, { + data: {}, + success: true, + error: false, + message: "API key actions updated successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/apiKeys/setApiKeyOrgs.ts b/server/routers/apiKeys/setApiKeyOrgs.ts new file mode 100644 index 00000000..f03eec18 --- /dev/null +++ b/server/routers/apiKeys/setApiKeyOrgs.ts @@ -0,0 +1,117 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db } from "@server/db"; +import { apiKeyOrg, orgs } from "@server/db"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { fromError } from "zod-validation-error"; +import { eq, and, inArray } from "drizzle-orm"; + +const bodySchema = z + .object({ + orgIds: z + .array(z.string().nonempty()) + .transform((v) => Array.from(new Set(v))) + }) + .strict(); + +const paramsSchema = z.object({ + apiKeyId: z.string().nonempty() +}); + +export async function setApiKeyOrgs( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedBody = bodySchema.safeParse(req.body); + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { orgIds: newOrgIds } = parsedBody.data; + + const parsedParams = paramsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const { apiKeyId } = parsedParams.data; + + // make sure all orgs exist + const allOrgs = await db + .select() + .from(orgs) + .where(inArray(orgs.orgId, newOrgIds)); + + if (allOrgs.length !== newOrgIds.length) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "One or more orgs do not exist" + ) + ); + } + + await db.transaction(async (trx) => { + const existingOrgs = await trx + .select({ orgId: apiKeyOrg.orgId }) + .from(apiKeyOrg) + .where(eq(apiKeyOrg.apiKeyId, apiKeyId)); + + const existingOrgIds = existingOrgs.map((a) => a.orgId); + + const orgIdsToAdd = newOrgIds.filter( + (id) => !existingOrgIds.includes(id) + ); + const orgIdsToRemove = existingOrgIds.filter( + (id) => !newOrgIds.includes(id) + ); + + if (orgIdsToRemove.length > 0) { + await trx + .delete(apiKeyOrg) + .where( + and( + eq(apiKeyOrg.apiKeyId, apiKeyId), + inArray(apiKeyOrg.orgId, orgIdsToRemove) + ) + ); + } + + if (orgIdsToAdd.length > 0) { + const insertValues = orgIdsToAdd.map((orgId) => ({ + apiKeyId, + orgId + })); + await trx.insert(apiKeyOrg).values(insertValues); + } + + return response(res, { + data: {}, + success: true, + error: false, + message: "API key orgs updated successfully", + status: HttpCode.OK + }); + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/auth/changePassword.ts b/server/routers/auth/changePassword.ts index 3b1e4c2f..3a9120e3 100644 --- a/server/routers/auth/changePassword.ts +++ b/server/routers/auth/changePassword.ts @@ -4,7 +4,7 @@ import HttpCode from "@server/types/HttpCode"; import { fromError } from "zod-validation-error"; import { z } from "zod"; import { db } from "@server/db"; -import { User, users } from "@server/db/schemas"; +import { User, users } from "@server/db"; import { eq } from "drizzle-orm"; import { response } from "@server/lib"; import { diff --git a/server/routers/auth/disable2fa.ts b/server/routers/auth/disable2fa.ts index b10dd9b2..7fbea2e5 100644 --- a/server/routers/auth/disable2fa.ts +++ b/server/routers/auth/disable2fa.ts @@ -4,7 +4,7 @@ import HttpCode from "@server/types/HttpCode"; import { fromError } from "zod-validation-error"; import { z } from "zod"; import { db } from "@server/db"; -import { User, users } from "@server/db/schemas"; +import { User, users } from "@server/db"; import { eq } from "drizzle-orm"; import { response } from "@server/lib"; import { verifyPassword } from "@server/auth/password"; diff --git a/server/routers/auth/index.ts b/server/routers/auth/index.ts index b2eaf8d2..505d12c2 100644 --- a/server/routers/auth/index.ts +++ b/server/routers/auth/index.ts @@ -6,7 +6,11 @@ export * from "./requestTotpSecret"; export * from "./disable2fa"; export * from "./verifyEmail"; export * from "./requestEmailVerificationCode"; -export * from "./changePassword"; -export * from "./requestPasswordReset"; export * from "./resetPassword"; +export * from "./requestPasswordReset"; +export * from "./setServerAdmin"; +export * from "./initialSetupComplete"; +export * from "./validateSetupToken"; +export * from "./changePassword"; export * from "./checkResourceSession"; +export * from "./securityKey"; diff --git a/server/routers/auth/initialSetupComplete.ts b/server/routers/auth/initialSetupComplete.ts new file mode 100644 index 00000000..8da9acd7 --- /dev/null +++ b/server/routers/auth/initialSetupComplete.ts @@ -0,0 +1,42 @@ +import { NextFunction, Request, Response } from "express"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { response } from "@server/lib"; +import { db, users } from "@server/db"; +import { eq } from "drizzle-orm"; + +export type InitialSetupCompleteResponse = { + complete: boolean; +}; + +export async function initialSetupComplete( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const [existing] = await db + .select() + .from(users) + .where(eq(users.serverAdmin, true)); + + return response(res, { + data: { + complete: !!existing + }, + success: true, + error: false, + message: "Initial setup check completed", + status: HttpCode.OK + }); + } catch (e) { + logger.error(e); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to check initial setup completion" + ) + ); + } +} diff --git a/server/routers/auth/login.ts b/server/routers/auth/login.ts index eda637fa..8dad5a42 100644 --- a/server/routers/auth/login.ts +++ b/server/routers/auth/login.ts @@ -3,8 +3,8 @@ import { generateSessionToken, serializeSessionCookie } from "@server/auth/sessions/app"; -import db from "@server/db"; -import { users } from "@server/db/schemas"; +import { db } from "@server/db"; +import { users, securityKeys } from "@server/db"; import HttpCode from "@server/types/HttpCode"; import response from "@server/lib/response"; import { eq, and } from "drizzle-orm"; @@ -21,10 +21,7 @@ import { UserType } from "@server/types/UserTypes"; export const loginBodySchema = z .object({ - email: z - .string() - .email() - .transform((v) => v.toLowerCase()), + email: z.string().toLowerCase().email(), password: z.string(), code: z.string().optional() }) @@ -35,6 +32,8 @@ export type LoginBody = z.infer; export type LoginResponse = { codeRequested?: boolean; emailVerificationRequired?: boolean; + useSecurityKey?: boolean; + twoFactorSetupRequired?: boolean; }; export async function login( @@ -107,6 +106,35 @@ export async function login( ); } + // // Check if user has security keys registered + // const userSecurityKeys = await db + // .select() + // .from(securityKeys) + // .where(eq(securityKeys.userId, existingUser.userId)); + // + // if (userSecurityKeys.length > 0) { + // return response(res, { + // data: { useSecurityKey: true }, + // success: true, + // error: false, + // message: "Security key authentication required", + // status: HttpCode.OK + // }); + // } + + if ( + existingUser.twoFactorSetupRequested && + !existingUser.twoFactorEnabled + ) { + return response(res, { + data: { twoFactorSetupRequired: true }, + success: true, + error: false, + message: "Two-factor authentication setup required", + status: HttpCode.ACCEPTED + }); + } + if (existingUser.twoFactorEnabled) { if (!code) { return response<{ codeRequested: boolean }>(res, { diff --git a/server/routers/auth/logout.ts b/server/routers/auth/logout.ts index db95c2e6..b9a1431a 100644 --- a/server/routers/auth/logout.ts +++ b/server/routers/auth/logout.ts @@ -34,7 +34,7 @@ export async function logout( try { await invalidateSession(session.sessionId); } catch (error) { - logger.error("Failed to invalidate session", error) + logger.error("Failed to invalidate session", error); } const isSecure = req.protocol === "https"; diff --git a/server/routers/auth/requestEmailVerificationCode.ts b/server/routers/auth/requestEmailVerificationCode.ts index 0cc8825c..eeabedf2 100644 --- a/server/routers/auth/requestEmailVerificationCode.ts +++ b/server/routers/auth/requestEmailVerificationCode.ts @@ -2,7 +2,7 @@ import { Request, Response, NextFunction } from "express"; import createHttpError from "http-errors"; import HttpCode from "@server/types/HttpCode"; import { response } from "@server/lib"; -import { User } from "@server/db/schemas"; +import { User } from "@server/db"; import { sendEmailVerificationCode } from "../../auth/sendEmailVerificationCode"; import config from "@server/lib/config"; import logger from "@server/logger"; diff --git a/server/routers/auth/requestPasswordReset.ts b/server/routers/auth/requestPasswordReset.ts index 087352f0..62951ab1 100644 --- a/server/routers/auth/requestPasswordReset.ts +++ b/server/routers/auth/requestPasswordReset.ts @@ -5,7 +5,7 @@ import { fromError } from "zod-validation-error"; import HttpCode from "@server/types/HttpCode"; import { response } from "@server/lib"; import { db } from "@server/db"; -import { passwordResetTokens, users } from "@server/db/schemas"; +import { passwordResetTokens, users } from "@server/db"; import { eq } from "drizzle-orm"; import { alphabet, generateRandomString, sha256 } from "oslo/crypto"; import { createDate } from "oslo"; @@ -20,8 +20,8 @@ export const requestPasswordResetBody = z .object({ email: z .string() - .email() - .transform((v) => v.toLowerCase()) + .toLowerCase() + .email(), }) .strict(); diff --git a/server/routers/auth/requestTotpSecret.ts b/server/routers/auth/requestTotpSecret.ts index a4f8bc4a..753867b6 100644 --- a/server/routers/auth/requestTotpSecret.ts +++ b/server/routers/auth/requestTotpSecret.ts @@ -6,17 +6,20 @@ import { encodeHex } from "oslo/encoding"; import HttpCode from "@server/types/HttpCode"; import { response } from "@server/lib"; import { db } from "@server/db"; -import { User, users } from "@server/db/schemas"; -import { eq } from "drizzle-orm"; +import { User, users } from "@server/db"; +import { eq, and } from "drizzle-orm"; import { createTOTPKeyURI } from "oslo/otp"; import logger from "@server/logger"; import { verifyPassword } from "@server/auth/password"; import { unauthorized } from "@server/auth/unauthorizedResponse"; import { UserType } from "@server/types/UserTypes"; +import { verifySession } from "@server/auth/sessions/verifySession"; +import config from "@server/lib/config"; export const requestTotpSecretBody = z .object({ - password: z.string() + password: z.string(), + email: z.string().email().optional() }) .strict(); @@ -43,9 +46,42 @@ export async function requestTotpSecret( ); } - const { password } = parsedBody.data; + const { password, email } = parsedBody.data; - const user = req.user as User; + const { user: sessionUser, session: existingSession } = await verifySession(req); + + let user: User | null = sessionUser; + if (!existingSession) { + if (!email) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Email is required for two-factor authentication setup" + ) + ); + } + const [res] = await db + .select() + .from(users) + .where( + and(eq(users.type, UserType.Internal), eq(users.email, email)) + ); + user = res; + } + + if (!user) { + if (config.getRawConfig().app.log_failed_attempts) { + logger.info( + `Username or password incorrect. Email: ${email}. IP: ${req.ip}.` + ); + } + return next( + createHttpError( + HttpCode.UNAUTHORIZED, + "Username or password is incorrect" + ) + ); + } if (user.type !== UserType.Internal) { return next( @@ -57,7 +93,10 @@ export async function requestTotpSecret( } try { - const validPassword = await verifyPassword(password, user.passwordHash!); + const validPassword = await verifyPassword( + password, + user.passwordHash! + ); if (!validPassword) { return next(unauthorized()); } @@ -73,7 +112,11 @@ export async function requestTotpSecret( const hex = crypto.getRandomValues(new Uint8Array(20)); const secret = encodeHex(hex); - const uri = createTOTPKeyURI("Pangolin", user.email!, hex); + const uri = createTOTPKeyURI( + "Pangolin", + user.email!, + hex + ); await db .update(users) diff --git a/server/routers/auth/resetPassword.ts b/server/routers/auth/resetPassword.ts index 967ddc66..8ae62eb0 100644 --- a/server/routers/auth/resetPassword.ts +++ b/server/routers/auth/resetPassword.ts @@ -6,7 +6,7 @@ import { fromError } from "zod-validation-error"; import HttpCode from "@server/types/HttpCode"; import { response } from "@server/lib"; import { db } from "@server/db"; -import { passwordResetTokens, users } from "@server/db/schemas"; +import { passwordResetTokens, users } from "@server/db"; import { eq } from "drizzle-orm"; import { hashPassword, verifyPassword } from "@server/auth/password"; import { verifyTotpCode } from "@server/auth/totp"; @@ -21,8 +21,8 @@ export const resetPasswordBody = z .object({ email: z .string() - .email() - .transform((v) => v.toLowerCase()), + .toLowerCase() + .email(), token: z.string(), // reset secret code newPassword: passwordSchema, code: z.string().optional() // 2fa code diff --git a/server/routers/auth/securityKey.ts b/server/routers/auth/securityKey.ts new file mode 100644 index 00000000..6b014986 --- /dev/null +++ b/server/routers/auth/securityKey.ts @@ -0,0 +1,717 @@ +import { Request, Response, NextFunction } from "express"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; +import { fromError } from "zod-validation-error"; +import { z } from "zod"; +import { db } from "@server/db"; +import { User, securityKeys, users, webauthnChallenge } from "@server/db"; +import { eq, and, lt } from "drizzle-orm"; +import { response } from "@server/lib"; +import logger from "@server/logger"; +import { + generateRegistrationOptions, + verifyRegistrationResponse, + generateAuthenticationOptions, + verifyAuthenticationResponse +} from "@simplewebauthn/server"; +import type { + GenerateRegistrationOptionsOpts, + VerifyRegistrationResponseOpts, + GenerateAuthenticationOptionsOpts, + VerifyAuthenticationResponseOpts, + VerifiedRegistrationResponse, + VerifiedAuthenticationResponse +} from "@simplewebauthn/server"; +import type { + AuthenticatorTransport, + AuthenticatorTransportFuture, + PublicKeyCredentialDescriptorJSON, + PublicKeyCredentialDescriptorFuture +} from "@simplewebauthn/types"; +import config from "@server/lib/config"; +import { UserType } from "@server/types/UserTypes"; +import { verifyPassword } from "@server/auth/password"; +import { unauthorized } from "@server/auth/unauthorizedResponse"; +import { verifyTotpCode } from "@server/auth/totp"; + +// The RP ID is the domain name of your application +const rpID = (() => { + const url = config.getRawConfig().app.dashboard_url ? new URL(config.getRawConfig().app.dashboard_url!) : undefined; + // For localhost, we must use 'localhost' without port + if (url?.hostname === 'localhost' || !url) { + return 'localhost'; + } + return url.hostname; +})(); + +const rpName = "Pangolin"; +const origin = config.getRawConfig().app.dashboard_url || "localhost"; + +// Database-based challenge storage (replaces in-memory storage) +// Challenges are stored in the webauthnChallenge table with automatic expiration +// This supports clustered deployments and persists across server restarts + +// Clean up expired challenges every 5 minutes +setInterval(async () => { + try { + const now = Date.now(); + await db + .delete(webauthnChallenge) + .where(lt(webauthnChallenge.expiresAt, now)); + logger.debug("Cleaned up expired security key challenges"); + } catch (error) { + logger.error("Failed to clean up expired security key challenges", error); + } +}, 5 * 60 * 1000); + +// Helper functions for challenge management +async function storeChallenge(sessionId: string, challenge: string, securityKeyName?: string, userId?: string) { + const expiresAt = Date.now() + (5 * 60 * 1000); // 5 minutes + + // Delete any existing challenge for this session + await db.delete(webauthnChallenge).where(eq(webauthnChallenge.sessionId, sessionId)); + + // Insert new challenge + await db.insert(webauthnChallenge).values({ + sessionId, + challenge, + securityKeyName, + userId, + expiresAt + }); +} + +async function getChallenge(sessionId: string) { + const [challengeData] = await db + .select() + .from(webauthnChallenge) + .where(eq(webauthnChallenge.sessionId, sessionId)) + .limit(1); + + if (!challengeData) { + return null; + } + + // Check if expired + if (challengeData.expiresAt < Date.now()) { + await db.delete(webauthnChallenge).where(eq(webauthnChallenge.sessionId, sessionId)); + return null; + } + + return challengeData; +} + +async function clearChallenge(sessionId: string) { + await db.delete(webauthnChallenge).where(eq(webauthnChallenge.sessionId, sessionId)); +} + +export const registerSecurityKeyBody = z.object({ + name: z.string().min(1), + password: z.string().min(1), + code: z.string().optional() +}).strict(); + +export const verifyRegistrationBody = z.object({ + credential: z.any() +}).strict(); + +export const startAuthenticationBody = z.object({ + email: z.string().email().optional() +}).strict(); + +export const verifyAuthenticationBody = z.object({ + credential: z.any() +}).strict(); + +export const deleteSecurityKeyBody = z.object({ + password: z.string().min(1), + code: z.string().optional() +}).strict(); + +export async function startRegistration( + req: Request, + res: Response, + next: NextFunction +): Promise { + const parsedBody = registerSecurityKeyBody.safeParse(req.body); + + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { name, password, code } = parsedBody.data; + const user = req.user as User; + + // Only allow internal users to use security keys + if (user.type !== UserType.Internal) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Security keys are only available for internal users" + ) + ); + } + + try { + // Verify password + const validPassword = await verifyPassword(password, user.passwordHash!); + if (!validPassword) { + return next(unauthorized()); + } + + // If user has 2FA enabled, require and verify the code + if (user.twoFactorEnabled) { + if (!code) { + return response<{ codeRequested: boolean }>(res, { + data: { codeRequested: true }, + success: true, + error: false, + message: "Two-factor authentication required", + status: HttpCode.ACCEPTED + }); + } + + const validOTP = await verifyTotpCode( + code, + user.twoFactorSecret!, + user.userId + ); + + if (!validOTP) { + if (config.getRawConfig().app.log_failed_attempts) { + logger.info( + `Two-factor code incorrect. Email: ${user.email}. IP: ${req.ip}.` + ); + } + return next( + createHttpError( + HttpCode.UNAUTHORIZED, + "The two-factor code you entered is incorrect" + ) + ); + } + } + + // Get existing security keys for user + const existingSecurityKeys = await db + .select() + .from(securityKeys) + .where(eq(securityKeys.userId, user.userId)); + + const excludeCredentials = existingSecurityKeys.map(key => ({ + id: new Uint8Array(Buffer.from(key.credentialId, 'base64')), + type: 'public-key' as const, + transports: key.transports ? JSON.parse(key.transports) as AuthenticatorTransportFuture[] : undefined + })); + + const options: GenerateRegistrationOptionsOpts = { + rpName, + rpID, + userID: user.userId, + userName: user.email || user.username, + attestationType: 'none', + excludeCredentials, + authenticatorSelection: { + residentKey: 'preferred', + userVerification: 'preferred', + } + }; + + const registrationOptions = await generateRegistrationOptions(options); + + // Store challenge in database + await storeChallenge(req.session.sessionId, registrationOptions.challenge, name, user.userId); + + return response(res, { + data: registrationOptions, + success: true, + error: false, + message: "Registration options generated successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to start registration" + ) + ); + } +} + +export async function verifyRegistration( + req: Request, + res: Response, + next: NextFunction +): Promise { + const parsedBody = verifyRegistrationBody.safeParse(req.body); + + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { credential } = parsedBody.data; + const user = req.user as User; + + // Only allow internal users to use security keys + if (user.type !== UserType.Internal) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Security keys are only available for internal users" + ) + ); + } + + try { + // Get challenge from database + const challengeData = await getChallenge(req.session.sessionId); + + if (!challengeData) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "No challenge found in session or challenge expired" + ) + ); + } + + const verification = await verifyRegistrationResponse({ + response: credential, + expectedChallenge: challengeData.challenge, + expectedOrigin: origin, + expectedRPID: rpID, + requireUserVerification: false + }); + + const { verified, registrationInfo } = verification; + + if (!verified || !registrationInfo) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Verification failed" + ) + ); + } + + // Store the security key in the database + await db.insert(securityKeys).values({ + credentialId: Buffer.from(registrationInfo.credentialID).toString('base64'), + userId: user.userId, + publicKey: Buffer.from(registrationInfo.credentialPublicKey).toString('base64'), + signCount: registrationInfo.counter || 0, + transports: credential.response.transports ? JSON.stringify(credential.response.transports) : null, + name: challengeData.securityKeyName, + lastUsed: new Date().toISOString(), + dateCreated: new Date().toISOString() + }); + + // Clear challenge data + await clearChallenge(req.session.sessionId); + + return response(res, { + data: null, + success: true, + error: false, + message: "Security key registered successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to verify registration" + ) + ); + } +} + +export async function listSecurityKeys( + req: Request, + res: Response, + next: NextFunction +): Promise { + const user = req.user as User; + + // Only allow internal users to use security keys + if (user.type !== UserType.Internal) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Security keys are only available for internal users" + ) + ); + } + + try { + const userSecurityKeys = await db + .select() + .from(securityKeys) + .where(eq(securityKeys.userId, user.userId)); + + return response(res, { + data: userSecurityKeys, + success: true, + error: false, + message: "Security keys retrieved successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to retrieve security keys" + ) + ); + } +} + +export async function deleteSecurityKey( + req: Request, + res: Response, + next: NextFunction +): Promise { + const { credentialId: encodedCredentialId } = req.params; + const credentialId = decodeURIComponent(encodedCredentialId); + const user = req.user as User; + + const parsedBody = deleteSecurityKeyBody.safeParse(req.body); + + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { password, code } = parsedBody.data; + + // Only allow internal users to use security keys + if (user.type !== UserType.Internal) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Security keys are only available for internal users" + ) + ); + } + + try { + // Verify password + const validPassword = await verifyPassword(password, user.passwordHash!); + if (!validPassword) { + return next(unauthorized()); + } + + // If user has 2FA enabled, require and verify the code + if (user.twoFactorEnabled) { + if (!code) { + return response<{ codeRequested: boolean }>(res, { + data: { codeRequested: true }, + success: true, + error: false, + message: "Two-factor authentication required", + status: HttpCode.ACCEPTED + }); + } + + const validOTP = await verifyTotpCode( + code, + user.twoFactorSecret!, + user.userId + ); + + if (!validOTP) { + if (config.getRawConfig().app.log_failed_attempts) { + logger.info( + `Two-factor code incorrect. Email: ${user.email}. IP: ${req.ip}.` + ); + } + return next( + createHttpError( + HttpCode.UNAUTHORIZED, + "The two-factor code you entered is incorrect" + ) + ); + } + } + + await db + .delete(securityKeys) + .where(and( + eq(securityKeys.credentialId, credentialId), + eq(securityKeys.userId, user.userId) + )); + + return response(res, { + data: null, + success: true, + error: false, + message: "Security key deleted successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to delete security key" + ) + ); + } +} + +export async function startAuthentication( + req: Request, + res: Response, + next: NextFunction +): Promise { + const parsedBody = startAuthenticationBody.safeParse(req.body); + + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { email } = parsedBody.data; + + try { + let allowCredentials: PublicKeyCredentialDescriptorFuture[] = []; + let userId; + + // If email is provided, get security keys for that specific user + if (email) { + const [user] = await db + .select() + .from(users) + .where(eq(users.email, email)) + .limit(1); + + if (!user || user.type !== UserType.Internal) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Invalid credentials" + ) + ); + } + + userId = user.userId; + + const userSecurityKeys = await db + .select() + .from(securityKeys) + .where(eq(securityKeys.userId, user.userId)); + + if (userSecurityKeys.length === 0) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "No security keys registered for this user" + ) + ); + } + + allowCredentials = userSecurityKeys.map(key => ({ + id: new Uint8Array(Buffer.from(key.credentialId, 'base64')), + type: 'public-key' as const, + transports: key.transports ? JSON.parse(key.transports) as AuthenticatorTransportFuture[] : undefined + })); + } else { + // If no email provided, allow any security key (for resident key authentication) + allowCredentials = []; + } + + const options: GenerateAuthenticationOptionsOpts = { + rpID, + allowCredentials, + userVerification: 'preferred', + }; + + const authenticationOptions = await generateAuthenticationOptions(options); + + // Generate a temporary session ID for unauthenticated users + const tempSessionId = email ? `temp_${email}_${Date.now()}` : `temp_${Date.now()}`; + + // Store challenge in database + await storeChallenge(tempSessionId, authenticationOptions.challenge, undefined, userId); + + return response(res, { + data: { ...authenticationOptions, tempSessionId }, + success: true, + error: false, + message: "Authentication options generated", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to generate authentication options" + ) + ); + } +} + +export async function verifyAuthentication( + req: Request, + res: Response, + next: NextFunction +): Promise { + const parsedBody = verifyAuthenticationBody.safeParse(req.body); + + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { credential } = parsedBody.data; + const tempSessionId = req.headers['x-temp-session-id'] as string; + + if (!tempSessionId) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Your session information is missing. This might happen if you've been inactive for too long or if your browser cleared temporary data. Please start the sign-in process again." + ) + ); + } + + try { + // Get challenge from database + const challengeData = await getChallenge(tempSessionId); + + if (!challengeData) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Your sign-in session has expired. For security reasons, you have 5 minutes to complete the authentication process. Please try signing in again." + ) + ); + } + + // Find the security key in database + const credentialId = Buffer.from(credential.id, 'base64').toString('base64'); + const [securityKey] = await db + .select() + .from(securityKeys) + .where(eq(securityKeys.credentialId, credentialId)) + .limit(1); + + if (!securityKey) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "We couldn't verify your security key. This might happen if your device isn't compatible or if the security key was removed too quickly. Please try again and keep your security key connected until the process completes." + ) + ); + } + + // Get the user + const [user] = await db + .select() + .from(users) + .where(eq(users.userId, securityKey.userId)) + .limit(1); + + if (!user || user.type !== UserType.Internal) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "User not found or not authorized for security key authentication" + ) + ); + } + + const verification = await verifyAuthenticationResponse({ + response: credential, + expectedChallenge: challengeData.challenge, + expectedOrigin: origin, + expectedRPID: rpID, + authenticator: { + credentialID: Buffer.from(securityKey.credentialId, 'base64'), + credentialPublicKey: Buffer.from(securityKey.publicKey, 'base64'), + counter: securityKey.signCount, + transports: securityKey.transports ? JSON.parse(securityKey.transports) as AuthenticatorTransportFuture[] : undefined + }, + requireUserVerification: false + }); + + const { verified, authenticationInfo } = verification; + + if (!verified) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Authentication failed. This could happen if your security key wasn't recognized or was removed too early. Please ensure your security key is properly connected and try again." + ) + ); + } + + // Update sign count + await db + .update(securityKeys) + .set({ + signCount: authenticationInfo.newCounter, + lastUsed: new Date().toISOString() + }) + .where(eq(securityKeys.credentialId, credentialId)); + + // Create session for the user + const { createSession, generateSessionToken, serializeSessionCookie } = await import("@server/auth/sessions/app"); + const token = generateSessionToken(); + const session = await createSession(token, user.userId); + const isSecure = req.protocol === "https"; + const cookie = serializeSessionCookie( + token, + isSecure, + new Date(session.expiresAt) + ); + + res.setHeader("Set-Cookie", cookie); + + // Clear challenge data + await clearChallenge(tempSessionId); + + return response(res, { + data: null, + success: true, + error: false, + message: "Authentication successful", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to verify authentication" + ) + ); + } +} \ No newline at end of file diff --git a/server/routers/auth/setServerAdmin.ts b/server/routers/auth/setServerAdmin.ts new file mode 100644 index 00000000..ebb95359 --- /dev/null +++ b/server/routers/auth/setServerAdmin.ts @@ -0,0 +1,121 @@ +import { NextFunction, Request, Response } from "express"; +import HttpCode from "@server/types/HttpCode"; +import { z } from "zod"; +import { fromError } from "zod-validation-error"; +import createHttpError from "http-errors"; +import { generateId } from "@server/auth/sessions/app"; +import logger from "@server/logger"; +import { hashPassword } from "@server/auth/password"; +import { passwordSchema } from "@server/auth/passwordSchema"; +import { response } from "@server/lib"; +import { db, users, setupTokens } from "@server/db"; +import { eq, and } from "drizzle-orm"; +import { UserType } from "@server/types/UserTypes"; +import moment from "moment"; + +export const bodySchema = z.object({ + email: z.string().toLowerCase().email(), + password: passwordSchema, + setupToken: z.string().min(1, "Setup token is required") +}); + +export type SetServerAdminBody = z.infer; + +export type SetServerAdminResponse = null; + +export async function setServerAdmin( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedBody = bodySchema.safeParse(req.body); + + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { email, password, setupToken } = parsedBody.data; + + // Validate setup token + const [validToken] = await db + .select() + .from(setupTokens) + .where( + and( + eq(setupTokens.token, setupToken), + eq(setupTokens.used, false) + ) + ); + + if (!validToken) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Invalid or expired setup token" + ) + ); + } + + const [existing] = await db + .select() + .from(users) + .where(eq(users.serverAdmin, true)); + + if (existing) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Server admin already exists" + ) + ); + } + + const passwordHash = await hashPassword(password); + const userId = generateId(15); + + await db.transaction(async (trx) => { + // Mark the token as used + await trx + .update(setupTokens) + .set({ + used: true, + dateUsed: moment().toISOString() + }) + .where(eq(setupTokens.tokenId, validToken.tokenId)); + + // Create the server admin user + await trx.insert(users).values({ + userId: userId, + email: email, + type: UserType.Internal, + username: email, + passwordHash, + dateCreated: moment().toISOString(), + serverAdmin: true, + emailVerified: true + }); + }); + + return response(res, { + data: null, + success: true, + error: false, + message: "Server admin set successfully", + status: HttpCode.OK + }); + } catch (e) { + logger.error(e); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to set server admin" + ) + ); + } +} diff --git a/server/routers/auth/signup.ts b/server/routers/auth/signup.ts index 564a1378..09c8db07 100644 --- a/server/routers/auth/signup.ts +++ b/server/routers/auth/signup.ts @@ -1,8 +1,7 @@ import { NextFunction, Request, Response } from "express"; -import db from "@server/db"; +import { db, users } from "@server/db"; import HttpCode from "@server/types/HttpCode"; import { z } from "zod"; -import { users } from "@server/db/schemas"; import { fromError } from "zod-validation-error"; import createHttpError from "http-errors"; import response from "@server/lib/response"; @@ -22,15 +21,14 @@ import { hashPassword } from "@server/auth/password"; import { checkValidInvite } from "@server/auth/checkValidInvite"; import { passwordSchema } from "@server/auth/passwordSchema"; import { UserType } from "@server/types/UserTypes"; +import { build } from "@server/build"; export const signupBodySchema = z.object({ - email: z - .string() - .email() - .transform((v) => v.toLowerCase()), + email: z.string().toLowerCase().email(), password: passwordSchema, inviteToken: z.string().optional(), - inviteId: z.string().optional() + inviteId: z.string().optional(), + termsAcceptedTimestamp: z.string().nullable().optional() }); export type SignUpBody = z.infer; @@ -55,9 +53,8 @@ export async function signup( ); } - const { email, password, inviteToken, inviteId } = parsedBody.data; - - logger.debug("signup", { email, password, inviteToken, inviteId }); + const { email, password, inviteToken, inviteId, termsAcceptedTimestamp } = + parsedBody.data; const passwordHash = await hashPassword(password); const userId = generateId(15); @@ -143,28 +140,45 @@ export async function signup( if (diff < 2) { // If the user was created less than 2 hours ago, we don't want to create a new user - return response(res, { - data: { - emailVerificationRequired: true - }, - success: true, - error: false, - message: `A user with that email address already exists. We sent an email to ${email} with a verification code.`, - status: HttpCode.OK - }); + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "A user with that email address already exists" + ) + ); + // return response(res, { + // data: { + // emailVerificationRequired: true + // }, + // success: true, + // error: false, + // message: `A user with that email address already exists. We sent an email to ${email} with a verification code.`, + // status: HttpCode.OK + // }); } else { // If the user was created more than 2 hours ago, we want to delete the old user and create a new one await db.delete(users).where(eq(users.userId, user.userId)); } } + if (build === "saas" && !termsAcceptedTimestamp) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "You must accept the terms of service and privacy policy" + ) + ); + } + await db.insert(users).values({ userId: userId, type: UserType.Internal, username: email, email: email, passwordHash, - dateCreated: moment().toISOString() + dateCreated: moment().toISOString(), + termsAcceptedTimestamp: termsAcceptedTimestamp || null, + termsVersion: "1" }); // give the user their default permissions: diff --git a/server/routers/auth/validateSetupToken.ts b/server/routers/auth/validateSetupToken.ts new file mode 100644 index 00000000..e3c29833 --- /dev/null +++ b/server/routers/auth/validateSetupToken.ts @@ -0,0 +1,84 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db, setupTokens } from "@server/db"; +import { eq, and } from "drizzle-orm"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { fromError } from "zod-validation-error"; + +const validateSetupTokenSchema = z + .object({ + token: z.string().min(1, "Token is required") + }) + .strict(); + +export type ValidateSetupTokenResponse = { + valid: boolean; + message: string; +}; + +export async function validateSetupToken( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedBody = validateSetupTokenSchema.safeParse(req.body); + + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { token } = parsedBody.data; + + // Find the token in the database + const [setupToken] = await db + .select() + .from(setupTokens) + .where( + and( + eq(setupTokens.token, token), + eq(setupTokens.used, false) + ) + ); + + if (!setupToken) { + return response(res, { + data: { + valid: false, + message: "Invalid or expired setup token" + }, + success: true, + error: false, + message: "Token validation completed", + status: HttpCode.OK + }); + } + + return response(res, { + data: { + valid: true, + message: "Setup token is valid" + }, + success: true, + error: false, + message: "Token validation completed", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to validate setup token" + ) + ); + } +} \ No newline at end of file diff --git a/server/routers/auth/verifyEmail.ts b/server/routers/auth/verifyEmail.ts index fd7aa138..f707de22 100644 --- a/server/routers/auth/verifyEmail.ts +++ b/server/routers/auth/verifyEmail.ts @@ -5,7 +5,7 @@ import { fromError } from "zod-validation-error"; import HttpCode from "@server/types/HttpCode"; import { response } from "@server/lib"; import { db } from "@server/db"; -import { User, emailVerificationCodes, users } from "@server/db/schemas"; +import { User, emailVerificationCodes, users } from "@server/db"; import { eq } from "drizzle-orm"; import { isWithinExpirationDate } from "oslo"; import config from "@server/lib/config"; diff --git a/server/routers/auth/verifyTotp.ts b/server/routers/auth/verifyTotp.ts index db4ec1a1..6b45a93e 100644 --- a/server/routers/auth/verifyTotp.ts +++ b/server/routers/auth/verifyTotp.ts @@ -5,19 +5,23 @@ import { fromError } from "zod-validation-error"; import HttpCode from "@server/types/HttpCode"; import { response } from "@server/lib"; import { db } from "@server/db"; -import { twoFactorBackupCodes, User, users } from "@server/db/schemas"; -import { eq } from "drizzle-orm"; -import { alphabet, generateRandomString } from "oslo/crypto"; -import { hashPassword } from "@server/auth/password"; +import { twoFactorBackupCodes, User, users } from "@server/db"; +import { eq, and } from "drizzle-orm"; +import { hashPassword, verifyPassword } from "@server/auth/password"; import { verifyTotpCode } from "@server/auth/totp"; import logger from "@server/logger"; import { sendEmail } from "@server/emails"; import TwoFactorAuthNotification from "@server/emails/templates/TwoFactorAuthNotification"; import config from "@server/lib/config"; import { UserType } from "@server/types/UserTypes"; +import { generateBackupCodes } from "@server/lib/totp"; +import { verifySession } from "@server/auth/sessions/verifySession"; +import { unauthorized } from "@server/auth/unauthorizedResponse"; export const verifyTotpBody = z .object({ + email: z.string().email().optional(), + password: z.string().optional(), code: z.string() }) .strict(); @@ -45,38 +49,83 @@ export async function verifyTotp( ); } - const { code } = parsedBody.data; - - const user = req.user as User; - - if (user.type !== UserType.Internal) { - return next( - createHttpError( - HttpCode.BAD_REQUEST, - "Two-factor authentication is not supported for external users" - ) - ); - } - - if (user.twoFactorEnabled) { - return next( - createHttpError( - HttpCode.BAD_REQUEST, - "Two-factor authentication is already enabled" - ) - ); - } - - if (!user.twoFactorSecret) { - return next( - createHttpError( - HttpCode.BAD_REQUEST, - "User has not requested two-factor authentication" - ) - ); - } + const { code, email, password } = parsedBody.data; try { + const { user: sessionUser, session: existingSession } = + await verifySession(req); + + let user: User | null = sessionUser; + if (!existingSession) { + if (!email || !password) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Email and password are required for two-factor authentication" + ) + ); + } + const [res] = await db + .select() + .from(users) + .where( + and( + eq(users.type, UserType.Internal), + eq(users.email, email) + ) + ); + user = res; + + const validPassword = await verifyPassword( + password, + user.passwordHash! + ); + if (!validPassword) { + return next(unauthorized()); + } + } + + if (!user) { + if (config.getRawConfig().app.log_failed_attempts) { + logger.info( + `Username or password incorrect. Email: ${email}. IP: ${req.ip}.` + ); + } + return next( + createHttpError( + HttpCode.UNAUTHORIZED, + "Username or password is incorrect" + ) + ); + } + + if (user.type !== UserType.Internal) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Two-factor authentication is not supported for external users" + ) + ); + } + + if (user.twoFactorEnabled) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Two-factor authentication is already enabled" + ) + ); + } + + if (!user.twoFactorSecret) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "User has not requested two-factor authentication" + ) + ); + } + const valid = await verifyTotpCode( code, user.twoFactorSecret, @@ -89,7 +138,9 @@ export async function verifyTotp( await db.transaction(async (trx) => { await trx .update(users) - .set({ twoFactorEnabled: true }) + .set({ + twoFactorEnabled: true + }) .where(eq(users.userId, user.userId)); const backupCodes = await generateBackupCodes(); @@ -153,12 +204,3 @@ export async function verifyTotp( ); } } - -async function generateBackupCodes(): Promise { - const codes = []; - for (let i = 0; i < 10; i++) { - const code = generateRandomString(6, alphabet("0-9", "A-Z", "a-z")); - codes.push(code); - } - return codes; -} diff --git a/server/routers/badger/exchangeSession.ts b/server/routers/badger/exchangeSession.ts index a9208423..d6f2c7c7 100644 --- a/server/routers/badger/exchangeSession.ts +++ b/server/routers/badger/exchangeSession.ts @@ -4,8 +4,8 @@ import createHttpError from "http-errors"; import { z } from "zod"; import { fromError } from "zod-validation-error"; import logger from "@server/logger"; -import { resourceAccessToken, resources, sessions } from "@server/db/schemas"; -import db from "@server/db"; +import { resourceAccessToken, resources, sessions } from "@server/db"; +import { db } from "@server/db"; import { eq } from "drizzle-orm"; import { createResourceSession, @@ -52,20 +52,26 @@ export async function exchangeSession( try { const { requestToken, host, requestIp } = parsedBody.data; + let cleanHost = host; + // if the host ends with :port + if (cleanHost.match(/:[0-9]{1,5}$/)) { + const matched = ''+cleanHost.match(/:[0-9]{1,5}$/); + cleanHost = cleanHost.slice(0, -1*matched.length); + } const clientIp = requestIp?.split(":")[0]; const [resource] = await db .select() .from(resources) - .where(eq(resources.fullDomain, host)) + .where(eq(resources.fullDomain, cleanHost)) .limit(1); if (!resource) { return next( createHttpError( HttpCode.NOT_FOUND, - `Resource with host ${host} not found` + `Resource with host ${cleanHost} not found` ) ); } diff --git a/server/routers/badger/verifySession.test.ts b/server/routers/badger/verifySession.test.ts index 0a459dcf..b0ad9873 100644 --- a/server/routers/badger/verifySession.test.ts +++ b/server/routers/badger/verifySession.test.ts @@ -1,61 +1,136 @@ -import { isPathAllowed } from './verifySession'; import { assertEquals } from '@test/assert'; +function isPathAllowed(pattern: string, path: string): boolean { + + // Normalize and split paths into segments + const normalize = (p: string) => p.split("/").filter(Boolean); + const patternParts = normalize(pattern); + const pathParts = normalize(path); + + + // Recursive function to try different wildcard matches + function matchSegments(patternIndex: number, pathIndex: number): boolean { + const indent = " ".repeat(pathIndex); // Indent based on recursion depth + const currentPatternPart = patternParts[patternIndex]; + const currentPathPart = pathParts[pathIndex]; + + // If we've consumed all pattern parts, we should have consumed all path parts + if (patternIndex >= patternParts.length) { + const result = pathIndex >= pathParts.length; + return result; + } + + // If we've consumed all path parts but still have pattern parts + if (pathIndex >= pathParts.length) { + // The only way this can match is if all remaining pattern parts are wildcards + const remainingPattern = patternParts.slice(patternIndex); + const result = remainingPattern.every((p) => p === "*"); + return result; + } + + // For full segment wildcards, try consuming different numbers of path segments + if (currentPatternPart === "*") { + + // Try consuming 0 segments (skip the wildcard) + if (matchSegments(patternIndex + 1, pathIndex)) { + return true; + } + + // Try consuming current segment and recursively try rest + if (matchSegments(patternIndex, pathIndex + 1)) { + return true; + } + + return false; + } + + // Check for in-segment wildcard (e.g., "prefix*" or "prefix*suffix") + if (currentPatternPart.includes("*")) { + // Convert the pattern segment to a regex pattern + const regexPattern = currentPatternPart + .replace(/\*/g, ".*") // Replace * with .* for regex wildcard + .replace(/\?/g, "."); // Replace ? with . for single character wildcard if needed + + const regex = new RegExp(`^${regexPattern}$`); + + if (regex.test(currentPathPart)) { + return matchSegments(patternIndex + 1, pathIndex + 1); + } + + return false; + } + + // For regular segments, they must match exactly + if (currentPatternPart !== currentPathPart) { + return false; + } + + // Move to next segments in both pattern and path + return matchSegments(patternIndex + 1, pathIndex + 1); + } + + const result = matchSegments(0, 0); + return result; +} + function runTests() { console.log('Running path matching tests...'); - + // Test exact matching assertEquals(isPathAllowed('foo', 'foo'), true, 'Exact match should be allowed'); assertEquals(isPathAllowed('foo', 'bar'), false, 'Different segments should not match'); assertEquals(isPathAllowed('foo/bar', 'foo/bar'), true, 'Exact multi-segment match should be allowed'); assertEquals(isPathAllowed('foo/bar', 'foo/baz'), false, 'Partial multi-segment match should not be allowed'); - + // Test with leading and trailing slashes assertEquals(isPathAllowed('/foo', 'foo'), true, 'Pattern with leading slash should match'); assertEquals(isPathAllowed('foo/', 'foo'), true, 'Pattern with trailing slash should match'); assertEquals(isPathAllowed('/foo/', 'foo'), true, 'Pattern with both leading and trailing slashes should match'); assertEquals(isPathAllowed('foo', '/foo/'), true, 'Path with leading and trailing slashes should match'); - + // Test simple wildcard matching assertEquals(isPathAllowed('*', 'foo'), true, 'Single wildcard should match any single segment'); assertEquals(isPathAllowed('*', 'foo/bar'), true, 'Single wildcard should match multiple segments'); assertEquals(isPathAllowed('*/bar', 'foo/bar'), true, 'Wildcard prefix should match'); assertEquals(isPathAllowed('foo/*', 'foo/bar'), true, 'Wildcard suffix should match'); assertEquals(isPathAllowed('foo/*/baz', 'foo/bar/baz'), true, 'Wildcard in middle should match'); - + // Test multiple wildcards assertEquals(isPathAllowed('*/*', 'foo/bar'), true, 'Multiple wildcards should match corresponding segments'); assertEquals(isPathAllowed('*/*/*', 'foo/bar/baz'), true, 'Three wildcards should match three segments'); assertEquals(isPathAllowed('foo/*/*', 'foo/bar/baz'), true, 'Specific prefix with wildcards should match'); assertEquals(isPathAllowed('*/*/baz', 'foo/bar/baz'), true, 'Wildcards with specific suffix should match'); - + // Test wildcard consumption behavior assertEquals(isPathAllowed('*', ''), true, 'Wildcard should optionally consume segments'); assertEquals(isPathAllowed('foo/*', 'foo'), true, 'Trailing wildcard should be optional'); assertEquals(isPathAllowed('*/*', 'foo'), true, 'Multiple wildcards can match fewer segments'); assertEquals(isPathAllowed('*/*/*', 'foo/bar'), true, 'Extra wildcards can be skipped'); - + // Test complex nested paths assertEquals(isPathAllowed('api/*/users', 'api/v1/users'), true, 'API versioning pattern should match'); assertEquals(isPathAllowed('api/*/users/*', 'api/v1/users/123'), true, 'API resource pattern should match'); assertEquals(isPathAllowed('api/*/users/*/profile', 'api/v1/users/123/profile'), true, 'Nested API pattern should match'); - + // Test for the requested padbootstrap* pattern assertEquals(isPathAllowed('padbootstrap*', 'padbootstrap'), true, 'padbootstrap* should match padbootstrap'); assertEquals(isPathAllowed('padbootstrap*', 'padbootstrapv1'), true, 'padbootstrap* should match padbootstrapv1'); assertEquals(isPathAllowed('padbootstrap*', 'padbootstrap/files'), false, 'padbootstrap* should not match padbootstrap/files'); assertEquals(isPathAllowed('padbootstrap*/*', 'padbootstrap/files'), true, 'padbootstrap*/* should match padbootstrap/files'); assertEquals(isPathAllowed('padbootstrap*/files', 'padbootstrapv1/files'), true, 'padbootstrap*/files should not match padbootstrapv1/files (wildcard is segment-based, not partial)'); - + // Test wildcard edge cases assertEquals(isPathAllowed('*/*/*/*/*/*', 'a/b'), true, 'Many wildcards can match few segments'); assertEquals(isPathAllowed('a/*/b/*/c', 'a/anything/b/something/c'), true, 'Multiple wildcards in pattern should match corresponding segments'); - + // Test patterns with partial segment matches assertEquals(isPathAllowed('padbootstrap*', 'padbootstrap-123'), true, 'Wildcards in isPathAllowed should be segment-based, not character-based'); assertEquals(isPathAllowed('test*', 'testuser'), true, 'Asterisk as part of segment name is treated as a literal, not a wildcard'); assertEquals(isPathAllowed('my*app', 'myapp'), true, 'Asterisk in middle of segment name is treated as a literal, not a wildcard'); + assertEquals(isPathAllowed('/', '/'), true, 'Root path should match root path'); + assertEquals(isPathAllowed('/', '/test'), false, 'Root path should not match non-root path'); + console.log('All tests passed!'); } @@ -64,4 +139,4 @@ try { runTests(); } catch (error) { console.error('Test failed:', error); -} \ No newline at end of file +} diff --git a/server/routers/badger/verifySession.ts b/server/routers/badger/verifySession.ts index 0c2e6493..120aa528 100644 --- a/server/routers/badger/verifySession.ts +++ b/server/routers/badger/verifySession.ts @@ -5,34 +5,34 @@ import { validateResourceSessionToken } from "@server/auth/sessions/resource"; import { verifyResourceAccessToken } from "@server/auth/verifyResourceAccessToken"; -import db from "@server/db"; +import { + getResourceByDomain, + getUserSessionWithUser, + getUserOrgRoles, + getRoleResourceAccess, + getUserResourceAccess, + getResourceRules +} from "@server/db/queries/verifySessionQueries"; import { Resource, ResourceAccessToken, ResourcePassword, - resourcePassword, ResourcePincode, - resourcePincode, ResourceRule, - resourceRules, - resources, - roleResources, sessions, - userOrgs, - userResources, users -} from "@server/db/schemas"; +} from "@server/db"; import config from "@server/lib/config"; import { isIpInCidr } from "@server/lib/ip"; import { response } from "@server/lib/response"; import logger from "@server/logger"; import HttpCode from "@server/types/HttpCode"; -import { and, eq } from "drizzle-orm"; import { NextFunction, Request, Response } from "express"; import createHttpError from "http-errors"; import NodeCache from "node-cache"; import { z } from "zod"; import { fromError } from "zod-validation-error"; +import { getCountryCodeForIp } from "@server/lib"; // We'll see if this speeds anything up const cache = new NodeCache({ @@ -56,9 +56,16 @@ export type VerifyResourceSessionSchema = z.infer< typeof verifyResourceSessionSchema >; +type BasicUserData = { + username: string; + email: string | null; + name: string | null; +}; + export type VerifyUserResponse = { valid: boolean; redirectUrl?: string; + userData?: BasicUserData; }; export async function verifyResourceSession( @@ -90,14 +97,34 @@ export async function verifyResourceSession( query } = parsedBody.data; - const clientIp = requestIp?.split(":")[0]; + const clientIp = requestIp + ? (() => { + logger.debug("Request IP:", { requestIp }); + if (requestIp.startsWith("[") && requestIp.includes("]")) { + // if brackets are found, extract the IPv6 address from between the brackets + const ipv6Match = requestIp.match(/\[(.*?)\]/); + if (ipv6Match) { + return ipv6Match[1]; + } + } + + // ivp4 + // split at last colon + const lastColonIndex = requestIp.lastIndexOf(":"); + if (lastColonIndex !== -1) { + return requestIp.substring(0, lastColonIndex); + } + return requestIp; + })() + : undefined; + + logger.debug("Client IP:", { clientIp }); let cleanHost = host; - // if the host ends with :443 or :80 remove it - if (cleanHost.endsWith(":443")) { - cleanHost = cleanHost.slice(0, -4); - } else if (cleanHost.endsWith(":80")) { - cleanHost = cleanHost.slice(0, -3); + // if the host ends with :port, strip it + if (cleanHost.match(/:[0-9]{1,5}$/)) { + const matched = "" + cleanHost.match(/:[0-9]{1,5}$/); + cleanHost = cleanHost.slice(0, -1 * matched.length); } const resourceCacheKey = `resource:${cleanHost}`; @@ -110,38 +137,21 @@ export async function verifyResourceSession( | undefined = cache.get(resourceCacheKey); if (!resourceData) { - const [result] = await db - .select() - .from(resources) - .leftJoin( - resourcePincode, - eq(resourcePincode.resourceId, resources.resourceId) - ) - .leftJoin( - resourcePassword, - eq(resourcePassword.resourceId, resources.resourceId) - ) - .where(eq(resources.fullDomain, cleanHost)) - .limit(1); + const result = await getResourceByDomain(cleanHost); if (!result) { - logger.debug("Resource not found", cleanHost); + logger.debug(`Resource not found ${cleanHost}`); return notAllowed(res); } - resourceData = { - resource: result.resources, - pincode: result.resourcePincode, - password: result.resourcePassword - }; - + resourceData = result; cache.set(resourceCacheKey, resourceData); } const { resource, pincode, password } = resourceData; if (!resource) { - logger.debug("Resource not found", cleanHost); + logger.debug(`Resource not found ${cleanHost}`); return notAllowed(res); } @@ -166,6 +176,11 @@ export async function verifyResourceSession( } else if (action == "DROP") { logger.debug("Resource denied by rule"); return notAllowed(res); + } else if (action == "PASS") { + logger.debug( + "Resource passed by rule, continuing to auth checks" + ); + // Continue to authentication checks below } // otherwise its undefined and we pass @@ -181,7 +196,16 @@ export async function verifyResourceSession( return allowed(res); } - const redirectUrl = `${config.getRawConfig().app.dashboard_url}/auth/resource/${encodeURIComponent( + let endpoint: string; + if (config.isManagedMode()) { + endpoint = + config.getRawConfig().managed?.redirect_endpoint || + config.getRawConfig().managed?.endpoint || + ""; + } else { + endpoint = config.getRawConfig().app.dashboard_url!; + } + const redirectUrl = `${endpoint}/auth/resource/${encodeURIComponent( resource.resourceId )}?redirect=${encodeURIComponent(originalRequestURL)}`; @@ -350,23 +374,26 @@ export async function verifyResourceSession( resourceSession.userSessionId }:${resource.resourceId}`; - let isAllowed: boolean | undefined = + let allowedUserData: BasicUserData | null | undefined = cache.get(userAccessCacheKey); - if (isAllowed === undefined) { - isAllowed = await isUserAllowedToAccessResource( + if (allowedUserData === undefined) { + allowedUserData = await isUserAllowedToAccessResource( resourceSession.userSessionId, resource ); - cache.set(userAccessCacheKey, isAllowed); + cache.set(userAccessCacheKey, allowedUserData); } - if (isAllowed) { + if ( + allowedUserData !== null && + allowedUserData !== undefined + ) { logger.debug( "Resource allowed because user session is valid" ); - return allowed(res); + return allowed(res, allowedUserData); } } } @@ -448,15 +475,17 @@ function notAllowed(res: Response, redirectUrl?: string) { return response(res, data); } -function allowed(res: Response) { +function allowed(res: Response, userData?: BasicUserData) { const data = { - data: { valid: true }, + data: + userData !== undefined && userData !== null + ? { valid: true, ...userData } + : { valid: true }, success: true, error: false, message: "Access allowed", status: HttpCode.OK }; - logger.debug(JSON.stringify(data)); return response(res, data); } @@ -496,90 +525,68 @@ async function createAccessTokenSession( async function isUserAllowedToAccessResource( userSessionId: string, resource: Resource -): Promise { - const [res] = await db - .select() - .from(sessions) - .leftJoin(users, eq(users.userId, sessions.userId)) - .where(eq(sessions.sessionId, userSessionId)); +): Promise { + const result = await getUserSessionWithUser(userSessionId); - const user = res.user; - const session = res.session; + if (!result) { + return null; + } + + const { user, session } = result; if (!user || !session) { - return false; + return null; } if ( config.getRawConfig().flags?.require_email_verification && !user.emailVerified ) { - return false; + return null; } - const userOrgRole = await db - .select() - .from(userOrgs) - .where( - and( - eq(userOrgs.userId, user.userId), - eq(userOrgs.orgId, resource.orgId) - ) - ) - .limit(1); + const userOrgRoles = await getUserOrgRoles(user.userId, resource.orgId); - if (userOrgRole.length === 0) { - return false; + const roleResourceAccess = await getRoleResourceAccess( + resource.resourceId, + userOrgRoles + ); + + if (roleResourceAccess) { + return { + username: user.username, + email: user.email, + name: user.name + }; } - const roleResourceAccess = await db - .select() - .from(roleResources) - .where( - and( - eq(roleResources.resourceId, resource.resourceId), - eq(roleResources.roleId, userOrgRole[0].roleId) - ) - ) - .limit(1); + const userResourceAccess = await getUserResourceAccess( + user.userId, + resource.resourceId + ); - if (roleResourceAccess.length > 0) { - return true; + if (userResourceAccess) { + return { + username: user.username, + email: user.email, + name: user.name + }; } - const userResourceAccess = await db - .select() - .from(userResources) - .where( - and( - eq(userResources.userId, user.userId), - eq(userResources.resourceId, resource.resourceId) - ) - ) - .limit(1); - - if (userResourceAccess.length > 0) { - return true; - } - - return false; + return null; } async function checkRules( resourceId: number, clientIp: string | undefined, path: string | undefined -): Promise<"ACCEPT" | "DROP" | undefined> { +): Promise<"ACCEPT" | "DROP" | "PASS" | undefined> { const ruleCacheKey = `rules:${resourceId}`; let rules: ResourceRule[] | undefined = cache.get(ruleCacheKey); if (!rules) { - rules = await db - .select() - .from(resourceRules) - .where(eq(resourceRules.resourceId, resourceId)); - + rules = await getResourceRules(resourceId); cache.set(ruleCacheKey, rules); } @@ -610,6 +617,12 @@ async function checkRules( isPathAllowed(rule.value, path) ) { return rule.action as any; + } else if ( + clientIp && + rule.match == "GEOIP" && + (await isIpInGeoIP(clientIp, rule.value)) + ) { + return rule.action as any; } } @@ -734,3 +747,23 @@ export function isPathAllowed(pattern: string, path: string): boolean { logger.debug(`Final result: ${result}`); return result; } + +async function isIpInGeoIP(ip: string, countryCode: string): Promise { + if (countryCode == "ALL") { + return true; + } + + const geoIpCacheKey = `geoip:${ip}`; + + let cachedCountryCode: string | undefined = cache.get(geoIpCacheKey); + + if (!cachedCountryCode) { + cachedCountryCode = await getCountryCodeForIp(ip); + // Cache for longer since IP geolocation doesn't change frequently + cache.set(geoIpCacheKey, cachedCountryCode, 300); // 5 minutes + } + + logger.debug(`IP ${ip} is in country: ${cachedCountryCode}`); + + return cachedCountryCode?.toUpperCase() === countryCode.toUpperCase(); +} diff --git a/server/routers/client/createClient.ts b/server/routers/client/createClient.ts new file mode 100644 index 00000000..2dba9268 --- /dev/null +++ b/server/routers/client/createClient.ts @@ -0,0 +1,255 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db } from "@server/db"; +import { + roles, + Client, + clients, + roleClients, + userClients, + olms, + clientSites, + exitNodes, + orgs, + sites +} from "@server/db"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { eq, and } from "drizzle-orm"; +import { fromError } from "zod-validation-error"; +import moment from "moment"; +import { hashPassword } from "@server/auth/password"; +import { isValidCIDR, isValidIP } from "@server/lib/validators"; +import { isIpInCidr } from "@server/lib/ip"; +import { OpenAPITags, registry } from "@server/openApi"; +import { listExitNodes } from "@server/lib/exitNodes"; + +const createClientParamsSchema = z + .object({ + orgId: z.string() + }) + .strict(); + +const createClientSchema = z + .object({ + name: z.string().min(1).max(255), + siteIds: z.array(z.number().int().positive()), + olmId: z.string(), + secret: z.string(), + subnet: z.string(), + type: z.enum(["olm"]) + }) + .strict(); + +export type CreateClientBody = z.infer; + +export type CreateClientResponse = Client; + +registry.registerPath({ + method: "put", + path: "/org/{orgId}/client", + description: "Create a new client.", + tags: [OpenAPITags.Client, OpenAPITags.Org], + request: { + params: createClientParamsSchema, + body: { + content: { + "application/json": { + schema: createClientSchema + } + } + } + }, + responses: {} +}); + +export async function createClient( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedBody = createClientSchema.safeParse(req.body); + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { name, type, siteIds, olmId, secret, subnet } = parsedBody.data; + + const parsedParams = createClientParamsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const { orgId } = parsedParams.data; + + if (req.user && (!req.userRoleIds || req.userRoleIds.length === 0)) { + return next( + createHttpError(HttpCode.FORBIDDEN, "User does not have a role") + ); + } + + if (!isValidIP(subnet)) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Invalid subnet format. Please provide a valid CIDR notation." + ) + ); + } + + const [org] = await db.select().from(orgs).where(eq(orgs.orgId, orgId)); + + if (!org) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `Organization with ID ${orgId} not found` + ) + ); + } + + if (!org.subnet) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + `Organization with ID ${orgId} has no subnet defined` + ) + ); + } + + if (!isIpInCidr(subnet, org.subnet)) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "IP is not in the CIDR range of the subnet." + ) + ); + } + + const updatedSubnet = `${subnet}/${org.subnet.split("/")[1]}`; // we want the block size of the whole org + + // make sure the subnet is unique + const subnetExistsClients = await db + .select() + .from(clients) + .where( + and(eq(clients.subnet, updatedSubnet), eq(clients.orgId, orgId)) + ) + .limit(1); + + if (subnetExistsClients.length > 0) { + return next( + createHttpError( + HttpCode.CONFLICT, + `Subnet ${updatedSubnet} already exists in clients` + ) + ); + } + + const subnetExistsSites = await db + .select() + .from(sites) + .where( + and(eq(sites.address, updatedSubnet), eq(sites.orgId, orgId)) + ) + .limit(1); + + if (subnetExistsSites.length > 0) { + return next( + createHttpError( + HttpCode.CONFLICT, + `Subnet ${updatedSubnet} already exists in sites` + ) + ); + } + + await db.transaction(async (trx) => { + // TODO: more intelligent way to pick the exit node + const exitNodesList = await listExitNodes(orgId); + const randomExitNode = + exitNodesList[Math.floor(Math.random() * exitNodesList.length)]; + + const adminRole = await trx + .select() + .from(roles) + .where(and(eq(roles.isAdmin, true), eq(roles.orgId, orgId))) + .limit(1); + + if (adminRole.length === 0) { + trx.rollback(); + return next( + createHttpError(HttpCode.NOT_FOUND, `Admin role not found`) + ); + } + + const [newClient] = await trx + .insert(clients) + .values({ + exitNodeId: randomExitNode.exitNodeId, + orgId, + name, + subnet: updatedSubnet, + type + }) + .returning(); + + await trx.insert(roleClients).values({ + roleId: adminRole[0].roleId, + clientId: newClient.clientId + }); + + if (req.user && req.userRoleIds?.indexOf(adminRole[0].roleId) === -1) { + // make sure the user can access the site + trx.insert(userClients).values({ + userId: req.user?.userId!, + clientId: newClient.clientId + }); + } + + // Create site to client associations + if (siteIds && siteIds.length > 0) { + await trx.insert(clientSites).values( + siteIds.map((siteId) => ({ + clientId: newClient.clientId, + siteId + })) + ); + } + + const secretHash = await hashPassword(secret); + + await trx.insert(olms).values({ + olmId, + secretHash, + clientId: newClient.clientId, + dateCreated: moment().toISOString() + }); + + return response(res, { + data: newClient, + success: true, + error: false, + message: "Site created successfully", + status: HttpCode.CREATED + }); + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/client/deleteClient.ts b/server/routers/client/deleteClient.ts new file mode 100644 index 00000000..a7512574 --- /dev/null +++ b/server/routers/client/deleteClient.ts @@ -0,0 +1,88 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db } from "@server/db"; +import { clients, clientSites } from "@server/db"; +import { eq } from "drizzle-orm"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { fromError } from "zod-validation-error"; +import { OpenAPITags, registry } from "@server/openApi"; + +const deleteClientSchema = z + .object({ + clientId: z.string().transform(Number).pipe(z.number().int().positive()) + }) + .strict(); + +registry.registerPath({ + method: "delete", + path: "/client/{clientId}", + description: "Delete a client by its client ID.", + tags: [OpenAPITags.Client], + request: { + params: deleteClientSchema + }, + responses: {} +}); + +export async function deleteClient( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedParams = deleteClientSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const { clientId } = parsedParams.data; + + const [client] = await db + .select() + .from(clients) + .where(eq(clients.clientId, clientId)) + .limit(1); + + if (!client) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `Client with ID ${clientId} not found` + ) + ); + } + + await db.transaction(async (trx) => { + // Delete the client-site associations first + await trx + .delete(clientSites) + .where(eq(clientSites.clientId, clientId)); + + // Then delete the client itself + await trx + .delete(clients) + .where(eq(clients.clientId, clientId)); + }); + + return response(res, { + data: null, + success: true, + error: false, + message: "Client deleted successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/client/getClient.ts b/server/routers/client/getClient.ts new file mode 100644 index 00000000..d362526f --- /dev/null +++ b/server/routers/client/getClient.ts @@ -0,0 +1,100 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db } from "@server/db"; +import { clients, clientSites } from "@server/db"; +import { eq, and } from "drizzle-orm"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import stoi from "@server/lib/stoi"; +import { fromError } from "zod-validation-error"; +import { OpenAPITags, registry } from "@server/openApi"; + +const getClientSchema = z + .object({ + clientId: z.string().transform(stoi).pipe(z.number().int().positive()) + }) + .strict(); + +async function query(clientId: number) { + // Get the client + const [client] = await db + .select() + .from(clients) + .where(and(eq(clients.clientId, clientId))) + .limit(1); + + if (!client) { + return null; + } + + // Get the siteIds associated with this client + const sites = await db + .select({ siteId: clientSites.siteId }) + .from(clientSites) + .where(eq(clientSites.clientId, clientId)); + + // Add the siteIds to the client object + return { + ...client, + siteIds: sites.map((site) => site.siteId) + }; +} + +export type GetClientResponse = NonNullable>>; + +registry.registerPath({ + method: "get", + path: "/client/{clientId}", + description: "Get a client by its client ID.", + tags: [OpenAPITags.Client], + request: { + params: getClientSchema + }, + responses: {} +}); + +export async function getClient( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedParams = getClientSchema.safeParse(req.params); + if (!parsedParams.success) { + logger.error( + `Error parsing params: ${fromError(parsedParams.error).toString()}` + ); + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const { clientId } = parsedParams.data; + + const client = await query(clientId); + + if (!client) { + return next( + createHttpError(HttpCode.NOT_FOUND, "Client not found") + ); + } + + return response(res, { + data: client, + success: true, + error: false, + message: "Client retrieved successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/client/index.ts b/server/routers/client/index.ts new file mode 100644 index 00000000..385c7bed --- /dev/null +++ b/server/routers/client/index.ts @@ -0,0 +1,6 @@ +export * from "./pickClientDefaults"; +export * from "./createClient"; +export * from "./deleteClient"; +export * from "./listClients"; +export * from "./updateClient"; +export * from "./getClient"; \ No newline at end of file diff --git a/server/routers/client/listClients.ts b/server/routers/client/listClients.ts new file mode 100644 index 00000000..df5e0a99 --- /dev/null +++ b/server/routers/client/listClients.ts @@ -0,0 +1,229 @@ +import { db } from "@server/db"; +import { + clients, + orgs, + roleClients, + sites, + userClients, + clientSites +} from "@server/db"; +import logger from "@server/logger"; +import HttpCode from "@server/types/HttpCode"; +import response from "@server/lib/response"; +import { and, count, eq, inArray, or, sql } from "drizzle-orm"; +import { NextFunction, Request, Response } from "express"; +import createHttpError from "http-errors"; +import { z } from "zod"; +import { fromError } from "zod-validation-error"; +import { OpenAPITags, registry } from "@server/openApi"; + +const listClientsParamsSchema = z + .object({ + orgId: z.string() + }) + .strict(); + +const listClientsSchema = z.object({ + limit: z + .string() + .optional() + .default("1000") + .transform(Number) + .pipe(z.number().int().positive()), + offset: z + .string() + .optional() + .default("0") + .transform(Number) + .pipe(z.number().int().nonnegative()) +}); + +function queryClients(orgId: string, accessibleClientIds: number[]) { + return db + .select({ + clientId: clients.clientId, + orgId: clients.orgId, + name: clients.name, + pubKey: clients.pubKey, + subnet: clients.subnet, + megabytesIn: clients.megabytesIn, + megabytesOut: clients.megabytesOut, + orgName: orgs.name, + type: clients.type, + online: clients.online + }) + .from(clients) + .leftJoin(orgs, eq(clients.orgId, orgs.orgId)) + .where( + and( + inArray(clients.clientId, accessibleClientIds), + eq(clients.orgId, orgId) + ) + ); +} + +async function getSiteAssociations(clientIds: number[]) { + if (clientIds.length === 0) return []; + + return db + .select({ + clientId: clientSites.clientId, + siteId: clientSites.siteId, + siteName: sites.name, + siteNiceId: sites.niceId + }) + .from(clientSites) + .leftJoin(sites, eq(clientSites.siteId, sites.siteId)) + .where(inArray(clientSites.clientId, clientIds)); +} + +export type ListClientsResponse = { + clients: Array>[0] & { sites: Array<{ + siteId: number; + siteName: string | null; + siteNiceId: string | null; + }> }>; + pagination: { total: number; limit: number; offset: number }; +}; + +registry.registerPath({ + method: "get", + path: "/org/{orgId}/clients", + description: "List all clients for an organization.", + tags: [OpenAPITags.Client, OpenAPITags.Org], + request: { + query: listClientsSchema, + params: listClientsParamsSchema + }, + responses: {} +}); + +export async function listClients( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedQuery = listClientsSchema.safeParse(req.query); + if (!parsedQuery.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedQuery.error) + ) + ); + } + const { limit, offset } = parsedQuery.data; + + const parsedParams = listClientsParamsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error) + ) + ); + } + const { orgId } = parsedParams.data; + + if (req.user && orgId && orgId !== req.userOrgId) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + "User does not have access to this organization" + ) + ); + } + + let accessibleClients; + if (req.user) { + accessibleClients = await db + .select({ + clientId: sql`COALESCE(${userClients.clientId}, ${roleClients.clientId})` + }) + .from(userClients) + .fullJoin( + roleClients, + eq(userClients.clientId, roleClients.clientId) + ) + .where( + or( + eq(userClients.userId, req.user!.userId), + inArray(roleClients.roleId, req.userRoleIds!) + ) + ); + } else { + accessibleClients = await db + .select({ clientId: clients.clientId }) + .from(clients) + .where(eq(clients.orgId, orgId)); + } + + const accessibleClientIds = accessibleClients.map( + (client) => client.clientId + ); + const baseQuery = queryClients(orgId, accessibleClientIds); + + // Get client count + const countQuery = db + .select({ count: count() }) + .from(clients) + .where( + and( + inArray(clients.clientId, accessibleClientIds), + eq(clients.orgId, orgId) + ) + ); + + const clientsList = await baseQuery.limit(limit).offset(offset); + const totalCountResult = await countQuery; + const totalCount = totalCountResult[0].count; + + // Get associated sites for all clients + const clientIds = clientsList.map(client => client.clientId); + const siteAssociations = await getSiteAssociations(clientIds); + + // Group site associations by client ID + const sitesByClient = siteAssociations.reduce((acc, association) => { + if (!acc[association.clientId]) { + acc[association.clientId] = []; + } + acc[association.clientId].push({ + siteId: association.siteId, + siteName: association.siteName, + siteNiceId: association.siteNiceId + }); + return acc; + }, {} as Record>); + + // Merge clients with their site associations + const clientsWithSites = clientsList.map(client => ({ + ...client, + sites: sitesByClient[client.clientId] || [] + })); + + return response(res, { + data: { + clients: clientsWithSites, + pagination: { + total: totalCount, + limit, + offset + } + }, + success: true, + error: false, + message: "Clients retrieved successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/client/pickClientDefaults.ts b/server/routers/client/pickClientDefaults.ts new file mode 100644 index 00000000..6f452142 --- /dev/null +++ b/server/routers/client/pickClientDefaults.ts @@ -0,0 +1,85 @@ +import { Request, Response, NextFunction } from "express"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { generateId } from "@server/auth/sessions/app"; +import { getNextAvailableClientSubnet } from "@server/lib/ip"; +import { z } from "zod"; +import { fromError } from "zod-validation-error"; +import { OpenAPITags, registry } from "@server/openApi"; + +export type PickClientDefaultsResponse = { + olmId: string; + olmSecret: string; + subnet: string; +}; + +const pickClientDefaultsSchema = z + .object({ + orgId: z.string() + }) + .strict(); + +registry.registerPath({ + method: "get", + path: "/org/{orgId}/pick-client-defaults", + description: "Return pre-requisite data for creating a client.", + tags: [OpenAPITags.Client, OpenAPITags.Site], + request: { + params: pickClientDefaultsSchema + }, + responses: {} +}); + +export async function pickClientDefaults( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedParams = pickClientDefaultsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const { orgId } = parsedParams.data; + + const olmId = generateId(15); + const secret = generateId(48); + + const newSubnet = await getNextAvailableClientSubnet(orgId); + if (!newSubnet) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "No available subnet found" + ) + ); + } + + const subnet = newSubnet.split("/")[0]; + + return response(res, { + data: { + olmId: olmId, + olmSecret: secret, + subnet: subnet + }, + success: true, + error: false, + message: "Organization retrieved successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/client/targets.ts b/server/routers/client/targets.ts new file mode 100644 index 00000000..e34a23e9 --- /dev/null +++ b/server/routers/client/targets.ts @@ -0,0 +1,35 @@ +import { sendToClient } from "../ws"; + +export async function addTargets( + newtId: string, + destinationIp: string, + destinationPort: number, + protocol: string, + port: number +) { + const target = `${port}:${destinationIp}:${destinationPort}`; + + await sendToClient(newtId, { + type: `newt/wg/${protocol}/add`, + data: { + targets: [target] // We can only use one target for WireGuard right now + } + }); +} + +export async function removeTargets( + newtId: string, + destinationIp: string, + destinationPort: number, + protocol: string, + port: number +) { + const target = `${port}:${destinationIp}:${destinationPort}`; + + await sendToClient(newtId, { + type: `newt/wg/${protocol}/remove`, + data: { + targets: [target] // We can only use one target for WireGuard right now + } + }); +} diff --git a/server/routers/client/updateClient.ts b/server/routers/client/updateClient.ts new file mode 100644 index 00000000..81ee4278 --- /dev/null +++ b/server/routers/client/updateClient.ts @@ -0,0 +1,392 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db, exitNodes, sites } from "@server/db"; +import { clients, clientSites } from "@server/db"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { eq, and } from "drizzle-orm"; +import { fromError } from "zod-validation-error"; +import { OpenAPITags, registry } from "@server/openApi"; +import { + addPeer as newtAddPeer, + deletePeer as newtDeletePeer +} from "../newt/peers"; +import { + addPeer as olmAddPeer, + deletePeer as olmDeletePeer +} from "../olm/peers"; +import { sendToExitNode } from "../../lib/exitNodeComms"; + +const updateClientParamsSchema = z + .object({ + clientId: z.string().transform(Number).pipe(z.number().int().positive()) + }) + .strict(); + +const updateClientSchema = z + .object({ + name: z.string().min(1).max(255).optional(), + siteIds: z + .array(z.string().transform(Number).pipe(z.number())) + .optional() + }) + .strict(); + +export type UpdateClientBody = z.infer; + +registry.registerPath({ + method: "post", + path: "/client/{clientId}", + description: "Update a client by its client ID.", + tags: [OpenAPITags.Client], + request: { + params: updateClientParamsSchema, + body: { + content: { + "application/json": { + schema: updateClientSchema + } + } + } + }, + responses: {} +}); + +interface PeerDestination { + destinationIP: string; + destinationPort: number; +} + +export async function updateClient( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedBody = updateClientSchema.safeParse(req.body); + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { name, siteIds } = parsedBody.data; + + const parsedParams = updateClientParamsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const { clientId } = parsedParams.data; + + // Fetch the client to make sure it exists and the user has access to it + const [client] = await db + .select() + .from(clients) + .where(eq(clients.clientId, clientId)) + .limit(1); + + if (!client) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `Client with ID ${clientId} not found` + ) + ); + } + + if (siteIds) { + let sitesAdded = []; + let sitesRemoved = []; + + // Fetch existing site associations + const existingSites = await db + .select({ siteId: clientSites.siteId }) + .from(clientSites) + .where(eq(clientSites.clientId, clientId)); + + const existingSiteIds = existingSites.map((site) => site.siteId); + + // Determine which sites were added and removed + sitesAdded = siteIds.filter( + (siteId) => !existingSiteIds.includes(siteId) + ); + sitesRemoved = existingSiteIds.filter( + (siteId) => !siteIds.includes(siteId) + ); + + logger.info( + `Adding ${sitesAdded.length} new sites to client ${client.clientId}` + ); + for (const siteId of sitesAdded) { + if (!client.subnet || !client.pubKey) { + logger.debug( + "Client subnet, pubKey or endpoint is not set" + ); + continue; + } + + // TODO: WE NEED TO HANDLE THIS BETTER. RIGHT NOW WE ARE JUST GUESSING BASED ON THE OTHER SITES + // BUT REALLY WE NEED TO TRACK THE USERS PREFERENCE THAT THEY CHOSE IN THE CLIENTS + const isRelayed = true; + + // get the clientsite + const [clientSite] = await db + .select() + .from(clientSites) + .where( + and( + eq(clientSites.clientId, client.clientId), + eq(clientSites.siteId, siteId) + ) + ) + .limit(1); + + if (!clientSite || !clientSite.endpoint) { + logger.debug("Client site is missing or has no endpoint"); + continue; + } + + const site = await newtAddPeer(siteId, { + publicKey: client.pubKey, + allowedIps: [`${client.subnet.split("/")[0]}/32`], // we want to only allow from that client + endpoint: isRelayed ? "" : clientSite.endpoint + }); + + if (!site) { + logger.debug("Failed to add peer to newt - missing site"); + continue; + } + + if (!site.endpoint || !site.publicKey) { + logger.debug("Site endpoint or publicKey is not set"); + continue; + } + + let endpoint; + + if (isRelayed) { + if (!site.exitNodeId) { + logger.warn( + `Site ${site.siteId} has no exit node, skipping` + ); + return null; + } + + // get the exit node for the site + const [exitNode] = await db + .select() + .from(exitNodes) + .where(eq(exitNodes.exitNodeId, site.exitNodeId)) + .limit(1); + + if (!exitNode) { + logger.warn( + `Exit node not found for site ${site.siteId}` + ); + return null; + } + + endpoint = `${exitNode.endpoint}:21820`; + } else { + if (!endpoint) { + logger.warn( + `Site ${site.siteId} has no endpoint, skipping` + ); + return null; + } + endpoint = site.endpoint; + } + + await olmAddPeer(client.clientId, { + siteId: site.siteId, + endpoint: endpoint, + publicKey: site.publicKey, + serverIP: site.address, + serverPort: site.listenPort, + remoteSubnets: site.remoteSubnets + }); + } + + logger.info( + `Removing ${sitesRemoved.length} sites from client ${client.clientId}` + ); + for (const siteId of sitesRemoved) { + if (!client.pubKey) { + logger.debug("Client pubKey is not set"); + continue; + } + const site = await newtDeletePeer(siteId, client.pubKey); + if (!site) { + logger.debug( + "Failed to delete peer from newt - missing site" + ); + continue; + } + if (!site.endpoint || !site.publicKey) { + logger.debug("Site endpoint or publicKey is not set"); + continue; + } + await olmDeletePeer( + client.clientId, + site.siteId, + site.publicKey + ); + } + } + + await db.transaction(async (trx) => { + // Update client name if provided + if (name) { + await trx + .update(clients) + .set({ name }) + .where(eq(clients.clientId, clientId)); + } + + // Update site associations if provided + if (siteIds) { + // Delete existing site associations + await trx + .delete(clientSites) + .where(eq(clientSites.clientId, clientId)); + + // Create new site associations + if (siteIds.length > 0) { + await trx.insert(clientSites).values( + siteIds.map((siteId) => ({ + clientId, + siteId + })) + ); + } + } + + // get all sites for this client and join with exit nodes with site.exitNodeId + const sitesData = await db + .select() + .from(sites) + .innerJoin(clientSites, eq(sites.siteId, clientSites.siteId)) + .leftJoin(exitNodes, eq(sites.exitNodeId, exitNodes.exitNodeId)) + .where(eq(clientSites.clientId, client.clientId)); + + let exitNodeDestinations: { + reachableAt: string; + exitNodeId: number; + type: string; + sourceIp: string; + sourcePort: number; + destinations: PeerDestination[]; + }[] = []; + + for (const site of sitesData) { + if (!site.sites.subnet) { + logger.warn( + `Site ${site.sites.siteId} has no subnet, skipping` + ); + continue; + } + + if (!site.clientSites.endpoint) { + logger.warn( + `Site ${site.sites.siteId} has no endpoint, skipping` + ); + continue; + } + + // find the destinations in the array + let destinations = exitNodeDestinations.find( + (d) => d.reachableAt === site.exitNodes?.reachableAt + ); + + if (!destinations) { + destinations = { + reachableAt: site.exitNodes?.reachableAt || "", + exitNodeId: site.exitNodes?.exitNodeId || 0, + type: site.exitNodes?.type || "", + sourceIp: site.clientSites.endpoint.split(":")[0] || "", + sourcePort: + parseInt(site.clientSites.endpoint.split(":")[1]) || + 0, + destinations: [ + { + destinationIP: site.sites.subnet.split("/")[0], + destinationPort: site.sites.listenPort || 0 + } + ] + }; + } else { + // add to the existing destinations + destinations.destinations.push({ + destinationIP: site.sites.subnet.split("/")[0], + destinationPort: site.sites.listenPort || 0 + }); + } + + // update it in the array + exitNodeDestinations = exitNodeDestinations.filter( + (d) => d.reachableAt !== site.exitNodes?.reachableAt + ); + exitNodeDestinations.push(destinations); + } + + for (const destination of exitNodeDestinations) { + logger.info( + `Updating destinations for exit node at ${destination.reachableAt}` + ); + const payload = { + sourceIp: destination.sourceIp, + sourcePort: destination.sourcePort, + destinations: destination.destinations + }; + logger.info( + `Payload for update-destinations: ${JSON.stringify(payload, null, 2)}` + ); + + // Create an ExitNode-like object for sendToExitNode + const exitNodeForComm = { + exitNodeId: destination.exitNodeId, + type: destination.type, + reachableAt: destination.reachableAt + } as any; // Using 'as any' since we know sendToExitNode will handle this correctly + + await sendToExitNode(exitNodeForComm, { + remoteType: "remoteExitNode/update-destinations", + localPath: "/update-destinations", + method: "POST", + data: payload + }); + } + + // Fetch the updated client + const [updatedClient] = await trx + .select() + .from(clients) + .where(eq(clients.clientId, clientId)) + .limit(1); + + return response(res, { + data: updatedClient, + success: true, + error: false, + message: "Client updated successfully", + status: HttpCode.OK + }); + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/domain/createOrgDomain.ts b/server/routers/domain/createOrgDomain.ts new file mode 100644 index 00000000..08718d44 --- /dev/null +++ b/server/routers/domain/createOrgDomain.ts @@ -0,0 +1,291 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db, Domain, domains, OrgDomains, orgDomains } from "@server/db"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { fromError } from "zod-validation-error"; +import { subdomainSchema } from "@server/lib/schemas"; +import { generateId } from "@server/auth/sessions/app"; +import { eq, and } from "drizzle-orm"; +import { isValidDomain } from "@server/lib/validators"; +import { build } from "@server/build"; +import config from "@server/lib/config"; + +const paramsSchema = z + .object({ + orgId: z.string() + }) + .strict(); + +const bodySchema = z + .object({ + type: z.enum(["ns", "cname", "wildcard"]), + baseDomain: subdomainSchema + }) + .strict(); + +export type CreateDomainResponse = { + domainId: string; + nsRecords?: string[]; + cnameRecords?: { baseDomain: string; value: string }[]; + aRecords?: { baseDomain: string; value: string }[]; + txtRecords?: { baseDomain: string; value: string }[]; +}; + +// Helper to check if a domain is a subdomain or equal to another domain +function isSubdomainOrEqual(a: string, b: string): boolean { + const aParts = a.toLowerCase().split("."); + const bParts = b.toLowerCase().split("."); + if (aParts.length < bParts.length) return false; + return aParts.slice(-bParts.length).join(".") === bParts.join("."); +} + +export async function createOrgDomain( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedBody = bodySchema.safeParse(req.body); + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const parsedParams = paramsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const { orgId } = parsedParams.data; + const { type, baseDomain } = parsedBody.data; + + if (build == "oss") { + if (type !== "wildcard") { + return next( + createHttpError( + HttpCode.NOT_IMPLEMENTED, + "Creating NS or CNAME records is not supported" + ) + ); + } + } else if (build == "enterprise" || build == "saas") { + if (type !== "ns" && type !== "cname") { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Invalid domain type. Only NS, CNAME are allowed." + ) + ); + } + } + + // Validate organization exists + if (!isValidDomain(baseDomain)) { + return next( + createHttpError(HttpCode.BAD_REQUEST, "Invalid domain format") + ); + } + + let numOrgDomains: OrgDomains[] | undefined; + let aRecords: CreateDomainResponse["aRecords"]; + let cnameRecords: CreateDomainResponse["cnameRecords"]; + let txtRecords: CreateDomainResponse["txtRecords"]; + let nsRecords: CreateDomainResponse["nsRecords"]; + let returned: Domain | undefined; + + await db.transaction(async (trx) => { + const [existing] = await trx + .select() + .from(domains) + .where( + and( + eq(domains.baseDomain, baseDomain), + eq(domains.type, type) + ) + ) + .leftJoin( + orgDomains, + eq(orgDomains.domainId, domains.domainId) + ); + + if (existing) { + const { + domains: existingDomain, + orgDomains: existingOrgDomain + } = existing; + + // user alrady added domain to this account + // always reject + if (existingOrgDomain?.orgId === orgId) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Domain is already added to this org" + ) + ); + } + + // domain already exists elsewhere + // check if it's already fully verified + if (existingDomain.verified) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Domain is already verified to an org" + ) + ); + } + } + + // --- Domain overlap logic --- + // Only consider existing verified domains + const verifiedDomains = await trx + .select() + .from(domains) + .where(eq(domains.verified, true)); + + if (type == "cname") { + // Block if a verified CNAME exists at the same name + const cnameExists = verifiedDomains.some( + (d) => d.type === "cname" && d.baseDomain === baseDomain + ); + if (cnameExists) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + `A CNAME record already exists for ${baseDomain}. Only one CNAME record is allowed per domain.` + ) + ); + } + // Block if a verified NS exists at or below (same or subdomain) + const nsAtOrBelow = verifiedDomains.some( + (d) => + d.type === "ns" && + (isSubdomainOrEqual(baseDomain, d.baseDomain) || + baseDomain === d.baseDomain) + ); + if (nsAtOrBelow) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + `A nameserver (NS) record exists at or below ${baseDomain}. You cannot create a CNAME record here.` + ) + ); + } + } else if (type == "ns") { + // Block if a verified NS exists at or below (same or subdomain) + const nsAtOrBelow = verifiedDomains.some( + (d) => + d.type === "ns" && + (isSubdomainOrEqual(baseDomain, d.baseDomain) || + baseDomain === d.baseDomain) + ); + if (nsAtOrBelow) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + `A nameserver (NS) record already exists at or below ${baseDomain}. You cannot create another NS record here.` + ) + ); + } + } else if (type == "wildcard") { + // TODO: Figure out how to handle wildcards + } + + const domainId = generateId(15); + + const [insertedDomain] = await trx + .insert(domains) + .values({ + domainId, + baseDomain, + type, + verified: build == "oss" ? true : false + }) + .returning(); + + returned = insertedDomain; + + // add domain to account + await trx + .insert(orgDomains) + .values({ + orgId, + domainId + }) + .returning(); + + // TODO: This needs to be cross region and not hardcoded + if (type === "ns") { + nsRecords = config.getRawConfig().dns.nameservers as string[]; + } else if (type === "cname") { + cnameRecords = [ + { + value: `${domainId}.${config.getRawConfig().dns.cname_extension}`, + baseDomain: baseDomain + }, + { + value: `_acme-challenge.${domainId}.${config.getRawConfig().dns.cname_extension}`, + baseDomain: `_acme-challenge.${baseDomain}` + } + ]; + } else if (type === "wildcard") { + aRecords = [ + { + value: `Server IP Address`, + baseDomain: `*.${baseDomain}` + }, + { + value: `Server IP Address`, + baseDomain: `${baseDomain}` + } + ]; + } + + numOrgDomains = await trx + .select() + .from(orgDomains) + .where(eq(orgDomains.orgId, orgId)); + }); + + if (!returned) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to create domain" + ) + ); + } + + return response(res, { + data: { + domainId: returned.domainId, + cnameRecords, + txtRecords, + nsRecords, + aRecords + }, + success: true, + error: false, + message: "Domain created successfully", + status: HttpCode.CREATED + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/domain/deleteOrgDomain.ts b/server/routers/domain/deleteOrgDomain.ts new file mode 100644 index 00000000..345dafe7 --- /dev/null +++ b/server/routers/domain/deleteOrgDomain.ts @@ -0,0 +1,104 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db, domains, OrgDomains, orgDomains } from "@server/db"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { fromError } from "zod-validation-error"; +import { and, eq } from "drizzle-orm"; + +const paramsSchema = z + .object({ + domainId: z.string(), + orgId: z.string() + }) + .strict(); + +export type DeleteAccountDomainResponse = { + success: boolean; +}; + +export async function deleteAccountDomain( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsed = paramsSchema.safeParse(req.params); + if (!parsed.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsed.error).toString() + ) + ); + } + const { domainId, orgId } = parsed.data; + + let numOrgDomains: OrgDomains[] | undefined; + + await db.transaction(async (trx) => { + const [existing] = await trx + .select() + .from(orgDomains) + .where( + and( + eq(orgDomains.orgId, orgId), + eq(orgDomains.domainId, domainId) + ) + ) + .innerJoin( + domains, + eq(orgDomains.domainId, domains.domainId) + ); + + if (!existing) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + "Domain not found for this account" + ) + ); + } + + if (existing.domains.configManaged) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Cannot delete a domain that is managed by the config" + ) + ); + } + + await trx + .delete(orgDomains) + .where( + and( + eq(orgDomains.orgId, orgId), + eq(orgDomains.domainId, domainId) + ) + ); + + await trx.delete(domains).where(eq(domains.domainId, domainId)); + + numOrgDomains = await trx + .select() + .from(orgDomains) + .where(eq(orgDomains.orgId, orgId)); + }); + + return response(res, { + data: { success: true }, + success: true, + error: false, + message: "Domain deleted from account successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/domain/index.ts b/server/routers/domain/index.ts index 2233b069..c0cafafe 100644 --- a/server/routers/domain/index.ts +++ b/server/routers/domain/index.ts @@ -1 +1,4 @@ export * from "./listDomains"; +export * from "./createOrgDomain"; +export * from "./deleteOrgDomain"; +export * from "./restartOrgDomain"; \ No newline at end of file diff --git a/server/routers/domain/listDomains.ts b/server/routers/domain/listDomains.ts index c525e1d8..fe51cde6 100644 --- a/server/routers/domain/listDomains.ts +++ b/server/routers/domain/listDomains.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { domains, orgDomains, users } from "@server/db/schemas"; +import { domains, orgDomains, users } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; @@ -37,7 +37,12 @@ async function queryDomains(orgId: string, limit: number, offset: number) { const res = await db .select({ domainId: domains.domainId, - baseDomain: domains.baseDomain + baseDomain: domains.baseDomain, + verified: domains.verified, + type: domains.type, + failed: domains.failed, + tries: domains.tries, + configManaged: domains.configManaged }) .from(orgDomains) .where(eq(orgDomains.orgId, orgId)) @@ -112,7 +117,7 @@ export async function listDomains( }, success: true, error: false, - message: "Users retrieved successfully", + message: "Domains retrieved successfully", status: HttpCode.OK }); } catch (error) { diff --git a/server/routers/domain/restartOrgDomain.ts b/server/routers/domain/restartOrgDomain.ts new file mode 100644 index 00000000..f40f2516 --- /dev/null +++ b/server/routers/domain/restartOrgDomain.ts @@ -0,0 +1,57 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db, domains } from "@server/db"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { fromError } from "zod-validation-error"; +import { and, eq } from "drizzle-orm"; + +const paramsSchema = z + .object({ + domainId: z.string(), + orgId: z.string() + }) + .strict(); + +export type RestartOrgDomainResponse = { + success: boolean; +}; + +export async function restartOrgDomain( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsed = paramsSchema.safeParse(req.params); + if (!parsed.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsed.error).toString() + ) + ); + } + const { domainId, orgId } = parsed.data; + + await db + .update(domains) + .set({ failed: false, tries: 0 }) + .where(and(eq(domains.domainId, domainId))); + + return response(res, { + data: { success: true }, + success: true, + error: false, + message: "Domain restarted successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/external.ts b/server/routers/external.ts index 96f569b3..ce44bd8a 100644 --- a/server/routers/external.ts +++ b/server/routers/external.ts @@ -8,13 +8,14 @@ import * as target from "./target"; import * as user from "./user"; import * as auth from "./auth"; import * as role from "./role"; +import * as client from "./client"; +import * as siteResource from "./siteResource"; import * as accessToken from "./accessToken"; import * as idp from "./idp"; -// import * as apiKeys from "./apiKeys"; +import * as apiKeys from "./apiKeys"; import HttpCode from "@server/types/HttpCode"; import { verifyAccessTokenAccess, - rateLimitMiddleware, verifySessionMiddleware, verifySessionUserMiddleware, verifyOrgAccess, @@ -26,15 +27,22 @@ import { verifyUserAccess, getUserOrgs, verifyUserIsServerAdmin, - verifyIsLoggedInUser - // verifyApiKeyAccess + verifyIsLoggedInUser, + verifyClientAccess, + verifyApiKeyAccess, + verifyDomainAccess, + verifyClientsEnabled, + verifyUserHasAction, + verifyUserIsOrgOwner, + verifySiteResourceAccess } from "@server/middlewares"; -import { verifyUserHasAction } from "../middlewares/verifyUserHasAction"; +import { createStore } from "@server/lib/rateLimitStore"; import { ActionsEnum } from "@server/auth/actions"; -import { verifyUserIsOrgOwner } from "../middlewares/verifyUserIsOrgOwner"; -import { createNewt, getToken } from "./newt"; -import rateLimit from "express-rate-limit"; +import { createNewt, getNewtToken } from "./newt"; +import { getOlmToken } from "./olm"; +import rateLimit, { ipKeyGenerator } from "express-rate-limit"; import createHttpError from "http-errors"; +import { build } from "@server/build"; // Root routes export const unauthenticated = Router(); @@ -47,8 +55,11 @@ unauthenticated.get("/", (_, res) => { export const authenticated = Router(); authenticated.use(verifySessionUserMiddleware); +authenticated.get("/pick-org-defaults", org.pickOrgDefaults); authenticated.get("/org/checkId", org.checkId); -authenticated.put("/org", getUserOrgs, org.createOrg); +if (build === "oss" || build === "enterprise") { + authenticated.put("/org", getUserOrgs, org.createOrg); +} authenticated.get("/orgs", verifyUserIsServerAdmin, org.listOrgs); authenticated.get("/user/:userId/orgs", verifyIsLoggedInUser, org.listUserOrgs); @@ -65,12 +76,16 @@ authenticated.post( verifyUserHasAction(ActionsEnum.updateOrg), org.updateOrg ); -authenticated.delete( - "/org/:orgId", - verifyOrgAccess, - verifyUserIsOrgOwner, - org.deleteOrg -); + +if (build !== "saas") { + authenticated.delete( + "/org/:orgId", + verifyOrgAccess, + verifyUserIsOrgOwner, + verifyUserHasAction(ActionsEnum.deleteOrg), + org.deleteOrg + ); +} authenticated.put( "/org/:orgId/site", @@ -103,6 +118,55 @@ authenticated.get( verifyUserHasAction(ActionsEnum.getSite), site.getSite ); + +authenticated.get( + "/org/:orgId/pick-client-defaults", + verifyClientsEnabled, + verifyOrgAccess, + verifyUserHasAction(ActionsEnum.createClient), + client.pickClientDefaults +); + +authenticated.get( + "/org/:orgId/clients", + verifyClientsEnabled, + verifyOrgAccess, + verifyUserHasAction(ActionsEnum.listClients), + client.listClients +); + +authenticated.get( + "/client/:clientId", + verifyClientsEnabled, + verifyClientAccess, + verifyUserHasAction(ActionsEnum.getClient), + client.getClient +); + +authenticated.put( + "/org/:orgId/client", + verifyClientsEnabled, + verifyOrgAccess, + verifyUserHasAction(ActionsEnum.createClient), + client.createClient +); + +authenticated.delete( + "/client/:clientId", + verifyClientsEnabled, + verifyClientAccess, + verifyUserHasAction(ActionsEnum.deleteClient), + client.deleteClient +); + +authenticated.post( + "/client/:clientId", + verifyClientsEnabled, + verifyClientAccess, // this will check if the user has access to the client + verifyUserHasAction(ActionsEnum.updateClient), // this will check if the user has permission to update the client + client.updateClient +); + // authenticated.get( // "/site/:siteId/roles", // verifySiteAccess, @@ -122,9 +186,91 @@ authenticated.delete( site.deleteSite ); +authenticated.get( + "/site/:siteId/docker/status", + verifySiteAccess, + verifyUserHasAction(ActionsEnum.getSite), + site.dockerStatus +); +authenticated.get( + "/site/:siteId/docker/online", + verifySiteAccess, + verifyUserHasAction(ActionsEnum.getSite), + site.dockerOnline +); +authenticated.post( + "/site/:siteId/docker/check", + verifySiteAccess, + verifyUserHasAction(ActionsEnum.getSite), + site.checkDockerSocket +); +authenticated.post( + "/site/:siteId/docker/trigger", + verifySiteAccess, + verifyUserHasAction(ActionsEnum.getSite), + site.triggerFetchContainers +); +authenticated.get( + "/site/:siteId/docker/containers", + verifySiteAccess, + verifyUserHasAction(ActionsEnum.getSite), + site.listContainers +); + +// Site Resource endpoints authenticated.put( "/org/:orgId/site/:siteId/resource", verifyOrgAccess, + verifySiteAccess, + verifyUserHasAction(ActionsEnum.createSiteResource), + siteResource.createSiteResource +); + +authenticated.get( + "/org/:orgId/site/:siteId/resources", + verifyOrgAccess, + verifySiteAccess, + verifyUserHasAction(ActionsEnum.listSiteResources), + siteResource.listSiteResources +); + +authenticated.get( + "/org/:orgId/site-resources", + verifyOrgAccess, + verifyUserHasAction(ActionsEnum.listSiteResources), + siteResource.listAllSiteResourcesByOrg +); + +authenticated.get( + "/org/:orgId/site/:siteId/resource/:siteResourceId", + verifyOrgAccess, + verifySiteAccess, + verifySiteResourceAccess, + verifyUserHasAction(ActionsEnum.getSiteResource), + siteResource.getSiteResource +); + +authenticated.post( + "/org/:orgId/site/:siteId/resource/:siteResourceId", + verifyOrgAccess, + verifySiteAccess, + verifySiteResourceAccess, + verifyUserHasAction(ActionsEnum.updateSiteResource), + siteResource.updateSiteResource +); + +authenticated.delete( + "/org/:orgId/site/:siteId/resource/:siteResourceId", + verifyOrgAccess, + verifySiteAccess, + verifySiteResourceAccess, + verifyUserHasAction(ActionsEnum.deleteSiteResource), + siteResource.deleteSiteResource +); + +authenticated.put( + "/org/:orgId/resource", + verifyOrgAccess, verifyUserHasAction(ActionsEnum.createResource), resource.createResource ); @@ -142,6 +288,12 @@ authenticated.get( resource.listResources ); +authenticated.get( + "/org/:orgId/user-resources", + verifyOrgAccess, + resource.getUserResources +); + authenticated.get( "/org/:orgId/domains", verifyOrgAccess, @@ -308,28 +460,6 @@ authenticated.post( user.addUserRole ); -// authenticated.put( -// "/role/:roleId/site", -// verifyRoleAccess, -// verifyUserInRole, -// verifyUserHasAction(ActionsEnum.addRoleSite), -// role.addRoleSite -// ); -// authenticated.delete( -// "/role/:roleId/site", -// verifyRoleAccess, -// verifyUserInRole, -// verifyUserHasAction(ActionsEnum.removeRoleSite), -// role.removeRoleSite -// ); -// authenticated.get( -// "/role/:roleId/sites", -// verifyRoleAccess, -// verifyUserInRole, -// verifyUserHasAction(ActionsEnum.listRoleSites), -// role.listRoleSites -// ); - authenticated.post( "/resource/:resourceId/roles", verifyResourceAccess, @@ -374,13 +504,6 @@ authenticated.get( resource.getResourceWhitelist ); -authenticated.post( - `/resource/:resourceId/transfer`, - verifyResourceAccess, - verifyUserHasAction(ActionsEnum.updateResource), - resource.transferResource -); - authenticated.post( `/resource/:resourceId/access-token`, verifyResourceAccess, @@ -445,6 +568,7 @@ unauthenticated.get("/resource/:resourceId/auth", resource.getResourceAuthInfo); unauthenticated.get("/user", verifySessionMiddleware, user.getUser); authenticated.get("/users", verifyUserIsServerAdmin, user.adminListUsers); +authenticated.get("/user/:userId", verifyUserIsServerAdmin, user.adminGetUser); authenticated.delete( "/user/:userId", verifyUserIsServerAdmin, @@ -460,6 +584,12 @@ authenticated.put( authenticated.get("/org/:orgId/user/:userId", verifyOrgAccess, user.getOrgUser); +authenticated.post( + "/user/:userId/2fa", + verifyUserIsServerAdmin, + user.updateUser2FA +); + authenticated.get( "/org/:orgId/users", verifyOrgAccess, @@ -524,8 +654,6 @@ authenticated.post( authenticated.delete("/idp/:idpId", verifyUserIsServerAdmin, idp.deleteIdp); -authenticated.get("/idp", verifyUserIsServerAdmin, idp.listIdps); - authenticated.get("/idp/:idpId", verifyUserIsServerAdmin, idp.getIdp); authenticated.put( @@ -555,7 +683,6 @@ authenticated.get( authenticated.get("/idp", idp.listIdps); // anyone can see this; it's just a list of idp names and ids authenticated.get("/idp/:idpId", verifyUserIsServerAdmin, idp.getIdp); -/* authenticated.get( `/api-key/:apiKeyId`, verifyUserIsServerAdmin, @@ -637,48 +764,180 @@ authenticated.get( verifyUserHasAction(ActionsEnum.getApiKey), apiKeys.getApiKey ); -*/ + +authenticated.put( + `/org/:orgId/domain`, + verifyOrgAccess, + verifyUserHasAction(ActionsEnum.createOrgDomain), + domain.createOrgDomain +); + +authenticated.post( + `/org/:orgId/domain/:domainId/restart`, + verifyOrgAccess, + verifyDomainAccess, + verifyUserHasAction(ActionsEnum.restartOrgDomain), + domain.restartOrgDomain +); + +authenticated.delete( + `/org/:orgId/domain/:domainId`, + verifyOrgAccess, + verifyDomainAccess, + verifyUserHasAction(ActionsEnum.deleteOrgDomain), + domain.deleteAccountDomain +); // Auth routes export const authRouter = Router(); unauthenticated.use("/auth", authRouter); authRouter.use( - rateLimitMiddleware({ - windowMin: - config.getRawConfig().rate_limits.auth?.window_minutes || - config.getRawConfig().rate_limits.global.window_minutes, - max: - config.getRawConfig().rate_limits.auth?.max_requests || - config.getRawConfig().rate_limits.global.max_requests, - type: "IP_AND_PATH" + rateLimit({ + windowMs: config.getRawConfig().rate_limits.auth.window_minutes, + max: config.getRawConfig().rate_limits.auth.max_requests, + keyGenerator: (req) => `authRouterGlobal:${ipKeyGenerator(req.ip || "")}:${req.path}`, + handler: (req, res, next) => { + const message = `Rate limit exceeded. You can make ${config.getRawConfig().rate_limits.auth.max_requests} requests every ${config.getRawConfig().rate_limits.auth.window_minutes} minute(s).`; + return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); + }, + store: createStore() }) ); -authRouter.put("/signup", auth.signup); -authRouter.post("/login", auth.login); +authRouter.put( + "/signup", + rateLimit({ + windowMs: 15 * 60 * 1000, + max: 15, + keyGenerator: (req) => `signup:${ipKeyGenerator(req.ip || "")}:${req.body.email}`, + handler: (req, res, next) => { + const message = `You can only sign up ${15} times every ${15} minutes. Please try again later.`; + return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); + }, + store: createStore() + }), + auth.signup +); +authRouter.post( + "/login", + rateLimit({ + windowMs: 15 * 60 * 1000, + max: 15, + keyGenerator: (req) => `login:${req.body.email || ipKeyGenerator(req.ip || "")}`, + handler: (req, res, next) => { + const message = `You can only log in ${15} times every ${15} minutes. Please try again later.`; + return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); + }, + store: createStore() + }), + auth.login +); authRouter.post("/logout", auth.logout); -authRouter.post("/newt/get-token", getToken); +authRouter.post( + "/newt/get-token", + rateLimit({ + windowMs: 15 * 60 * 1000, + max: 900, + keyGenerator: (req) => `newtGetToken:${req.body.newtId || ipKeyGenerator(req.ip || "")}`, + handler: (req, res, next) => { + const message = `You can only request a Newt token ${900} times every ${15} minutes. Please try again later.`; + return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); + }, + store: createStore() + }), + getNewtToken +); +authRouter.post( + "/olm/get-token", + rateLimit({ + windowMs: 15 * 60 * 1000, + max: 900, + keyGenerator: (req) => `olmGetToken:${req.body.newtId || ipKeyGenerator(req.ip || "")}`, + handler: (req, res, next) => { + const message = `You can only request an Olm token ${900} times every ${15} minutes. Please try again later.`; + return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); + }, + store: createStore() + }), + getOlmToken +); -authRouter.post("/2fa/enable", verifySessionUserMiddleware, auth.verifyTotp); +authRouter.post( + "/2fa/enable", + rateLimit({ + windowMs: 15 * 60 * 1000, + max: 15, + keyGenerator: (req) => { + return `signup:${req.body.email || req.user?.userId || ipKeyGenerator(req.ip || "")}`; + }, + handler: (req, res, next) => { + const message = `You can only enable 2FA ${15} times every ${15} minutes. Please try again later.`; + return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); + }, + store: createStore() + }), + auth.verifyTotp +); authRouter.post( "/2fa/request", - verifySessionUserMiddleware, + rateLimit({ + windowMs: 15 * 60 * 1000, + max: 15, + keyGenerator: (req) => { + return `signup:${req.body.email || req.user?.userId || ipKeyGenerator(req.ip || "")}`; + }, + handler: (req, res, next) => { + const message = `You can only request a 2FA code ${15} times every ${15} minutes. Please try again later.`; + return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); + }, + store: createStore() + }), auth.requestTotpSecret ); -authRouter.post("/2fa/disable", verifySessionUserMiddleware, auth.disable2fa); -authRouter.post("/verify-email", verifySessionMiddleware, auth.verifyEmail); +authRouter.post( + "/2fa/disable", + verifySessionUserMiddleware, + rateLimit({ + windowMs: 15 * 60 * 1000, + max: 15, + keyGenerator: (req) => `signup:${req.user?.userId || ipKeyGenerator(req.ip || "")}`, + handler: (req, res, next) => { + const message = `You can only disable 2FA ${15} times every ${15} minutes. Please try again later.`; + return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); + }, + store: createStore() + }), + auth.disable2fa +); +authRouter.post( + "/verify-email", + rateLimit({ + windowMs: 15 * 60 * 1000, + max: 15, + keyGenerator: (req) => `signup:${req.body.email || ipKeyGenerator(req.ip || "")}`, + handler: (req, res, next) => { + const message = `You can only sign up ${15} times every ${15} minutes. Please try again later.`; + return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); + }, + store: createStore() + }), + verifySessionMiddleware, + auth.verifyEmail +); authRouter.post( "/verify-email/request", verifySessionMiddleware, rateLimit({ windowMs: 15 * 60 * 1000, - max: 3, - keyGenerator: (req) => `requestEmailVerificationCode:${req.body.email}`, + max: 15, + keyGenerator: (req) => + `requestEmailVerificationCode:${req.body.email || ipKeyGenerator(req.ip || "")}`, handler: (req, res, next) => { - const message = `You can only request an email verification code ${3} times every ${15} minutes. Please try again later.`; + const message = `You can only request an email verification code ${15} times every ${15} minutes. Please try again later.`; return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); - } + }, + store: createStore() }), auth.requestEmailVerificationCode ); @@ -693,31 +952,76 @@ authRouter.post( "/reset-password/request", rateLimit({ windowMs: 15 * 60 * 1000, - max: 3, - keyGenerator: (req) => `requestPasswordReset:${req.body.email}`, + max: 15, + keyGenerator: (req) => + `requestPasswordReset:${req.body.email || ipKeyGenerator(req.ip || "")}`, handler: (req, res, next) => { - const message = `You can only request a password reset ${3} times every ${15} minutes. Please try again later.`; + const message = `You can only request a password reset ${15} times every ${15} minutes. Please try again later.`; return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); - } + }, + store: createStore() }), auth.requestPasswordReset ); -authRouter.post("/reset-password/", auth.resetPassword); +authRouter.post( + "/reset-password/", + rateLimit({ + windowMs: 15 * 60 * 1000, + max: 15, + keyGenerator: (req) => `resetPassword:${req.body.email || ipKeyGenerator(req.ip || "")}`, + handler: (req, res, next) => { + const message = `You can only request a password reset ${15} times every ${15} minutes. Please try again later.`; + return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); + }, + store: createStore() + }), + auth.resetPassword +); -authRouter.post("/resource/:resourceId/password", resource.authWithPassword); -authRouter.post("/resource/:resourceId/pincode", resource.authWithPincode); +authRouter.post( + "/resource/:resourceId/password", + rateLimit({ + windowMs: 15 * 60 * 1000, + max: 15, + keyGenerator: (req) => + `authWithPassword:${ipKeyGenerator(req.ip || "")}:${req.params.resourceId || ipKeyGenerator(req.ip || "")}`, + handler: (req, res, next) => { + const message = `You can only authenticate with password ${15} times every ${15} minutes. Please try again later.`; + return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); + }, + store: createStore() + }), + resource.authWithPassword +); +authRouter.post( + "/resource/:resourceId/pincode", + rateLimit({ + windowMs: 15 * 60 * 1000, + max: 15, + keyGenerator: (req) => + `authWithPincode:${ipKeyGenerator(req.ip || "")}:${req.params.resourceId || ipKeyGenerator(req.ip || "")}`, + handler: (req, res, next) => { + const message = `You can only authenticate with pincode ${15} times every ${15} minutes. Please try again later.`; + return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); + }, + store: createStore() + }), + resource.authWithPincode +); authRouter.post( "/resource/:resourceId/whitelist", rateLimit({ windowMs: 15 * 60 * 1000, - max: 10, - keyGenerator: (req) => `authWithWhitelist:${req.body.email}`, + max: 15, + keyGenerator: (req) => + `authWithWhitelist:${ipKeyGenerator(req.ip || "")}:${req.body.email}:${req.params.resourceId}`, handler: (req, res, next) => { - const message = `You can only request an email OTP ${10} times every ${15} minutes. Please try again later.`; + const message = `You can only request an email OTP ${15} times every ${15} minutes. Please try again later.`; return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); - } + }, + store: createStore() }), resource.authWithWhitelist ); @@ -732,3 +1036,67 @@ authRouter.post("/access-token", resource.authWithAccessToken); authRouter.post("/idp/:idpId/oidc/generate-url", idp.generateOidcUrl); authRouter.post("/idp/:idpId/oidc/validate-callback", idp.validateOidcCallback); + +authRouter.put("/set-server-admin", auth.setServerAdmin); +authRouter.get("/initial-setup-complete", auth.initialSetupComplete); +authRouter.post("/validate-setup-token", auth.validateSetupToken); + +// Security Key routes +authRouter.post( + "/security-key/register/start", + verifySessionUserMiddleware, + rateLimit({ + windowMs: 15 * 60 * 1000, // 15 minutes + max: 5, // Allow 5 security key registrations per 15 minutes + keyGenerator: (req) => + `securityKeyRegister:${req.user?.userId || ipKeyGenerator(req.ip || "")}`, + handler: (req, res, next) => { + const message = `You can only register a security key ${5} times every ${15} minutes. Please try again later.`; + return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); + }, + store: createStore() + }), + auth.startRegistration +); +authRouter.post( + "/security-key/register/verify", + verifySessionUserMiddleware, + auth.verifyRegistration +); +authRouter.post( + "/security-key/authenticate/start", + rateLimit({ + windowMs: 15 * 60 * 1000, // 15 minutes + max: 10, // Allow 10 authentication attempts per 15 minutes per IP + keyGenerator: (req) => { + return `securityKeyAuth:${req.body.email || ipKeyGenerator(req.ip || "")}`; + }, + handler: (req, res, next) => { + const message = `You can only attempt security key authentication ${10} times every ${15} minutes. Please try again later.`; + return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); + }, + store: createStore() + }), + auth.startAuthentication +); +authRouter.post("/security-key/authenticate/verify", auth.verifyAuthentication); +authRouter.get( + "/security-key/list", + verifySessionUserMiddleware, + auth.listSecurityKeys +); +authRouter.delete( + "/security-key/:credentialId", + verifySessionUserMiddleware, + rateLimit({ + windowMs: 15 * 60 * 1000, // 15 minutes + max: 20, // Allow 10 authentication attempts per 15 minutes per IP + keyGenerator: (req) => `securityKeyAuth:${req.user?.userId || ipKeyGenerator(req.ip || "")}`, + handler: (req, res, next) => { + const message = `You can only delete a security key ${10} times every ${15} minutes. Please try again later.`; + return next(createHttpError(HttpCode.TOO_MANY_REQUESTS, message)); + }, + store: createStore() + }), + auth.deleteSecurityKey +); diff --git a/server/routers/gerbil/createExitNode.ts b/server/routers/gerbil/createExitNode.ts new file mode 100644 index 00000000..d4e6d43a --- /dev/null +++ b/server/routers/gerbil/createExitNode.ts @@ -0,0 +1,58 @@ +import { db, ExitNode, exitNodes } from "@server/db"; +import { getUniqueExitNodeEndpointName } from "@server/db/names"; +import config from "@server/lib/config"; +import { getNextAvailableSubnet } from "@server/lib/exitNodes"; +import logger from "@server/logger"; +import { eq } from "drizzle-orm"; + +export async function createExitNode(publicKey: string, reachableAt: string | undefined) { + // Fetch exit node + const [exitNodeQuery] = await db.select().from(exitNodes).limit(1); + let exitNode: ExitNode; + if (!exitNodeQuery) { + const address = await getNextAvailableSubnet(); + // TODO: eventually we will want to get the next available port so that we can multiple exit nodes + // const listenPort = await getNextAvailablePort(); + const listenPort = config.getRawConfig().gerbil.start_port; + let subEndpoint = ""; + if (config.getRawConfig().gerbil.use_subdomain) { + subEndpoint = await getUniqueExitNodeEndpointName(); + } + + const exitNodeName = + config.getRawConfig().gerbil.exit_node_name || + `Exit Node ${publicKey.slice(0, 8)}`; + + // create a new exit node + [exitNode] = await db + .insert(exitNodes) + .values({ + publicKey, + endpoint: `${subEndpoint}${subEndpoint != "" ? "." : ""}${config.getRawConfig().gerbil.base_endpoint}`, + address, + listenPort, + reachableAt, + name: exitNodeName + }) + .returning() + .execute(); + + logger.info( + `Created new exit node ${exitNode.name} with address ${exitNode.address} and port ${exitNode.listenPort}` + ); + } else { + // update the existing exit node + [exitNode] = await db + .update(exitNodes) + .set({ + reachableAt, + publicKey + }) + .where(eq(exitNodes.publicKey, publicKey)) + .returning(); + + logger.info(`Updated exit node`); + } + + return exitNode; +} diff --git a/server/routers/gerbil/getAllRelays.ts b/server/routers/gerbil/getAllRelays.ts new file mode 100644 index 00000000..6eaf87e2 --- /dev/null +++ b/server/routers/gerbil/getAllRelays.ts @@ -0,0 +1,186 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { + clients, + exitNodes, + newts, + olms, + Site, + sites, + clientSites, + ExitNode +} from "@server/db"; +import { db } from "@server/db"; +import { eq } from "drizzle-orm"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { fromError } from "zod-validation-error"; + +// Define Zod schema for request validation +const getAllRelaysSchema = z.object({ + publicKey: z.string().optional() +}); + +// Type for peer destination +interface PeerDestination { + destinationIP: string; + destinationPort: number; +} + +// Updated mappings type to support multiple destinations per endpoint +interface ProxyMapping { + destinations: PeerDestination[]; +} + +export async function getAllRelays( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + // Validate request parameters + const parsedParams = getAllRelaysSchema.safeParse(req.body); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const { publicKey } = parsedParams.data; + + if (!publicKey) { + return next( + createHttpError(HttpCode.BAD_REQUEST, "publicKey is required") + ); + } + + // Fetch exit node + const [exitNode] = await db + .select() + .from(exitNodes) + .where(eq(exitNodes.publicKey, publicKey)); + if (!exitNode) { + return next( + createHttpError(HttpCode.NOT_FOUND, "Exit node not found") + ); + } + + const mappings = await generateRelayMappings(exitNode); + + logger.debug( + `Returning mappings for ${Object.keys(mappings).length} endpoints` + ); + return res.status(HttpCode.OK).send({ mappings }); + } catch (error) { + logger.error(error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "An error occurred..." + ) + ); + } +} + +export async function generateRelayMappings(exitNode: ExitNode) { + // Fetch sites for this exit node + const sitesRes = await db + .select() + .from(sites) + .where(eq(sites.exitNodeId, exitNode.exitNodeId)); + + if (sitesRes.length === 0) { + return {}; + } + + // Initialize mappings object for multi-peer support + const mappings: { [key: string]: ProxyMapping } = {}; + + // Process each site + for (const site of sitesRes) { + if (!site.endpoint || !site.subnet || !site.listenPort) { + continue; + } + + // Find all clients associated with this site through clientSites + const clientSitesRes = await db + .select() + .from(clientSites) + .where(eq(clientSites.siteId, site.siteId)); + + for (const clientSite of clientSitesRes) { + if (!clientSite.endpoint) { + continue; + } + + // Add this site as a destination for the client + if (!mappings[clientSite.endpoint]) { + mappings[clientSite.endpoint] = { destinations: [] }; + } + + // Add site as a destination for this client + const destination: PeerDestination = { + destinationIP: site.subnet.split("/")[0], + destinationPort: site.listenPort + }; + + // Check if this destination is already in the array to avoid duplicates + const isDuplicate = mappings[clientSite.endpoint].destinations.some( + (dest) => + dest.destinationIP === destination.destinationIP && + dest.destinationPort === destination.destinationPort + ); + + if (!isDuplicate) { + mappings[clientSite.endpoint].destinations.push(destination); + } + } + + // Also handle site-to-site communication (all sites in the same org) + if (site.orgId) { + const orgSites = await db + .select() + .from(sites) + .where(eq(sites.orgId, site.orgId)); + + for (const peer of orgSites) { + // Skip self + if ( + peer.siteId === site.siteId || + !peer.endpoint || + !peer.subnet || + !peer.listenPort + ) { + continue; + } + + // Add peer site as a destination for this site + if (!mappings[site.endpoint]) { + mappings[site.endpoint] = { destinations: [] }; + } + + const destination: PeerDestination = { + destinationIP: peer.subnet.split("/")[0], + destinationPort: peer.listenPort + }; + + // Check for duplicates + const isDuplicate = mappings[site.endpoint].destinations.some( + (dest) => + dest.destinationIP === destination.destinationIP && + dest.destinationPort === destination.destinationPort + ); + + if (!isDuplicate) { + mappings[site.endpoint].destinations.push(destination); + } + } + } + } + + return mappings; +} diff --git a/server/routers/gerbil/getConfig.ts b/server/routers/gerbil/getConfig.ts index ee742c21..71d1a45e 100644 --- a/server/routers/gerbil/getConfig.ts +++ b/server/routers/gerbil/getConfig.ts @@ -1,21 +1,24 @@ -import { Request, Response, NextFunction } from 'express'; -import { z } from 'zod'; -import { sites, resources, targets, exitNodes } from '@server/db/schemas'; -import { db } from '@server/db'; -import { eq } from 'drizzle-orm'; -import response from "@server/lib/response"; -import HttpCode from '@server/types/HttpCode'; -import createHttpError from 'http-errors'; -import logger from '@server/logger'; +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { sites, resources, targets, exitNodes, ExitNode } from "@server/db"; +import { db } from "@server/db"; +import { eq, isNotNull, and } from "drizzle-orm"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; import config from "@server/lib/config"; -import { getUniqueExitNodeEndpointName } from '@server/db/names'; +import { getUniqueExitNodeEndpointName } from "../../db/names"; import { findNextAvailableCidr } from "@server/lib/ip"; -import { fromError } from 'zod-validation-error'; -import { getAllowedIps } from '../target/helpers'; +import { fromError } from "zod-validation-error"; +import { getAllowedIps } from "../target/helpers"; +import { proxyToRemote } from "@server/lib/remoteProxy"; +import { getNextAvailableSubnet } from "@server/lib/exitNodes"; +import { createExitNode } from "./createExitNode"; + // Define Zod schema for request validation const getConfigSchema = z.object({ publicKey: z.string(), - reachableAt: z.string().optional(), + reachableAt: z.string().optional() }); export type GetConfigResponse = { @@ -25,9 +28,13 @@ export type GetConfigResponse = { publicKey: string | null; allowedIps: string[]; }[]; -} +}; -export async function getConfig(req: Request, res: Response, next: NextFunction): Promise { +export async function getConfig( + req: Request, + res: Response, + next: NextFunction +): Promise { try { // Validate request parameters const parsedParams = getConfigSchema.safeParse(req.body); @@ -43,90 +50,96 @@ export async function getConfig(req: Request, res: Response, next: NextFunction) const { publicKey, reachableAt } = parsedParams.data; if (!publicKey) { - return next(createHttpError(HttpCode.BAD_REQUEST, 'publicKey is required')); + return next( + createHttpError(HttpCode.BAD_REQUEST, "publicKey is required") + ); } - // Fetch exit node - let exitNodeQuery = await db.select().from(exitNodes).where(eq(exitNodes.publicKey, publicKey)); - let exitNode; - if (exitNodeQuery.length === 0) { - const address = await getNextAvailableSubnet(); - // TODO: eventually we will want to get the next available port so that we can multiple exit nodes - // const listenPort = await getNextAvailablePort(); - const listenPort = config.getRawConfig().gerbil.start_port; - let subEndpoint = ""; - if (config.getRawConfig().gerbil.use_subdomain) { - subEndpoint = await getUniqueExitNodeEndpointName(); - } - - // create a new exit node - exitNode = await db.insert(exitNodes).values({ - publicKey, - endpoint: `${subEndpoint}${subEndpoint != "" ? "." : ""}${config.getRawConfig().gerbil.base_endpoint}`, - address, - listenPort, - reachableAt, - name: `Exit Node ${publicKey.slice(0, 8)}`, - }).returning().execute(); - - logger.info(`Created new exit node ${exitNode[0].name} with address ${exitNode[0].address} and port ${exitNode[0].listenPort}`); - } else { - exitNode = exitNodeQuery; - } + const exitNode = await createExitNode(publicKey, reachableAt); if (!exitNode) { - return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "Failed to create exit node")); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to create exit node" + ) + ); } - // Fetch sites for this exit node - const sitesRes = await db.query.sites.findMany({ - where: eq(sites.exitNodeId, exitNode[0].exitNodeId), - }); - - const peers = await Promise.all(sitesRes.map(async (site) => { - return { - publicKey: site.pubKey, - allowedIps: await getAllowedIps(site.siteId) + // STOP HERE IN HYBRID MODE + if (config.isManagedMode()) { + req.body = { + ...req.body, + endpoint: exitNode.endpoint, + listenPort: exitNode.listenPort }; - })); + return proxyToRemote(req, res, next, "hybrid/gerbil/get-config"); + } - const configResponse: GetConfigResponse = { - listenPort: exitNode[0].listenPort || 51820, - ipAddress: exitNode[0].address, - peers, - }; + const configResponse = await generateGerbilConfig(exitNode); logger.debug("Sending config: ", configResponse); return res.status(HttpCode.OK).send(configResponse); } catch (error) { logger.error(error); - return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred...")); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "An error occurred..." + ) + ); } } -async function getNextAvailableSubnet(): Promise { - // Get all existing subnets from routes table - const existingAddresses = await db.select({ - address: exitNodes.address, - }).from(exitNodes); +export async function generateGerbilConfig(exitNode: ExitNode) { + const sitesRes = await db + .select() + .from(sites) + .where( + and( + eq(sites.exitNodeId, exitNode.exitNodeId), + isNotNull(sites.pubKey), + isNotNull(sites.subnet) + ) + ); - const addresses = existingAddresses.map(a => a.address); - let subnet = findNextAvailableCidr(addresses, config.getRawConfig().gerbil.block_size, config.getRawConfig().gerbil.subnet_group); - if (!subnet) { - throw new Error('No available subnets remaining in space'); - } + const peers = await Promise.all( + sitesRes.map(async (site) => { + if (site.type === "wireguard") { + return { + publicKey: site.pubKey, + allowedIps: await getAllowedIps(site.siteId) + }; + } else if (site.type === "newt") { + return { + publicKey: site.pubKey, + allowedIps: [site.subnet!] + }; + } + return { + publicKey: null, + allowedIps: [] + }; + }) + ); - // replace the last octet with 1 - subnet = subnet.split('.').slice(0, 3).join('.') + '.1' + '/' + subnet.split('/')[1]; - return subnet; + const configResponse: GetConfigResponse = { + listenPort: exitNode.listenPort || 51820, + ipAddress: exitNode.address, + peers + }; + + return configResponse; } async function getNextAvailablePort(): Promise { // Get all existing ports from exitNodes table - const existingPorts = await db.select({ - listenPort: exitNodes.listenPort, - }).from(exitNodes); + const existingPorts = await db + .select({ + listenPort: exitNodes.listenPort + }) + .from(exitNodes); // Find the first available port between 1024 and 65535 let nextPort = config.getRawConfig().gerbil.start_port; @@ -136,7 +149,7 @@ async function getNextAvailablePort(): Promise { } nextPort++; if (nextPort > 65535) { - throw new Error('No available ports remaining in space'); + throw new Error("No available ports remaining in space"); } } diff --git a/server/routers/gerbil/getResolvedHostname.ts b/server/routers/gerbil/getResolvedHostname.ts new file mode 100644 index 00000000..da2ab39a --- /dev/null +++ b/server/routers/gerbil/getResolvedHostname.ts @@ -0,0 +1,46 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { fromError } from "zod-validation-error"; + +// Define Zod schema for request validation +const getResolvedHostnameSchema = z.object({ + hostname: z.string(), + publicKey: z.string() +}); + +export async function getResolvedHostname( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + // Validate request parameters + const parsedParams = getResolvedHostnameSchema.safeParse( + req.body + ); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + // return the endpoints + return res.status(HttpCode.OK).send({ + endpoints: [] // ALWAYS ROUTE LOCALLY + }); + } catch (error) { + logger.error(error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "An error occurred..." + ) + ); + } +} diff --git a/server/routers/gerbil/index.ts b/server/routers/gerbil/index.ts index 82f82c4c..bff57d05 100644 --- a/server/routers/gerbil/index.ts +++ b/server/routers/gerbil/index.ts @@ -1,2 +1,5 @@ export * from "./getConfig"; export * from "./receiveBandwidth"; +export * from "./updateHolePunch"; +export * from "./getAllRelays"; +export * from "./getResolvedHostname"; \ No newline at end of file diff --git a/server/routers/gerbil/peers.ts b/server/routers/gerbil/peers.ts index 47527ea0..51a338a7 100644 --- a/server/routers/gerbil/peers.ts +++ b/server/routers/gerbil/peers.ts @@ -1,55 +1,58 @@ -import axios from 'axios'; -import logger from '@server/logger'; -import db from '@server/db'; -import { exitNodes } from '@server/db/schemas'; -import { eq } from 'drizzle-orm'; +import logger from "@server/logger"; +import { db } from "@server/db"; +import { exitNodes } from "@server/db"; +import { eq } from "drizzle-orm"; +import { sendToExitNode } from "../../lib/exitNodeComms"; -export async function addPeer(exitNodeId: number, peer: { - publicKey: string; - allowedIps: string[]; -}) { - - const [exitNode] = await db.select().from(exitNodes).where(eq(exitNodes.exitNodeId, exitNodeId)).limit(1); +export async function addPeer( + exitNodeId: number, + peer: { + publicKey: string; + allowedIps: string[]; + } +) { + logger.info( + `Adding peer with public key ${peer.publicKey} to exit node ${exitNodeId}` + ); + const [exitNode] = await db + .select() + .from(exitNodes) + .where(eq(exitNodes.exitNodeId, exitNodeId)) + .limit(1); if (!exitNode) { throw new Error(`Exit node with ID ${exitNodeId} not found`); } - if (!exitNode.reachableAt) { - throw new Error(`Exit node with ID ${exitNodeId} is not reachable`); - } - try { - const response = await axios.post(`${exitNode.reachableAt}/peer`, peer, { - headers: { - 'Content-Type': 'application/json', - } - }); - - logger.info('Peer added successfully:', response.data.status); - return response.data; - } catch (error) { - if (axios.isAxiosError(error)) { - throw new Error(`HTTP error! status: ${error.response?.status}`); - } - throw error; - } + return await sendToExitNode(exitNode, { + remoteType: "remoteExitNode/peers/add", + localPath: "/peer", + method: "POST", + data: peer + }); } export async function deletePeer(exitNodeId: number, publicKey: string) { - const [exitNode] = await db.select().from(exitNodes).where(eq(exitNodes.exitNodeId, exitNodeId)).limit(1); + logger.info( + `Deleting peer with public key ${publicKey} from exit node ${exitNodeId}` + ); + const [exitNode] = await db + .select() + .from(exitNodes) + .where(eq(exitNodes.exitNodeId, exitNodeId)) + .limit(1); if (!exitNode) { throw new Error(`Exit node with ID ${exitNodeId} not found`); } - if (!exitNode.reachableAt) { - throw new Error(`Exit node with ID ${exitNodeId} is not reachable`); - } - try { - const response = await axios.delete(`${exitNode.reachableAt}/peer?public_key=${encodeURIComponent(publicKey)}`); - logger.info('Peer deleted successfully:', response.data.status); - return response.data; - } catch (error) { - if (axios.isAxiosError(error)) { - throw new Error(`HTTP error! status: ${error.response?.status}`); + + return await sendToExitNode(exitNode, { + remoteType: "remoteExitNode/peers/remove", + localPath: "/peer", + method: "DELETE", + data: { + publicKey: publicKey + }, + queryParams: { + public_key: publicKey } - throw error; - } + }); } diff --git a/server/routers/gerbil/receiveBandwidth.ts b/server/routers/gerbil/receiveBandwidth.ts index a6c1e791..fb7723ee 100644 --- a/server/routers/gerbil/receiveBandwidth.ts +++ b/server/routers/gerbil/receiveBandwidth.ts @@ -1,11 +1,15 @@ import { Request, Response, NextFunction } from "express"; -import { DrizzleError, eq } from "drizzle-orm"; -import { sites, resources, targets, exitNodes } from "@server/db/schemas"; -import db from "@server/db"; +import { eq, and, lt, inArray, sql } from "drizzle-orm"; +import { sites } from "@server/db"; +import { db } from "@server/db"; import logger from "@server/logger"; import createHttpError from "http-errors"; import HttpCode from "@server/types/HttpCode"; import response from "@server/lib/response"; +import { checkExitNodeOrg } from "@server/lib/exitNodes"; + +// Track sites that are already offline to avoid unnecessary queries +const offlineSites = new Set(); interface PeerBandwidth { publicKey: string; @@ -25,54 +29,13 @@ export const receiveBandwidth = async ( throw new Error("Invalid bandwidth data"); } - await db.transaction(async (trx) => { - for (const peer of bandwidthData) { - const { publicKey, bytesIn, bytesOut } = peer; - - // Find the site by public key - const site = await trx.query.sites.findFirst({ - where: eq(sites.pubKey, publicKey) - }); - - if (!site) { - logger.warn(`Site not found for public key: ${publicKey}`); - continue; - } - let online = site.online; - - // if the bandwidth for the site is > 0 then set it to online. if it has been less than 0 (no update) for 5 minutes then set it to offline - if (bytesIn > 0 || bytesOut > 0) { - online = true; - } else if (site.lastBandwidthUpdate) { - const lastBandwidthUpdate = new Date( - site.lastBandwidthUpdate - ); - const currentTime = new Date(); - const diff = - currentTime.getTime() - lastBandwidthUpdate.getTime(); - if (diff < 300000) { - online = false; - } - } - - // Update the site's bandwidth usage - await trx - .update(sites) - .set({ - megabytesOut: (site.megabytesOut || 0) + bytesIn, - megabytesIn: (site.megabytesIn || 0) + bytesOut, - lastBandwidthUpdate: new Date().toISOString(), - online - }) - .where(eq(sites.siteId, site.siteId)); - } - }); + await updateSiteBandwidth(bandwidthData); return response(res, { data: {}, success: true, error: false, - message: "Organization retrieved successfully", + message: "Bandwidth data updated successfully", status: HttpCode.OK }); } catch (error) { @@ -86,8 +49,140 @@ export const receiveBandwidth = async ( } }; -function calculateSubnet(index: number): string { - const baseIp = 10 << 24; - const subnetSize = 16; - return `${(baseIp | (index * subnetSize)).toString()}/28`; +export async function updateSiteBandwidth( + bandwidthData: PeerBandwidth[], + exitNodeId?: number +) { + const currentTime = new Date(); + const oneMinuteAgo = new Date(currentTime.getTime() - 60000); // 1 minute ago + + // logger.debug(`Received data: ${JSON.stringify(bandwidthData)}`); + + await db.transaction(async (trx) => { + // First, handle sites that are actively reporting bandwidth + const activePeers = bandwidthData.filter((peer) => peer.bytesIn > 0); // Bytesout will have data as it tries to send keep alive messages + + if (activePeers.length > 0) { + // Remove any active peers from offline tracking since they're sending data + activePeers.forEach((peer) => offlineSites.delete(peer.publicKey)); + + // Aggregate usage data by organization + const orgUsageMap = new Map(); + const orgUptimeMap = new Map(); + + // Update all active sites with bandwidth data and get the site data in one operation + const updatedSites = []; + for (const peer of activePeers) { + const [updatedSite] = await trx + .update(sites) + .set({ + megabytesOut: sql`${sites.megabytesOut} + ${peer.bytesIn}`, + megabytesIn: sql`${sites.megabytesIn} + ${peer.bytesOut}`, + lastBandwidthUpdate: currentTime.toISOString(), + online: true + }) + .where(eq(sites.pubKey, peer.publicKey)) + .returning({ + online: sites.online, + orgId: sites.orgId, + siteId: sites.siteId, + lastBandwidthUpdate: sites.lastBandwidthUpdate + }); + + if (exitNodeId) { + if (await checkExitNodeOrg(exitNodeId, updatedSite.orgId)) { + // not allowed + logger.warn( + `Exit node ${exitNodeId} is not allowed for org ${updatedSite.orgId}` + ); + // THIS SHOULD TRIGGER THE TRANSACTION TO FAIL? + throw new Error("Exit node not allowed"); + } + } + + if (updatedSite) { + updatedSites.push({ ...updatedSite, peer }); + } + } + + // Calculate org usage aggregations using the updated site data + for (const { peer, ...site } of updatedSites) { + // Aggregate bandwidth usage for the org + const totalBandwidth = peer.bytesIn + peer.bytesOut; + const currentOrgUsage = orgUsageMap.get(site.orgId) || 0; + orgUsageMap.set(site.orgId, currentOrgUsage + totalBandwidth); + + // Add 10 seconds of uptime for each active site + const currentOrgUptime = orgUptimeMap.get(site.orgId) || 0; + orgUptimeMap.set(site.orgId, currentOrgUptime + 10 / 60); // Store in minutes and jut add 10 seconds + } + } + + // Handle sites that reported zero bandwidth but need online status updated + const zeroBandwidthPeers = bandwidthData.filter( + (peer) => peer.bytesIn === 0 && !offlineSites.has(peer.publicKey) // Bytesout will have data as it tries to send keep alive messages + ); + + if (zeroBandwidthPeers.length > 0) { + const zeroBandwidthSites = await trx + .select() + .from(sites) + .where( + inArray( + sites.pubKey, + zeroBandwidthPeers.map((p) => p.publicKey) + ) + ); + + for (const site of zeroBandwidthSites) { + let newOnlineStatus = site.online; + + // Check if site should go offline based on last bandwidth update WITH DATA + if (site.lastBandwidthUpdate) { + const lastUpdateWithData = new Date( + site.lastBandwidthUpdate + ); + if (lastUpdateWithData < oneMinuteAgo) { + newOnlineStatus = false; + } + } else { + // No previous data update recorded, set to offline + newOnlineStatus = false; + } + + // Always update lastBandwidthUpdate to show this instance is receiving reports + // Only update online status if it changed + if (site.online !== newOnlineStatus) { + const [updatedSite] = await trx + .update(sites) + .set({ + online: newOnlineStatus + }) + .where(eq(sites.siteId, site.siteId)) + .returning(); + + if (exitNodeId) { + if ( + await checkExitNodeOrg( + exitNodeId, + updatedSite.orgId + ) + ) { + // not allowed + logger.warn( + `Exit node ${exitNodeId} is not allowed for org ${updatedSite.orgId}` + ); + // THIS SHOULD TRIGGER THE TRANSACTION TO FAIL? + throw new Error("Exit node not allowed"); + } + } + + // If site went offline, add it to our tracking set + if (!newOnlineStatus && site.pubKey) { + offlineSites.add(site.pubKey); + } + } + } + } + }); } diff --git a/server/routers/gerbil/updateHolePunch.ts b/server/routers/gerbil/updateHolePunch.ts new file mode 100644 index 00000000..1662e420 --- /dev/null +++ b/server/routers/gerbil/updateHolePunch.ts @@ -0,0 +1,328 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { + clients, + newts, + olms, + Site, + sites, + clientSites, + exitNodes, + ExitNode +} from "@server/db"; +import { db } from "@server/db"; +import { eq, and } from "drizzle-orm"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { fromError } from "zod-validation-error"; +import { validateNewtSessionToken } from "@server/auth/sessions/newt"; +import { validateOlmSessionToken } from "@server/auth/sessions/olm"; +import axios from "axios"; +import { checkExitNodeOrg } from "@server/lib/exitNodes"; + +// Define Zod schema for request validation +const updateHolePunchSchema = z.object({ + olmId: z.string().optional(), + newtId: z.string().optional(), + token: z.string(), + ip: z.string(), + port: z.number(), + timestamp: z.number(), + reachableAt: z.string().optional(), + publicKey: z.string().optional() +}); + +// New response type with multi-peer destination support +interface PeerDestination { + destinationIP: string; + destinationPort: number; +} + +export async function updateHolePunch( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + // Validate request parameters + const parsedParams = updateHolePunchSchema.safeParse(req.body); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const { + olmId, + newtId, + ip, + port, + timestamp, + token, + reachableAt, + publicKey + } = parsedParams.data; + + let exitNode: ExitNode | undefined; + if (publicKey) { + // Get the exit node by public key + [exitNode] = await db + .select() + .from(exitNodes) + .where(eq(exitNodes.publicKey, publicKey)); + } else { + // FOR BACKWARDS COMPATIBILITY IF GERBIL IS STILL =<1.1.0 + [exitNode] = await db.select().from(exitNodes).limit(1); + } + + if (!exitNode) { + logger.warn(`Exit node not found for publicKey: ${publicKey}`); + return next( + createHttpError(HttpCode.NOT_FOUND, "Exit node not found") + ); + } + + const destinations = await updateAndGenerateEndpointDestinations( + olmId, + newtId, + ip, + port, + timestamp, + token, + exitNode + ); + + logger.debug( + `Returning ${destinations.length} peer destinations for olmId: ${olmId} or newtId: ${newtId}: ${JSON.stringify(destinations, null, 2)}` + ); + + // Return the new multi-peer structure + return res.status(HttpCode.OK).send({ + destinations: destinations + }); + } catch (error) { + logger.error(error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "An error occurred..." + ) + ); + } +} + +export async function updateAndGenerateEndpointDestinations( + olmId: string | undefined, + newtId: string | undefined, + ip: string, + port: number, + timestamp: number, + token: string, + exitNode: ExitNode +) { + let currentSiteId: number | undefined; + const destinations: PeerDestination[] = []; + + if (olmId) { + logger.debug( + `Got hole punch with ip: ${ip}, port: ${port} for olmId: ${olmId}` + ); + + const { session, olm: olmSession } = + await validateOlmSessionToken(token); + if (!session || !olmSession) { + throw new Error("Unauthorized"); + } + + if (olmId !== olmSession.olmId) { + logger.warn(`Olm ID mismatch: ${olmId} !== ${olmSession.olmId}`); + throw new Error("Unauthorized"); + } + + const [olm] = await db.select().from(olms).where(eq(olms.olmId, olmId)); + + if (!olm || !olm.clientId) { + logger.warn(`Olm not found: ${olmId}`); + throw new Error("Olm not found"); + } + + const [client] = await db + .update(clients) + .set({ + lastHolePunch: timestamp + }) + .where(eq(clients.clientId, olm.clientId)) + .returning(); + + if (await checkExitNodeOrg(exitNode.exitNodeId, client.orgId)) { + // not allowed + logger.warn( + `Exit node ${exitNode.exitNodeId} is not allowed for org ${client.orgId}` + ); + throw new Error("Exit node not allowed"); + } + + // Get sites that are on this specific exit node and connected to this client + const sitesOnExitNode = await db + .select({ + siteId: sites.siteId, + subnet: sites.subnet, + listenPort: sites.listenPort + }) + .from(sites) + .innerJoin(clientSites, eq(sites.siteId, clientSites.siteId)) + .where( + and( + eq(sites.exitNodeId, exitNode.exitNodeId), + eq(clientSites.clientId, olm.clientId) + ) + ); + + // Update clientSites for each site on this exit node + for (const site of sitesOnExitNode) { + logger.debug( + `Updating site ${site.siteId} on exit node ${exitNode.exitNodeId}` + ); + + await db + .update(clientSites) + .set({ + endpoint: `${ip}:${port}` + }) + .where( + and( + eq(clientSites.clientId, olm.clientId), + eq(clientSites.siteId, site.siteId) + ) + ); + } + + logger.debug( + `Updated ${sitesOnExitNode.length} sites on exit node ${exitNode.exitNodeId}` + ); + if (!client) { + logger.warn(`Client not found for olm: ${olmId}`); + throw new Error("Client not found"); + } + + // Create a list of the destinations from the sites + for (const site of sitesOnExitNode) { + if (site.subnet && site.listenPort) { + destinations.push({ + destinationIP: site.subnet.split("/")[0], + destinationPort: site.listenPort + }); + } + } + } else if (newtId) { + logger.debug( + `Got hole punch with ip: ${ip}, port: ${port} for newtId: ${newtId}` + ); + + const { session, newt: newtSession } = + await validateNewtSessionToken(token); + + if (!session || !newtSession) { + throw new Error("Unauthorized"); + } + + if (newtId !== newtSession.newtId) { + logger.warn( + `Newt ID mismatch: ${newtId} !== ${newtSession.newtId}` + ); + throw new Error("Unauthorized"); + } + + const [newt] = await db + .select() + .from(newts) + .where(eq(newts.newtId, newtId)); + + if (!newt || !newt.siteId) { + logger.warn(`Newt not found: ${newtId}`); + throw new Error("Newt not found"); + } + + const [site] = await db + .select() + .from(sites) + .where(eq(sites.siteId, newt.siteId)) + .limit(1); + + if (await checkExitNodeOrg(exitNode.exitNodeId, site.orgId)) { + // not allowed + logger.warn( + `Exit node ${exitNode.exitNodeId} is not allowed for org ${site.orgId}` + ); + throw new Error("Exit node not allowed"); + } + + currentSiteId = newt.siteId; + + // Update the current site with the new endpoint + const [updatedSite] = await db + .update(sites) + .set({ + endpoint: `${ip}:${port}`, + lastHolePunch: timestamp + }) + .where(eq(sites.siteId, newt.siteId)) + .returning(); + + if (!updatedSite || !updatedSite.subnet) { + logger.warn(`Site not found: ${newt.siteId}`); + throw new Error("Site not found"); + } + + // Find all clients that connect to this site + // const sitesClientPairs = await db + // .select() + // .from(clientSites) + // .where(eq(clientSites.siteId, newt.siteId)); + + // THE NEWT IS NOT SENDING RAW WG TO THE GERBIL SO IDK IF WE REALLY NEED THIS - REMOVING + // Get client details for each client + // for (const pair of sitesClientPairs) { + // const [client] = await db + // .select() + // .from(clients) + // .where(eq(clients.clientId, pair.clientId)); + + // if (client && client.endpoint) { + // const [host, portStr] = client.endpoint.split(':'); + // if (host && portStr) { + // destinations.push({ + // destinationIP: host, + // destinationPort: parseInt(portStr, 10) + // }); + // } + // } + // } + + // If this is a newt/site, also add other sites in the same org + // if (updatedSite.orgId) { + // const orgSites = await db + // .select() + // .from(sites) + // .where(eq(sites.orgId, updatedSite.orgId)); + + // for (const site of orgSites) { + // // Don't add the current site to the destinations + // if (site.siteId !== currentSiteId && site.subnet && site.endpoint && site.listenPort) { + // const [host, portStr] = site.endpoint.split(':'); + // if (host && portStr) { + // destinations.push({ + // destinationIP: host, + // destinationPort: site.listenPort + // }); + // } + // } + // } + // } + } + return destinations; +} diff --git a/server/routers/idp/createIdpOrgPolicy.ts b/server/routers/idp/createIdpOrgPolicy.ts index 4f976b4c..63ce2edb 100644 --- a/server/routers/idp/createIdpOrgPolicy.ts +++ b/server/routers/idp/createIdpOrgPolicy.ts @@ -8,7 +8,7 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; import { eq, and } from "drizzle-orm"; -import { idp, idpOrg } from "@server/db/schemas"; +import { idp, idpOrg } from "@server/db"; const paramsSchema = z .object({ diff --git a/server/routers/idp/createOidcIdp.ts b/server/routers/idp/createOidcIdp.ts index e7fc6a5b..e833d966 100644 --- a/server/routers/idp/createOidcIdp.ts +++ b/server/routers/idp/createOidcIdp.ts @@ -7,7 +7,7 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -import { idp, idpOidcConfig, idpOrg, orgs } from "@server/db/schemas"; +import { idp, idpOidcConfig, idpOrg, orgs } from "@server/db"; import { generateOidcRedirectUrl } from "@server/lib/idp/generateRedirectUrl"; import { encrypt } from "@server/lib/crypto"; import config from "@server/lib/config"; @@ -67,7 +67,7 @@ export async function createOidcIdp( ); } - let { + const { clientId, clientSecret, authUrl, @@ -80,7 +80,7 @@ export async function createOidcIdp( autoProvision } = parsedBody.data; - const key = config.getRawConfig().server.secret; + const key = config.getRawConfig().server.secret!; const encryptedSecret = encrypt(clientSecret, key); const encryptedClientId = encrypt(clientId, key); diff --git a/server/routers/idp/deleteIdp.ts b/server/routers/idp/deleteIdp.ts index ac84c4f7..e862c81c 100644 --- a/server/routers/idp/deleteIdp.ts +++ b/server/routers/idp/deleteIdp.ts @@ -6,7 +6,7 @@ import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -import { idp, idpOidcConfig, idpOrg } from "@server/db/schemas"; +import { idp, idpOidcConfig, idpOrg } from "@server/db"; import { eq } from "drizzle-orm"; import { OpenAPITags, registry } from "@server/openApi"; diff --git a/server/routers/idp/deleteIdpOrgPolicy.ts b/server/routers/idp/deleteIdpOrgPolicy.ts index 51b82554..cd71929f 100644 --- a/server/routers/idp/deleteIdpOrgPolicy.ts +++ b/server/routers/idp/deleteIdpOrgPolicy.ts @@ -6,7 +6,7 @@ import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -import { idp, idpOidcConfig, idpOrg } from "@server/db/schemas"; +import { idp, idpOrg } from "@server/db"; import { eq, and } from "drizzle-orm"; import { OpenAPITags, registry } from "@server/openApi"; diff --git a/server/routers/idp/generateOidcUrl.ts b/server/routers/idp/generateOidcUrl.ts index 371a2c21..c507198a 100644 --- a/server/routers/idp/generateOidcUrl.ts +++ b/server/routers/idp/generateOidcUrl.ts @@ -6,7 +6,7 @@ import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -import { idp, idpOidcConfig, idpOrg } from "@server/db/schemas"; +import { idp, idpOidcConfig, idpOrg } from "@server/db"; import { and, eq } from "drizzle-orm"; import * as arctic from "arctic"; import { generateOidcRedirectUrl } from "@server/lib/idp/generateRedirectUrl"; @@ -89,7 +89,7 @@ export async function generateOidcUrl( return scope.length > 0; }); - const key = config.getRawConfig().server.secret; + const key = config.getRawConfig().server.secret!; const decryptedClientId = decrypt( existingIdp.idpOidcConfig.clientId, @@ -124,7 +124,7 @@ export async function generateOidcUrl( state, codeVerifier }, - config.getRawConfig().server.secret + config.getRawConfig().server.secret! ); res.cookie("p_oidc_state", stateJwt, { diff --git a/server/routers/idp/getIdp.ts b/server/routers/idp/getIdp.ts index 794daade..a202f4ea 100644 --- a/server/routers/idp/getIdp.ts +++ b/server/routers/idp/getIdp.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { idp, idpOidcConfig } from "@server/db/schemas"; +import { idp, idpOidcConfig } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -65,7 +65,7 @@ export async function getIdp( return next(createHttpError(HttpCode.NOT_FOUND, "Idp not found")); } - const key = config.getRawConfig().server.secret; + const key = config.getRawConfig().server.secret!; if (idpRes.idp.type === "oidc") { const clientSecret = idpRes.idpOidcConfig!.clientSecret; diff --git a/server/routers/idp/listIdpOrgPolicies.ts b/server/routers/idp/listIdpOrgPolicies.ts index b2105f45..150e3f1d 100644 --- a/server/routers/idp/listIdpOrgPolicies.ts +++ b/server/routers/idp/listIdpOrgPolicies.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { idpOrg, type IdpOrg } from "@server/db/schemas"; +import { idpOrg, type IdpOrg } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; diff --git a/server/routers/idp/listIdps.ts b/server/routers/idp/listIdps.ts index a723ee05..2a0e5809 100644 --- a/server/routers/idp/listIdps.ts +++ b/server/routers/idp/listIdps.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { domains, idp, orgDomains, users, idpOrg } from "@server/db/schemas"; +import { domains, idp, orgDomains, users, idpOrg } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; diff --git a/server/routers/idp/oidcAutoProvision.ts b/server/routers/idp/oidcAutoProvision.ts index 26873690..34cfcc8a 100644 --- a/server/routers/idp/oidcAutoProvision.ts +++ b/server/routers/idp/oidcAutoProvision.ts @@ -7,8 +7,8 @@ import { serializeSessionCookie } from "@server/auth/sessions/app"; import logger from "@server/logger"; -import db from "@server/db"; import { + db, Idp, idpOrg, orgs, @@ -16,7 +16,7 @@ import { User, userOrgs, users -} from "@server/db/schemas"; +} from "@server/db"; import { eq, and, inArray } from "drizzle-orm"; import jmespath from "jmespath"; import { UserType } from "@server/types/UserTypes"; diff --git a/server/routers/idp/updateIdpOrgPolicy.ts b/server/routers/idp/updateIdpOrgPolicy.ts index 642837da..d5a00de7 100644 --- a/server/routers/idp/updateIdpOrgPolicy.ts +++ b/server/routers/idp/updateIdpOrgPolicy.ts @@ -7,8 +7,8 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -import { idp, idpOrg } from "@server/db/schemas"; import { eq, and } from "drizzle-orm"; +import { idp, idpOrg } from "@server/db"; const paramsSchema = z .object({ diff --git a/server/routers/idp/updateOidcIdp.ts b/server/routers/idp/updateOidcIdp.ts index 49a16a52..53ece68e 100644 --- a/server/routers/idp/updateOidcIdp.ts +++ b/server/routers/idp/updateOidcIdp.ts @@ -7,7 +7,7 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -import { idp, idpOidcConfig } from "@server/db/schemas"; +import { idp, idpOidcConfig } from "@server/db"; import { eq } from "drizzle-orm"; import { encrypt } from "@server/lib/crypto"; import config from "@server/lib/config"; @@ -84,7 +84,7 @@ export async function updateOidcIdp( } const { idpId } = parsedParams.data; - let { + const { clientId, clientSecret, authUrl, @@ -118,7 +118,7 @@ export async function updateOidcIdp( ); } - const key = config.getRawConfig().server.secret; + const key = config.getRawConfig().server.secret!; const encryptedSecret = clientSecret ? encrypt(clientSecret, key) : undefined; diff --git a/server/routers/idp/validateOidcCallback.ts b/server/routers/idp/validateOidcCallback.ts index 274350d9..973a1b9a 100644 --- a/server/routers/idp/validateOidcCallback.ts +++ b/server/routers/idp/validateOidcCallback.ts @@ -6,8 +6,12 @@ import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -import { idp, idpOidcConfig, users } from "@server/db/schemas"; -import { and, eq, inArray } from "drizzle-orm"; +import { + idp, + idpOidcConfig, + users +} from "@server/db"; +import { and, eq } from "drizzle-orm"; import * as arctic from "arctic"; import { generateOidcRedirectUrl } from "@server/lib/idp/generateRedirectUrl"; import jmespath from "jmespath"; @@ -86,7 +90,7 @@ export async function validateOidcCallback( ); } - const key = config.getRawConfig().server.secret; + const key = config.getRawConfig().server.secret!; const decryptedClientId = decrypt( existingIdp.idpOidcConfig.clientId, @@ -106,7 +110,7 @@ export async function validateOidcCallback( const statePayload = jsonwebtoken.verify( storedState, - config.getRawConfig().server.secret, + config.getRawConfig().server.secret!, function (err, decoded) { if (err) { logger.error("Error verifying state JWT", { err }); @@ -152,6 +156,12 @@ export async function validateOidcCallback( ); } + logger.debug("State verified", { + urL: ensureTrailingSlash(existingIdp.idpOidcConfig.tokenUrl), + expectedState, + state + }); + const tokens = await client.validateAuthorizationCode( ensureTrailingSlash(existingIdp.idpOidcConfig.tokenUrl), code, @@ -159,12 +169,14 @@ export async function validateOidcCallback( ); const idToken = tokens.idToken(); + logger.debug("ID token", { idToken }); const claims = arctic.decodeIdToken(idToken); + logger.debug("ID token claims", { claims }); - const userIdentifier = jmespath.search( + let userIdentifier = jmespath.search( claims, existingIdp.idpOidcConfig.identifierPath - ); + ) as string | null; if (!userIdentifier) { return next( @@ -175,6 +187,8 @@ export async function validateOidcCallback( ); } + userIdentifier = userIdentifier.toLowerCase(); + logger.debug("User identifier", { userIdentifier }); let email = null; @@ -198,6 +212,10 @@ export async function validateOidcCallback( logger.debug("User email", { email }); logger.debug("User name", { name }); + if (email) { + email = email.toLowerCase(); + } + const [existingUser] = await db .select() .from(users) @@ -267,3 +285,13 @@ export async function validateOidcCallback( ); } } + +function hydrateOrgMapping( + orgMapping: string | null, + orgId: string +): string | undefined { + if (!orgMapping) { + return undefined; + } + return orgMapping.split("{{orgId}}").join(orgId); +} diff --git a/server/routers/integration.ts b/server/routers/integration.ts new file mode 100644 index 00000000..79453732 --- /dev/null +++ b/server/routers/integration.ts @@ -0,0 +1,630 @@ +import * as site from "./site"; +import * as org from "./org"; +import * as resource from "./resource"; +import * as domain from "./domain"; +import * as target from "./target"; +import * as user from "./user"; +import * as role from "./role"; +import * as client from "./client"; +import * as accessToken from "./accessToken"; +import * as apiKeys from "./apiKeys"; +import * as idp from "./idp"; +import * as siteResource from "./siteResource"; +import { + verifyApiKey, + verifyApiKeyOrgAccess, + verifyApiKeyHasAction, + verifyApiKeySiteAccess, + verifyApiKeyResourceAccess, + verifyApiKeyTargetAccess, + verifyApiKeyRoleAccess, + verifyApiKeyUserAccess, + verifyApiKeySetResourceUsers, + verifyApiKeyAccessTokenAccess, + verifyApiKeyIsRoot, + verifyApiKeyClientAccess, + verifyClientsEnabled, + verifyApiKeySiteResourceAccess +} from "@server/middlewares"; +import HttpCode from "@server/types/HttpCode"; +import { Router } from "express"; +import { ActionsEnum } from "@server/auth/actions"; + +export const unauthenticated = Router(); + +unauthenticated.get("/", (_, res) => { + res.status(HttpCode.OK).json({ message: "Healthy" }); +}); + +export const authenticated = Router(); +authenticated.use(verifyApiKey); + +authenticated.get( + "/org/checkId", + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.checkOrgId), + org.checkId +); + +authenticated.put( + "/org", + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.createOrg), + org.createOrg +); + +authenticated.get( + "/orgs", + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.listOrgs), + org.listOrgs +); // TODO we need to check the orgs here + +authenticated.get( + "/org/:orgId", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.getOrg), + org.getOrg +); + +authenticated.post( + "/org/:orgId", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.updateOrg), + org.updateOrg +); + +authenticated.delete( + "/org/:orgId", + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.deleteOrg), + org.deleteOrg +); + +authenticated.put( + "/org/:orgId/site", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.createSite), + site.createSite +); + +authenticated.get( + "/org/:orgId/sites", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.listSites), + site.listSites +); + +authenticated.get( + "/org/:orgId/site/:niceId", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.getSite), + site.getSite +); + +authenticated.get( + "/org/:orgId/pick-site-defaults", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.createSite), + site.pickSiteDefaults +); + +authenticated.get( + "/site/:siteId", + verifyApiKeySiteAccess, + verifyApiKeyHasAction(ActionsEnum.getSite), + site.getSite +); + +authenticated.post( + "/site/:siteId", + verifyApiKeySiteAccess, + verifyApiKeyHasAction(ActionsEnum.updateSite), + site.updateSite +); + +authenticated.delete( + "/site/:siteId", + verifyApiKeySiteAccess, + verifyApiKeyHasAction(ActionsEnum.deleteSite), + site.deleteSite +); + +authenticated.get( + "/org/:orgId/user-resources", + verifyApiKeyOrgAccess, + resource.getUserResources +); +// Site Resource endpoints +authenticated.put( + "/org/:orgId/site/:siteId/resource", + verifyApiKeyOrgAccess, + verifyApiKeySiteAccess, + verifyApiKeyHasAction(ActionsEnum.createSiteResource), + siteResource.createSiteResource +); + +authenticated.get( + "/org/:orgId/site/:siteId/resources", + verifyApiKeyOrgAccess, + verifyApiKeySiteAccess, + verifyApiKeyHasAction(ActionsEnum.listSiteResources), + siteResource.listSiteResources +); + +authenticated.get( + "/org/:orgId/site-resources", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.listSiteResources), + siteResource.listAllSiteResourcesByOrg +); + +authenticated.get( + "/org/:orgId/site/:siteId/resource/:siteResourceId", + verifyApiKeyOrgAccess, + verifyApiKeySiteAccess, + verifyApiKeySiteResourceAccess, + verifyApiKeyHasAction(ActionsEnum.getSiteResource), + siteResource.getSiteResource +); + +authenticated.post( + "/org/:orgId/site/:siteId/resource/:siteResourceId", + verifyApiKeyOrgAccess, + verifyApiKeySiteAccess, + verifyApiKeySiteResourceAccess, + verifyApiKeyHasAction(ActionsEnum.updateSiteResource), + siteResource.updateSiteResource +); + +authenticated.delete( + "/org/:orgId/site/:siteId/resource/:siteResourceId", + verifyApiKeyOrgAccess, + verifyApiKeySiteAccess, + verifyApiKeySiteResourceAccess, + verifyApiKeyHasAction(ActionsEnum.deleteSiteResource), + siteResource.deleteSiteResource +); + +authenticated.put( + "/org/:orgId/resource", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.createResource), + resource.createResource +); + +authenticated.put( + "/org/:orgId/site/:siteId/resource", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.createResource), + resource.createResource +); + +authenticated.get( + "/site/:siteId/resources", + verifyApiKeySiteAccess, + verifyApiKeyHasAction(ActionsEnum.listResources), + resource.listResources +); + +authenticated.get( + "/org/:orgId/resources", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.listResources), + resource.listResources +); + +authenticated.get( + "/org/:orgId/domains", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.listOrgDomains), + domain.listDomains +); + +authenticated.get( + "/org/:orgId/invitations", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.listInvitations), + user.listInvitations +); + +authenticated.post( + "/org/:orgId/create-invite", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.inviteUser), + user.inviteUser +); + +authenticated.get( + "/resource/:resourceId/roles", + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.listResourceRoles), + resource.listResourceRoles +); + +authenticated.get( + "/resource/:resourceId/users", + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.listResourceUsers), + resource.listResourceUsers +); + +authenticated.get( + "/resource/:resourceId", + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.getResource), + resource.getResource +); + +authenticated.post( + "/resource/:resourceId", + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.updateResource), + resource.updateResource +); + +authenticated.delete( + "/resource/:resourceId", + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.deleteResource), + resource.deleteResource +); + +authenticated.put( + "/resource/:resourceId/target", + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.createTarget), + target.createTarget +); + +authenticated.get( + "/resource/:resourceId/targets", + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.listTargets), + target.listTargets +); + +authenticated.put( + "/resource/:resourceId/rule", + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.createResourceRule), + resource.createResourceRule +); + +authenticated.get( + "/resource/:resourceId/rules", + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.listResourceRules), + resource.listResourceRules +); + +authenticated.post( + "/resource/:resourceId/rule/:ruleId", + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.updateResourceRule), + resource.updateResourceRule +); + +authenticated.delete( + "/resource/:resourceId/rule/:ruleId", + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.deleteResourceRule), + resource.deleteResourceRule +); + +authenticated.get( + "/target/:targetId", + verifyApiKeyTargetAccess, + verifyApiKeyHasAction(ActionsEnum.getTarget), + target.getTarget +); + +authenticated.post( + "/target/:targetId", + verifyApiKeyTargetAccess, + verifyApiKeyHasAction(ActionsEnum.updateTarget), + target.updateTarget +); + +authenticated.delete( + "/target/:targetId", + verifyApiKeyTargetAccess, + verifyApiKeyHasAction(ActionsEnum.deleteTarget), + target.deleteTarget +); + +authenticated.put( + "/org/:orgId/role", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.createRole), + role.createRole +); + +authenticated.get( + "/org/:orgId/roles", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.listRoles), + role.listRoles +); + +authenticated.delete( + "/role/:roleId", + verifyApiKeyRoleAccess, + verifyApiKeyHasAction(ActionsEnum.deleteRole), + role.deleteRole +); + +authenticated.get( + "/role/:roleId", + verifyApiKeyRoleAccess, + verifyApiKeyHasAction(ActionsEnum.getRole), + role.getRole +); + +authenticated.post( + "/role/:roleId/add/:userId", + verifyApiKeyRoleAccess, + verifyApiKeyUserAccess, + verifyApiKeyHasAction(ActionsEnum.addUserRole), + user.addUserRole +); + +authenticated.post( + "/resource/:resourceId/roles", + verifyApiKeyResourceAccess, + verifyApiKeyRoleAccess, + verifyApiKeyHasAction(ActionsEnum.setResourceRoles), + resource.setResourceRoles +); + +authenticated.post( + "/resource/:resourceId/users", + verifyApiKeyResourceAccess, + verifyApiKeySetResourceUsers, + verifyApiKeyHasAction(ActionsEnum.setResourceUsers), + resource.setResourceUsers +); + +authenticated.post( + `/resource/:resourceId/password`, + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.setResourcePassword), + resource.setResourcePassword +); + +authenticated.post( + `/resource/:resourceId/pincode`, + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.setResourcePincode), + resource.setResourcePincode +); + +authenticated.post( + `/resource/:resourceId/whitelist`, + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.setResourceWhitelist), + resource.setResourceWhitelist +); + +authenticated.get( + `/resource/:resourceId/whitelist`, + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.getResourceWhitelist), + resource.getResourceWhitelist +); + +authenticated.post( + `/resource/:resourceId/access-token`, + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.generateAccessToken), + accessToken.generateAccessToken +); + +authenticated.delete( + `/access-token/:accessTokenId`, + verifyApiKeyAccessTokenAccess, + verifyApiKeyHasAction(ActionsEnum.deleteAcessToken), + accessToken.deleteAccessToken +); + +authenticated.get( + `/org/:orgId/access-tokens`, + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.listAccessTokens), + accessToken.listAccessTokens +); + +authenticated.get( + `/resource/:resourceId/access-tokens`, + verifyApiKeyResourceAccess, + verifyApiKeyHasAction(ActionsEnum.listAccessTokens), + accessToken.listAccessTokens +); + +authenticated.get( + "/org/:orgId/user/:userId", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.getOrgUser), + user.getOrgUser +); + +authenticated.post( + "/user/:userId/2fa", + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.updateUser), + user.updateUser2FA +); + +authenticated.get( + "/user/:userId", + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.getUser), + user.adminGetUser +); + +authenticated.get( + "/org/:orgId/users", + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.listUsers), + user.listUsers +); + +authenticated.delete( + "/org/:orgId/user/:userId", + verifyApiKeyOrgAccess, + verifyApiKeyUserAccess, + verifyApiKeyHasAction(ActionsEnum.removeUser), + user.removeUserOrg +); + +// authenticated.put( +// "/newt", +// verifyApiKeyHasAction(ActionsEnum.createNewt), +// newt.createNewt +// ); + +authenticated.get( + `/org/:orgId/api-keys`, + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.listApiKeys), + apiKeys.listOrgApiKeys +); + +authenticated.post( + `/org/:orgId/api-key/:apiKeyId/actions`, + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.setApiKeyActions), + apiKeys.setApiKeyActions +); + +authenticated.get( + `/org/:orgId/api-key/:apiKeyId/actions`, + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.listApiKeyActions), + apiKeys.listApiKeyActions +); + +authenticated.put( + `/org/:orgId/api-key`, + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.createApiKey), + apiKeys.createOrgApiKey +); + +authenticated.delete( + `/org/:orgId/api-key/:apiKeyId`, + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.deleteApiKey), + apiKeys.deleteApiKey +); + +authenticated.put( + "/idp/oidc", + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.createIdp), + idp.createOidcIdp +); + +authenticated.post( + "/idp/:idpId/oidc", + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.updateIdp), + idp.updateOidcIdp +); + +authenticated.delete( + "/idp/:idpId", + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.deleteIdp), + idp.deleteIdp +); + +authenticated.get( + "/idp", + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.listIdps), + idp.listIdps +); + +authenticated.get( + "/idp/:idpId", + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.getIdp), + idp.getIdp +); + +authenticated.put( + "/idp/:idpId/org/:orgId", + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.createIdpOrg), + idp.createIdpOrgPolicy +); + +authenticated.post( + "/idp/:idpId/org/:orgId", + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.updateIdpOrg), + idp.updateIdpOrgPolicy +); + +authenticated.delete( + "/idp/:idpId/org/:orgId", + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.deleteIdpOrg), + idp.deleteIdpOrgPolicy +); + +authenticated.get( + "/idp/:idpId/org", + verifyApiKeyIsRoot, + verifyApiKeyHasAction(ActionsEnum.listIdpOrgs), + idp.listIdpOrgPolicies +); + +authenticated.get( + "/org/:orgId/pick-client-defaults", + verifyClientsEnabled, + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.createClient), + client.pickClientDefaults +); + +authenticated.get( + "/org/:orgId/clients", + verifyClientsEnabled, + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.listClients), + client.listClients +); + +authenticated.get( + "/client/:clientId", + verifyClientsEnabled, + verifyApiKeyClientAccess, + verifyApiKeyHasAction(ActionsEnum.getClient), + client.getClient +); + +authenticated.put( + "/org/:orgId/client", + verifyClientsEnabled, + verifyApiKeyOrgAccess, + verifyApiKeyHasAction(ActionsEnum.createClient), + client.createClient +); + +authenticated.delete( + "/client/:clientId", + verifyClientsEnabled, + verifyApiKeyClientAccess, + verifyApiKeyHasAction(ActionsEnum.deleteClient), + client.deleteClient +); + +authenticated.post( + "/client/:clientId", + verifyClientsEnabled, + verifyApiKeyClientAccess, + verifyApiKeyHasAction(ActionsEnum.updateClient), + client.updateClient +); diff --git a/server/routers/internal.ts b/server/routers/internal.ts index fbc3f9ee..dbccd5b4 100644 --- a/server/routers/internal.ts +++ b/server/routers/internal.ts @@ -4,6 +4,9 @@ import * as traefik from "@server/routers/traefik"; import * as resource from "./resource"; import * as badger from "./badger"; import * as auth from "@server/routers/auth"; +import * as idp from "@server/routers/idp"; +import { proxyToRemote } from "@server/lib/remoteProxy"; +import config from "@server/lib/config"; import HttpCode from "@server/types/HttpCode"; import { verifyResourceAccess, @@ -31,18 +34,59 @@ internalRouter.post( resource.getExchangeToken ); +internalRouter.get("/idp", idp.listIdps); + +internalRouter.get("/idp/:idpId", idp.getIdp); + // Gerbil routes const gerbilRouter = Router(); internalRouter.use("/gerbil", gerbilRouter); +if (config.isManagedMode()) { + // Use proxy router to forward requests to remote cloud server + // Proxy endpoints for each gerbil route + gerbilRouter.post("/receive-bandwidth", (req, res, next) => + proxyToRemote(req, res, next, "hybrid/gerbil/receive-bandwidth") + ); + + gerbilRouter.post("/update-hole-punch", (req, res, next) => + proxyToRemote(req, res, next, "hybrid/gerbil/update-hole-punch") + ); + + gerbilRouter.post("/get-all-relays", (req, res, next) => + proxyToRemote(req, res, next, "hybrid/gerbil/get-all-relays") + ); + + gerbilRouter.post("/get-resolved-hostname", (req, res, next) => + proxyToRemote(req, res, next, `hybrid/gerbil/get-resolved-hostname`) + ); + + // GET CONFIG IS HANDLED IN THE ORIGINAL HANDLER + // SO IT CAN REGISTER THE LOCAL EXIT NODE +} else { + // Use local gerbil endpoints + gerbilRouter.post("/receive-bandwidth", gerbil.receiveBandwidth); + gerbilRouter.post("/update-hole-punch", gerbil.updateHolePunch); + gerbilRouter.post("/get-all-relays", gerbil.getAllRelays); + gerbilRouter.post("/get-resolved-hostname", gerbil.getResolvedHostname); +} + +// WE HANDLE THE PROXY INSIDE OF THIS FUNCTION +// SO IT REGISTERS THE EXIT NODE LOCALLY AS WELL gerbilRouter.post("/get-config", gerbil.getConfig); -gerbilRouter.post("/receive-bandwidth", gerbil.receiveBandwidth); // Badger routes const badgerRouter = Router(); internalRouter.use("/badger", badgerRouter); badgerRouter.post("/verify-session", badger.verifyResourceSession); -badgerRouter.post("/exchange-session", badger.exchangeSession); + +if (config.isManagedMode()) { + badgerRouter.post("/exchange-session", (req, res, next) => + proxyToRemote(req, res, next, "hybrid/badger/exchange-session") + ); +} else { + badgerRouter.post("/exchange-session", badger.exchangeSession); +} export default internalRouter; diff --git a/server/routers/messageHandlers.ts b/server/routers/messageHandlers.ts deleted file mode 100644 index 9dd7756f..00000000 --- a/server/routers/messageHandlers.ts +++ /dev/null @@ -1,6 +0,0 @@ -import { handleRegisterMessage } from "./newt"; -import { MessageHandler } from "./ws"; - -export const messageHandlers: Record = { - "newt/wg/register": handleRegisterMessage, -}; \ No newline at end of file diff --git a/server/routers/newt/createNewt.ts b/server/routers/newt/createNewt.ts index b69ada32..d54cd1a9 100644 --- a/server/routers/newt/createNewt.ts +++ b/server/routers/newt/createNewt.ts @@ -1,9 +1,9 @@ import { NextFunction, Request, Response } from "express"; -import db from "@server/db"; +import { db } from "@server/db"; import { hash } from "@node-rs/argon2"; import HttpCode from "@server/types/HttpCode"; import { z } from "zod"; -import { newts } from "@server/db/schemas"; +import { newts } from "@server/db"; import createHttpError from "http-errors"; import response from "@server/lib/response"; import { SqliteError } from "better-sqlite3"; diff --git a/server/routers/newt/dockerSocket.ts b/server/routers/newt/dockerSocket.ts new file mode 100644 index 00000000..0c59d354 --- /dev/null +++ b/server/routers/newt/dockerSocket.ts @@ -0,0 +1,22 @@ +import NodeCache from "node-cache"; +import { sendToClient } from "../ws"; + +export const dockerSocketCache = new NodeCache({ + stdTTL: 3600 // seconds +}); + +export function fetchContainers(newtId: string) { + const payload = { + type: `newt/socket/fetch`, + data: {} + }; + sendToClient(newtId, payload); +} + +export function dockerSocket(newtId: string) { + const payload = { + type: `newt/socket/check`, + data: {} + }; + sendToClient(newtId, payload); +} diff --git a/server/routers/newt/getToken.ts b/server/routers/newt/getNewtToken.ts similarity index 97% rename from server/routers/newt/getToken.ts rename to server/routers/newt/getNewtToken.ts index 7bf89ebf..3bf45dcf 100644 --- a/server/routers/newt/getToken.ts +++ b/server/routers/newt/getNewtToken.ts @@ -1,6 +1,6 @@ import { generateSessionToken } from "@server/auth/sessions/app"; -import db from "@server/db"; -import { newts } from "@server/db/schemas"; +import { db } from "@server/db"; +import { newts } from "@server/db"; import HttpCode from "@server/types/HttpCode"; import response from "@server/lib/response"; import { eq } from "drizzle-orm"; @@ -24,7 +24,7 @@ export const newtGetTokenBodySchema = z.object({ export type NewtGetTokenBody = z.infer; -export async function getToken( +export async function getNewtToken( req: Request, res: Response, next: NextFunction diff --git a/server/routers/newt/handleGetConfigMessage.ts b/server/routers/newt/handleGetConfigMessage.ts new file mode 100644 index 00000000..b6206064 --- /dev/null +++ b/server/routers/newt/handleGetConfigMessage.ts @@ -0,0 +1,260 @@ +import { z } from "zod"; +import { MessageHandler } from "../ws"; +import logger from "@server/logger"; +import { fromError } from "zod-validation-error"; +import { + db, + ExitNode, + exitNodes, + resources, + siteResources, + Target, + targets +} from "@server/db"; +import { clients, clientSites, Newt, sites } from "@server/db"; +import { eq, and, inArray } from "drizzle-orm"; +import { updatePeer } from "../olm/peers"; +import { sendToExitNode } from "../../lib/exitNodeComms"; + +const inputSchema = z.object({ + publicKey: z.string(), + port: z.number().int().positive() +}); + +type Input = z.infer; + +export const handleGetConfigMessage: MessageHandler = async (context) => { + const { message, client, sendToClient } = context; + const newt = client as Newt; + + const now = new Date().getTime() / 1000; + + logger.debug("Handling Newt get config message!"); + + if (!newt) { + logger.warn("Newt not found"); + return; + } + + if (!newt.siteId) { + logger.warn("Newt has no site!"); // TODO: Maybe we create the site here? + return; + } + + const parsed = inputSchema.safeParse(message.data); + if (!parsed.success) { + logger.error( + "handleGetConfigMessage: Invalid input: " + + fromError(parsed.error).toString() + ); + return; + } + + const { publicKey, port } = message.data as Input; + const siteId = newt.siteId; + + // Get the current site data + const [existingSite] = await db + .select() + .from(sites) + .where(eq(sites.siteId, siteId)); + + if (!existingSite) { + logger.warn("handleGetConfigMessage: Site not found"); + return; + } + + // we need to wait for hole punch success + if (!existingSite.endpoint) { + logger.warn(`Site ${existingSite.siteId} has no endpoint, skipping`); + return; + } + + if (existingSite.publicKey !== publicKey) { + // TODO: somehow we should make sure a recent hole punch has happened if this occurs (hole punch could be from the last restart if done quickly) + } + + if (existingSite.lastHolePunch && now - existingSite.lastHolePunch > 6) { + logger.warn( + `Site ${existingSite.siteId} last hole punch is too old, skipping` + ); + return; + } + + // update the endpoint and the public key + const [site] = await db + .update(sites) + .set({ + publicKey, + listenPort: port + }) + .where(eq(sites.siteId, siteId)) + .returning(); + + if (!site) { + logger.error("handleGetConfigMessage: Failed to update site"); + return; + } + + let exitNode: ExitNode | undefined; + if (site.exitNodeId) { + [exitNode] = await db + .select() + .from(exitNodes) + .where(eq(exitNodes.exitNodeId, site.exitNodeId)) + .limit(1); + if ( + exitNode.reachableAt && + existingSite.subnet && + existingSite.listenPort + ) { + const payload = { + oldDestination: { + destinationIP: existingSite.subnet?.split("/")[0], + destinationPort: existingSite.listenPort + }, + newDestination: { + destinationIP: site.subnet?.split("/")[0], + destinationPort: site.listenPort + } + }; + + await sendToExitNode(exitNode, { + remoteType: "remoteExitNode/update-proxy-mapping", + localPath: "/update-proxy-mapping", + method: "POST", + data: payload + }); + } + } + + // Get all clients connected to this site + const clientsRes = await db + .select() + .from(clients) + .innerJoin(clientSites, eq(clients.clientId, clientSites.clientId)) + .where(eq(clientSites.siteId, siteId)); + + // Prepare peers data for the response + const peers = await Promise.all( + clientsRes + .filter((client) => { + if (!client.clients.pubKey) { + return false; + } + if (!client.clients.subnet) { + return false; + } + return true; + }) + .map(async (client) => { + // Add or update this peer on the olm if it is connected + try { + if (!site.publicKey) { + logger.warn( + `Site ${site.siteId} has no public key, skipping` + ); + return null; + } + let endpoint = site.endpoint; + if (client.clientSites.isRelayed) { + if (!site.exitNodeId) { + logger.warn( + `Site ${site.siteId} has no exit node, skipping` + ); + return null; + } + + if (!exitNode) { + logger.warn( + `Exit node not found for site ${site.siteId}` + ); + return null; + } + endpoint = `${exitNode.endpoint}:21820`; + } + + if (!endpoint) { + logger.warn( + `Site ${site.siteId} has no endpoint, skipping` + ); + return null; + } + + await updatePeer(client.clients.clientId, { + siteId: site.siteId, + endpoint: endpoint, + publicKey: site.publicKey, + serverIP: site.address, + serverPort: site.listenPort, + remoteSubnets: site.remoteSubnets + }); + } catch (error) { + logger.error( + `Failed to add/update peer ${client.clients.pubKey} to olm ${newt.newtId}: ${error}` + ); + } + + return { + publicKey: client.clients.pubKey!, + allowedIps: [`${client.clients.subnet.split("/")[0]}/32`], // we want to only allow from that client + endpoint: client.clientSites.isRelayed + ? "" + : client.clientSites.endpoint! // if its relayed it should be localhost + }; + }) + ); + + // Filter out any null values from peers that didn't have an olm + const validPeers = peers.filter((peer) => peer !== null); + + // Get all enabled targets with their resource protocol information + const allSiteResources = await db + .select() + .from(siteResources) + .where(eq(siteResources.siteId, siteId)); + + const { tcpTargets, udpTargets } = allSiteResources.reduce( + (acc, resource) => { + // Filter out invalid targets + if (!resource.proxyPort || !resource.destinationIp || !resource.destinationPort) { + return acc; + } + + // Format target into string + const formattedTarget = `${resource.proxyPort}:${resource.destinationIp}:${resource.destinationPort}`; + + // Add to the appropriate protocol array + if (resource.protocol === "tcp") { + acc.tcpTargets.push(formattedTarget); + } else { + acc.udpTargets.push(formattedTarget); + } + + return acc; + }, + { tcpTargets: [] as string[], udpTargets: [] as string[] } + ); + + // Build the configuration response + const configResponse = { + ipAddress: site.address, + peers: validPeers, + targets: { + udp: udpTargets, + tcp: tcpTargets + } + }; + + logger.debug("Sending config: ", configResponse); + return { + message: { + type: "newt/wg/receive-config", + data: { + ...configResponse + } + }, + broadcast: false, + excludeSender: false + }; +}; diff --git a/server/routers/newt/handleNewtPingRequestMessage.ts b/server/routers/newt/handleNewtPingRequestMessage.ts new file mode 100644 index 00000000..f93862f6 --- /dev/null +++ b/server/routers/newt/handleNewtPingRequestMessage.ts @@ -0,0 +1,97 @@ +import { db, sites } from "@server/db"; +import { MessageHandler } from "../ws"; +import { exitNodes, Newt } from "@server/db"; +import logger from "@server/logger"; +import config from "@server/lib/config"; +import { ne, eq, or, and, count } from "drizzle-orm"; +import { listExitNodes } from "@server/lib/exitNodes"; + +export const handleNewtPingRequestMessage: MessageHandler = async (context) => { + const { message, client, sendToClient } = context; + const newt = client as Newt; + + logger.info("Handling ping request newt message!"); + + if (!newt) { + logger.warn("Newt not found"); + return; + } + + // Get the newt's orgId through the site relationship + if (!newt.siteId) { + logger.warn("Newt siteId not found"); + return; + } + + const [site] = await db + .select({ orgId: sites.orgId }) + .from(sites) + .where(eq(sites.siteId, newt.siteId)) + .limit(1); + + const exitNodesList = await listExitNodes(site.orgId, true); // filter for only the online ones + + let lastExitNodeId = null; + if (newt.siteId) { + const [lastExitNode] = await db + .select() + .from(sites) + .where(eq(sites.siteId, newt.siteId)) + .limit(1); + lastExitNodeId = lastExitNode?.exitNodeId || null; + } + + const exitNodesPayload = await Promise.all( + exitNodesList.map(async (node) => { + // (MAX_CONNECTIONS - current_connections) / MAX_CONNECTIONS) + // higher = more desirable + // like saying, this node has x% of its capacity left + + let weight = 1; + const maxConnections = node.maxConnections; + if (maxConnections !== null && maxConnections !== undefined) { + const [currentConnections] = await db + .select({ + count: count() + }) + .from(sites) + .where( + and( + eq(sites.exitNodeId, node.exitNodeId), + eq(sites.online, true) + ) + ); + + if (currentConnections.count >= maxConnections) { + return null; + } + + weight = + (maxConnections - currentConnections.count) / + maxConnections; + } + + return { + exitNodeId: node.exitNodeId, + exitNodeName: node.name, + endpoint: node.endpoint, + weight, + wasPreviouslyConnected: node.exitNodeId === lastExitNodeId + }; + }) + ); + + // filter out null values + const filteredExitNodes = exitNodesPayload.filter((node) => node !== null); + + return { + message: { + type: "newt/ping/exitNodes", + data: { + exitNodes: filteredExitNodes + } + }, + broadcast: false, // Send to all clients + excludeSender: false // Include sender in broadcast + }; +}; diff --git a/server/routers/newt/handleNewtRegisterMessage.ts b/server/routers/newt/handleNewtRegisterMessage.ts new file mode 100644 index 00000000..3c7ecaff --- /dev/null +++ b/server/routers/newt/handleNewtRegisterMessage.ts @@ -0,0 +1,232 @@ +import { db, newts } from "@server/db"; +import { MessageHandler } from "../ws"; +import { exitNodes, Newt, resources, sites, Target, targets } from "@server/db"; +import { eq, and, sql, inArray } from "drizzle-orm"; +import { addPeer, deletePeer } from "../gerbil/peers"; +import logger from "@server/logger"; +import config from "@server/lib/config"; +import { + findNextAvailableCidr, + getNextAvailableClientSubnet +} from "@server/lib/ip"; +import { selectBestExitNode, verifyExitNodeOrgAccess } from "@server/lib/exitNodes"; + +export type ExitNodePingResult = { + exitNodeId: number; + latencyMs: number; + weight: number; + error?: string; + exitNodeName: string; + endpoint: string; + wasPreviouslyConnected: boolean; +}; + +export const handleNewtRegisterMessage: MessageHandler = async (context) => { + const { message, client, sendToClient } = context; + const newt = client as Newt; + + logger.debug("Handling register newt message!"); + + if (!newt) { + logger.warn("Newt not found"); + return; + } + + if (!newt.siteId) { + logger.warn("Newt has no site!"); // TODO: Maybe we create the site here? + return; + } + + const siteId = newt.siteId; + + const { publicKey, pingResults, newtVersion, backwardsCompatible } = + message.data; + if (!publicKey) { + logger.warn("Public key not provided"); + return; + } + + if (backwardsCompatible) { + logger.debug( + "Backwards compatible mode detecting - not sending connect message and waiting for ping response." + ); + return; + } + + let exitNodeId: number | undefined; + if (pingResults) { + const bestPingResult = selectBestExitNode( + pingResults as ExitNodePingResult[] + ); + if (!bestPingResult) { + logger.warn("No suitable exit node found based on ping results"); + return; + } + exitNodeId = bestPingResult.exitNodeId; + } + + const [oldSite] = await db + .select() + .from(sites) + .where(eq(sites.siteId, siteId)) + .limit(1); + + if (!oldSite) { + logger.warn("Site not found"); + return; + } + + let siteSubnet = oldSite.subnet; + let exitNodeIdToQuery = oldSite.exitNodeId; + if (exitNodeId && (oldSite.exitNodeId !== exitNodeId || !oldSite.subnet)) { + // This effectively moves the exit node to the new one + exitNodeIdToQuery = exitNodeId; // Use the provided exitNodeId if it differs from the site's exitNodeId + + const { exitNode, hasAccess } = await verifyExitNodeOrgAccess(exitNodeIdToQuery, oldSite.orgId); + + if (!exitNode) { + logger.warn("Exit node not found"); + return; + } + + if (!hasAccess) { + logger.warn("Not authorized to use this exit node"); + return; + } + + const sitesQuery = await db + .select({ + subnet: sites.subnet + }) + .from(sites) + .where(eq(sites.exitNodeId, exitNodeId)); + + const blockSize = config.getRawConfig().gerbil.site_block_size; + const subnets = sitesQuery + .map((site) => site.subnet) + .filter((subnet) => subnet !== null); + subnets.push(exitNode.address.replace(/\/\d+$/, `/${blockSize}`)); + const newSubnet = findNextAvailableCidr( + subnets, + blockSize, + exitNode.address + ); + if (!newSubnet) { + logger.error("No available subnets found for the new exit node"); + return; + } + + siteSubnet = newSubnet; + + await db + .update(sites) + .set({ + pubKey: publicKey, + exitNodeId: exitNodeId, + subnet: newSubnet + }) + .where(eq(sites.siteId, siteId)) + .returning(); + } else { + await db + .update(sites) + .set({ + pubKey: publicKey + }) + .where(eq(sites.siteId, siteId)) + .returning(); + } + + if (!exitNodeIdToQuery) { + logger.warn("No exit node ID to query"); + return; + } + + const [exitNode] = await db + .select() + .from(exitNodes) + .where(eq(exitNodes.exitNodeId, exitNodeIdToQuery)) + .limit(1); + + if (oldSite.pubKey && oldSite.pubKey !== publicKey && oldSite.exitNodeId) { + logger.info("Public key mismatch. Deleting old peer..."); + await deletePeer(oldSite.exitNodeId, oldSite.pubKey); + } + + if (!siteSubnet) { + logger.warn("Site has no subnet"); + return; + } + + // add the peer to the exit node + await addPeer(exitNodeIdToQuery, { + publicKey: publicKey, + allowedIps: [siteSubnet] + }); + + if (newtVersion && newtVersion !== newt.version) { + // update the newt version in the database + await db + .update(newts) + .set({ + version: newtVersion as string + }) + .where(eq(newts.newtId, newt.newtId)); + } + + // Get all enabled targets with their resource protocol information + const allTargets = await db + .select({ + resourceId: targets.resourceId, + targetId: targets.targetId, + ip: targets.ip, + method: targets.method, + port: targets.port, + internalPort: targets.internalPort, + enabled: targets.enabled, + protocol: resources.protocol + }) + .from(targets) + .innerJoin(resources, eq(targets.resourceId, resources.resourceId)) + .where(and(eq(targets.siteId, siteId), eq(targets.enabled, true))); + + const { tcpTargets, udpTargets } = allTargets.reduce( + (acc, target) => { + // Filter out invalid targets + if (!target.internalPort || !target.ip || !target.port) { + return acc; + } + + // Format target into string + const formattedTarget = `${target.internalPort}:${target.ip}:${target.port}`; + + // Add to the appropriate protocol array + if (target.protocol === "tcp") { + acc.tcpTargets.push(formattedTarget); + } else { + acc.udpTargets.push(formattedTarget); + } + + return acc; + }, + { tcpTargets: [] as string[], udpTargets: [] as string[] } + ); + + return { + message: { + type: "newt/wg/connect", + data: { + endpoint: `${exitNode.endpoint}:${exitNode.listenPort}`, + publicKey: exitNode.publicKey, + serverIP: exitNode.address.split("/")[0], + tunnelIP: siteSubnet.split("/")[0], + targets: { + udp: udpTargets, + tcp: tcpTargets + } + } + }, + broadcast: false, // Send to all clients + excludeSender: false // Include sender in broadcast + }; +}; \ No newline at end of file diff --git a/server/routers/newt/handleReceiveBandwidthMessage.ts b/server/routers/newt/handleReceiveBandwidthMessage.ts new file mode 100644 index 00000000..89b24f78 --- /dev/null +++ b/server/routers/newt/handleReceiveBandwidthMessage.ts @@ -0,0 +1,52 @@ +import { db } from "@server/db"; +import { MessageHandler } from "../ws"; +import { clients, Newt } from "@server/db"; +import { eq } from "drizzle-orm"; +import logger from "@server/logger"; + +interface PeerBandwidth { + publicKey: string; + bytesIn: number; + bytesOut: number; +} + +export const handleReceiveBandwidthMessage: MessageHandler = async (context) => { + const { message, client, sendToClient } = context; + + if (!message.data.bandwidthData) { + logger.warn("No bandwidth data provided"); + } + + const bandwidthData: PeerBandwidth[] = message.data.bandwidthData; + + if (!Array.isArray(bandwidthData)) { + throw new Error("Invalid bandwidth data"); + } + + await db.transaction(async (trx) => { + for (const peer of bandwidthData) { + const { publicKey, bytesIn, bytesOut } = peer; + + // Find the client by public key + const [client] = await trx + .select() + .from(clients) + .where(eq(clients.pubKey, publicKey)) + .limit(1); + + if (!client) { + continue; + } + + // Update the client's bandwidth usage + await trx + .update(clients) + .set({ + megabytesOut: (client.megabytesIn || 0) + bytesIn, + megabytesIn: (client.megabytesOut || 0) + bytesOut, + lastBandwidthUpdate: new Date().toISOString(), + }) + .where(eq(clients.clientId, client.clientId)); + } + }); +}; diff --git a/server/routers/newt/handleRegisterMessage.ts b/server/routers/newt/handleRegisterMessage.ts deleted file mode 100644 index bf64e3ec..00000000 --- a/server/routers/newt/handleRegisterMessage.ts +++ /dev/null @@ -1,174 +0,0 @@ -import db from "@server/db"; -import { MessageHandler } from "../ws"; -import { - exitNodes, - resources, - sites, - Target, - targets -} from "@server/db/schemas"; -import { eq, and, sql, inArray } from "drizzle-orm"; -import { addPeer, deletePeer } from "../gerbil/peers"; -import logger from "@server/logger"; - -export const handleRegisterMessage: MessageHandler = async (context) => { - const { message, newt, sendToClient } = context; - - logger.info("Handling register message!"); - - if (!newt) { - logger.warn("Newt not found"); - return; - } - - if (!newt.siteId) { - logger.warn("Newt has no site!"); // TODO: Maybe we create the site here? - return; - } - - const siteId = newt.siteId; - - const { publicKey } = message.data; - if (!publicKey) { - logger.warn("Public key not provided"); - return; - } - - const [site] = await db - .select() - .from(sites) - .where(eq(sites.siteId, siteId)) - .limit(1); - - if (!site || !site.exitNodeId) { - logger.warn("Site not found or does not have exit node"); - return; - } - - await db - .update(sites) - .set({ - pubKey: publicKey - }) - .where(eq(sites.siteId, siteId)) - .returning(); - - const [exitNode] = await db - .select() - .from(exitNodes) - .where(eq(exitNodes.exitNodeId, site.exitNodeId)) - .limit(1); - - if (site.pubKey && site.pubKey !== publicKey) { - logger.info("Public key mismatch. Deleting old peer..."); - await deletePeer(site.exitNodeId, site.pubKey); - } - - if (!site.subnet) { - logger.warn("Site has no subnet"); - return; - } - - // add the peer to the exit node - await addPeer(site.exitNodeId, { - publicKey: publicKey, - allowedIps: [site.subnet] - }); - - // Improved version - const allResources = await db.transaction(async (tx) => { - // First get all resources for the site - const resourcesList = await tx - .select({ - resourceId: resources.resourceId, - subdomain: resources.subdomain, - fullDomain: resources.fullDomain, - ssl: resources.ssl, - blockAccess: resources.blockAccess, - sso: resources.sso, - emailWhitelistEnabled: resources.emailWhitelistEnabled, - http: resources.http, - proxyPort: resources.proxyPort, - protocol: resources.protocol - }) - .from(resources) - .where(eq(resources.siteId, siteId)); - - // Get all enabled targets for these resources in a single query - const resourceIds = resourcesList.map((r) => r.resourceId); - const allTargets = - resourceIds.length > 0 - ? await tx - .select({ - resourceId: targets.resourceId, - targetId: targets.targetId, - ip: targets.ip, - method: targets.method, - port: targets.port, - internalPort: targets.internalPort, - enabled: targets.enabled - }) - .from(targets) - .where( - and( - inArray(targets.resourceId, resourceIds), - eq(targets.enabled, true) - ) - ) - : []; - - // Combine the data in JS instead of using SQL for the JSON - return resourcesList.map((resource) => ({ - ...resource, - targets: allTargets.filter( - (target) => target.resourceId === resource.resourceId - ) - })); - }); - - const { tcpTargets, udpTargets } = allResources.reduce( - (acc, resource) => { - // Skip resources with no targets - if (!resource.targets?.length) return acc; - - // Format valid targets into strings - const formattedTargets = resource.targets - .filter( - (target: Target) => - target?.internalPort && target?.ip && target?.port - ) - .map( - (target: Target) => - `${target.internalPort}:${target.ip}:${target.port}` - ); - - // Add to the appropriate protocol array - if (resource.protocol === "tcp") { - acc.tcpTargets.push(...formattedTargets); - } else { - acc.udpTargets.push(...formattedTargets); - } - - return acc; - }, - { tcpTargets: [] as string[], udpTargets: [] as string[] } - ); - - return { - message: { - type: "newt/wg/connect", - data: { - endpoint: `${exitNode.endpoint}:${exitNode.listenPort}`, - publicKey: exitNode.publicKey, - serverIP: exitNode.address.split("/")[0], - tunnelIP: site.subnet.split("/")[0], - targets: { - udp: udpTargets, - tcp: tcpTargets - } - } - }, - broadcast: false, // Send to all clients - excludeSender: false // Include sender in broadcast - }; -}; diff --git a/server/routers/newt/handleSocketMessages.ts b/server/routers/newt/handleSocketMessages.ts new file mode 100644 index 00000000..01b7be60 --- /dev/null +++ b/server/routers/newt/handleSocketMessages.ts @@ -0,0 +1,60 @@ +import { MessageHandler } from "../ws"; +import logger from "@server/logger"; +import { dockerSocketCache } from "./dockerSocket"; +import { Newt } from "@server/db"; + +export const handleDockerStatusMessage: MessageHandler = async (context) => { + const { message, client, sendToClient } = context; + const newt = client as Newt; + + logger.info("Handling Docker socket check response"); + + if (!newt) { + logger.warn("Newt not found"); + return; + } + + logger.info(`Newt ID: ${newt.newtId}, Site ID: ${newt.siteId}`); + const { available, socketPath } = message.data; + + logger.info( + `Docker socket availability for Newt ${newt.newtId}: available=${available}, socketPath=${socketPath}` + ); + + if (available) { + logger.info(`Newt ${newt.newtId} has Docker socket access`); + dockerSocketCache.set(`${newt.newtId}:socketPath`, socketPath, 0); + dockerSocketCache.set(`${newt.newtId}:isAvailable`, available, 0); + } else { + logger.warn(`Newt ${newt.newtId} does not have Docker socket access`); + } + + return; +}; + +export const handleDockerContainersMessage: MessageHandler = async ( + context +) => { + const { message, client, sendToClient } = context; + const newt = client as Newt; + + logger.info("Handling Docker containers response"); + + if (!newt) { + logger.warn("Newt not found"); + return; + } + + logger.info(`Newt ID: ${newt.newtId}, Site ID: ${newt.siteId}`); + const { containers } = message.data; + + logger.info( + `Docker containers for Newt ${newt.newtId}: ${containers ? containers.length : 0}` + ); + + if (containers && containers.length > 0) { + dockerSocketCache.set(`${newt.newtId}:dockerContainers`, containers, 0); + } else { + logger.warn(`Newt ${newt.newtId} does not have Docker containers`); + } +}; diff --git a/server/routers/newt/index.ts b/server/routers/newt/index.ts index dcc49749..08f047e3 100644 --- a/server/routers/newt/index.ts +++ b/server/routers/newt/index.ts @@ -1,3 +1,7 @@ export * from "./createNewt"; -export * from "./getToken"; -export * from "./handleRegisterMessage"; \ No newline at end of file +export * from "./getNewtToken"; +export * from "./handleNewtRegisterMessage"; +export * from "./handleReceiveBandwidthMessage"; +export * from "./handleGetConfigMessage"; +export * from "./handleSocketMessages"; +export * from "./handleNewtPingRequestMessage"; \ No newline at end of file diff --git a/server/routers/newt/peers.ts b/server/routers/newt/peers.ts new file mode 100644 index 00000000..ff57e6fd --- /dev/null +++ b/server/routers/newt/peers.ts @@ -0,0 +1,114 @@ +import { db } from "@server/db"; +import { newts, sites } from "@server/db"; +import { eq } from "drizzle-orm"; +import { sendToClient } from "../ws"; +import logger from "@server/logger"; + +export async function addPeer( + siteId: number, + peer: { + publicKey: string; + allowedIps: string[]; + endpoint: string; + } +) { + const [site] = await db + .select() + .from(sites) + .where(eq(sites.siteId, siteId)) + .limit(1); + if (!site) { + throw new Error(`Exit node with ID ${siteId} not found`); + } + + // get the newt on the site + const [newt] = await db + .select() + .from(newts) + .where(eq(newts.siteId, siteId)) + .limit(1); + if (!newt) { + throw new Error(`Site found for site ${siteId}`); + } + + sendToClient(newt.newtId, { + type: "newt/wg/peer/add", + data: peer + }); + + logger.info(`Added peer ${peer.publicKey} to newt ${newt.newtId}`); + + return site; +} + +export async function deletePeer(siteId: number, publicKey: string) { + const [site] = await db + .select() + .from(sites) + .where(eq(sites.siteId, siteId)) + .limit(1); + if (!site) { + throw new Error(`Site with ID ${siteId} not found`); + } + + // get the newt on the site + const [newt] = await db + .select() + .from(newts) + .where(eq(newts.siteId, siteId)) + .limit(1); + if (!newt) { + throw new Error(`Newt not found for site ${siteId}`); + } + + sendToClient(newt.newtId, { + type: "newt/wg/peer/remove", + data: { + publicKey + } + }); + + logger.info(`Deleted peer ${publicKey} from newt ${newt.newtId}`); + + return site; +} + +export async function updatePeer( + siteId: number, + publicKey: string, + peer: { + allowedIps?: string[]; + endpoint?: string; + } +) { + const [site] = await db + .select() + .from(sites) + .where(eq(sites.siteId, siteId)) + .limit(1); + if (!site) { + throw new Error(`Site with ID ${siteId} not found`); + } + + // get the newt on the site + const [newt] = await db + .select() + .from(newts) + .where(eq(newts.siteId, siteId)) + .limit(1); + if (!newt) { + throw new Error(`Newt not found for site ${siteId}`); + } + + sendToClient(newt.newtId, { + type: "newt/wg/peer/update", + data: { + publicKey, + ...peer + } + }); + + logger.info(`Updated peer ${publicKey} on newt ${newt.newtId}`); + + return site; +} diff --git a/server/routers/newt/targets.ts b/server/routers/newt/targets.ts index f2f5dc45..91a0ac3f 100644 --- a/server/routers/newt/targets.ts +++ b/server/routers/newt/targets.ts @@ -1,10 +1,12 @@ -import { Target } from "@server/db/schemas"; +import { Target } from "@server/db"; import { sendToClient } from "../ws"; +import logger from "@server/logger"; -export function addTargets( +export async function addTargets( newtId: string, targets: Target[], - protocol: string + protocol: string, + port: number | null = null ) { //create a list of udp and tcp targets const payloadTargets = targets.map((target) => { @@ -13,19 +15,19 @@ export function addTargets( }:${target.port}`; }); - const payload = { + sendToClient(newtId, { type: `newt/${protocol}/add`, data: { targets: payloadTargets } - }; - sendToClient(newtId, payload); + }); } -export function removeTargets( +export async function removeTargets( newtId: string, targets: Target[], - protocol: string + protocol: string, + port: number | null = null ) { //create a list of udp and tcp targets const payloadTargets = targets.map((target) => { @@ -34,11 +36,10 @@ export function removeTargets( }:${target.port}`; }); - const payload = { + await sendToClient(newtId, { type: `newt/${protocol}/remove`, data: { targets: payloadTargets } - }; - sendToClient(newtId, payload); + }); } diff --git a/server/routers/olm/createOlm.ts b/server/routers/olm/createOlm.ts new file mode 100644 index 00000000..64b9c932 --- /dev/null +++ b/server/routers/olm/createOlm.ts @@ -0,0 +1,106 @@ +import { NextFunction, Request, Response } from "express"; +import { db } from "@server/db"; +import { hash } from "@node-rs/argon2"; +import HttpCode from "@server/types/HttpCode"; +import { z } from "zod"; +import { newts } from "@server/db"; +import createHttpError from "http-errors"; +import response from "@server/lib/response"; +import { SqliteError } from "better-sqlite3"; +import moment from "moment"; +import { generateSessionToken } from "@server/auth/sessions/app"; +import { createNewtSession } from "@server/auth/sessions/newt"; +import { fromError } from "zod-validation-error"; +import { hashPassword } from "@server/auth/password"; + +export const createNewtBodySchema = z.object({}); + +export type CreateNewtBody = z.infer; + +export type CreateNewtResponse = { + token: string; + newtId: string; + secret: string; +}; + +const createNewtSchema = z + .object({ + newtId: z.string(), + secret: z.string() + }) + .strict(); + +export async function createNewt( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + + const parsedBody = createNewtSchema.safeParse(req.body); + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { newtId, secret } = parsedBody.data; + + if (req.user && (!req.userRoleIds || req.userRoleIds.length === 0)) { + return next( + createHttpError(HttpCode.FORBIDDEN, "User does not have a role") + ); + } + + const secretHash = await hashPassword(secret); + + await db.insert(newts).values({ + newtId: newtId, + secretHash, + dateCreated: moment().toISOString(), + }); + + // give the newt their default permissions: + // await db.insert(newtActions).values({ + // newtId: newtId, + // actionId: ActionsEnum.createOrg, + // orgId: null, + // }); + + const token = generateSessionToken(); + await createNewtSession(token, newtId); + + return response(res, { + data: { + newtId, + secret, + token, + }, + success: true, + error: false, + message: "Newt created successfully", + status: HttpCode.OK, + }); + } catch (e) { + if (e instanceof SqliteError && e.code === "SQLITE_CONSTRAINT_UNIQUE") { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "A newt with that email address already exists" + ) + ); + } else { + console.error(e); + + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to create newt" + ) + ); + } + } +} diff --git a/server/routers/olm/getOlmToken.ts b/server/routers/olm/getOlmToken.ts new file mode 100644 index 00000000..c26f5936 --- /dev/null +++ b/server/routers/olm/getOlmToken.ts @@ -0,0 +1,119 @@ +import { generateSessionToken } from "@server/auth/sessions/app"; +import { db } from "@server/db"; +import { olms } from "@server/db"; +import HttpCode from "@server/types/HttpCode"; +import response from "@server/lib/response"; +import { eq } from "drizzle-orm"; +import { NextFunction, Request, Response } from "express"; +import createHttpError from "http-errors"; +import { z } from "zod"; +import { fromError } from "zod-validation-error"; +import { + createOlmSession, + validateOlmSessionToken +} from "@server/auth/sessions/olm"; +import { verifyPassword } from "@server/auth/password"; +import logger from "@server/logger"; +import config from "@server/lib/config"; + +export const olmGetTokenBodySchema = z.object({ + olmId: z.string(), + secret: z.string(), + token: z.string().optional() +}); + +export type OlmGetTokenBody = z.infer; + +export async function getOlmToken( + req: Request, + res: Response, + next: NextFunction +): Promise { + const parsedBody = olmGetTokenBodySchema.safeParse(req.body); + + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { olmId, secret, token } = parsedBody.data; + + try { + if (token) { + const { session, olm } = await validateOlmSessionToken(token); + if (session) { + if (config.getRawConfig().app.log_failed_attempts) { + logger.info( + `Olm session already valid. Olm ID: ${olmId}. IP: ${req.ip}.` + ); + } + return response(res, { + data: null, + success: true, + error: false, + message: "Token session already valid", + status: HttpCode.OK + }); + } + } + + const existingOlmRes = await db + .select() + .from(olms) + .where(eq(olms.olmId, olmId)); + if (!existingOlmRes || !existingOlmRes.length) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "No olm found with that olmId" + ) + ); + } + + const existingOlm = existingOlmRes[0]; + + const validSecret = await verifyPassword( + secret, + existingOlm.secretHash + ); + if (!validSecret) { + if (config.getRawConfig().app.log_failed_attempts) { + logger.info( + `Olm id or secret is incorrect. Olm: ID ${olmId}. IP: ${req.ip}.` + ); + } + return next( + createHttpError(HttpCode.BAD_REQUEST, "Secret is incorrect") + ); + } + + logger.debug("Creating new olm session token"); + + const resToken = generateSessionToken(); + await createOlmSession(resToken, existingOlm.olmId); + + logger.debug("Token created successfully"); + + return response<{ token: string }>(res, { + data: { + token: resToken + }, + success: true, + error: false, + message: "Token created successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to authenticate olm" + ) + ); + } +} diff --git a/server/routers/olm/handleOlmPingMessage.ts b/server/routers/olm/handleOlmPingMessage.ts new file mode 100644 index 00000000..6c4b5600 --- /dev/null +++ b/server/routers/olm/handleOlmPingMessage.ts @@ -0,0 +1,98 @@ +import { db } from "@server/db"; +import { MessageHandler } from "../ws"; +import { clients, Olm } from "@server/db"; +import { eq, lt, isNull, and, or } from "drizzle-orm"; +import logger from "@server/logger"; + +// Track if the offline checker interval is running +let offlineCheckerInterval: NodeJS.Timeout | null = null; +const OFFLINE_CHECK_INTERVAL = 30 * 1000; // Check every 30 seconds +const OFFLINE_THRESHOLD_MS = 2 * 60 * 1000; // 2 minutes + +/** + * Starts the background interval that checks for clients that haven't pinged recently + * and marks them as offline + */ +export const startOlmOfflineChecker = (): void => { + if (offlineCheckerInterval) { + return; // Already running + } + + offlineCheckerInterval = setInterval(async () => { + try { + const twoMinutesAgo = Math.floor((Date.now() - OFFLINE_THRESHOLD_MS) / 1000); + + // Find clients that haven't pinged in the last 2 minutes and mark them as offline + await db + .update(clients) + .set({ online: false }) + .where( + and( + eq(clients.online, true), + or( + lt(clients.lastPing, twoMinutesAgo), + isNull(clients.lastPing) + ) + ) + ); + + } catch (error) { + logger.error("Error in offline checker interval", { error }); + } + }, OFFLINE_CHECK_INTERVAL); + + logger.info("Started offline checker interval"); +}; + +/** + * Stops the background interval that checks for offline clients + */ +export const stopOlmOfflineChecker = (): void => { + if (offlineCheckerInterval) { + clearInterval(offlineCheckerInterval); + offlineCheckerInterval = null; + logger.info("Stopped offline checker interval"); + } +}; + +/** + * Handles ping messages from clients and responds with pong + */ +export const handleOlmPingMessage: MessageHandler = async (context) => { + const { message, client: c, sendToClient } = context; + const olm = c as Olm; + + if (!olm) { + logger.warn("Olm not found"); + return; + } + + if (!olm.clientId) { + logger.warn("Olm has no client ID!"); + return; + } + + try { + // Update the client's last ping timestamp + await db + .update(clients) + .set({ + lastPing: Math.floor(Date.now() / 1000), + online: true, + }) + .where(eq(clients.clientId, olm.clientId)); + } catch (error) { + logger.error("Error handling ping message", { error }); + } + + return { + message: { + type: "pong", + data: { + timestamp: new Date().toISOString(), + } + }, + broadcast: false, + excludeSender: false + }; +}; diff --git a/server/routers/olm/handleOlmRegisterMessage.ts b/server/routers/olm/handleOlmRegisterMessage.ts new file mode 100644 index 00000000..11ca8b5e --- /dev/null +++ b/server/routers/olm/handleOlmRegisterMessage.ts @@ -0,0 +1,242 @@ +import { db, ExitNode } from "@server/db"; +import { MessageHandler } from "../ws"; +import { clients, clientSites, exitNodes, Olm, olms, sites } from "@server/db"; +import { and, eq, inArray } from "drizzle-orm"; +import { addPeer, deletePeer } from "../newt/peers"; +import logger from "@server/logger"; +import { listExitNodes } from "@server/lib/exitNodes"; + +export const handleOlmRegisterMessage: MessageHandler = async (context) => { + logger.info("Handling register olm message!"); + const { message, client: c, sendToClient } = context; + const olm = c as Olm; + + const now = new Date().getTime() / 1000; + + if (!olm) { + logger.warn("Olm not found"); + return; + } + if (!olm.clientId) { + logger.warn("Olm has no client ID!"); + return; + } + const clientId = olm.clientId; + const { publicKey, relay, olmVersion } = message.data; + + logger.debug( + `Olm client ID: ${clientId}, Public Key: ${publicKey}, Relay: ${relay}` + ); + + if (!publicKey) { + logger.warn("Public key not provided"); + return; + } + + // Get the client + const [client] = await db + .select() + .from(clients) + .where(eq(clients.clientId, clientId)) + .limit(1); + + if (!client) { + logger.warn("Client not found"); + return; + } + + if (client.exitNodeId) { + // TODO: FOR NOW WE ARE JUST HOLEPUNCHING ALL EXIT NODES BUT IN THE FUTURE WE SHOULD HANDLE THIS BETTER + + // Get the exit node + const allExitNodes = await listExitNodes(client.orgId, true); // FILTER THE ONLINE ONES + + const exitNodesHpData = allExitNodes.map((exitNode: ExitNode) => { + return { + publicKey: exitNode.publicKey, + endpoint: exitNode.endpoint + }; + }); + + // Send holepunch message + await sendToClient(olm.olmId, { + type: "olm/wg/holepunch/all", + data: { + exitNodes: exitNodesHpData + } + }); + + if (!olmVersion) { + // THIS IS FOR BACKWARDS COMPATIBILITY + // THE OLDER CLIENTS DID NOT SEND THE VERSION + await sendToClient(olm.olmId, { + type: "olm/wg/holepunch", + data: { + serverPubKey: allExitNodes[0].publicKey, + endpoint: allExitNodes[0].endpoint + } + }); + } + } + + if (olmVersion) { + await db + .update(olms) + .set({ + version: olmVersion + }) + .where(eq(olms.olmId, olm.olmId)); + } + + if (now - (client.lastHolePunch || 0) > 6) { + logger.warn("Client last hole punch is too old, skipping all sites"); + return; + } + + if (client.pubKey !== publicKey) { + logger.info( + "Public key mismatch. Updating public key and clearing session info..." + ); + // Update the client's public key + await db + .update(clients) + .set({ + pubKey: publicKey + }) + .where(eq(clients.clientId, olm.clientId)); + + // set isRelay to false for all of the client's sites to reset the connection metadata + await db + .update(clientSites) + .set({ + isRelayed: relay == true + }) + .where(eq(clientSites.clientId, olm.clientId)); + } + + // Get all sites data + const sitesData = await db + .select() + .from(sites) + .innerJoin(clientSites, eq(sites.siteId, clientSites.siteId)) + .where(eq(clientSites.clientId, client.clientId)); + + // Prepare an array to store site configurations + const siteConfigurations = []; + logger.debug( + `Found ${sitesData.length} sites for client ${client.clientId}` + ); + + if (sitesData.length === 0) { + sendToClient(olm.olmId, { + type: "olm/register/no-sites", + data: {} + }); + } + + // Process each site + for (const { sites: site } of sitesData) { + if (!site.exitNodeId) { + logger.warn( + `Site ${site.siteId} does not have exit node, skipping` + ); + continue; + } + + // Validate endpoint and hole punch status + if (!site.endpoint) { + logger.warn(`Site ${site.siteId} has no endpoint, skipping`); + continue; + } + + // if (site.lastHolePunch && now - site.lastHolePunch > 6 && relay) { + // logger.warn( + // `Site ${site.siteId} last hole punch is too old, skipping` + // ); + // continue; + // } + + // If public key changed, delete old peer from this site + if (client.pubKey && client.pubKey != publicKey) { + logger.info( + `Public key mismatch. Deleting old peer from site ${site.siteId}...` + ); + await deletePeer(site.siteId, client.pubKey!); + } + + if (!site.subnet) { + logger.warn(`Site ${site.siteId} has no subnet, skipping`); + continue; + } + + const [clientSite] = await db + .select() + .from(clientSites) + .where( + and( + eq(clientSites.clientId, client.clientId), + eq(clientSites.siteId, site.siteId) + ) + ) + .limit(1); + + // Add the peer to the exit node for this site + if (clientSite.endpoint) { + logger.info( + `Adding peer ${publicKey} to site ${site.siteId} with endpoint ${clientSite.endpoint}` + ); + await addPeer(site.siteId, { + publicKey: publicKey, + allowedIps: [`${client.subnet.split("/")[0]}/32`], // we want to only allow from that client + endpoint: relay ? "" : clientSite.endpoint + }); + } else { + logger.warn( + `Client ${client.clientId} has no endpoint, skipping peer addition` + ); + } + + let endpoint = site.endpoint; + if (relay) { + const [exitNode] = await db + .select() + .from(exitNodes) + .where(eq(exitNodes.exitNodeId, site.exitNodeId)) + .limit(1); + if (!exitNode) { + logger.warn(`Exit node not found for site ${site.siteId}`); + continue; + } + endpoint = `${exitNode.endpoint}:21820`; + } + + // Add site configuration to the array + siteConfigurations.push({ + siteId: site.siteId, + endpoint: endpoint, + publicKey: site.publicKey, + serverIP: site.address, + serverPort: site.listenPort, + remoteSubnets: site.remoteSubnets + }); + } + + // REMOVED THIS SO IT CREATES THE INTERFACE AND JUST WAITS FOR THE SITES + // if (siteConfigurations.length === 0) { + // logger.warn("No valid site configurations found"); + // return; + // } + + // Return connect message with all site configurations + return { + message: { + type: "olm/wg/connect", + data: { + sites: siteConfigurations, + tunnelIP: client.subnet + } + }, + broadcast: false, + excludeSender: false + }; +}; diff --git a/server/routers/olm/handleOlmRelayMessage.ts b/server/routers/olm/handleOlmRelayMessage.ts new file mode 100644 index 00000000..cefc5b91 --- /dev/null +++ b/server/routers/olm/handleOlmRelayMessage.ts @@ -0,0 +1,96 @@ +import { db, exitNodes, sites } from "@server/db"; +import { MessageHandler } from "../ws"; +import { clients, clientSites, Olm } from "@server/db"; +import { and, eq } from "drizzle-orm"; +import { updatePeer } from "../newt/peers"; +import logger from "@server/logger"; + +export const handleOlmRelayMessage: MessageHandler = async (context) => { + const { message, client: c, sendToClient } = context; + const olm = c as Olm; + + logger.info("Handling relay olm message!"); + + if (!olm) { + logger.warn("Olm not found"); + return; + } + + if (!olm.clientId) { + logger.warn("Olm has no site!"); // TODO: Maybe we create the site here? + return; + } + + const clientId = olm.clientId; + + const [client] = await db + .select() + .from(clients) + .where(eq(clients.clientId, clientId)) + .limit(1); + + if (!client) { + logger.warn("Client not found"); + return; + } + + // make sure we hand endpoints for both the site and the client and the lastHolePunch is not too old + if (!client.pubKey) { + logger.warn("Client has no endpoint or listen port"); + return; + } + + const { siteId } = message.data; + + // Get the site + const [site] = await db + .select() + .from(sites) + .where(eq(sites.siteId, siteId)) + .limit(1); + + if (!site || !site.exitNodeId) { + logger.warn("Site not found or has no exit node"); + return; + } + + // get the site's exit node + const [exitNode] = await db + .select() + .from(exitNodes) + .where(eq(exitNodes.exitNodeId, site.exitNodeId)) + .limit(1); + + if (!exitNode) { + logger.warn("Exit node not found for site"); + return; + } + + await db + .update(clientSites) + .set({ + isRelayed: true + }) + .where( + and( + eq(clientSites.clientId, olm.clientId), + eq(clientSites.siteId, siteId) + ) + ); + + // update the peer on the exit node + await updatePeer(siteId, client.pubKey, { + endpoint: "" // this removes the endpoint + }); + + sendToClient(olm.olmId, { + type: "olm/wg/peer/relay", + data: { + siteId: siteId, + endpoint: exitNode.endpoint, + publicKey: exitNode.publicKey + } + }); + + return; +}; diff --git a/server/routers/olm/index.ts b/server/routers/olm/index.ts new file mode 100644 index 00000000..8426612e --- /dev/null +++ b/server/routers/olm/index.ts @@ -0,0 +1,5 @@ +export * from "./handleOlmRegisterMessage"; +export * from "./getOlmToken"; +export * from "./createOlm"; +export * from "./handleOlmRelayMessage"; +export * from "./handleOlmPingMessage"; \ No newline at end of file diff --git a/server/routers/olm/peers.ts b/server/routers/olm/peers.ts new file mode 100644 index 00000000..c47c84a8 --- /dev/null +++ b/server/routers/olm/peers.ts @@ -0,0 +1,96 @@ +import { db } from "@server/db"; +import { clients, olms, newts, sites } from "@server/db"; +import { eq } from "drizzle-orm"; +import { sendToClient } from "../ws"; +import logger from "@server/logger"; + +export async function addPeer( + clientId: number, + peer: { + siteId: number; + publicKey: string; + endpoint: string; + serverIP: string | null; + serverPort: number | null; + remoteSubnets: string | null; // optional, comma-separated list of subnets that this site can access + } +) { + const [olm] = await db + .select() + .from(olms) + .where(eq(olms.clientId, clientId)) + .limit(1); + if (!olm) { + throw new Error(`Olm with ID ${clientId} not found`); + } + + sendToClient(olm.olmId, { + type: "olm/wg/peer/add", + data: { + siteId: peer.siteId, + publicKey: peer.publicKey, + endpoint: peer.endpoint, + serverIP: peer.serverIP, + serverPort: peer.serverPort, + remoteSubnets: peer.remoteSubnets // optional, comma-separated list of subnets that this site can access + } + }); + + logger.info(`Added peer ${peer.publicKey} to olm ${olm.olmId}`); +} + +export async function deletePeer(clientId: number, siteId: number, publicKey: string) { + const [olm] = await db + .select() + .from(olms) + .where(eq(olms.clientId, clientId)) + .limit(1); + if (!olm) { + throw new Error(`Olm with ID ${clientId} not found`); + } + + sendToClient(olm.olmId, { + type: "olm/wg/peer/remove", + data: { + publicKey, + siteId: siteId + } + }); + + logger.info(`Deleted peer ${publicKey} from olm ${olm.olmId}`); +} + +export async function updatePeer( + clientId: number, + peer: { + siteId: number; + publicKey: string; + endpoint: string; + serverIP: string | null; + serverPort: number | null; + remoteSubnets?: string | null; // optional, comma-separated list of subnets that + } +) { + const [olm] = await db + .select() + .from(olms) + .where(eq(olms.clientId, clientId)) + .limit(1); + if (!olm) { + throw new Error(`Olm with ID ${clientId} not found`); + } + + sendToClient(olm.olmId, { + type: "olm/wg/peer/update", + data: { + siteId: peer.siteId, + publicKey: peer.publicKey, + endpoint: peer.endpoint, + serverIP: peer.serverIP, + serverPort: peer.serverPort, + remoteSubnets: peer.remoteSubnets + } + }); + + logger.info(`Added peer ${peer.publicKey} to olm ${olm.olmId}`); +} diff --git a/server/routers/org/checkId.ts b/server/routers/org/checkId.ts index 40a347aa..c5d00002 100644 --- a/server/routers/org/checkId.ts +++ b/server/routers/org/checkId.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { orgs } from "@server/db/schemas"; +import { orgs } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/org/createOrg.ts b/server/routers/org/createOrg.ts index 60ff5558..d26774dd 100644 --- a/server/routers/org/createOrg.ts +++ b/server/routers/org/createOrg.ts @@ -12,27 +12,27 @@ import { roleActions, roles, userOrgs, - users -} from "@server/db/schemas"; + users, + actions +} from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; import logger from "@server/logger"; -import { createAdminRole } from "@server/setup/ensureActions"; import config from "@server/lib/config"; import { fromError } from "zod-validation-error"; import { defaultRoleAllowedActions } from "../role"; import { OpenAPITags, registry } from "@server/openApi"; +import { isValidCIDR } from "@server/lib/validators"; const createOrgSchema = z .object({ orgId: z.string(), - name: z.string().min(1).max(255) + name: z.string().min(1).max(255), + subnet: z.string() }) .strict(); -// const MAX_ORGS = 5; - registry.registerPath({ method: "put", path: "/org", @@ -78,18 +78,34 @@ export async function createOrg( ); } - // const userOrgIds = req.userOrgIds; - // if (userOrgIds && userOrgIds.length > MAX_ORGS) { + const { orgId, name, subnet } = parsedBody.data; + + if (!isValidCIDR(subnet)) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Invalid subnet format. Please provide a valid CIDR notation." + ) + ); + } + + // TODO: for now we are making all of the orgs the same subnet + // make sure the subnet is unique + // const subnetExists = await db + // .select() + // .from(orgs) + // .where(eq(orgs.subnet, subnet)) + // .limit(1); + + // if (subnetExists.length > 0) { // return next( // createHttpError( - // HttpCode.FORBIDDEN, - // `Maximum number of organizations reached.` + // HttpCode.CONFLICT, + // `Subnet ${subnet} already exists` // ) // ); // } - const { orgId, name } = parsedBody.data; - // make sure the orgId is unique const orgExists = await db .select() @@ -119,7 +135,9 @@ export async function createOrg( .insert(orgs) .values({ orgId, - name + name, + subnet, + createdAt: new Date().toISOString() }) .returning(); @@ -131,20 +149,46 @@ export async function createOrg( org = newOrg[0]; - const roleId = await createAdminRole(newOrg[0].orgId); + // Create admin role within the same transaction + const [insertedRole] = await trx + .insert(roles) + .values({ + orgId: newOrg[0].orgId, + isAdmin: true, + name: "Admin", + description: "Admin role with the most permissions" + }) + .returning({ roleId: roles.roleId }); - if (!roleId) { + if (!insertedRole || !insertedRole.roleId) { error = "Failed to create Admin role"; trx.rollback(); return; } - await trx.insert(orgDomains).values( - allDomains.map((domain) => ({ - orgId: newOrg[0].orgId, - domainId: domain.domainId - })) - ); + const roleId = insertedRole.roleId; + + // Get all actions and create role actions + const actionIds = await trx.select().from(actions).execute(); + + if (actionIds.length > 0) { + await trx.insert(roleActions).values( + actionIds.map((action) => ({ + roleId, + actionId: action.actionId, + orgId: newOrg[0].orgId + })) + ); + } + + if (allDomains.length) { + await trx.insert(orgDomains).values( + allDomains.map((domain) => ({ + orgId: newOrg[0].orgId, + domainId: domain.domainId + })) + ); + } if (req.user) { await trx.insert(userOrgs).values({ @@ -190,25 +234,13 @@ export async function createOrg( orgId })) ); - - const rootApiKeys = await trx - .select() - .from(apiKeys) - .where(eq(apiKeys.isRoot, true)); - - for (const apiKey of rootApiKeys) { - await trx.insert(apiKeyOrg).values({ - apiKeyId: apiKey.apiKeyId, - orgId: newOrg[0].orgId - }); - } }); if (!org) { return next( createHttpError( HttpCode.INTERNAL_SERVER_ERROR, - "Failed to createo org" + "Failed to create org" ) ); } diff --git a/server/routers/org/deleteOrg.ts b/server/routers/org/deleteOrg.ts index 030588c5..63e9abb0 100644 --- a/server/routers/org/deleteOrg.ts +++ b/server/routers/org/deleteOrg.ts @@ -1,14 +1,8 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; -import { db } from "@server/db"; -import { - newts, - newtSessions, - orgs, - sites, - userActions -} from "@server/db/schemas"; -import { eq } from "drizzle-orm"; +import { db, domains, orgDomains, resources } from "@server/db"; +import { newts, newtSessions, orgs, sites, userActions } from "@server/db"; +import { eq, and, inArray, sql } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; @@ -55,19 +49,7 @@ export async function deleteOrg( } const { orgId } = parsedParams.data; - // Check if the user has permission to list sites - const hasPermission = await checkUserActionPermission( - ActionsEnum.deleteOrg, - req - ); - if (!hasPermission) { - return next( - createHttpError( - HttpCode.FORBIDDEN, - "User does not have permission to perform this action" - ) - ); - } + const [org] = await db .select() .from(orgs) @@ -89,6 +71,8 @@ export async function deleteOrg( .where(eq(sites.orgId, orgId)) .limit(1); + const deletedNewtIds: string[] = []; + await db.transaction(async (trx) => { if (sites) { for (const site of orgSites) { @@ -102,11 +86,7 @@ export async function deleteOrg( .where(eq(newts.siteId, site.siteId)) .returning(); if (deletedNewt) { - const payload = { - type: `newt/terminate`, - data: {} - }; - sendToClient(deletedNewt.newtId, payload); + deletedNewtIds.push(deletedNewt.newtId); // delete all of the sessions for the newt await trx @@ -128,9 +108,62 @@ export async function deleteOrg( } } + const allOrgDomains = await trx + .select() + .from(orgDomains) + .innerJoin(domains, eq(domains.domainId, orgDomains.domainId)) + .where( + and( + eq(orgDomains.orgId, orgId), + eq(domains.configManaged, false) + ) + ); + + // For each domain, check if it belongs to multiple organizations + const domainIdsToDelete: string[] = []; + for (const orgDomain of allOrgDomains) { + const domainId = orgDomain.domains.domainId; + + // Count how many organizations this domain belongs to + const orgCount = await trx + .select({ count: sql`count(*)` }) + .from(orgDomains) + .where(eq(orgDomains.domainId, domainId)); + + // Only delete the domain if it belongs to exactly 1 organization (the one being deleted) + if (orgCount[0].count === 1) { + domainIdsToDelete.push(domainId); + } + } + + // Delete domains that belong exclusively to this organization + if (domainIdsToDelete.length > 0) { + await trx + .delete(domains) + .where(inArray(domains.domainId, domainIdsToDelete)); + } + + // Delete resources + await trx.delete(resources).where(eq(resources.orgId, orgId)); + await trx.delete(orgs).where(eq(orgs.orgId, orgId)); }); + // Send termination messages outside of transaction to prevent blocking + for (const newtId of deletedNewtIds) { + const payload = { + type: `newt/terminate`, + data: {} + }; + // Don't await this to prevent blocking the response + sendToClient(newtId, payload).catch((error) => { + logger.error( + "Failed to send termination message to newt:", + error + ); + }); + } + return response(res, { data: null, success: true, diff --git a/server/routers/org/getOrg.ts b/server/routers/org/getOrg.ts index c112ab7a..35c1a5f7 100644 --- a/server/routers/org/getOrg.ts +++ b/server/routers/org/getOrg.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { Org, orgs } from "@server/db/schemas"; +import { Org, orgs } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/org/getOrgOverview.ts b/server/routers/org/getOrgOverview.ts index 59ae08f8..15131a21 100644 --- a/server/routers/org/getOrgOverview.ts +++ b/server/routers/org/getOrgOverview.ts @@ -10,7 +10,7 @@ import { userResources, users, userSites -} from "@server/db/schemas"; +} from "@server/db"; import { and, count, eq, inArray, countDistinct } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/org/index.ts b/server/routers/org/index.ts index 5623823d..c9a44d8d 100644 --- a/server/routers/org/index.ts +++ b/server/routers/org/index.ts @@ -6,3 +6,4 @@ export * from "./listUserOrgs"; export * from "./checkId"; export * from "./getOrgOverview"; export * from "./listOrgs"; +export * from "./pickOrgDefaults"; diff --git a/server/routers/org/listOrgs.ts b/server/routers/org/listOrgs.ts index 27114104..07705e48 100644 --- a/server/routers/org/listOrgs.ts +++ b/server/routers/org/listOrgs.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { Org, orgs, userOrgs } from "@server/db/schemas"; +import { Org, orgs, userOrgs } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; diff --git a/server/routers/org/listUserOrgs.ts b/server/routers/org/listUserOrgs.ts index fa33d2cb..ddf31466 100644 --- a/server/routers/org/listUserOrgs.ts +++ b/server/routers/org/listUserOrgs.ts @@ -1,11 +1,11 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { Org, orgs, userOrgs } from "@server/db/schemas"; +import { Org, orgs, userOrgs } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; -import { sql, inArray, eq } from "drizzle-orm"; +import { sql, inArray, eq, and } from "drizzle-orm"; import logger from "@server/logger"; import { fromZodError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; @@ -40,8 +40,10 @@ const listOrgsSchema = z.object({ // responses: {} // }); +type ResponseOrg = Org & { isOwner?: boolean }; + export type ListUserOrgsResponse = { - orgs: Org[]; + orgs: ResponseOrg[]; pagination: { total: number; limit: number; offset: number }; }; @@ -103,7 +105,19 @@ export async function listUserOrgs( } const organizations = await db - .select() + .select({ + orgId: orgs.orgId, + name: orgs.name, + subnet: orgs.subnet, + createdAt: orgs.createdAt, + isOwner: sql` + exists (select 1 + from ${userOrgs} g + where g.userId = ${userId} + and g.orgId = ${orgs.orgId} + and g.isOwner) + ` + }) .from(orgs) .where(inArray(orgs.orgId, userOrgIds)) .limit(limit) diff --git a/server/routers/org/pickOrgDefaults.ts b/server/routers/org/pickOrgDefaults.ts new file mode 100644 index 00000000..771b0d99 --- /dev/null +++ b/server/routers/org/pickOrgDefaults.ts @@ -0,0 +1,39 @@ +import { Request, Response, NextFunction } from "express"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { getNextAvailableOrgSubnet } from "@server/lib/ip"; +import config from "@server/lib/config"; + +export type PickOrgDefaultsResponse = { + subnet: string; +}; + +export async function pickOrgDefaults( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + // TODO: Why would each org have to have its own subnet? + // const subnet = await getNextAvailableOrgSubnet(); + // Just hard code the subnet for now for everyone + const subnet = config.getRawConfig().orgs.subnet_group; + + return response(res, { + data: { + subnet: subnet + }, + success: true, + error: false, + message: "Organization defaults created successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/org/updateOrg.ts b/server/routers/org/updateOrg.ts index 0f0aa89a..6dcd1016 100644 --- a/server/routers/org/updateOrg.ts +++ b/server/routers/org/updateOrg.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { orgs } from "@server/db/schemas"; +import { orgs } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -19,7 +19,6 @@ const updateOrgParamsSchema = z const updateOrgBodySchema = z .object({ name: z.string().min(1).max(255).optional() - // domain: z.string().min(1).max(255).optional(), }) .strict() .refine((data) => Object.keys(data).length > 0, { diff --git a/server/routers/resource/authWithAccessToken.ts b/server/routers/resource/authWithAccessToken.ts index 961b2d8a..2d7fdf93 100644 --- a/server/routers/resource/authWithAccessToken.ts +++ b/server/routers/resource/authWithAccessToken.ts @@ -1,6 +1,6 @@ import { generateSessionToken } from "@server/auth/sessions/app"; -import db from "@server/db"; -import { Resource, resources } from "@server/db/schemas"; +import { db } from "@server/db"; +import { Resource, resources } from "@server/db"; import HttpCode from "@server/types/HttpCode"; import response from "@server/lib/response"; import { eq } from "drizzle-orm"; diff --git a/server/routers/resource/authWithPassword.ts b/server/routers/resource/authWithPassword.ts index 602ddccd..652c4e86 100644 --- a/server/routers/resource/authWithPassword.ts +++ b/server/routers/resource/authWithPassword.ts @@ -1,7 +1,7 @@ import { verify } from "@node-rs/argon2"; import { generateSessionToken } from "@server/auth/sessions/app"; -import db from "@server/db"; -import { orgs, resourcePassword, resources } from "@server/db/schemas"; +import { db } from "@server/db"; +import { orgs, resourcePassword, resources } from "@server/db"; import HttpCode from "@server/types/HttpCode"; import response from "@server/lib/response"; import { eq } from "drizzle-orm"; diff --git a/server/routers/resource/authWithPincode.ts b/server/routers/resource/authWithPincode.ts index 21640942..d8733c18 100644 --- a/server/routers/resource/authWithPincode.ts +++ b/server/routers/resource/authWithPincode.ts @@ -1,6 +1,6 @@ import { generateSessionToken } from "@server/auth/sessions/app"; -import db from "@server/db"; -import { orgs, resourcePincode, resources } from "@server/db/schemas"; +import { db } from "@server/db"; +import { orgs, resourcePincode, resources } from "@server/db"; import HttpCode from "@server/types/HttpCode"; import response from "@server/lib/response"; import { eq } from "drizzle-orm"; diff --git a/server/routers/resource/authWithWhitelist.ts b/server/routers/resource/authWithWhitelist.ts index 01c9909c..07662f7f 100644 --- a/server/routers/resource/authWithWhitelist.ts +++ b/server/routers/resource/authWithWhitelist.ts @@ -1,11 +1,11 @@ import { generateSessionToken } from "@server/auth/sessions/app"; -import db from "@server/db"; +import { db } from "@server/db"; import { orgs, resourceOtp, resources, resourceWhitelist -} from "@server/db/schemas"; +} from "@server/db"; import HttpCode from "@server/types/HttpCode"; import response from "@server/lib/response"; import { eq, and } from "drizzle-orm"; @@ -22,8 +22,8 @@ const authWithWhitelistBodySchema = z .object({ email: z .string() - .email() - .transform((v) => v.toLowerCase()), + .toLowerCase() + .email(), otp: z.string().optional() }) .strict(); diff --git a/server/routers/resource/createResource.ts b/server/routers/resource/createResource.ts index 35dc4bf6..5b27cb41 100644 --- a/server/routers/resource/createResource.ts +++ b/server/routers/resource/createResource.ts @@ -10,21 +10,20 @@ import { roleResources, roles, userResources -} from "@server/db/schemas"; +} from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; import { eq, and } from "drizzle-orm"; -import stoi from "@server/lib/stoi"; import { fromError } from "zod-validation-error"; import logger from "@server/logger"; import { subdomainSchema } from "@server/lib/schemas"; import config from "@server/lib/config"; import { OpenAPITags, registry } from "@server/openApi"; +import { build } from "@server/build"; const createResourceParamsSchema = z .object({ - siteId: z.string().transform(stoi).pipe(z.number().int().positive()), orgId: z.string() }) .strict(); @@ -32,14 +31,9 @@ const createResourceParamsSchema = z const createHttpResourceSchema = z .object({ name: z.string().min(1).max(255), - subdomain: z - .string() - .optional() - .transform((val) => val?.toLowerCase()), - isBaseDomain: z.boolean().optional(), - siteId: z.number(), + subdomain: z.string().nullable().optional(), http: z.boolean(), - protocol: z.string(), + protocol: z.enum(["tcp", "udp"]), domainId: z.string() }) .strict() @@ -51,28 +45,15 @@ const createHttpResourceSchema = z return true; }, { message: "Invalid subdomain" } - ) - .refine( - (data) => { - if (!config.getRawConfig().flags?.allow_base_domain_resources) { - if (data.isBaseDomain) { - return false; - } - } - return true; - }, - { - message: "Base domain resources are not allowed" - } ); const createRawResourceSchema = z .object({ name: z.string().min(1).max(255), - siteId: z.number(), http: z.boolean(), - protocol: z.string(), - proxyPort: z.number().int().min(1).max(65535) + protocol: z.enum(["tcp", "udp"]), + proxyPort: z.number().int().min(1).max(65535), + // enableProxy: z.boolean().default(true) // always true now }) .strict() .refine( @@ -85,7 +66,7 @@ const createRawResourceSchema = z return true; }, { - message: "Proxy port cannot be set" + message: "Raw resources are not allowed" } ); @@ -93,7 +74,7 @@ export type CreateResourceResponse = Resource; registry.registerPath({ method: "put", - path: "/org/{orgId}/site/{siteId}/resource", + path: "/org/{orgId}/resource", description: "Create a resource.", tags: [OpenAPITags.Org, OpenAPITags.Resource], request: { @@ -101,9 +82,7 @@ registry.registerPath({ body: { content: { "application/json": { - schema: createHttpResourceSchema.or( - createRawResourceSchema - ) + schema: createHttpResourceSchema.or(createRawResourceSchema) } } } @@ -128,7 +107,7 @@ export async function createResource( ); } - const { siteId, orgId } = parsedParams.data; + const { orgId } = parsedParams.data; if (req.user && !req.userRoleIds) { return next( @@ -163,12 +142,23 @@ export async function createResource( if (http) { return await createHttpResource( { req, res, next }, - { siteId, orgId } + { orgId } ); } else { + if ( + !config.getRawConfig().flags?.allow_raw_resources && + build == "oss" + ) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Raw resources are not allowed" + ) + ); + } return await createRawResource( { req, res, next }, - { siteId, orgId } + { orgId } ); } } catch (error) { @@ -186,12 +176,11 @@ async function createHttpResource( next: NextFunction; }, meta: { - siteId: number; orgId: string; } ) { const { req, res, next } = route; - const { siteId, orgId } = meta; + const { orgId } = meta; const parsedBody = createHttpResourceSchema.safeParse(req.body); if (!parsedBody.success) { @@ -203,35 +192,78 @@ async function createHttpResource( ); } - const { name, subdomain, isBaseDomain, http, protocol, domainId } = - parsedBody.data; + const { name, domainId } = parsedBody.data; + let subdomain = parsedBody.data.subdomain; - const [orgDomain] = await db + const [domainRes] = await db .select() - .from(orgDomains) - .where( + .from(domains) + .where(eq(domains.domainId, domainId)) + .leftJoin( + orgDomains, and(eq(orgDomains.orgId, orgId), eq(orgDomains.domainId, domainId)) - ) - .leftJoin(domains, eq(orgDomains.domainId, domains.domainId)); + ); - if (!orgDomain || !orgDomain.domains) { + if (!domainRes || !domainRes.domains) { return next( createHttpError( HttpCode.NOT_FOUND, - `Domain with ID ${parsedBody.data.domainId} not found` + `Domain with ID ${domainId} not found` ) ); } - const domain = orgDomain.domains; + if (domainRes.orgDomains && domainRes.orgDomains.orgId !== orgId) { + return next( + createHttpError( + HttpCode.FORBIDDEN, + `Organization does not have access to domain with ID ${domainId}` + ) + ); + } + + if (!domainRes.domains.verified) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + `Domain with ID ${domainRes.domains.domainId} is not verified` + ) + ); + } let fullDomain = ""; - if (isBaseDomain) { - fullDomain = domain.baseDomain; - } else { - fullDomain = `${subdomain}.${domain.baseDomain}`; + if (domainRes.domains.type == "ns") { + if (subdomain) { + fullDomain = `${subdomain}.${domainRes.domains.baseDomain}`; + } else { + fullDomain = domainRes.domains.baseDomain; + } + } else if (domainRes.domains.type == "cname") { + fullDomain = domainRes.domains.baseDomain; + } else if (domainRes.domains.type == "wildcard") { + if (subdomain) { + // the subdomain cant have a dot in it + const parsedSubdomain = subdomainSchema.safeParse(subdomain); + if (!parsedSubdomain.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedSubdomain.error).toString() + ) + ); + } + fullDomain = `${subdomain}.${domainRes.domains.baseDomain}`; + } else { + fullDomain = domainRes.domains.baseDomain; + } } + if (fullDomain === domainRes.domains.baseDomain) { + subdomain = null; + } + + fullDomain = fullDomain.toLowerCase(); + logger.debug(`Full domain: ${fullDomain}`); // make sure the full domain is unique @@ -255,16 +287,14 @@ async function createHttpResource( const newResource = await trx .insert(resources) .values({ - siteId, fullDomain, domainId, orgId, name, subdomain, - http, - protocol, - ssl: true, - isBaseDomain + http: true, + protocol: "tcp", + ssl: true }) .returning(); @@ -321,12 +351,11 @@ async function createRawResource( next: NextFunction; }, meta: { - siteId: number; orgId: string; } ) { const { req, res, next } = route; - const { siteId, orgId } = meta; + const { orgId } = meta; const parsedBody = createRawResourceSchema.safeParse(req.body); if (!parsedBody.success) { @@ -366,12 +395,12 @@ async function createRawResource( const newResource = await trx .insert(resources) .values({ - siteId, orgId, name, http, protocol, - proxyPort + proxyPort, + // enableProxy }) .returning(); @@ -392,7 +421,7 @@ async function createRawResource( resourceId: newResource[0].resourceId }); - if (req.userRoleIds?.indexOf(adminRole[0].roleId) === -1) { + if (req.user && req.userRoleIds?.indexOf(adminRole[0].roleId) === -1) { // make sure the user can access the resource await trx.insert(userResources).values({ userId: req.user?.userId!, diff --git a/server/routers/resource/createResourceRule.ts b/server/routers/resource/createResourceRule.ts index b52713d1..affd7625 100644 --- a/server/routers/resource/createResourceRule.ts +++ b/server/routers/resource/createResourceRule.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { resourceRules, resources } from "@server/db/schemas"; +import { resourceRules, resources } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -17,7 +17,7 @@ import { OpenAPITags, registry } from "@server/openApi"; const createResourceRuleSchema = z .object({ - action: z.enum(["ACCEPT", "DROP"]), + action: z.enum(["ACCEPT", "DROP", "PASS"]), match: z.enum(["CIDR", "IP", "PATH"]), value: z.string().min(1), priority: z.number().int(), diff --git a/server/routers/resource/deleteResource.ts b/server/routers/resource/deleteResource.ts index 8b58f688..3b0e9df4 100644 --- a/server/routers/resource/deleteResource.ts +++ b/server/routers/resource/deleteResource.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { newts, resources, sites, targets } from "@server/db/schemas"; +import { newts, resources, sites, targets } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -71,43 +71,44 @@ export async function deleteResource( ); } - const [site] = await db - .select() - .from(sites) - .where(eq(sites.siteId, deletedResource.siteId!)) - .limit(1); - - if (!site) { - return next( - createHttpError( - HttpCode.NOT_FOUND, - `Site with ID ${deletedResource.siteId} not found` - ) - ); - } - - if (site.pubKey) { - if (site.type == "wireguard") { - await addPeer(site.exitNodeId!, { - publicKey: site.pubKey, - allowedIps: await getAllowedIps(site.siteId) - }); - } else if (site.type == "newt") { - // get the newt on the site by querying the newt table for siteId - const [newt] = await db - .select() - .from(newts) - .where(eq(newts.siteId, site.siteId)) - .limit(1); - - removeTargets( - newt.newtId, - targetsToBeRemoved, - deletedResource.protocol - ); - } - } - + // const [site] = await db + // .select() + // .from(sites) + // .where(eq(sites.siteId, deletedResource.siteId!)) + // .limit(1); + // + // if (!site) { + // return next( + // createHttpError( + // HttpCode.NOT_FOUND, + // `Site with ID ${deletedResource.siteId} not found` + // ) + // ); + // } + // + // if (site.pubKey) { + // if (site.type == "wireguard") { + // await addPeer(site.exitNodeId!, { + // publicKey: site.pubKey, + // allowedIps: await getAllowedIps(site.siteId) + // }); + // } else if (site.type == "newt") { + // // get the newt on the site by querying the newt table for siteId + // const [newt] = await db + // .select() + // .from(newts) + // .where(eq(newts.siteId, site.siteId)) + // .limit(1); + // + // removeTargets( + // newt.newtId, + // targetsToBeRemoved, + // deletedResource.protocol, + // deletedResource.proxyPort + // ); + // } + // } + // return response(res, { data: null, success: true, diff --git a/server/routers/resource/deleteResourceRule.ts b/server/routers/resource/deleteResourceRule.ts index 573825b0..6b404651 100644 --- a/server/routers/resource/deleteResourceRule.ts +++ b/server/routers/resource/deleteResourceRule.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { resourceRules, resources } from "@server/db/schemas"; +import { resourceRules, resources } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/resource/getExchangeToken.ts b/server/routers/resource/getExchangeToken.ts index f9579433..ba01f63b 100644 --- a/server/routers/resource/getExchangeToken.ts +++ b/server/routers/resource/getExchangeToken.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { resources } from "@server/db/schemas"; +import { resources } from "@server/db"; import { eq } from "drizzle-orm"; import { createResourceSession } from "@server/auth/sessions/resource"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/resource/getResource.ts b/server/routers/resource/getResource.ts index ae3c87d3..a2c1c0d1 100644 --- a/server/routers/resource/getResource.ts +++ b/server/routers/resource/getResource.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { Resource, resources, sites } from "@server/db/schemas"; +import { Resource, resources, sites } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -19,9 +19,7 @@ const getResourceSchema = z }) .strict(); -export type GetResourceResponse = Resource & { - siteName: string; -}; +export type GetResourceResponse = Resource; registry.registerPath({ method: "get", @@ -56,11 +54,9 @@ export async function getResource( .select() .from(resources) .where(eq(resources.resourceId, resourceId)) - .leftJoin(sites, eq(sites.siteId, resources.siteId)) .limit(1); - const resource = resp.resources; - const site = resp.sites; + const resource = resp; if (!resource) { return next( @@ -73,8 +69,7 @@ export async function getResource( return response(res, { data: { - ...resource, - siteName: site?.name + ...resource }, success: true, error: false, diff --git a/server/routers/resource/getResourceAuthInfo.ts b/server/routers/resource/getResourceAuthInfo.ts index 5f74b637..191221f1 100644 --- a/server/routers/resource/getResourceAuthInfo.ts +++ b/server/routers/resource/getResourceAuthInfo.ts @@ -5,7 +5,7 @@ import { resourcePassword, resourcePincode, resources -} from "@server/db/schemas"; +} from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -31,6 +31,7 @@ export type GetResourceAuthInfoResponse = { blockAccess: boolean; url: string; whitelist: boolean; + skipToIdpId: number | null; }; export async function getResourceAuthInfo( @@ -86,7 +87,8 @@ export async function getResourceAuthInfo( sso: resource.sso, blockAccess: resource.blockAccess, url, - whitelist: resource.emailWhitelistEnabled + whitelist: resource.emailWhitelistEnabled, + skipToIdpId: resource.skipToIdpId }, success: true, error: false, diff --git a/server/routers/resource/getResourceWhitelist.ts b/server/routers/resource/getResourceWhitelist.ts index 321fd331..415cb714 100644 --- a/server/routers/resource/getResourceWhitelist.ts +++ b/server/routers/resource/getResourceWhitelist.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { resourceWhitelist, users } from "@server/db/schemas"; // Assuming these are the correct tables +import { resourceWhitelist, users } from "@server/db"; // Assuming these are the correct tables import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/resource/getUserResources.ts b/server/routers/resource/getUserResources.ts new file mode 100644 index 00000000..3d28da6f --- /dev/null +++ b/server/routers/resource/getUserResources.ts @@ -0,0 +1,194 @@ +import { Request, Response, NextFunction } from "express"; +import { db } from "@server/db"; +import { and, eq, or, inArray } from "drizzle-orm"; +import { + resources, + userResources, + roleResources, + userOrgs, + resourcePassword, + resourcePincode, + resourceWhitelist +} from "@server/db"; +import createHttpError from "http-errors"; +import HttpCode from "@server/types/HttpCode"; +import { response } from "@server/lib/response"; + +export async function getUserResources( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const { orgId } = req.params; + const userId = req.user?.userId; + + if (!userId) { + return next( + createHttpError(HttpCode.UNAUTHORIZED, "User not authenticated") + ); + } + + // First get the user's role in the organization + const userOrgResult = await db + .select({ + roleId: userOrgs.roleId + }) + .from(userOrgs) + .where(and(eq(userOrgs.userId, userId), eq(userOrgs.orgId, orgId))) + .limit(1); + + if (userOrgResult.length === 0) { + return next( + createHttpError(HttpCode.FORBIDDEN, "User not in organization") + ); + } + + const userRoleId = userOrgResult[0].roleId; + + // Get resources accessible through direct assignment or role assignment + const directResourcesQuery = db + .select({ resourceId: userResources.resourceId }) + .from(userResources) + .where(eq(userResources.userId, userId)); + + const roleResourcesQuery = db + .select({ resourceId: roleResources.resourceId }) + .from(roleResources) + .where(eq(roleResources.roleId, userRoleId)); + + const [directResources, roleResourceResults] = await Promise.all([ + directResourcesQuery, + roleResourcesQuery + ]); + + // Combine all accessible resource IDs + const accessibleResourceIds = [ + ...directResources.map((r) => r.resourceId), + ...roleResourceResults.map((r) => r.resourceId) + ]; + + if (accessibleResourceIds.length === 0) { + return response(res, { + data: { resources: [] }, + success: true, + error: false, + message: "No resources found", + status: HttpCode.OK + }); + } + + // Get resource details for accessible resources + const resourcesData = await db + .select({ + resourceId: resources.resourceId, + name: resources.name, + fullDomain: resources.fullDomain, + ssl: resources.ssl, + enabled: resources.enabled, + sso: resources.sso, + protocol: resources.protocol, + emailWhitelistEnabled: resources.emailWhitelistEnabled + }) + .from(resources) + .where( + and( + inArray(resources.resourceId, accessibleResourceIds), + eq(resources.orgId, orgId), + eq(resources.enabled, true) + ) + ); + + // Check for password, pincode, and whitelist protection for each resource + const resourcesWithAuth = await Promise.all( + resourcesData.map(async (resource) => { + const [passwordCheck, pincodeCheck, whitelistCheck] = + await Promise.all([ + db + .select() + .from(resourcePassword) + .where( + eq( + resourcePassword.resourceId, + resource.resourceId + ) + ) + .limit(1), + db + .select() + .from(resourcePincode) + .where( + eq( + resourcePincode.resourceId, + resource.resourceId + ) + ) + .limit(1), + db + .select() + .from(resourceWhitelist) + .where( + eq( + resourceWhitelist.resourceId, + resource.resourceId + ) + ) + .limit(1) + ]); + + const hasPassword = passwordCheck.length > 0; + const hasPincode = pincodeCheck.length > 0; + const hasWhitelist = + whitelistCheck.length > 0 || resource.emailWhitelistEnabled; + + return { + resourceId: resource.resourceId, + name: resource.name, + domain: `${resource.ssl ? "https://" : "http://"}${resource.fullDomain}`, + enabled: resource.enabled, + protected: !!( + resource.sso || + hasPassword || + hasPincode || + hasWhitelist + ), + protocol: resource.protocol, + sso: resource.sso, + password: hasPassword, + pincode: hasPincode, + whitelist: hasWhitelist + }; + }) + ); + + return response(res, { + data: { resources: resourcesWithAuth }, + success: true, + error: false, + message: "User resources retrieved successfully", + status: HttpCode.OK + }); + } catch (error) { + console.error("Error fetching user resources:", error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Internal server error" + ) + ); + } +} + +export type GetUserResourcesResponse = { + success: boolean; + data: { + resources: Array<{ + resourceId: number; + name: string; + domain: string; + enabled: boolean; + protected: boolean; + protocol: string; + }>; + }; +}; diff --git a/server/routers/resource/index.ts b/server/routers/resource/index.ts index 03c9ffbe..1a2e5c2d 100644 --- a/server/routers/resource/index.ts +++ b/server/routers/resource/index.ts @@ -16,9 +16,9 @@ export * from "./setResourceWhitelist"; export * from "./getResourceWhitelist"; export * from "./authWithWhitelist"; export * from "./authWithAccessToken"; -export * from "./transferResource"; export * from "./getExchangeToken"; export * from "./createResourceRule"; export * from "./deleteResourceRule"; export * from "./listResourceRules"; -export * from "./updateResourceRule"; \ No newline at end of file +export * from "./updateResourceRule"; +export * from "./getUserResources"; diff --git a/server/routers/resource/listResourceRoles.ts b/server/routers/resource/listResourceRoles.ts index c173cacb..4676b01e 100644 --- a/server/routers/resource/listResourceRoles.ts +++ b/server/routers/resource/listResourceRoles.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { roleResources, roles } from "@server/db/schemas"; +import { roleResources, roles } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/resource/listResourceRules.ts b/server/routers/resource/listResourceRules.ts index f0a0d84c..727d50ba 100644 --- a/server/routers/resource/listResourceRules.ts +++ b/server/routers/resource/listResourceRules.ts @@ -1,5 +1,5 @@ import { db } from "@server/db"; -import { resourceRules, resources } from "@server/db/schemas"; +import { resourceRules, resources } from "@server/db"; import HttpCode from "@server/types/HttpCode"; import response from "@server/lib/response"; import { eq, sql } from "drizzle-orm"; @@ -35,7 +35,7 @@ const listResourceRulesSchema = z.object({ }); function queryResourceRules(resourceId: number) { - let baseQuery = db + const baseQuery = db .select({ ruleId: resourceRules.ruleId, resourceId: resourceRules.resourceId, @@ -117,7 +117,7 @@ export async function listResourceRules( const baseQuery = queryResourceRules(resourceId); - let countQuery = db + const countQuery = db .select({ count: sql`cast(count(*) as integer)` }) .from(resourceRules) .where(eq(resourceRules.resourceId, resourceId)); diff --git a/server/routers/resource/listResourceUsers.ts b/server/routers/resource/listResourceUsers.ts index 4699ec8b..0d96ac0d 100644 --- a/server/routers/resource/listResourceUsers.ts +++ b/server/routers/resource/listResourceUsers.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { idp, userResources, users } from "@server/db/schemas"; // Assuming these are the correct tables +import { idp, userResources, users } from "@server/db"; // Assuming these are the correct tables import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/resource/listResources.ts b/server/routers/resource/listResources.ts index 49de7aae..54878bfc 100644 --- a/server/routers/resource/listResources.ts +++ b/server/routers/resource/listResources.ts @@ -3,12 +3,11 @@ import { z } from "zod"; import { db } from "@server/db"; import { resources, - sites, userResources, roleResources, resourcePassword, resourcePincode -} from "@server/db/schemas"; +} from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; @@ -20,17 +19,9 @@ import { OpenAPITags, registry } from "@server/openApi"; const listResourcesParamsSchema = z .object({ - siteId: z - .string() - .optional() - .transform(stoi) - .pipe(z.number().int().positive().optional()), - orgId: z.string().optional() + orgId: z.string() }) - .strict() - .refine((data) => !!data.siteId !== !!data.orgId, { - message: "Either siteId or orgId must be provided, but not both" - }); + .strict(); const listResourcesSchema = z.object({ limit: z @@ -48,80 +39,38 @@ const listResourcesSchema = z.object({ .pipe(z.number().int().nonnegative()) }); -function queryResources( - accessibleResourceIds: number[], - siteId?: number, - orgId?: string -) { - if (siteId) { - return db - .select({ - resourceId: resources.resourceId, - name: resources.name, - fullDomain: resources.fullDomain, - ssl: resources.ssl, - siteName: sites.name, - siteId: sites.niceId, - passwordId: resourcePassword.passwordId, - pincodeId: resourcePincode.pincodeId, - sso: resources.sso, - whitelist: resources.emailWhitelistEnabled, - http: resources.http, - protocol: resources.protocol, - proxyPort: resources.proxyPort, - enabled: resources.enabled - }) - .from(resources) - .leftJoin(sites, eq(resources.siteId, sites.siteId)) - .leftJoin( - resourcePassword, - eq(resourcePassword.resourceId, resources.resourceId) +function queryResources(accessibleResourceIds: number[], orgId: string) { + return db + .select({ + resourceId: resources.resourceId, + name: resources.name, + ssl: resources.ssl, + fullDomain: resources.fullDomain, + passwordId: resourcePassword.passwordId, + sso: resources.sso, + pincodeId: resourcePincode.pincodeId, + whitelist: resources.emailWhitelistEnabled, + http: resources.http, + protocol: resources.protocol, + proxyPort: resources.proxyPort, + enabled: resources.enabled, + domainId: resources.domainId + }) + .from(resources) + .leftJoin( + resourcePassword, + eq(resourcePassword.resourceId, resources.resourceId) + ) + .leftJoin( + resourcePincode, + eq(resourcePincode.resourceId, resources.resourceId) + ) + .where( + and( + inArray(resources.resourceId, accessibleResourceIds), + eq(resources.orgId, orgId) ) - .leftJoin( - resourcePincode, - eq(resourcePincode.resourceId, resources.resourceId) - ) - .where( - and( - inArray(resources.resourceId, accessibleResourceIds), - eq(resources.siteId, siteId) - ) - ); - } else if (orgId) { - return db - .select({ - resourceId: resources.resourceId, - name: resources.name, - ssl: resources.ssl, - fullDomain: resources.fullDomain, - siteName: sites.name, - siteId: sites.niceId, - passwordId: resourcePassword.passwordId, - sso: resources.sso, - pincodeId: resourcePincode.pincodeId, - whitelist: resources.emailWhitelistEnabled, - http: resources.http, - protocol: resources.protocol, - proxyPort: resources.proxyPort, - enabled: resources.enabled - }) - .from(resources) - .leftJoin(sites, eq(resources.siteId, sites.siteId)) - .leftJoin( - resourcePassword, - eq(resourcePassword.resourceId, resources.resourceId) - ) - .leftJoin( - resourcePincode, - eq(resourcePincode.resourceId, resources.resourceId) - ) - .where( - and( - inArray(resources.resourceId, accessibleResourceIds), - eq(resources.orgId, orgId) - ) - ); - } + ); } export type ListResourcesResponse = { @@ -129,20 +78,6 @@ export type ListResourcesResponse = { pagination: { total: number; limit: number; offset: number }; }; -registry.registerPath({ - method: "get", - path: "/site/{siteId}/resources", - description: "List resources for a site.", - tags: [OpenAPITags.Site, OpenAPITags.Resource], - request: { - params: z.object({ - siteId: z.number() - }), - query: listResourcesSchema - }, - responses: {} -}); - registry.registerPath({ method: "get", path: "/org/{orgId}/resources", @@ -183,9 +118,11 @@ export async function listResources( ) ); } - const { siteId } = parsedParams.data; - const orgId = parsedParams.data.orgId || req.userOrg?.orgId || req.apiKeyOrg?.orgId; + const orgId = + parsedParams.data.orgId || + req.userOrg?.orgId || + req.apiKeyOrg?.orgId; if (!orgId) { return next( @@ -220,21 +157,24 @@ export async function listResources( ) ); } else { - accessibleResources = await db.select({ - resourceId: resources.resourceId - }).from(resources).where(eq(resources.orgId, orgId)); + accessibleResources = await db + .select({ + resourceId: resources.resourceId + }) + .from(resources) + .where(eq(resources.orgId, orgId)); } const accessibleResourceIds = accessibleResources.map( (resource) => resource.resourceId ); - let countQuery: any = db + const countQuery: any = db .select({ count: count() }) .from(resources) .where(inArray(resources.resourceId, accessibleResourceIds)); - const baseQuery = queryResources(accessibleResourceIds, siteId, orgId); + const baseQuery = queryResources(accessibleResourceIds, orgId); const resourcesList = await baseQuery!.limit(limit).offset(offset); const totalCountResult = await countQuery; diff --git a/server/routers/resource/setResourcePassword.ts b/server/routers/resource/setResourcePassword.ts index 29eb89cb..d1d4a655 100644 --- a/server/routers/resource/setResourcePassword.ts +++ b/server/routers/resource/setResourcePassword.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { resourcePassword } from "@server/db/schemas"; +import { resourcePassword } from "@server/db"; import { eq } from "drizzle-orm"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; diff --git a/server/routers/resource/setResourcePincode.ts b/server/routers/resource/setResourcePincode.ts index 2a1b7c1f..d8553c8c 100644 --- a/server/routers/resource/setResourcePincode.ts +++ b/server/routers/resource/setResourcePincode.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { resourcePincode } from "@server/db/schemas"; +import { resourcePincode } from "@server/db"; import { eq } from "drizzle-orm"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; diff --git a/server/routers/resource/setResourceRoles.ts b/server/routers/resource/setResourceRoles.ts index 0f0b3df2..7ea76d21 100644 --- a/server/routers/resource/setResourceRoles.ts +++ b/server/routers/resource/setResourceRoles.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; -import { db } from "@server/db"; -import { apiKeys, roleResources, roles } from "@server/db/schemas"; +import { db, resources } from "@server/db"; +import { apiKeys, roleResources, roles } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; @@ -74,13 +74,18 @@ export async function setResourceRoles( const { resourceId } = parsedParams.data; - const orgId = req.userOrg?.orgId || req.apiKeyOrg?.orgId; + // get the resource + const [resource] = await db + .select() + .from(resources) + .where(eq(resources.resourceId, resourceId)) + .limit(1); - if (!orgId) { + if (!resource) { return next( createHttpError( HttpCode.INTERNAL_SERVER_ERROR, - "Organization not found" + "Resource not found" ) ); } @@ -92,7 +97,7 @@ export async function setResourceRoles( .where( and( eq(roles.name, "Admin"), - eq(roles.orgId, orgId) + eq(roles.orgId, resource.orgId) ) ) .limit(1); diff --git a/server/routers/resource/setResourceUsers.ts b/server/routers/resource/setResourceUsers.ts index 3080ae45..152c0f88 100644 --- a/server/routers/resource/setResourceUsers.ts +++ b/server/routers/resource/setResourceUsers.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { userResources } from "@server/db/schemas"; +import { userResources } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; diff --git a/server/routers/resource/setResourceWhitelist.ts b/server/routers/resource/setResourceWhitelist.ts index ceec816c..16c9150b 100644 --- a/server/routers/resource/setResourceWhitelist.ts +++ b/server/routers/resource/setResourceWhitelist.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { resources, resourceWhitelist } from "@server/db/schemas"; +import { resources, resourceWhitelist } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; diff --git a/server/routers/resource/transferResource.ts b/server/routers/resource/transferResource.ts deleted file mode 100644 index 9b21abb2..00000000 --- a/server/routers/resource/transferResource.ts +++ /dev/null @@ -1,212 +0,0 @@ -import { Request, Response, NextFunction } from "express"; -import { z } from "zod"; -import { db } from "@server/db"; -import { newts, resources, sites, targets } from "@server/db/schemas"; -import { eq } from "drizzle-orm"; -import response from "@server/lib/response"; -import HttpCode from "@server/types/HttpCode"; -import createHttpError from "http-errors"; -import logger from "@server/logger"; -import { fromError } from "zod-validation-error"; -import { addPeer } from "../gerbil/peers"; -import { addTargets, removeTargets } from "../newt/targets"; -import { getAllowedIps } from "../target/helpers"; -import { OpenAPITags, registry } from "@server/openApi"; - -const transferResourceParamsSchema = z - .object({ - resourceId: z - .string() - .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); - -const transferResourceBodySchema = z - .object({ - siteId: z.number().int().positive() - }) - .strict(); - -registry.registerPath({ - method: "post", - path: "/resource/{resourceId}/transfer", - description: - "Transfer a resource to a different site. This will also transfer the targets associated with the resource.", - tags: [OpenAPITags.Resource], - request: { - params: transferResourceParamsSchema, - body: { - content: { - "application/json": { - schema: transferResourceBodySchema - } - } - } - }, - responses: {} -}); - -export async function transferResource( - req: Request, - res: Response, - next: NextFunction -): Promise { - try { - const parsedParams = transferResourceParamsSchema.safeParse(req.params); - if (!parsedParams.success) { - return next( - createHttpError( - HttpCode.BAD_REQUEST, - fromError(parsedParams.error).toString() - ) - ); - } - - const parsedBody = transferResourceBodySchema.safeParse(req.body); - if (!parsedBody.success) { - return next( - createHttpError( - HttpCode.BAD_REQUEST, - fromError(parsedBody.error).toString() - ) - ); - } - - const { resourceId } = parsedParams.data; - const { siteId } = parsedBody.data; - - const [oldResource] = await db - .select() - .from(resources) - .where(eq(resources.resourceId, resourceId)) - .limit(1); - - if (!oldResource) { - return next( - createHttpError( - HttpCode.NOT_FOUND, - `Resource with ID ${resourceId} not found` - ) - ); - } - - if (oldResource.siteId === siteId) { - return next( - createHttpError( - HttpCode.BAD_REQUEST, - `Resource is already assigned to this site` - ) - ); - } - - const [newSite] = await db - .select() - .from(sites) - .where(eq(sites.siteId, siteId)) - .limit(1); - - if (!newSite) { - return next( - createHttpError( - HttpCode.NOT_FOUND, - `Site with ID ${siteId} not found` - ) - ); - } - - const [oldSite] = await db - .select() - .from(sites) - .where(eq(sites.siteId, oldResource.siteId)) - .limit(1); - - if (!oldSite) { - return next( - createHttpError( - HttpCode.NOT_FOUND, - `Site with ID ${oldResource.siteId} not found` - ) - ); - } - - const [updatedResource] = await db - .update(resources) - .set({ siteId }) - .where(eq(resources.resourceId, resourceId)) - .returning(); - - if (!updatedResource) { - return next( - createHttpError( - HttpCode.NOT_FOUND, - `Resource with ID ${resourceId} not found` - ) - ); - } - - const resourceTargets = await db - .select() - .from(targets) - .where(eq(targets.resourceId, resourceId)); - - if (resourceTargets.length > 0) { - ////// REMOVE THE TARGETS FROM THE OLD SITE ////// - if (oldSite.pubKey) { - if (oldSite.type == "wireguard") { - await addPeer(oldSite.exitNodeId!, { - publicKey: oldSite.pubKey, - allowedIps: await getAllowedIps(oldSite.siteId) - }); - } else if (oldSite.type == "newt") { - const [newt] = await db - .select() - .from(newts) - .where(eq(newts.siteId, oldSite.siteId)) - .limit(1); - - removeTargets( - newt.newtId, - resourceTargets, - updatedResource.protocol - ); - } - } - - ////// ADD THE TARGETS TO THE NEW SITE ////// - if (newSite.pubKey) { - if (newSite.type == "wireguard") { - await addPeer(newSite.exitNodeId!, { - publicKey: newSite.pubKey, - allowedIps: await getAllowedIps(newSite.siteId) - }); - } else if (newSite.type == "newt") { - const [newt] = await db - .select() - .from(newts) - .where(eq(newts.siteId, newSite.siteId)) - .limit(1); - - addTargets( - newt.newtId, - resourceTargets, - updatedResource.protocol - ); - } - } - } - - return response(res, { - data: updatedResource, - success: true, - error: false, - message: "Resource transferred successfully", - status: HttpCode.OK - }); - } catch (error) { - logger.error(error); - return next( - createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") - ); - } -} diff --git a/server/routers/resource/updateResource.ts b/server/routers/resource/updateResource.ts index a857e103..30acc0c1 100644 --- a/server/routers/resource/updateResource.ts +++ b/server/routers/resource/updateResource.ts @@ -8,7 +8,7 @@ import { orgs, Resource, resources -} from "@server/db/schemas"; +} from "@server/db"; import { eq, and } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -33,20 +33,18 @@ const updateResourceParamsSchema = z const updateHttpResourceBodySchema = z .object({ name: z.string().min(1).max(255).optional(), - subdomain: subdomainSchema - .optional() - .transform((val) => val?.toLowerCase()), + subdomain: subdomainSchema.nullable().optional(), ssl: z.boolean().optional(), sso: z.boolean().optional(), blockAccess: z.boolean().optional(), emailWhitelistEnabled: z.boolean().optional(), - isBaseDomain: z.boolean().optional(), applyRules: z.boolean().optional(), domainId: z.string().optional(), enabled: z.boolean().optional(), stickySession: z.boolean().optional(), tlsServerName: z.string().nullable().optional(), - setHostHeader: z.string().nullable().optional() + setHostHeader: z.string().nullable().optional(), + skipToIdpId: z.number().int().positive().nullable().optional() }) .strict() .refine((data) => Object.keys(data).length > 0, { @@ -61,19 +59,6 @@ const updateHttpResourceBodySchema = z }, { message: "Invalid subdomain" } ) - .refine( - (data) => { - if (!config.getRawConfig().flags?.allow_base_domain_resources) { - if (data.isBaseDomain) { - return false; - } - } - return true; - }, - { - message: "Base domain resources are not allowed" - } - ) .refine( (data) => { if (data.tlsServerName) { @@ -107,6 +92,7 @@ const updateRawResourceBodySchema = z proxyPort: z.number().int().min(1).max(65535).optional(), stickySession: z.boolean().optional(), enabled: z.boolean().optional() + // enableProxy: z.boolean().optional() // always true now }) .strict() .refine((data) => Object.keys(data).length > 0, { @@ -242,86 +228,118 @@ async function updateHttpResource( const updateData = parsedBody.data; if (updateData.domainId) { - const [existingDomain] = await db - .select() - .from(orgDomains) - .where( - and( - eq(orgDomains.orgId, org.orgId), - eq(orgDomains.domainId, updateData.domainId) - ) - ) - .leftJoin(domains, eq(orgDomains.domainId, domains.domainId)); + const domainId = updateData.domainId; - if (!existingDomain) { + const [domainRes] = await db + .select() + .from(domains) + .where(eq(domains.domainId, domainId)) + .leftJoin( + orgDomains, + and( + eq(orgDomains.orgId, resource.orgId), + eq(orgDomains.domainId, domainId) + ) + ); + + if (!domainRes || !domainRes.domains) { return next( - createHttpError(HttpCode.NOT_FOUND, `Domain not found`) + createHttpError( + HttpCode.NOT_FOUND, + `Domain with ID ${updateData.domainId} not found` + ) ); } - } - - const domainId = updateData.domainId || resource.domainId!; - const subdomain = updateData.subdomain || resource.subdomain; - - const [domain] = await db - .select() - .from(domains) - .where(eq(domains.domainId, domainId)); - - const isBaseDomain = - updateData.isBaseDomain !== undefined - ? updateData.isBaseDomain - : resource.isBaseDomain; - - let fullDomain: string | null = null; - if (isBaseDomain) { - fullDomain = domain.baseDomain; - } else if (subdomain && domain) { - fullDomain = `${subdomain}.${domain.baseDomain}`; - } - - if (fullDomain) { - const [existingDomain] = await db - .select() - .from(resources) - .where(eq(resources.fullDomain, fullDomain)); if ( - existingDomain && - existingDomain.resourceId !== resource.resourceId + domainRes.orgDomains && + domainRes.orgDomains.orgId !== resource.orgId ) { return next( createHttpError( - HttpCode.CONFLICT, - "Resource with that domain already exists" + HttpCode.FORBIDDEN, + `You do not have permission to use domain with ID ${updateData.domainId}` ) ); } - } - const updatePayload = { - ...updateData, - fullDomain - }; + if (!domainRes.domains.verified) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + `Domain with ID ${updateData.domainId} is not verified` + ) + ); + } + + let fullDomain = ""; + if (domainRes.domains.type == "ns") { + if (updateData.subdomain) { + fullDomain = `${updateData.subdomain}.${domainRes.domains.baseDomain}`; + } else { + fullDomain = domainRes.domains.baseDomain; + } + } else if (domainRes.domains.type == "cname") { + fullDomain = domainRes.domains.baseDomain; + } else if (domainRes.domains.type == "wildcard") { + if (updateData.subdomain !== undefined) { + // the subdomain cant have a dot in it + const parsedSubdomain = subdomainSchema.safeParse( + updateData.subdomain + ); + if (!parsedSubdomain.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedSubdomain.error).toString() + ) + ); + } + fullDomain = `${updateData.subdomain}.${domainRes.domains.baseDomain}`; + } else { + fullDomain = domainRes.domains.baseDomain; + } + } + + fullDomain = fullDomain.toLowerCase(); + + logger.debug(`Full domain: ${fullDomain}`); + + if (fullDomain) { + const [existingDomain] = await db + .select() + .from(resources) + .where(eq(resources.fullDomain, fullDomain)); + + if ( + existingDomain && + existingDomain.resourceId !== resource.resourceId + ) { + return next( + createHttpError( + HttpCode.CONFLICT, + "Resource with that domain already exists" + ) + ); + } + } + + // update the full domain if it has changed + if (fullDomain && fullDomain !== resource.fullDomain) { + await db + .update(resources) + .set({ fullDomain }) + .where(eq(resources.resourceId, resource.resourceId)); + } + + if (fullDomain === domainRes.domains.baseDomain) { + updateData.subdomain = null; + } + } const updatedResource = await db .update(resources) - .set({ - name: updatePayload.name, - subdomain: updatePayload.subdomain, - ssl: updatePayload.ssl, - sso: updatePayload.sso, - blockAccess: updatePayload.blockAccess, - emailWhitelistEnabled: updatePayload.emailWhitelistEnabled, - isBaseDomain: updatePayload.isBaseDomain, - applyRules: updatePayload.applyRules, - domainId: updatePayload.domainId, - enabled: updatePayload.enabled, - stickySession: updatePayload.stickySession, - tlsServerName: updatePayload.tlsServerName || null, - setHostHeader: updatePayload.setHostHeader || null, - fullDomain: updatePayload.fullDomain - }) + .set({ ...updateData }) .where(eq(resources.resourceId, resource.resourceId)) .returning(); diff --git a/server/routers/resource/updateResourceRule.ts b/server/routers/resource/updateResourceRule.ts index 9a953500..c2b6a47a 100644 --- a/server/routers/resource/updateResourceRule.ts +++ b/server/routers/resource/updateResourceRule.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { resourceRules, resources } from "@server/db/schemas"; +import { resourceRules, resources } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -29,7 +29,7 @@ const updateResourceRuleParamsSchema = z // Define Zod schema for request body validation const updateResourceRuleSchema = z .object({ - action: z.enum(["ACCEPT", "DROP"]).optional(), + action: z.enum(["ACCEPT", "DROP", "PASS"]).optional(), match: z.enum(["CIDR", "IP", "PATH"]).optional(), value: z.string().min(1).optional(), priority: z.number().int(), diff --git a/server/routers/role/addRoleAction.ts b/server/routers/role/addRoleAction.ts index 9f364a55..62ab87b5 100644 --- a/server/routers/role/addRoleAction.ts +++ b/server/routers/role/addRoleAction.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { roleActions, roles } from "@server/db/schemas"; +import { roleActions, roles } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; diff --git a/server/routers/role/addRoleSite.ts b/server/routers/role/addRoleSite.ts index 0db6ac4e..d268eed4 100644 --- a/server/routers/role/addRoleSite.ts +++ b/server/routers/role/addRoleSite.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { resources, roleResources, roleSites } from "@server/db/schemas"; +import { resources, roleResources, roleSites } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; @@ -60,18 +60,18 @@ export async function addRoleSite( }) .returning(); - const siteResources = await db - .select() - .from(resources) - .where(eq(resources.siteId, siteId)); - - for (const resource of siteResources) { - await trx.insert(roleResources).values({ - roleId, - resourceId: resource.resourceId - }); - } - + // const siteResources = await db + // .select() + // .from(resources) + // .where(eq(resources.siteId, siteId)); + // + // for (const resource of siteResources) { + // await trx.insert(roleResources).values({ + // roleId, + // resourceId: resource.resourceId + // }); + // } + // return response(res, { data: newRoleSite[0], success: true, diff --git a/server/routers/role/createRole.ts b/server/routers/role/createRole.ts index 3bc363f6..f66c95e2 100644 --- a/server/routers/role/createRole.ts +++ b/server/routers/role/createRole.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { orgs, Role, roleActions, roles } from "@server/db/schemas"; +import { orgs, Role, roleActions, roles } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; diff --git a/server/routers/role/deleteRole.ts b/server/routers/role/deleteRole.ts index a89428d5..6806386e 100644 --- a/server/routers/role/deleteRole.ts +++ b/server/routers/role/deleteRole.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { roles, userOrgs } from "@server/db/schemas"; +import { roles, userOrgs } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/role/getRole.ts b/server/routers/role/getRole.ts index 20f93bf4..66dbb68f 100644 --- a/server/routers/role/getRole.ts +++ b/server/routers/role/getRole.ts @@ -1,13 +1,14 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { roles } from "@server/db/schemas"; +import { roles } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; +import { OpenAPITags, registry } from "@server/openApi"; const getRoleSchema = z .object({ @@ -15,6 +16,17 @@ const getRoleSchema = z }) .strict(); +registry.registerPath({ + method: "get", + path: "/role/{roleId}", + description: "Get a role.", + tags: [OpenAPITags.Role], + request: { + params: getRoleSchema + }, + responses: {} +}); + export async function getRole( req: Request, res: Response, diff --git a/server/routers/role/index.ts b/server/routers/role/index.ts index 0194c1f0..bbbe4ba8 100644 --- a/server/routers/role/index.ts +++ b/server/routers/role/index.ts @@ -1,6 +1,5 @@ export * from "./addRoleAction"; export * from "../resource/setResourceRoles"; -export * from "./addRoleSite"; export * from "./createRole"; export * from "./deleteRole"; export * from "./getRole"; @@ -11,5 +10,4 @@ export * from "./listRoles"; export * from "./listRoleSites"; export * from "./removeRoleAction"; export * from "./removeRoleResource"; -export * from "./removeRoleSite"; -export * from "./updateRole"; \ No newline at end of file +export * from "./updateRole"; diff --git a/server/routers/role/listRoleActions.ts b/server/routers/role/listRoleActions.ts index d4637092..cdf1391b 100644 --- a/server/routers/role/listRoleActions.ts +++ b/server/routers/role/listRoleActions.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { roleActions, actions } from "@server/db/schemas"; +import { roleActions, actions } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/role/listRoleResources.ts b/server/routers/role/listRoleResources.ts index 7239f6f7..ba254f1d 100644 --- a/server/routers/role/listRoleResources.ts +++ b/server/routers/role/listRoleResources.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { roleResources, resources } from "@server/db/schemas"; +import { roleResources, resources } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/role/listRoleSites.ts b/server/routers/role/listRoleSites.ts index f6594545..72f49e3a 100644 --- a/server/routers/role/listRoleSites.ts +++ b/server/routers/role/listRoleSites.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { roleSites, sites } from "@server/db/schemas"; +import { roleSites, sites } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/role/listRoles.ts b/server/routers/role/listRoles.ts index 73834b53..56ae8a3a 100644 --- a/server/routers/role/listRoles.ts +++ b/server/routers/role/listRoles.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { roles, orgs } from "@server/db/schemas"; +import { roles, orgs } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; @@ -60,7 +60,7 @@ export type ListRolesResponse = { registry.registerPath({ method: "get", - path: "/orgs/{orgId}/roles", + path: "/org/{orgId}/roles", description: "List roles.", tags: [OpenAPITags.Org, OpenAPITags.Role], request: { @@ -100,7 +100,7 @@ export async function listRoles( const { orgId } = parsedParams.data; - let countQuery: any = db + const countQuery: any = db .select({ count: sql`cast(count(*) as integer)` }) .from(roles) .where(eq(roles.orgId, orgId)); diff --git a/server/routers/role/removeRoleAction.ts b/server/routers/role/removeRoleAction.ts index 72d9be53..e643ae04 100644 --- a/server/routers/role/removeRoleAction.ts +++ b/server/routers/role/removeRoleAction.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { roleActions } from "@server/db/schemas"; +import { roleActions } from "@server/db"; import { and, eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/role/removeRoleResource.ts b/server/routers/role/removeRoleResource.ts index ca068e05..4068b0bd 100644 --- a/server/routers/role/removeRoleResource.ts +++ b/server/routers/role/removeRoleResource.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { roleResources } from "@server/db/schemas"; +import { roleResources } from "@server/db"; import { and, eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/role/removeRoleSite.ts b/server/routers/role/removeRoleSite.ts index a99adf5c..2670272d 100644 --- a/server/routers/role/removeRoleSite.ts +++ b/server/routers/role/removeRoleSite.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { resources, roleResources, roleSites } from "@server/db/schemas"; +import { resources, roleResources, roleSites } from "@server/db"; import { and, eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -71,22 +71,22 @@ export async function removeRoleSite( ); } - const siteResources = await db - .select() - .from(resources) - .where(eq(resources.siteId, siteId)); - - for (const resource of siteResources) { - await trx - .delete(roleResources) - .where( - and( - eq(roleResources.roleId, roleId), - eq(roleResources.resourceId, resource.resourceId) - ) - ) - .returning(); - } + // const siteResources = await db + // .select() + // .from(resources) + // .where(eq(resources.siteId, siteId)); + // + // for (const resource of siteResources) { + // await trx + // .delete(roleResources) + // .where( + // and( + // eq(roleResources.roleId, roleId), + // eq(roleResources.resourceId, resource.resourceId) + // ) + // ) + // .returning(); + // } }); return response(res, { diff --git a/server/routers/role/updateRole.ts b/server/routers/role/updateRole.ts index bf029eb1..793be6eb 100644 --- a/server/routers/role/updateRole.ts +++ b/server/routers/role/updateRole.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { roles } from "@server/db/schemas"; +import { roles } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/site/createSite.ts b/server/routers/site/createSite.ts index a4444b83..6dda378a 100644 --- a/server/routers/site/createSite.ts +++ b/server/routers/site/createSite.ts @@ -1,19 +1,23 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; -import { db } from "@server/db"; -import { roles, userSites, sites, roleSites, Site, orgs } from "@server/db/schemas"; +import { clients, db, exitNodes } from "@server/db"; +import { roles, userSites, sites, roleSites, Site, orgs } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; import logger from "@server/logger"; import { eq, and } from "drizzle-orm"; -import { getUniqueSiteName } from "@server/db/names"; +import { getUniqueSiteName } from "../../db/names"; import { addPeer } from "../gerbil/peers"; import { fromError } from "zod-validation-error"; -import { newts } from "@server/db/schemas"; +import { newts } from "@server/db"; import moment from "moment"; import { OpenAPITags, registry } from "@server/openApi"; import { hashPassword } from "@server/auth/password"; +import { isValidIP } from "@server/lib/validators"; +import { isIpInCidr } from "@server/lib/ip"; +import config from "@server/lib/config"; +import { verifyExitNodeOrgAccess } from "@server/lib/exitNodes"; const createSiteParamsSchema = z .object({ @@ -35,9 +39,18 @@ const createSiteSchema = z subnet: z.string().optional(), newtId: z.string().optional(), secret: z.string().optional(), + address: z.string().optional(), type: z.enum(["newt", "wireguard", "local"]) }) - .strict(); + .strict() + .refine((data) => { + if (data.type === "local") { + return !config.getRawConfig().flags?.disable_local_sites; + } else if (data.type === "wireguard") { + return !config.getRawConfig().flags?.disable_basic_wireguard_sites; + } + return true; + }); export type CreateSiteBody = z.infer; @@ -84,7 +97,8 @@ export async function createSite( pubKey, subnet, newtId, - secret + secret, + address } = parsedBody.data; const parsedParams = createSiteParamsSchema.safeParse(req.params); @@ -116,12 +130,84 @@ export async function createSite( ); } + let updatedAddress = null; + if (address) { + if (!org.subnet) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + `Organization with ID ${orgId} has no subnet defined` + ) + ); + } + + if (!isValidIP(address)) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Invalid address format. Please provide a valid IP notation." + ) + ); + } + + if (!isIpInCidr(address, org.subnet)) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "IP is not in the CIDR range of the subnet." + ) + ); + } + + updatedAddress = `${address}/${org.subnet.split("/")[1]}`; // we want the block size of the whole org + + // make sure the subnet is unique + const addressExistsSites = await db + .select() + .from(sites) + .where( + and( + eq(sites.address, updatedAddress), + eq(sites.orgId, orgId) + ) + ) + .limit(1); + + if (addressExistsSites.length > 0) { + return next( + createHttpError( + HttpCode.CONFLICT, + `Subnet ${updatedAddress} already exists in sites` + ) + ); + } + + const addressExistsClients = await db + .select() + .from(clients) + .where( + and( + eq(clients.subnet, updatedAddress), + eq(clients.orgId, orgId) + ) + ) + .limit(1); + if (addressExistsClients.length > 0) { + return next( + createHttpError( + HttpCode.CONFLICT, + `Subnet ${updatedAddress} already exists in clients` + ) + ); + } + } + const niceId = await getUniqueSiteName(orgId); await db.transaction(async (trx) => { let newSite: Site; - if (exitNodeId) { + if ((type == "wireguard" || type == "newt") && exitNodeId) { // we are creating a site with an exit node (tunneled) if (!subnet) { return next( @@ -132,6 +218,32 @@ export async function createSite( ); } + const { exitNode, hasAccess } = + await verifyExitNodeOrgAccess( + exitNodeId, + orgId + ); + + if (!exitNode) { + logger.warn("Exit node not found"); + return next( + createHttpError( + HttpCode.NOT_FOUND, + "Exit node not found" + ) + ); + } + + if (!hasAccess) { + logger.warn("Not authorized to use this exit node"); + return next( + createHttpError( + HttpCode.FORBIDDEN, + "Not authorized to use this exit node" + ) + ); + } + [newSite] = await trx .insert(sites) .values({ @@ -139,8 +251,10 @@ export async function createSite( exitNodeId, name, niceId, + address: updatedAddress || null, subnet, type, + dockerSocketEnabled: type == "newt", ...(pubKey && type == "wireguard" && { pubKey }) }) .returning(); @@ -150,11 +264,15 @@ export async function createSite( [newSite] = await trx .insert(sites) .values({ + exitNodeId: exitNodeId, orgId, name, niceId, + address: updatedAddress || null, type, - subnet: "0.0.0.0/0" + dockerSocketEnabled: false, + online: true, + subnet: "0.0.0.0/32" }) .returning(); } diff --git a/server/routers/site/deleteSite.ts b/server/routers/site/deleteSite.ts index 667ab5c8..4af2feae 100644 --- a/server/routers/site/deleteSite.ts +++ b/server/routers/site/deleteSite.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { newts, newtSessions, sites } from "@server/db/schemas"; +import { newts, newtSessions, sites } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -62,6 +62,8 @@ export async function deleteSite( ); } + let deletedNewtId: string | null = null; + await db.transaction(async (trx) => { if (site.pubKey) { if (site.type == "wireguard") { @@ -73,11 +75,7 @@ export async function deleteSite( .where(eq(newts.siteId, siteId)) .returning(); if (deletedNewt) { - const payload = { - type: `newt/terminate`, - data: {} - }; - sendToClient(deletedNewt.newtId, payload); + deletedNewtId = deletedNewt.newtId; // delete all of the sessions for the newt await trx @@ -90,6 +88,18 @@ export async function deleteSite( await trx.delete(sites).where(eq(sites.siteId, siteId)); }); + // Send termination message outside of transaction to prevent blocking + if (deletedNewtId) { + const payload = { + type: `newt/terminate`, + data: {} + }; + // Don't await this to prevent blocking the response + sendToClient(deletedNewtId, payload).catch(error => { + logger.error("Failed to send termination message to newt:", error); + }); + } + return response(res, { data: null, success: true, diff --git a/server/routers/site/getSite.ts b/server/routers/site/getSite.ts index 4baa85cc..a9785fa4 100644 --- a/server/routers/site/getSite.ts +++ b/server/routers/site/getSite.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { sites } from "@server/db/schemas"; +import { sites } from "@server/db"; import { eq, and } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/site/index.ts b/server/routers/site/index.ts index 63505991..3edf67c1 100644 --- a/server/routers/site/index.ts +++ b/server/routers/site/index.ts @@ -3,5 +3,6 @@ export * from "./createSite"; export * from "./deleteSite"; export * from "./updateSite"; export * from "./listSites"; -export * from "./listSiteRoles" -export * from "./pickSiteDefaults"; \ No newline at end of file +export * from "./listSiteRoles"; +export * from "./pickSiteDefaults"; +export * from "./socketIntegration"; diff --git a/server/routers/site/listSiteRoles.ts b/server/routers/site/listSiteRoles.ts index 13c8dd41..009e0907 100644 --- a/server/routers/site/listSiteRoles.ts +++ b/server/routers/site/listSiteRoles.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { roleSites, roles } from "@server/db/schemas"; +import { roleSites, roles } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/site/listSites.ts b/server/routers/site/listSites.ts index 8dde88fe..6f683f7c 100644 --- a/server/routers/site/listSites.ts +++ b/server/routers/site/listSites.ts @@ -1,5 +1,5 @@ -import { db } from "@server/db"; -import { orgs, roleSites, sites, userSites } from "@server/db/schemas"; +import { db, newts } from "@server/db"; +import { orgs, roleSites, sites, userSites } from "@server/db"; import logger from "@server/logger"; import HttpCode from "@server/types/HttpCode"; import response from "@server/lib/response"; @@ -9,6 +9,66 @@ import createHttpError from "http-errors"; import { z } from "zod"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; +import NodeCache from "node-cache"; +import semver from "semver"; + +const newtVersionCache = new NodeCache({ stdTTL: 3600 }); // 1 hours in seconds + +async function getLatestNewtVersion(): Promise { + try { + const cachedVersion = newtVersionCache.get("latestNewtVersion"); + if (cachedVersion) { + return cachedVersion; + } + + const controller = new AbortController(); + const timeoutId = setTimeout(() => controller.abort(), 1500); // Reduced timeout to 1.5 seconds + + const response = await fetch( + "https://api.github.com/repos/fosrl/newt/tags", + { + signal: controller.signal + } + ); + + clearTimeout(timeoutId); + + if (!response.ok) { + logger.warn( + `Failed to fetch latest Newt version from GitHub: ${response.status} ${response.statusText}` + ); + return null; + } + + const tags = await response.json(); + if (!Array.isArray(tags) || tags.length === 0) { + logger.warn("No tags found for Newt repository"); + return null; + } + + const latestVersion = tags[0].name; + + newtVersionCache.set("latestNewtVersion", latestVersion); + + return latestVersion; + } catch (error: any) { + if (error.name === "AbortError") { + logger.warn( + "Request to fetch latest Newt version timed out (1.5s)" + ); + } else if (error.cause?.code === "UND_ERR_CONNECT_TIMEOUT") { + logger.warn( + "Connection timeout while fetching latest Newt version" + ); + } else { + logger.warn( + "Error fetching latest Newt version:", + error.message || error + ); + } + return null; + } +} const listSitesParamsSchema = z .object({ @@ -43,10 +103,13 @@ function querySites(orgId: string, accessibleSiteIds: number[]) { megabytesOut: sites.megabytesOut, orgName: orgs.name, type: sites.type, - online: sites.online + online: sites.online, + address: sites.address, + newtVersion: newts.version }) .from(sites) .leftJoin(orgs, eq(sites.orgId, orgs.orgId)) + .leftJoin(newts, eq(newts.siteId, sites.siteId)) .where( and( inArray(sites.siteId, accessibleSiteIds), @@ -55,8 +118,12 @@ function querySites(orgId: string, accessibleSiteIds: number[]) { ); } +type SiteWithUpdateAvailable = Awaited>[0] & { + newtUpdateAvailable?: boolean; +}; + export type ListSitesResponse = { - sites: Awaited>; + sites: SiteWithUpdateAvailable[]; pagination: { total: number; limit: number; offset: number }; }; @@ -133,7 +200,7 @@ export async function listSites( const accessibleSiteIds = accessibleSites.map((site) => site.siteId); const baseQuery = querySites(orgId, accessibleSiteIds); - let countQuery = db + const countQuery = db .select({ count: count() }) .from(sites) .where( @@ -147,9 +214,51 @@ export async function listSites( const totalCountResult = await countQuery; const totalCount = totalCountResult[0].count; + // Get latest version asynchronously without blocking the response + const latestNewtVersionPromise = getLatestNewtVersion(); + + const sitesWithUpdates: SiteWithUpdateAvailable[] = sitesList.map( + (site) => { + const siteWithUpdate: SiteWithUpdateAvailable = { ...site }; + // Initially set to false, will be updated if version check succeeds + siteWithUpdate.newtUpdateAvailable = false; + return siteWithUpdate; + } + ); + + // Try to get the latest version, but don't block if it fails + try { + const latestNewtVersion = await latestNewtVersionPromise; + + if (latestNewtVersion) { + sitesWithUpdates.forEach((site) => { + if ( + site.type === "newt" && + site.newtVersion && + latestNewtVersion + ) { + try { + site.newtUpdateAvailable = semver.lt( + site.newtVersion, + latestNewtVersion + ); + } catch (error) { + site.newtUpdateAvailable = false; + } + } + }); + } + } catch (error) { + // Log the error but don't let it block the response + logger.warn( + "Failed to check for Newt updates, continuing without update info:", + error + ); + } + return response(res, { data: { - sites: sitesList, + sites: sitesWithUpdates, pagination: { total: totalCount, limit, diff --git a/server/routers/site/pickSiteDefaults.ts b/server/routers/site/pickSiteDefaults.ts index 92b93e3c..2e705c56 100644 --- a/server/routers/site/pickSiteDefaults.ts +++ b/server/routers/site/pickSiteDefaults.ts @@ -1,16 +1,21 @@ import { Request, Response, NextFunction } from "express"; import { db } from "@server/db"; -import { exitNodes, sites } from "@server/db/schemas"; +import { exitNodes, sites } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; import logger from "@server/logger"; -import { findNextAvailableCidr } from "@server/lib/ip"; +import { + findNextAvailableCidr, + getNextAvailableClientSubnet +} from "@server/lib/ip"; import { generateId } from "@server/auth/sessions/app"; import config from "@server/lib/config"; import { OpenAPITags, registry } from "@server/openApi"; +import { fromError } from "zod-validation-error"; import { z } from "zod"; +import { listExitNodes } from "@server/lib/exitNodes"; export type PickSiteDefaultsResponse = { exitNodeId: number; @@ -19,9 +24,10 @@ export type PickSiteDefaultsResponse = { name: string; listenPort: number; endpoint: string; - subnet: string; + subnet: string; // TODO: make optional? newtId: string; newtSecret: string; + clientAddress?: string; }; registry.registerPath({ @@ -38,24 +44,35 @@ registry.registerPath({ responses: {} }); +const pickSiteDefaultsSchema = z + .object({ + orgId: z.string() + }) + .strict(); + export async function pickSiteDefaults( req: Request, res: Response, next: NextFunction ): Promise { try { - // TODO: more intelligent way to pick the exit node - - // make sure there is an exit node by counting the exit nodes table - const nodes = await db.select().from(exitNodes); - if (nodes.length === 0) { + const parsedParams = pickSiteDefaultsSchema.safeParse(req.params); + if (!parsedParams.success) { return next( - createHttpError(HttpCode.NOT_FOUND, "No exit nodes available") + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) ); } - // get the first exit node - const exitNode = nodes[0]; + const { orgId } = parsedParams.data; + // TODO: more intelligent way to pick the exit node + + const exitNodesList = await listExitNodes(orgId); + + const randomExitNode = + exitNodesList[Math.floor(Math.random() * exitNodesList.length)]; // TODO: this probably can be optimized... // list all of the sites on that exit node @@ -64,13 +81,15 @@ export async function pickSiteDefaults( subnet: sites.subnet }) .from(sites) - .where(eq(sites.exitNodeId, exitNode.exitNodeId)); + .where(eq(sites.exitNodeId, randomExitNode.exitNodeId)); // TODO: we need to lock this subnet for some time so someone else does not take it - let subnets = sitesQuery.map((site) => site.subnet); + const subnets = sitesQuery + .map((site) => site.subnet) + .filter((subnet) => subnet !== null); // exclude the exit node address by replacing after the / with a site block size subnets.push( - exitNode.address.replace( + randomExitNode.address.replace( /\/\d+$/, `/${config.getRawConfig().gerbil.site_block_size}` ) @@ -78,7 +97,7 @@ export async function pickSiteDefaults( const newSubnet = findNextAvailableCidr( subnets, config.getRawConfig().gerbil.site_block_size, - exitNode.address + randomExitNode.address ); if (!newSubnet) { return next( @@ -89,18 +108,32 @@ export async function pickSiteDefaults( ); } + const newClientAddress = await getNextAvailableClientSubnet(orgId); + if (!newClientAddress) { + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "No available subnet found" + ) + ); + } + + const clientAddress = newClientAddress.split("/")[0]; + const newtId = generateId(15); const secret = generateId(48); return response(res, { data: { - exitNodeId: exitNode.exitNodeId, - address: exitNode.address, - publicKey: exitNode.publicKey, - name: exitNode.name, - listenPort: exitNode.listenPort, - endpoint: exitNode.endpoint, + exitNodeId: randomExitNode.exitNodeId, + address: randomExitNode.address, + publicKey: randomExitNode.publicKey, + name: randomExitNode.name, + listenPort: randomExitNode.listenPort, + endpoint: randomExitNode.endpoint, + // subnet: `${newSubnet.split("/")[0]}/${config.getRawConfig().gerbil.block_size}`, // we want the block size of the whole subnet subnet: newSubnet, + clientAddress: clientAddress, newtId, newtSecret: secret }, diff --git a/server/routers/site/socketIntegration.ts b/server/routers/site/socketIntegration.ts new file mode 100644 index 00000000..34084a0a --- /dev/null +++ b/server/routers/site/socketIntegration.ts @@ -0,0 +1,283 @@ +import { db } from "@server/db"; +import { newts, sites } from "@server/db"; +import logger from "@server/logger"; +import HttpCode from "@server/types/HttpCode"; +import response from "@server/lib/response"; +import { eq } from "drizzle-orm"; +import { NextFunction, Request, Response } from "express"; +import createHttpError from "http-errors"; +import { z } from "zod"; +import { fromError } from "zod-validation-error"; +import stoi from "@server/lib/stoi"; +import { sendToClient } from "../ws"; +import { + fetchContainers, + dockerSocketCache, + dockerSocket +} from "../newt/dockerSocket"; + +export interface ContainerNetwork { + networkId: string; + endpointId: string; + gateway?: string; + ipAddress?: string; + ipPrefixLen?: number; + macAddress?: string; + aliases?: string[]; + dnsNames?: string[]; +} + +export interface ContainerPort { + privatePort: number; + publicPort?: number; + type: "tcp" | "udp"; + ip?: string; +} + +export interface Container { + id: string; + name: string; + image: string; + state: "running" | "exited" | "paused" | "created"; + status: string; + ports?: ContainerPort[]; + labels: Record; + created: number; + networks: Record; +} + +const siteIdParamsSchema = z + .object({ + siteId: z.string().transform(stoi).pipe(z.number().int().positive()) + }) + .strict(); + +const DockerStatusSchema = z + .object({ + isAvailable: z.boolean(), + socketPath: z.string().optional() + }) + .strict(); + +function validateSiteIdParams(params: any) { + const parsedParams = siteIdParamsSchema.safeParse(params); + if (!parsedParams.success) { + throw createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error) + ); + } + return parsedParams.data; +} + +async function getSiteAndValidateNewt(siteId: number) { + const [site] = await db + .select() + .from(sites) + .where(eq(sites.siteId, siteId)) + .limit(1); + + if (!site) { + throw createHttpError(HttpCode.NOT_FOUND, "Site not found"); + } + + if (site.type !== "newt") { + throw createHttpError( + HttpCode.BAD_REQUEST, + "This endpoint is only for Newt sites" + ); + } + + return site; +} + +async function getNewtBySiteId(siteId: number) { + const [newt] = await db + .select() + .from(newts) + .where(eq(newts.siteId, siteId)) + .limit(1); + + if (!newt) { + throw createHttpError(HttpCode.NOT_FOUND, "Newt not found for site"); + } + + return newt; +} + +async function getSiteAndNewt(siteId: number) { + const site = await getSiteAndValidateNewt(siteId); + const newt = await getNewtBySiteId(siteId); + return { site, newt }; +} + +function asyncHandler( + operation: (siteId: number) => Promise, + successMessage: string +) { + return async ( + req: Request, + res: Response, + next: NextFunction + ): Promise => { + try { + const { siteId } = validateSiteIdParams(req.params); + const result = await operation(siteId); + + return response(res, { + data: result, + success: true, + error: false, + message: successMessage, + status: HttpCode.OK + }); + } catch (error) { + if (createHttpError.isHttpError(error)) { + return next(error); + } + logger.error(error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "An error occurred" + ) + ); + } + }; +} + +// Core business logic functions +async function triggerFetch(siteId: number) { + const { newt } = await getSiteAndNewt(siteId); + + logger.info( + `Triggering fetch containers for site ${siteId} with Newt ${newt.newtId}` + ); + fetchContainers(newt.newtId); + + // clear the cache for this Newt ID so that the site has to keep asking for the containers + // this is to ensure that the site always gets the latest data + dockerSocketCache.del(`${newt.newtId}:dockerContainers`); + + return { siteId, newtId: newt.newtId }; +} + +async function queryContainers(siteId: number) { + const { newt } = await getSiteAndNewt(siteId); + + const result = dockerSocketCache.get( + `${newt.newtId}:dockerContainers` + ) as Container[]; + if (!result) { + throw createHttpError( + HttpCode.TOO_EARLY, + "Nothing found yet. Perhaps the fetch is still in progress? Wait a bit and try again." + ); + } + + return result; +} + +async function isDockerAvailable(siteId: number): Promise { + const { newt } = await getSiteAndNewt(siteId); + + const key = `${newt.newtId}:isAvailable`; + const isAvailable = dockerSocketCache.get(key); + + return !!isAvailable; +} + +async function getDockerStatus( + siteId: number +): Promise> { + const { newt } = await getSiteAndNewt(siteId); + + const keys = ["isAvailable", "socketPath"]; + const mappedKeys = keys.map((x) => `${newt.newtId}:${x}`); + + const result = { + isAvailable: dockerSocketCache.get(mappedKeys[0]) as boolean, + socketPath: dockerSocketCache.get(mappedKeys[1]) as string | undefined + }; + + return result; +} + +async function checkSocket( + siteId: number +): Promise<{ siteId: number; newtId: string }> { + const { newt } = await getSiteAndNewt(siteId); + + logger.info( + `Checking Docker socket for site ${siteId} with Newt ${newt.newtId}` + ); + + // Trigger the Docker socket check + dockerSocket(newt.newtId); + return { siteId, newtId: newt.newtId }; +} + +// Export types +export type GetDockerStatusResponse = NonNullable< + Awaited> +>; + +export type ListContainersResponse = Awaited< + ReturnType +>; + +export type TriggerFetchResponse = Awaited>; + +// Route handlers +export const triggerFetchContainers = asyncHandler( + triggerFetch, + "Fetch containers triggered successfully" +); + +export const listContainers = asyncHandler( + queryContainers, + "Containers retrieved successfully" +); + +export const dockerOnline = asyncHandler(async (siteId: number) => { + const isAvailable = await isDockerAvailable(siteId); + return { isAvailable }; +}, "Docker availability checked successfully"); + +export const dockerStatus = asyncHandler( + getDockerStatus, + "Docker status retrieved successfully" +); + +export async function checkDockerSocket( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const { siteId } = validateSiteIdParams(req.params); + const result = await checkSocket(siteId); + + // Notify the Newt client about the Docker socket check + sendToClient(result.newtId, { + type: "newt/socket/check", + data: {} + }); + + return response(res, { + data: result, + success: true, + error: false, + message: "Docker socket checked successfully", + status: HttpCode.OK + }); + } catch (error) { + if (createHttpError.isHttpError(error)) { + return next(error); + } + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/site/updateSite.ts b/server/routers/site/updateSite.ts index 43cd848a..e3724f36 100644 --- a/server/routers/site/updateSite.ts +++ b/server/routers/site/updateSite.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { sites } from "@server/db/schemas"; +import { sites } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -9,6 +9,7 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; +import { isValidCIDR } from "@server/lib/validators"; const updateSiteParamsSchema = z .object({ @@ -19,6 +20,10 @@ const updateSiteParamsSchema = z const updateSiteBodySchema = z .object({ name: z.string().min(1).max(255).optional(), + dockerSocketEnabled: z.boolean().optional(), + remoteSubnets: z + .string() + .optional() // subdomain: z // .string() // .min(1) @@ -84,6 +89,21 @@ export async function updateSite( const { siteId } = parsedParams.data; const updateData = parsedBody.data; + // if remoteSubnets is provided, ensure it's a valid comma-separated list of cidrs + if (updateData.remoteSubnets) { + const subnets = updateData.remoteSubnets.split(",").map((s) => s.trim()); + for (const subnet of subnets) { + if (!isValidCIDR(subnet)) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + `Invalid CIDR format: ${subnet}` + ) + ); + } + } + } + const updatedSite = await db .update(sites) .set(updateData) diff --git a/server/routers/siteResource/createSiteResource.ts b/server/routers/siteResource/createSiteResource.ts new file mode 100644 index 00000000..da41c19c --- /dev/null +++ b/server/routers/siteResource/createSiteResource.ts @@ -0,0 +1,171 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db, newts } from "@server/db"; +import { siteResources, sites, orgs, SiteResource } from "@server/db"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import { eq, and } from "drizzle-orm"; +import { fromError } from "zod-validation-error"; +import logger from "@server/logger"; +import { OpenAPITags, registry } from "@server/openApi"; +import { addTargets } from "../client/targets"; + +const createSiteResourceParamsSchema = z + .object({ + siteId: z.string().transform(Number).pipe(z.number().int().positive()), + orgId: z.string() + }) + .strict(); + +const createSiteResourceSchema = z + .object({ + name: z.string().min(1).max(255), + protocol: z.enum(["tcp", "udp"]), + proxyPort: z.number().int().positive(), + destinationPort: z.number().int().positive(), + destinationIp: z.string(), + enabled: z.boolean().default(true) + }) + .strict(); + +export type CreateSiteResourceBody = z.infer; +export type CreateSiteResourceResponse = SiteResource; + +registry.registerPath({ + method: "put", + path: "/org/{orgId}/site/{siteId}/resource", + description: "Create a new site resource.", + tags: [OpenAPITags.Client, OpenAPITags.Org], + request: { + params: createSiteResourceParamsSchema, + body: { + content: { + "application/json": { + schema: createSiteResourceSchema + } + } + } + }, + responses: {} +}); + +export async function createSiteResource( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedParams = createSiteResourceParamsSchema.safeParse( + req.params + ); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const parsedBody = createSiteResourceSchema.safeParse(req.body); + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { siteId, orgId } = parsedParams.data; + const { + name, + protocol, + proxyPort, + destinationPort, + destinationIp, + enabled + } = parsedBody.data; + + // Verify the site exists and belongs to the org + const [site] = await db + .select() + .from(sites) + .where(and(eq(sites.siteId, siteId), eq(sites.orgId, orgId))) + .limit(1); + + if (!site) { + return next(createHttpError(HttpCode.NOT_FOUND, "Site not found")); + } + + // check if resource with same protocol and proxy port already exists + const [existingResource] = await db + .select() + .from(siteResources) + .where( + and( + eq(siteResources.siteId, siteId), + eq(siteResources.orgId, orgId), + eq(siteResources.protocol, protocol), + eq(siteResources.proxyPort, proxyPort) + ) + ) + .limit(1); + if (existingResource && existingResource.siteResourceId) { + return next( + createHttpError( + HttpCode.CONFLICT, + "A resource with the same protocol and proxy port already exists" + ) + ); + } + + // Create the site resource + const [newSiteResource] = await db + .insert(siteResources) + .values({ + siteId, + orgId, + name, + protocol, + proxyPort, + destinationPort, + destinationIp, + enabled + }) + .returning(); + + const [newt] = await db + .select() + .from(newts) + .where(eq(newts.siteId, site.siteId)) + .limit(1); + + if (!newt) { + return next(createHttpError(HttpCode.NOT_FOUND, "Newt not found")); + } + + await addTargets(newt.newtId, destinationIp, destinationPort, protocol, proxyPort); + + logger.info( + `Created site resource ${newSiteResource.siteResourceId} for site ${siteId}` + ); + + return response(res, { + data: newSiteResource, + success: true, + error: false, + message: "Site resource created successfully", + status: HttpCode.CREATED + }); + } catch (error) { + logger.error("Error creating site resource:", error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to create site resource" + ) + ); + } +} diff --git a/server/routers/siteResource/deleteSiteResource.ts b/server/routers/siteResource/deleteSiteResource.ts new file mode 100644 index 00000000..347d4b53 --- /dev/null +++ b/server/routers/siteResource/deleteSiteResource.ts @@ -0,0 +1,125 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db, newts, sites } from "@server/db"; +import { siteResources } from "@server/db"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import { eq, and } from "drizzle-orm"; +import { fromError } from "zod-validation-error"; +import logger from "@server/logger"; +import { OpenAPITags, registry } from "@server/openApi"; +import { removeTargets } from "../client/targets"; + +const deleteSiteResourceParamsSchema = z + .object({ + siteResourceId: z.string().transform(Number).pipe(z.number().int().positive()), + siteId: z.string().transform(Number).pipe(z.number().int().positive()), + orgId: z.string() + }) + .strict(); + +export type DeleteSiteResourceResponse = { + message: string; +}; + +registry.registerPath({ + method: "delete", + path: "/org/{orgId}/site/{siteId}/resource/{siteResourceId}", + description: "Delete a site resource.", + tags: [OpenAPITags.Client, OpenAPITags.Org], + request: { + params: deleteSiteResourceParamsSchema + }, + responses: {} +}); + +export async function deleteSiteResource( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedParams = deleteSiteResourceParamsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const { siteResourceId, siteId, orgId } = parsedParams.data; + + const [site] = await db + .select() + .from(sites) + .where(and(eq(sites.siteId, siteId), eq(sites.orgId, orgId))) + .limit(1); + + if (!site) { + return next(createHttpError(HttpCode.NOT_FOUND, "Site not found")); + } + + // Check if site resource exists + const [existingSiteResource] = await db + .select() + .from(siteResources) + .where(and( + eq(siteResources.siteResourceId, siteResourceId), + eq(siteResources.siteId, siteId), + eq(siteResources.orgId, orgId) + )) + .limit(1); + + if (!existingSiteResource) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + "Site resource not found" + ) + ); + } + + // Delete the site resource + await db + .delete(siteResources) + .where(and( + eq(siteResources.siteResourceId, siteResourceId), + eq(siteResources.siteId, siteId), + eq(siteResources.orgId, orgId) + )); + + const [newt] = await db + .select() + .from(newts) + .where(eq(newts.siteId, site.siteId)) + .limit(1); + + if (!newt) { + return next(createHttpError(HttpCode.NOT_FOUND, "Newt not found")); + } + + await removeTargets( + newt.newtId, + existingSiteResource.destinationIp, + existingSiteResource.destinationPort, + existingSiteResource.protocol, + existingSiteResource.proxyPort + ); + + logger.info(`Deleted site resource ${siteResourceId} for site ${siteId}`); + + return response(res, { + data: { message: "Site resource deleted successfully" }, + success: true, + error: false, + message: "Site resource deleted successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error("Error deleting site resource:", error); + return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "Failed to delete site resource")); + } +} diff --git a/server/routers/siteResource/getSiteResource.ts b/server/routers/siteResource/getSiteResource.ts new file mode 100644 index 00000000..914706cd --- /dev/null +++ b/server/routers/siteResource/getSiteResource.ts @@ -0,0 +1,83 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db } from "@server/db"; +import { siteResources, SiteResource } from "@server/db"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import { eq, and } from "drizzle-orm"; +import { fromError } from "zod-validation-error"; +import logger from "@server/logger"; +import { OpenAPITags, registry } from "@server/openApi"; + +const getSiteResourceParamsSchema = z + .object({ + siteResourceId: z.string().transform(Number).pipe(z.number().int().positive()), + siteId: z.string().transform(Number).pipe(z.number().int().positive()), + orgId: z.string() + }) + .strict(); + +export type GetSiteResourceResponse = SiteResource; + +registry.registerPath({ + method: "get", + path: "/org/{orgId}/site/{siteId}/resource/{siteResourceId}", + description: "Get a specific site resource.", + tags: [OpenAPITags.Client, OpenAPITags.Org], + request: { + params: getSiteResourceParamsSchema + }, + responses: {} +}); + +export async function getSiteResource( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedParams = getSiteResourceParamsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const { siteResourceId, siteId, orgId } = parsedParams.data; + + // Get the site resource + const [siteResource] = await db + .select() + .from(siteResources) + .where(and( + eq(siteResources.siteResourceId, siteResourceId), + eq(siteResources.siteId, siteId), + eq(siteResources.orgId, orgId) + )) + .limit(1); + + if (!siteResource) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + "Site resource not found" + ) + ); + } + + return response(res, { + data: siteResource, + success: true, + error: false, + message: "Site resource retrieved successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error("Error getting site resource:", error); + return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "Failed to get site resource")); + } +} diff --git a/server/routers/siteResource/index.ts b/server/routers/siteResource/index.ts new file mode 100644 index 00000000..2c3e2526 --- /dev/null +++ b/server/routers/siteResource/index.ts @@ -0,0 +1,6 @@ +export * from "./createSiteResource"; +export * from "./deleteSiteResource"; +export * from "./getSiteResource"; +export * from "./updateSiteResource"; +export * from "./listSiteResources"; +export * from "./listAllSiteResourcesByOrg"; diff --git a/server/routers/siteResource/listAllSiteResourcesByOrg.ts b/server/routers/siteResource/listAllSiteResourcesByOrg.ts new file mode 100644 index 00000000..948fc2c2 --- /dev/null +++ b/server/routers/siteResource/listAllSiteResourcesByOrg.ts @@ -0,0 +1,111 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db } from "@server/db"; +import { siteResources, sites, SiteResource } from "@server/db"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import { eq, and } from "drizzle-orm"; +import { fromError } from "zod-validation-error"; +import logger from "@server/logger"; +import { OpenAPITags, registry } from "@server/openApi"; + +const listAllSiteResourcesByOrgParamsSchema = z + .object({ + orgId: z.string() + }) + .strict(); + +const listAllSiteResourcesByOrgQuerySchema = z.object({ + limit: z + .string() + .optional() + .default("1000") + .transform(Number) + .pipe(z.number().int().positive()), + offset: z + .string() + .optional() + .default("0") + .transform(Number) + .pipe(z.number().int().nonnegative()) +}); + +export type ListAllSiteResourcesByOrgResponse = { + siteResources: (SiteResource & { siteName: string, siteNiceId: string })[]; +}; + +registry.registerPath({ + method: "get", + path: "/org/{orgId}/site-resources", + description: "List all site resources for an organization.", + tags: [OpenAPITags.Client, OpenAPITags.Org], + request: { + params: listAllSiteResourcesByOrgParamsSchema, + query: listAllSiteResourcesByOrgQuerySchema + }, + responses: {} +}); + +export async function listAllSiteResourcesByOrg( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedParams = listAllSiteResourcesByOrgParamsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const parsedQuery = listAllSiteResourcesByOrgQuerySchema.safeParse(req.query); + if (!parsedQuery.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedQuery.error).toString() + ) + ); + } + + const { orgId } = parsedParams.data; + const { limit, offset } = parsedQuery.data; + + // Get all site resources for the org with site names + const siteResourcesList = await db + .select({ + siteResourceId: siteResources.siteResourceId, + siteId: siteResources.siteId, + orgId: siteResources.orgId, + name: siteResources.name, + protocol: siteResources.protocol, + proxyPort: siteResources.proxyPort, + destinationPort: siteResources.destinationPort, + destinationIp: siteResources.destinationIp, + enabled: siteResources.enabled, + siteName: sites.name, + siteNiceId: sites.niceId + }) + .from(siteResources) + .innerJoin(sites, eq(siteResources.siteId, sites.siteId)) + .where(eq(siteResources.orgId, orgId)) + .limit(limit) + .offset(offset); + + return response(res, { + data: { siteResources: siteResourcesList }, + success: true, + error: false, + message: "Site resources retrieved successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error("Error listing all site resources by org:", error); + return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "Failed to list site resources")); + } +} diff --git a/server/routers/siteResource/listSiteResources.ts b/server/routers/siteResource/listSiteResources.ts new file mode 100644 index 00000000..7fdb7a85 --- /dev/null +++ b/server/routers/siteResource/listSiteResources.ts @@ -0,0 +1,118 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db } from "@server/db"; +import { siteResources, sites, SiteResource } from "@server/db"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import { eq, and } from "drizzle-orm"; +import { fromError } from "zod-validation-error"; +import logger from "@server/logger"; +import { OpenAPITags, registry } from "@server/openApi"; + +const listSiteResourcesParamsSchema = z + .object({ + siteId: z.string().transform(Number).pipe(z.number().int().positive()), + orgId: z.string() + }) + .strict(); + +const listSiteResourcesQuerySchema = z.object({ + limit: z + .string() + .optional() + .default("100") + .transform(Number) + .pipe(z.number().int().positive()), + offset: z + .string() + .optional() + .default("0") + .transform(Number) + .pipe(z.number().int().nonnegative()) +}); + +export type ListSiteResourcesResponse = { + siteResources: SiteResource[]; +}; + +registry.registerPath({ + method: "get", + path: "/org/{orgId}/site/{siteId}/resources", + description: "List site resources for a site.", + tags: [OpenAPITags.Client, OpenAPITags.Org], + request: { + params: listSiteResourcesParamsSchema, + query: listSiteResourcesQuerySchema + }, + responses: {} +}); + +export async function listSiteResources( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedParams = listSiteResourcesParamsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const parsedQuery = listSiteResourcesQuerySchema.safeParse(req.query); + if (!parsedQuery.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedQuery.error).toString() + ) + ); + } + + const { siteId, orgId } = parsedParams.data; + const { limit, offset } = parsedQuery.data; + + // Verify the site exists and belongs to the org + const site = await db + .select() + .from(sites) + .where(and(eq(sites.siteId, siteId), eq(sites.orgId, orgId))) + .limit(1); + + if (site.length === 0) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + "Site not found" + ) + ); + } + + // Get site resources + const siteResourcesList = await db + .select() + .from(siteResources) + .where(and( + eq(siteResources.siteId, siteId), + eq(siteResources.orgId, orgId) + )) + .limit(limit) + .offset(offset); + + return response(res, { + data: { siteResources: siteResourcesList }, + success: true, + error: false, + message: "Site resources retrieved successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error("Error listing site resources:", error); + return next(createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "Failed to list site resources")); + } +} diff --git a/server/routers/siteResource/updateSiteResource.ts b/server/routers/siteResource/updateSiteResource.ts new file mode 100644 index 00000000..82e2fe68 --- /dev/null +++ b/server/routers/siteResource/updateSiteResource.ts @@ -0,0 +1,197 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db, newts, sites } from "@server/db"; +import { siteResources, SiteResource } from "@server/db"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import { eq, and } from "drizzle-orm"; +import { fromError } from "zod-validation-error"; +import logger from "@server/logger"; +import { OpenAPITags, registry } from "@server/openApi"; +import { addTargets } from "../client/targets"; + +const updateSiteResourceParamsSchema = z + .object({ + siteResourceId: z + .string() + .transform(Number) + .pipe(z.number().int().positive()), + siteId: z.string().transform(Number).pipe(z.number().int().positive()), + orgId: z.string() + }) + .strict(); + +const updateSiteResourceSchema = z + .object({ + name: z.string().min(1).max(255).optional(), + protocol: z.enum(["tcp", "udp"]).optional(), + proxyPort: z.number().int().positive().optional(), + destinationPort: z.number().int().positive().optional(), + destinationIp: z.string().ip().optional(), + enabled: z.boolean().optional() + }) + .strict(); + +export type UpdateSiteResourceBody = z.infer; +export type UpdateSiteResourceResponse = SiteResource; + +registry.registerPath({ + method: "post", + path: "/org/{orgId}/site/{siteId}/resource/{siteResourceId}", + description: "Update a site resource.", + tags: [OpenAPITags.Client, OpenAPITags.Org], + request: { + params: updateSiteResourceParamsSchema, + body: { + content: { + "application/json": { + schema: updateSiteResourceSchema + } + } + } + }, + responses: {} +}); + +export async function updateSiteResource( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedParams = updateSiteResourceParamsSchema.safeParse( + req.params + ); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const parsedBody = updateSiteResourceSchema.safeParse(req.body); + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { siteResourceId, siteId, orgId } = parsedParams.data; + const updateData = parsedBody.data; + + const [site] = await db + .select() + .from(sites) + .where(and(eq(sites.siteId, siteId), eq(sites.orgId, orgId))) + .limit(1); + + if (!site) { + return next(createHttpError(HttpCode.NOT_FOUND, "Site not found")); + } + + // Check if site resource exists + const [existingSiteResource] = await db + .select() + .from(siteResources) + .where( + and( + eq(siteResources.siteResourceId, siteResourceId), + eq(siteResources.siteId, siteId), + eq(siteResources.orgId, orgId) + ) + ) + .limit(1); + + if (!existingSiteResource) { + return next( + createHttpError(HttpCode.NOT_FOUND, "Site resource not found") + ); + } + + const protocol = updateData.protocol || existingSiteResource.protocol; + const proxyPort = + updateData.proxyPort || existingSiteResource.proxyPort; + + // check if resource with same protocol and proxy port already exists + const [existingResource] = await db + .select() + .from(siteResources) + .where( + and( + eq(siteResources.siteId, siteId), + eq(siteResources.orgId, orgId), + eq(siteResources.protocol, protocol), + eq(siteResources.proxyPort, proxyPort) + ) + ) + .limit(1); + if ( + existingResource && + existingResource.siteResourceId !== siteResourceId + ) { + return next( + createHttpError( + HttpCode.CONFLICT, + "A resource with the same protocol and proxy port already exists" + ) + ); + } + + // Update the site resource + const [updatedSiteResource] = await db + .update(siteResources) + .set(updateData) + .where( + and( + eq(siteResources.siteResourceId, siteResourceId), + eq(siteResources.siteId, siteId), + eq(siteResources.orgId, orgId) + ) + ) + .returning(); + + const [newt] = await db + .select() + .from(newts) + .where(eq(newts.siteId, site.siteId)) + .limit(1); + + if (!newt) { + return next(createHttpError(HttpCode.NOT_FOUND, "Newt not found")); + } + + await addTargets( + newt.newtId, + updatedSiteResource.destinationIp, + updatedSiteResource.destinationPort, + updatedSiteResource.protocol, + updatedSiteResource.proxyPort + ); + + logger.info( + `Updated site resource ${siteResourceId} for site ${siteId}` + ); + + return response(res, { + data: updatedSiteResource, + success: true, + error: false, + message: "Site resource updated successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error("Error updating site resource:", error); + return next( + createHttpError( + HttpCode.INTERNAL_SERVER_ERROR, + "Failed to update site resource" + ) + ); + } +} diff --git a/server/routers/target/createTarget.ts b/server/routers/target/createTarget.ts index 810ee409..7a3acd55 100644 --- a/server/routers/target/createTarget.ts +++ b/server/routers/target/createTarget.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { newts, resources, sites, Target, targets } from "@server/db/schemas"; +import { newts, resources, sites, Target, targets } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; @@ -26,6 +26,7 @@ const createTargetParamsSchema = z const createTargetSchema = z .object({ + siteId: z.number().int().positive(), ip: z.string().refine(isTargetValid), method: z.string().optional().nullable(), port: z.number().int().min(1).max(65535), @@ -98,17 +99,41 @@ export async function createTarget( ); } + const siteId = targetData.siteId; + const [site] = await db .select() .from(sites) - .where(eq(sites.siteId, resource.siteId!)) + .where(eq(sites.siteId, siteId)) .limit(1); if (!site) { return next( createHttpError( HttpCode.NOT_FOUND, - `Site with ID ${resource.siteId} not found` + `Site with ID ${siteId} not found` + ) + ); + } + + const existingTargets = await db + .select() + .from(targets) + .where(eq(targets.resourceId, resourceId)); + + const existingTarget = existingTargets.find( + (target) => + target.ip === targetData.ip && + target.port === targetData.port && + target.method === targetData.method && + target.siteId === targetData.siteId + ); + + if (existingTarget) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + `Target with IP ${targetData.ip}, port ${targetData.port}, method ${targetData.method} already exists for resource ID ${resourceId}` ) ); } @@ -173,7 +198,12 @@ export async function createTarget( .where(eq(newts.siteId, site.siteId)) .limit(1); - addTargets(newt.newtId, newTarget, resource.protocol); + await addTargets( + newt.newtId, + newTarget, + resource.protocol, + resource.proxyPort + ); } } } diff --git a/server/routers/target/deleteTarget.ts b/server/routers/target/deleteTarget.ts index 979740dd..596691e4 100644 --- a/server/routers/target/deleteTarget.ts +++ b/server/routers/target/deleteTarget.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { newts, resources, sites, targets } from "@server/db/schemas"; +import { newts, resources, sites, targets } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -76,38 +76,38 @@ export async function deleteTarget( ); } - const [site] = await db - .select() - .from(sites) - .where(eq(sites.siteId, resource.siteId!)) - .limit(1); - - if (!site) { - return next( - createHttpError( - HttpCode.NOT_FOUND, - `Site with ID ${resource.siteId} not found` - ) - ); - } - - if (site.pubKey) { - if (site.type == "wireguard") { - await addPeer(site.exitNodeId!, { - publicKey: site.pubKey, - allowedIps: await getAllowedIps(site.siteId) - }); - } else if (site.type == "newt") { - // get the newt on the site by querying the newt table for siteId - const [newt] = await db - .select() - .from(newts) - .where(eq(newts.siteId, site.siteId)) - .limit(1); - - removeTargets(newt.newtId, [deletedTarget], resource.protocol); - } - } + // const [site] = await db + // .select() + // .from(sites) + // .where(eq(sites.siteId, resource.siteId!)) + // .limit(1); + // + // if (!site) { + // return next( + // createHttpError( + // HttpCode.NOT_FOUND, + // `Site with ID ${resource.siteId} not found` + // ) + // ); + // } + // + // if (site.pubKey) { + // if (site.type == "wireguard") { + // await addPeer(site.exitNodeId!, { + // publicKey: site.pubKey, + // allowedIps: await getAllowedIps(site.siteId) + // }); + // } else if (site.type == "newt") { + // // get the newt on the site by querying the newt table for siteId + // const [newt] = await db + // .select() + // .from(newts) + // .where(eq(newts.siteId, site.siteId)) + // .limit(1); + // + // removeTargets(newt.newtId, [deletedTarget], resource.protocol, resource.proxyPort); + // } + // } return response(res, { data: null, diff --git a/server/routers/target/getTarget.ts b/server/routers/target/getTarget.ts index a268629c..b0691087 100644 --- a/server/routers/target/getTarget.ts +++ b/server/routers/target/getTarget.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; -import { db } from "@server/db"; -import { targets } from "@server/db/schemas"; +import { db, Target } from "@server/db"; +import { targets } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -16,6 +16,8 @@ const getTargetSchema = z }) .strict(); +type GetTargetResponse = Target; + registry.registerPath({ method: "get", path: "/target/{targetId}", @@ -60,7 +62,7 @@ export async function getTarget( ); } - return response(res, { + return response(res, { data: target[0], success: true, error: false, diff --git a/server/routers/target/helpers.ts b/server/routers/target/helpers.ts index 8fc8797f..4935d28a 100644 --- a/server/routers/target/helpers.ts +++ b/server/routers/target/helpers.ts @@ -1,35 +1,28 @@ import { db } from "@server/db"; -import { resources, targets } from "@server/db/schemas"; +import { resources, targets } from "@server/db"; import { eq } from "drizzle-orm"; -let currentBannedPorts: number[] = []; +const currentBannedPorts: number[] = []; export async function pickPort(siteId: number): Promise<{ internalPort: number; targetIps: string[]; }> { - // Fetch resources for this site - const resourcesRes = await db.query.resources.findMany({ - where: eq(resources.siteId, siteId) - }); - - // TODO: is this all inefficient? // Fetch targets for all resources of this site - let targetIps: string[] = []; - let targetInternalPorts: number[] = []; - await Promise.all( - resourcesRes.map(async (resource) => { - const targetsRes = await db.query.targets.findMany({ - where: eq(targets.resourceId, resource.resourceId) - }); - targetsRes.forEach((target) => { - targetIps.push(`${target.ip}/32`); - if (target.internalPort) { - targetInternalPorts.push(target.internalPort); - } - }); - }) - ); + const targetIps: string[] = []; + const targetInternalPorts: number[] = []; + + const targetsRes = await db + .select() + .from(targets) + .where(eq(targets.siteId, siteId)); + + targetsRes.forEach((target) => { + targetIps.push(`${target.ip}/32`); + if (target.internalPort) { + targetInternalPorts.push(target.internalPort); + } + }); let internalPort!: number; // pick a port random port from 40000 to 65535 that is not in use @@ -42,25 +35,20 @@ export async function pickPort(siteId: number): Promise<{ break; } } + currentBannedPorts.push(internalPort); return { internalPort, targetIps }; } export async function getAllowedIps(siteId: number) { - // TODO: is this all inefficient? - const resourcesRes = await db.query.resources.findMany({ - where: eq(resources.siteId, siteId) - }); - // Fetch targets for all resources of this site - const targetIps = await Promise.all( - resourcesRes.map(async (resource) => { - const targetsRes = await db.query.targets.findMany({ - where: eq(targets.resourceId, resource.resourceId) - }); - return targetsRes.map((target) => `${target.ip}/32`); - }) - ); + const targetsRes = await db + .select() + .from(targets) + .where(eq(targets.siteId, siteId)); + + const targetIps = targetsRes.map((target) => `${target.ip}/32`); + return targetIps.flat(); } diff --git a/server/routers/target/index.ts b/server/routers/target/index.ts index b128edcd..dc1323f7 100644 --- a/server/routers/target/index.ts +++ b/server/routers/target/index.ts @@ -2,4 +2,4 @@ export * from "./getTarget"; export * from "./createTarget"; export * from "./deleteTarget"; export * from "./updateTarget"; -export * from "./listTargets"; \ No newline at end of file +export * from "./listTargets"; diff --git a/server/routers/target/listTargets.ts b/server/routers/target/listTargets.ts index 3d4c573b..eab8f1c8 100644 --- a/server/routers/target/listTargets.ts +++ b/server/routers/target/listTargets.ts @@ -1,5 +1,5 @@ -import { db } from "@server/db"; -import { targets } from "@server/db/schemas"; +import { db, sites } from "@server/db"; +import { targets } from "@server/db"; import HttpCode from "@server/types/HttpCode"; import response from "@server/lib/response"; import { eq, sql } from "drizzle-orm"; @@ -35,18 +35,19 @@ const listTargetsSchema = z.object({ }); function queryTargets(resourceId: number) { - let baseQuery = db + const baseQuery = db .select({ targetId: targets.targetId, ip: targets.ip, method: targets.method, port: targets.port, enabled: targets.enabled, - resourceId: targets.resourceId - // resourceName: resources.name, + resourceId: targets.resourceId, + siteId: targets.siteId, + siteType: sites.type }) .from(targets) - // .leftJoin(resources, eq(targets.resourceId, resources.resourceId)) + .leftJoin(sites, eq(sites.siteId, targets.siteId)) .where(eq(targets.resourceId, resourceId)); return baseQuery; @@ -99,7 +100,7 @@ export async function listTargets( const baseQuery = queryTargets(resourceId); - let countQuery = db + const countQuery = db .select({ count: sql`cast(count(*) as integer)` }) .from(targets) .where(eq(targets.resourceId, resourceId)); diff --git a/server/routers/target/updateTarget.ts b/server/routers/target/updateTarget.ts index 284b1a31..67d9a8df 100644 --- a/server/routers/target/updateTarget.ts +++ b/server/routers/target/updateTarget.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { newts, resources, sites, targets } from "@server/db/schemas"; +import { newts, resources, sites, targets } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -22,6 +22,7 @@ const updateTargetParamsSchema = z const updateTargetBodySchema = z .object({ + siteId: z.number().int().positive(), ip: z.string().refine(isTargetValid), method: z.string().min(1).max(10).optional().nullable(), port: z.number().int().min(1).max(65535).optional(), @@ -77,6 +78,7 @@ export async function updateTarget( } const { targetId } = parsedParams.data; + const { siteId } = parsedBody.data; const [target] = await db .select() @@ -111,14 +113,42 @@ export async function updateTarget( const [site] = await db .select() .from(sites) - .where(eq(sites.siteId, resource.siteId!)) + .where(eq(sites.siteId, siteId)) .limit(1); if (!site) { return next( createHttpError( HttpCode.NOT_FOUND, - `Site with ID ${resource.siteId} not found` + `Site with ID ${siteId} not found` + ) + ); + } + + const targetData = { + ...target, + ...parsedBody.data + }; + + const existingTargets = await db + .select() + .from(targets) + .where(eq(targets.resourceId, target.resourceId)); + + const foundTarget = existingTargets.find( + (target) => + target.targetId !== targetId && // Exclude the current target being updated + target.ip === targetData.ip && + target.port === targetData.port && + target.method === targetData.method && + target.siteId === targetData.siteId + ); + + if (foundTarget) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + `Target with IP ${targetData.ip}, port ${targetData.port}, and method ${targetData.method} already exists on the same site.` ) ); } @@ -157,7 +187,12 @@ export async function updateTarget( .where(eq(newts.siteId, site.siteId)) .limit(1); - addTargets(newt.newtId, [updatedTarget], resource.protocol); + await addTargets( + newt.newtId, + [updatedTarget], + resource.protocol, + resource.proxyPort + ); } } return response(res, { diff --git a/server/routers/traefik/getTraefikConfig.ts b/server/routers/traefik/getTraefikConfig.ts index 2fd656ba..1a55f2bd 100644 --- a/server/routers/traefik/getTraefikConfig.ts +++ b/server/routers/traefik/getTraefikConfig.ts @@ -1,207 +1,287 @@ import { Request, Response } from "express"; -import db from "@server/db"; -import { and, eq, inArray } from "drizzle-orm"; +import { db, exitNodes } from "@server/db"; +import { and, eq, inArray, or, isNull, ne, isNotNull } from "drizzle-orm"; import logger from "@server/logger"; import HttpCode from "@server/types/HttpCode"; import config from "@server/lib/config"; -import { orgs, resources, sites, Target, targets } from "@server/db/schemas"; -import { sql } from "drizzle-orm"; +import { orgs, resources, sites, Target, targets } from "@server/db"; +import { build } from "@server/build"; + +let currentExitNodeId: number; +const redirectHttpsMiddlewareName = "redirect-to-https"; +const badgerMiddlewareName = "badger"; + +export async function getCurrentExitNodeId(): Promise { + if (!currentExitNodeId) { + if (config.getRawConfig().gerbil.exit_node_name) { + const exitNodeName = config.getRawConfig().gerbil.exit_node_name!; + const [exitNode] = await db + .select({ + exitNodeId: exitNodes.exitNodeId + }) + .from(exitNodes) + .where(eq(exitNodes.name, exitNodeName)); + if (exitNode) { + currentExitNodeId = exitNode.exitNodeId; + } + } else { + const [exitNode] = await db + .select({ + exitNodeId: exitNodes.exitNodeId + }) + .from(exitNodes) + .limit(1); + + if (exitNode) { + currentExitNodeId = exitNode.exitNodeId; + } + } + } + return currentExitNodeId; +} export async function traefikConfigProvider( _: Request, res: Response ): Promise { try { - // Get all resources with related data - const allResources = await db.transaction(async (tx) => { - // First query to get resources with site and org info - const resourcesWithRelations = await tx - .select({ - // Resource fields - resourceId: resources.resourceId, - subdomain: resources.subdomain, - fullDomain: resources.fullDomain, - ssl: resources.ssl, - blockAccess: resources.blockAccess, - sso: resources.sso, - emailWhitelistEnabled: resources.emailWhitelistEnabled, - http: resources.http, - proxyPort: resources.proxyPort, - protocol: resources.protocol, - isBaseDomain: resources.isBaseDomain, - domainId: resources.domainId, - // Site fields - site: { - siteId: sites.siteId, - type: sites.type, - subnet: sites.subnet - }, - // Org fields - org: { - orgId: orgs.orgId - }, - enabled: resources.enabled, - stickySession: resources.stickySession, - tlsServerName: resources.tlsServerName, - setHostHeader: resources.setHostHeader - }) - .from(resources) - .innerJoin(sites, eq(sites.siteId, resources.siteId)) - .innerJoin(orgs, eq(resources.orgId, orgs.orgId)); + // First query to get resources with site and org info + // Get the current exit node name from config + await getCurrentExitNodeId(); - // Get all resource IDs from the first query - const resourceIds = resourcesWithRelations.map((r) => r.resourceId); + const traefikConfig = await getTraefikConfig( + currentExitNodeId, + config.getRawConfig().traefik.site_types + ); - // Second query to get all enabled targets for these resources - const allTargets = - resourceIds.length > 0 - ? await tx - .select({ - resourceId: targets.resourceId, - targetId: targets.targetId, - ip: targets.ip, - method: targets.method, - port: targets.port, - internalPort: targets.internalPort, - enabled: targets.enabled - }) - .from(targets) - .where( - and( - inArray(targets.resourceId, resourceIds), - eq(targets.enabled, true) - ) - ) - : []; + if (traefikConfig?.http?.middlewares) { // BECAUSE SOMETIMES THE CONFIG CAN BE EMPTY IF THERE IS NOTHING + traefikConfig.http.middlewares[badgerMiddlewareName] = { + plugin: { + [badgerMiddlewareName]: { + apiBaseUrl: new URL( + "/api/v1", + `http://${ + config.getRawConfig().server.internal_hostname + }:${config.getRawConfig().server.internal_port}` + ).href, + userSessionCookieName: + config.getRawConfig().server.session_cookie_name, - // Create a map for fast target lookup by resourceId - const targetsMap = allTargets.reduce((map, target) => { - if (!map.has(target.resourceId)) { - map.set(target.resourceId, []); + // deprecated + accessTokenQueryParam: + config.getRawConfig().server + .resource_access_token_param, + + resourceSessionRequestParam: + config.getRawConfig().server + .resource_session_request_param + } } - map.get(target.resourceId).push(target); - return map; - }, new Map()); - - // Combine the data - return resourcesWithRelations.map((resource) => ({ - ...resource, - targets: targetsMap.get(resource.resourceId) || [] - })); - }); - - if (!allResources.length) { - return res.status(HttpCode.OK).json({}); + }; } - const badgerMiddlewareName = "badger"; - const redirectHttpsMiddlewareName = "redirect-to-https"; + return res.status(HttpCode.OK).json(traefikConfig); + } catch (e) { + logger.error(`Failed to build Traefik config: ${e}`); + return res.status(HttpCode.INTERNAL_SERVER_ERROR).json({ + error: "Failed to build Traefik config" + }); + } +} - const config_output: any = { - http: { - middlewares: { - [badgerMiddlewareName]: { - plugin: { - [badgerMiddlewareName]: { - apiBaseUrl: new URL( - "/api/v1", - `http://${ - config.getRawConfig().server - .internal_hostname - }:${ - config.getRawConfig().server - .internal_port - }` - ).href, - userSessionCookieName: - config.getRawConfig().server - .session_cookie_name, +export async function getTraefikConfig( + exitNodeId: number, + siteTypes: string[] +): Promise { + // Define extended target type with site information + type TargetWithSite = Target & { + site: { + siteId: number; + type: string; + subnet: string | null; + exitNodeId: number | null; + online: boolean; + }; + }; - // deprecated - accessTokenQueryParam: - config.getRawConfig().server - .resource_access_token_param, + // Get all resources with related data + const allResources = await db.transaction(async (tx) => { + // Get resources with their targets and sites in a single optimized query + // Start from sites on this exit node, then join to targets and resources + const resourcesWithTargetsAndSites = await tx + .select({ + // Resource fields + resourceId: resources.resourceId, + fullDomain: resources.fullDomain, + ssl: resources.ssl, + http: resources.http, + proxyPort: resources.proxyPort, + protocol: resources.protocol, + subdomain: resources.subdomain, + domainId: resources.domainId, + enabled: resources.enabled, + stickySession: resources.stickySession, + tlsServerName: resources.tlsServerName, + setHostHeader: resources.setHostHeader, + enableProxy: resources.enableProxy, + // Target fields + targetId: targets.targetId, + targetEnabled: targets.enabled, + ip: targets.ip, + method: targets.method, + port: targets.port, + internalPort: targets.internalPort, + // Site fields + siteId: sites.siteId, + siteType: sites.type, + siteOnline: sites.online, + subnet: sites.subnet, + exitNodeId: sites.exitNodeId + }) + .from(sites) + .innerJoin(targets, eq(targets.siteId, sites.siteId)) + .innerJoin(resources, eq(resources.resourceId, targets.resourceId)) + .where( + and( + eq(targets.enabled, true), + eq(resources.enabled, true), + or( + eq(sites.exitNodeId, exitNodeId), + isNull(sites.exitNodeId) + ), + inArray(sites.type, siteTypes), + config.getRawConfig().traefik.allow_raw_resources + ? isNotNull(resources.http) // ignore the http check if allow_raw_resources is true + : eq(resources.http, true), + ) + ); - resourceSessionRequestParam: - config.getRawConfig().server - .resource_session_request_param - } - } - }, - [redirectHttpsMiddlewareName]: { - redirectScheme: { - scheme: "https" - } + // Group by resource and include targets with their unique site data + const resourcesMap = new Map(); + + resourcesWithTargetsAndSites.forEach((row) => { + const resourceId = row.resourceId; + + if (!resourcesMap.has(resourceId)) { + resourcesMap.set(resourceId, { + resourceId: row.resourceId, + fullDomain: row.fullDomain, + ssl: row.ssl, + http: row.http, + proxyPort: row.proxyPort, + protocol: row.protocol, + subdomain: row.subdomain, + domainId: row.domainId, + enabled: row.enabled, + stickySession: row.stickySession, + tlsServerName: row.tlsServerName, + setHostHeader: row.setHostHeader, + enableProxy: row.enableProxy, + targets: [] + }); + } + + // Add target with its associated site data + resourcesMap.get(resourceId).targets.push({ + resourceId: row.resourceId, + targetId: row.targetId, + ip: row.ip, + method: row.method, + port: row.port, + internalPort: row.internalPort, + enabled: row.targetEnabled, + site: { + siteId: row.siteId, + type: row.siteType, + subnet: row.subnet, + exitNodeId: row.exitNodeId, + online: row.siteOnline + } + }); + }); + + return Array.from(resourcesMap.values()); + }); + + if (!allResources.length) { + return {}; + } + + const config_output: any = { + http: { + middlewares: { + [redirectHttpsMiddlewareName]: { + redirectScheme: { + scheme: "https" } } } - }; + } + }; - for (const resource of allResources) { - const targets = resource.targets as Target[]; - const site = resource.site; - const org = resource.org; + for (const resource of allResources) { + const targets = resource.targets; - const routerName = `${resource.resourceId}-router`; - const serviceName = `${resource.resourceId}-service`; - const fullDomain = `${resource.fullDomain}`; - const transportName = `${resource.resourceId}-transport`; - const hostHeaderMiddlewareName = `${resource.resourceId}-host-header-middleware`; + const routerName = `${resource.resourceId}-router`; + const serviceName = `${resource.resourceId}-service`; + const fullDomain = `${resource.fullDomain}`; + const transportName = `${resource.resourceId}-transport`; + const hostHeaderMiddlewareName = `${resource.resourceId}-host-header-middleware`; - if (!resource.enabled) { + if (!resource.enabled) { + continue; + } + + if (resource.http) { + if (!resource.domainId) { continue; } - if (resource.http) { - if (!resource.domainId) { - continue; - } + if (!resource.fullDomain) { + logger.error( + `Resource ${resource.resourceId} has no fullDomain` + ); + continue; + } - if (!resource.fullDomain) { - logger.error( - `Resource ${resource.resourceId} has no fullDomain` - ); - continue; - } + // add routers and services empty objects if they don't exist + if (!config_output.http.routers) { + config_output.http.routers = {}; + } - // HTTP configuration remains the same - if (!resource.subdomain && !resource.isBaseDomain) { - continue; - } + if (!config_output.http.services) { + config_output.http.services = {}; + } - // add routers and services empty objects if they don't exist - if (!config_output.http.routers) { - config_output.http.routers = {}; - } + const domainParts = fullDomain.split("."); + let wildCard; + if (domainParts.length <= 2) { + wildCard = `*.${domainParts.join(".")}`; + } else { + wildCard = `*.${domainParts.slice(1).join(".")}`; + } - if (!config_output.http.services) { - config_output.http.services = {}; - } + if (!resource.subdomain) { + wildCard = resource.fullDomain; + } - const domainParts = fullDomain.split("."); - let wildCard; - if (domainParts.length <= 2) { - wildCard = `*.${domainParts.join(".")}`; - } else { - wildCard = `*.${domainParts.slice(1).join(".")}`; - } + const configDomain = config.getDomain(resource.domainId); - if (resource.isBaseDomain) { - wildCard = resource.fullDomain; - } + let certResolver: string, preferWildcardCert: boolean; + if (!configDomain) { + certResolver = config.getRawConfig().traefik.cert_resolver; + preferWildcardCert = + config.getRawConfig().traefik.prefer_wildcard_cert; + } else { + certResolver = configDomain.cert_resolver; + preferWildcardCert = configDomain.prefer_wildcard_cert; + } - const configDomain = config.getDomain(resource.domainId); - - if (!configDomain) { - logger.error( - `Failed to get domain from config for resource ${resource.resourceId}` - ); - continue; - } - - const tls = { - certResolver: configDomain.cert_resolver, - ...(configDomain.prefer_wildcard_cert + let tls = {}; + if (build == "oss") { + tls = { + certResolver: certResolver, + ...(preferWildcardCert ? { domains: [ { @@ -211,46 +291,63 @@ export async function traefikConfigProvider( } : {}) }; + } - const additionalMiddlewares = - config.getRawConfig().traefik.additional_middlewares || []; + const additionalMiddlewares = + config.getRawConfig().traefik.additional_middlewares || []; - config_output.http.routers![routerName] = { + config_output.http.routers![routerName] = { + entryPoints: [ + resource.ssl + ? config.getRawConfig().traefik.https_entrypoint + : config.getRawConfig().traefik.http_entrypoint + ], + middlewares: [badgerMiddlewareName, ...additionalMiddlewares], + service: serviceName, + rule: `Host(\`${fullDomain}\`)`, + priority: 100, + ...(resource.ssl ? { tls } : {}) + }; + + if (resource.ssl) { + config_output.http.routers![routerName + "-redirect"] = { entryPoints: [ - resource.ssl - ? config.getRawConfig().traefik.https_entrypoint - : config.getRawConfig().traefik.http_entrypoint - ], - middlewares: [ - badgerMiddlewareName, - ...additionalMiddlewares + config.getRawConfig().traefik.http_entrypoint ], + middlewares: [redirectHttpsMiddlewareName], service: serviceName, rule: `Host(\`${fullDomain}\`)`, - ...(resource.ssl ? { tls } : {}) + priority: 100 }; + } - if (resource.ssl) { - config_output.http.routers![routerName + "-redirect"] = { - entryPoints: [ - config.getRawConfig().traefik.http_entrypoint - ], - middlewares: [redirectHttpsMiddlewareName], - service: serviceName, - rule: `Host(\`${fullDomain}\`)` - }; - } + config_output.http.services![serviceName] = { + loadBalancer: { + servers: (() => { + // Check if any sites are online + // THIS IS SO THAT THERE IS SOME IMMEDIATE FEEDBACK + // EVEN IF THE SITES HAVE NOT UPDATED YET FROM THE + // RECEIVE BANDWIDTH ENDPOINT. - config_output.http.services![serviceName] = { - loadBalancer: { - servers: targets - .filter((target: Target) => { + // TODO: HOW TO HANDLE ^^^^^^ BETTER + const anySitesOnline = ( + targets as TargetWithSite[] + ).some((target: TargetWithSite) => target.site.online); + + return (targets as TargetWithSite[]) + .filter((target: TargetWithSite) => { if (!target.enabled) { return false; } + + // If any sites are online, exclude offline sites + if (anySitesOnline && !target.site.online) { + return false; + } + if ( - site.type === "local" || - site.type === "wireguard" + target.site.type === "local" || + target.site.type === "wireguard" ) { if ( !target.ip || @@ -259,158 +356,176 @@ export async function traefikConfigProvider( ) { return false; } - } else if (site.type === "newt") { + } else if (target.site.type === "newt") { if ( !target.internalPort || - !target.method + !target.method || + !target.site.subnet ) { return false; } } return true; }) - .map((target: Target) => { + .map((target: TargetWithSite) => { if ( - site.type === "local" || - site.type === "wireguard" + target.site.type === "local" || + target.site.type === "wireguard" ) { return { url: `${target.method}://${target.ip}:${target.port}` }; - } else if (site.type === "newt") { - const ip = site.subnet.split("/")[0]; + } else if (target.site.type === "newt") { + const ip = + target.site.subnet!.split("/")[0]; return { url: `${target.method}://${ip}:${target.internalPort}` }; } - }), - ...(resource.stickySession - ? { - sticky: { - cookie: { - name: "p_sticky", // TODO: make this configurable via config.yml like other cookies - secure: resource.ssl, - httpOnly: true - } + }); + })(), + ...(resource.stickySession + ? { + sticky: { + cookie: { + name: "p_sticky", // TODO: make this configurable via config.yml like other cookies + secure: resource.ssl, + httpOnly: true } } - : {}) + } + : {}) + } + }; + + // Add the serversTransport if TLS server name is provided + if (resource.tlsServerName) { + if (!config_output.http.serversTransports) { + config_output.http.serversTransports = {}; + } + config_output.http.serversTransports![transportName] = { + serverName: resource.tlsServerName, + //unfortunately the following needs to be set. traefik doesn't merge the default serverTransport settings + // if defined in the static config and here. if not set, self-signed certs won't work + insecureSkipVerify: true + }; + config_output.http.services![ + serviceName + ].loadBalancer.serversTransport = transportName; + } + + // Add the host header middleware + if (resource.setHostHeader) { + if (!config_output.http.middlewares) { + config_output.http.middlewares = {}; + } + config_output.http.middlewares[hostHeaderMiddlewareName] = { + headers: { + customRequestHeaders: { + Host: resource.setHostHeader + } } }; - - // Add the serversTransport if TLS server name is provided - if (resource.tlsServerName) { - if (!config_output.http.serversTransports) { - config_output.http.serversTransports = {}; - } - config_output.http.serversTransports![transportName] = { - serverName: resource.tlsServerName, - //unfortunately the following needs to be set. traefik doesn't merge the default serverTransport settings - // if defined in the static config and here. if not set, self-signed certs won't work - insecureSkipVerify: true - }; - config_output.http.services![serviceName].loadBalancer.serversTransport = transportName; + if (!config_output.http.routers![routerName].middlewares) { + config_output.http.routers![routerName].middlewares = []; } + config_output.http.routers![routerName].middlewares = [ + ...config_output.http.routers![routerName].middlewares, + hostHeaderMiddlewareName + ]; + } + } else { + // Non-HTTP (TCP/UDP) configuration + if (!resource.enableProxy) { + continue; + } - // Add the host header middleware - if (resource.setHostHeader) { - if (!config_output.http.middlewares) { - config_output.http.middlewares = {}; - } - config_output.http.middlewares[hostHeaderMiddlewareName] = - { - headers: { - customRequestHeaders: { - Host: resource.setHostHeader - } - } - }; - if (!config_output.http.routers![routerName].middlewares) { - config_output.http.routers![routerName].middlewares = []; - } - config_output.http.routers![routerName].middlewares = [ - ...config_output.http.routers![routerName].middlewares, - hostHeaderMiddlewareName - ]; - } + const protocol = resource.protocol.toLowerCase(); + const port = resource.proxyPort; - } else { - // Non-HTTP (TCP/UDP) configuration - const protocol = resource.protocol.toLowerCase(); - const port = resource.proxyPort; + if (!port) { + continue; + } - if (!port) { - continue; - } - - if (!config_output[protocol]) { - config_output[protocol] = { - routers: {}, - services: {} - }; - } - - config_output[protocol].routers[routerName] = { - entryPoints: [`${protocol}-${port}`], - service: serviceName, - ...(protocol === "tcp" ? { rule: "HostSNI(`*`)" } : {}) + if (!config_output[protocol]) { + config_output[protocol] = { + routers: {}, + services: {} }; + } - config_output[protocol].services[serviceName] = { - loadBalancer: { - servers: targets - .filter((target: Target) => { + config_output[protocol].routers[routerName] = { + entryPoints: [`${protocol}-${port}`], + service: serviceName, + ...(protocol === "tcp" ? { rule: "HostSNI(`*`)" } : {}) + }; + + config_output[protocol].services[serviceName] = { + loadBalancer: { + servers: (() => { + // Check if any sites are online + const anySitesOnline = ( + targets as TargetWithSite[] + ).some((target: TargetWithSite) => target.site.online); + + return (targets as TargetWithSite[]) + .filter((target: TargetWithSite) => { if (!target.enabled) { return false; } + + // If any sites are online, exclude offline sites + if (anySitesOnline && !target.site.online) { + return false; + } + if ( - site.type === "local" || - site.type === "wireguard" + target.site.type === "local" || + target.site.type === "wireguard" ) { if (!target.ip || !target.port) { return false; } - } else if (site.type === "newt") { - if (!target.internalPort) { + } else if (target.site.type === "newt") { + if ( + !target.internalPort || + !target.site.subnet + ) { return false; } } return true; }) - .map((target: Target) => { + .map((target: TargetWithSite) => { if ( - site.type === "local" || - site.type === "wireguard" + target.site.type === "local" || + target.site.type === "wireguard" ) { return { address: `${target.ip}:${target.port}` }; - } else if (site.type === "newt") { - const ip = site.subnet.split("/")[0]; + } else if (target.site.type === "newt") { + const ip = + target.site.subnet!.split("/")[0]; return { address: `${ip}:${target.internalPort}` }; } - }), - ...(resource.stickySession - ? { - sticky: { - ipStrategy: { - depth: 0, - sourcePort: true - } + }); + })(), + ...(resource.stickySession + ? { + sticky: { + ipStrategy: { + depth: 0, + sourcePort: true } } - : {}) - } - }; - } + } + : {}) + } + }; } - return res.status(HttpCode.OK).json(config_output); - } catch (e) { - logger.error(`Failed to build Traefik config: ${e}`); - return res.status(HttpCode.INTERNAL_SERVER_ERROR).json({ - error: "Failed to build Traefik config" - }); } + return config_output; } diff --git a/server/routers/user/acceptInvite.ts b/server/routers/user/acceptInvite.ts index cc483b16..73bed018 100644 --- a/server/routers/user/acceptInvite.ts +++ b/server/routers/user/acceptInvite.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; -import { db } from "@server/db"; -import { roles, userInvites, userOrgs, users } from "@server/db/schemas"; +import { db, UserOrg } from "@server/db"; +import { roles, userInvites, userOrgs, users } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -92,6 +92,7 @@ export async function acceptInvite( } let roleId: number; + let totalUsers: UserOrg[] | undefined; // get the role to make sure it exists const existingRole = await db .select() @@ -122,6 +123,12 @@ export async function acceptInvite( await trx .delete(userInvites) .where(eq(userInvites.inviteId, inviteId)); + + // Get the total number of users in the org now + totalUsers = await db + .select() + .from(userOrgs) + .where(eq(userOrgs.orgId, existingInvite.orgId)); }); return response(res, { diff --git a/server/routers/user/addUserAction.ts b/server/routers/user/addUserAction.ts index 472f4298..074ebe9b 100644 --- a/server/routers/user/addUserAction.ts +++ b/server/routers/user/addUserAction.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { userActions, users } from "@server/db/schemas"; +import { userActions, users } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; diff --git a/server/routers/user/addUserRole.ts b/server/routers/user/addUserRole.ts index b1c9025a..d073179d 100644 --- a/server/routers/user/addUserRole.ts +++ b/server/routers/user/addUserRole.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { userOrgs, roles } from "@server/db/schemas"; +import { userOrgs, roles } from "@server/db"; import { eq, and } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -58,18 +58,23 @@ export async function addUserRole( ); } - const orgId = req.userOrg?.orgId || req.apiKeyOrg?.orgId; + // get the role + const [role] = await db + .select() + .from(roles) + .where(eq(roles.roleId, roleId)) + .limit(1); - if (!orgId) { + if (!role) { return next( - createHttpError(HttpCode.BAD_REQUEST, "Invalid organization ID") + createHttpError(HttpCode.BAD_REQUEST, "Invalid role ID") ); } const existingUser = await db .select() .from(userOrgs) - .where(and(eq(userOrgs.userId, userId), eq(userOrgs.orgId, orgId))) + .where(and(eq(userOrgs.userId, userId), eq(userOrgs.orgId, role.orgId))) .limit(1); if (existingUser.length === 0) { @@ -93,7 +98,7 @@ export async function addUserRole( const roleExists = await db .select() .from(roles) - .where(and(eq(roles.roleId, roleId), eq(roles.orgId, orgId))) + .where(and(eq(roles.roleId, roleId), eq(roles.orgId, role.orgId))) .limit(1); if (roleExists.length === 0) { @@ -105,7 +110,7 @@ export async function addUserRole( ); } - const newUserRole = { orgId, userId, roleId, isOwner: false }; + const newUserRole = { orgId: role.orgId, userId, roleId, isOwner: false }; await db.transaction(async (trx) => { const hasRoleAlready = await trx @@ -114,7 +119,7 @@ export async function addUserRole( .where( and( eq(userOrgs.userId, userId), - eq(userOrgs.orgId, orgId), + eq(userOrgs.orgId, role.orgId), eq(userOrgs.roleId, roleId) ) ); diff --git a/server/routers/user/addUserSite.ts b/server/routers/user/addUserSite.ts index 5b20ed8d..f094e20e 100644 --- a/server/routers/user/addUserSite.ts +++ b/server/routers/user/addUserSite.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { resources, userResources, userSites } from "@server/db/schemas"; +import { resources, userResources, userSites } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; @@ -43,17 +43,17 @@ export async function addUserSite( }) .returning(); - const siteResources = await trx - .select() - .from(resources) - .where(eq(resources.siteId, siteId)); - - for (const resource of siteResources) { - await trx.insert(userResources).values({ - userId, - resourceId: resource.resourceId - }); - } + // const siteResources = await trx + // .select() + // .from(resources) + // .where(eq(resources.siteId, siteId)); + // + // for (const resource of siteResources) { + // await trx.insert(userResources).values({ + // userId, + // resourceId: resource.resourceId + // }); + // } return response(res, { data: newUserSite[0], diff --git a/server/routers/user/adminGetUser.ts b/server/routers/user/adminGetUser.ts new file mode 100644 index 00000000..0a961bec --- /dev/null +++ b/server/routers/user/adminGetUser.ts @@ -0,0 +1,94 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db } from "@server/db"; +import { idp, users } from "@server/db"; +import { eq } from "drizzle-orm"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { OpenAPITags, registry } from "@server/openApi"; + +const adminGetUserSchema = z + .object({ + userId: z.string().min(1) + }) + .strict(); + +registry.registerPath({ + method: "get", + path: "/user/{userId}", + description: "Get a user by ID.", + tags: [OpenAPITags.User], + request: { + params: adminGetUserSchema + }, + responses: {} +}); + +async function queryUser(userId: string) { + const [user] = await db + .select({ + userId: users.userId, + email: users.email, + username: users.username, + name: users.name, + type: users.type, + twoFactorEnabled: users.twoFactorEnabled, + twoFactorSetupRequested: users.twoFactorSetupRequested, + emailVerified: users.emailVerified, + serverAdmin: users.serverAdmin, + idpName: idp.name, + idpId: users.idpId, + dateCreated: users.dateCreated + }) + .from(users) + .leftJoin(idp, eq(users.idpId, idp.idpId)) + .where(eq(users.userId, userId)) + .limit(1); + return user; +} + +export type AdminGetUserResponse = NonNullable< + Awaited> +>; + +export async function adminGetUser( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedParams = adminGetUserSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError(HttpCode.BAD_REQUEST, "Invalid user ID") + ); + } + const { userId } = parsedParams.data; + + const user = await queryUser(userId); + + if (!user) { + return next( + createHttpError( + HttpCode.NOT_FOUND, + `User with ID ${userId} not found` + ) + ); + } + + return response(res, { + data: user, + success: true, + error: false, + message: "User retrieved successfully", + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/user/adminListUsers.ts b/server/routers/user/adminListUsers.ts index 6de12be9..308b9def 100644 --- a/server/routers/user/adminListUsers.ts +++ b/server/routers/user/adminListUsers.ts @@ -6,7 +6,7 @@ import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; import { sql, eq } from "drizzle-orm"; import logger from "@server/logger"; -import { idp, users } from "@server/db/schemas"; +import { idp, users } from "@server/db"; import { fromZodError } from "zod-validation-error"; const listUsersSchema = z @@ -37,7 +37,9 @@ async function queryUsers(limit: number, offset: number) { serverAdmin: users.serverAdmin, type: users.type, idpName: idp.name, - idpId: users.idpId + idpId: users.idpId, + twoFactorEnabled: users.twoFactorEnabled, + twoFactorSetupRequested: users.twoFactorSetupRequested }) .from(users) .leftJoin(idp, eq(users.idpId, idp.idpId)) diff --git a/server/routers/user/adminRemoveUser.ts b/server/routers/user/adminRemoveUser.ts index fa31c52f..14916ab9 100644 --- a/server/routers/user/adminRemoveUser.ts +++ b/server/routers/user/adminRemoveUser.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { users } from "@server/db/schemas"; +import { users } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/user/adminUpdateUser2FA.ts b/server/routers/user/adminUpdateUser2FA.ts new file mode 100644 index 00000000..becd2091 --- /dev/null +++ b/server/routers/user/adminUpdateUser2FA.ts @@ -0,0 +1,133 @@ +import { Request, Response, NextFunction } from "express"; +import { z } from "zod"; +import { db } from "@server/db"; +import { users, userOrgs } from "@server/db"; +import { eq, and } from "drizzle-orm"; +import response from "@server/lib/response"; +import HttpCode from "@server/types/HttpCode"; +import createHttpError from "http-errors"; +import logger from "@server/logger"; +import { fromError } from "zod-validation-error"; +import { OpenAPITags, registry } from "@server/openApi"; + +const updateUser2FAParamsSchema = z + .object({ + userId: z.string() + }) + .strict(); + +const updateUser2FABodySchema = z + .object({ + twoFactorSetupRequested: z.boolean() + }) + .strict(); + +export type UpdateUser2FAResponse = { + userId: string; + twoFactorRequested: boolean; +}; + +registry.registerPath({ + method: "post", + path: "/user/{userId}/2fa", + description: "Update a user's 2FA status.", + tags: [OpenAPITags.User], + request: { + params: updateUser2FAParamsSchema, + body: { + content: { + "application/json": { + schema: updateUser2FABodySchema + } + } + } + }, + responses: {} +}); + +export async function updateUser2FA( + req: Request, + res: Response, + next: NextFunction +): Promise { + try { + const parsedParams = updateUser2FAParamsSchema.safeParse(req.params); + if (!parsedParams.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedParams.error).toString() + ) + ); + } + + const parsedBody = updateUser2FABodySchema.safeParse(req.body); + if (!parsedBody.success) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + fromError(parsedBody.error).toString() + ) + ); + } + + const { userId } = parsedParams.data; + const { twoFactorSetupRequested } = parsedBody.data; + + // Verify the user exists in the organization + const existingUser = await db + .select() + .from(users) + .where(eq(users.userId, userId)) + .limit(1); + + if (existingUser.length === 0) { + return next(createHttpError(HttpCode.NOT_FOUND, "User not found")); + } + + if (existingUser[0].type !== "internal") { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "Two-factor authentication is not supported for external users" + ) + ); + } + + logger.debug(`Updating 2FA for user ${userId} to ${twoFactorSetupRequested}`); + + if (twoFactorSetupRequested) { + await db + .update(users) + .set({ + twoFactorSetupRequested: true, + }) + .where(eq(users.userId, userId)); + } else { + await db + .update(users) + .set({ + twoFactorSetupRequested: false, + twoFactorEnabled: false, + twoFactorSecret: null + }) + .where(eq(users.userId, userId)); + } + + return response(res, { + data: { + userId: existingUser[0].userId, + twoFactorRequested: twoFactorSetupRequested + }, + success: true, + error: false, + message: `2FA ${twoFactorSetupRequested ? "enabled" : "disabled"} for user successfully`, + status: HttpCode.OK + }); + } catch (error) { + logger.error(error); + return next( + createHttpError(HttpCode.INTERNAL_SERVER_ERROR, "An error occurred") + ); + } +} diff --git a/server/routers/user/createOrgUser.ts b/server/routers/user/createOrgUser.ts index a198db5d..4419772a 100644 --- a/server/routers/user/createOrgUser.ts +++ b/server/routers/user/createOrgUser.ts @@ -6,9 +6,9 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -import db from "@server/db"; +import { db, UserOrg } from "@server/db"; import { and, eq } from "drizzle-orm"; -import { idp, idpOidcConfig, roles, userOrgs, users } from "@server/db/schemas"; +import { idp, idpOidcConfig, roles, userOrgs, users } from "@server/db"; import { generateId } from "@server/auth/sessions/app"; const paramsSchema = z @@ -21,6 +21,7 @@ const bodySchema = z .object({ email: z .string() + .toLowerCase() .optional() .refine((data) => { if (data) { @@ -28,7 +29,7 @@ const bodySchema = z } return true; }), - username: z.string().nonempty(), + username: z.string().nonempty().toLowerCase(), name: z.string().optional(), type: z.enum(["internal", "oidc"]).optional(), idpId: z.number().optional(), @@ -134,65 +135,76 @@ export async function createOrgUser( ); } - const [existingUser] = await db - .select() - .from(users) - .where(eq(users.username, username)); + let orgUsers: UserOrg[] | undefined; - if (existingUser) { - const [existingOrgUser] = await db + await db.transaction(async (trx) => { + const [existingUser] = await trx .select() - .from(userOrgs) - .where( - and( - eq(userOrgs.orgId, orgId), - eq(userOrgs.userId, existingUser.userId) - ) - ); + .from(users) + .where(eq(users.username, username)); - if (existingOrgUser) { - return next( - createHttpError( - HttpCode.BAD_REQUEST, - "User already exists in this organization" - ) - ); + if (existingUser) { + const [existingOrgUser] = await trx + .select() + .from(userOrgs) + .where( + and( + eq(userOrgs.orgId, orgId), + eq(userOrgs.userId, existingUser.userId) + ) + ); + + if (existingOrgUser) { + return next( + createHttpError( + HttpCode.BAD_REQUEST, + "User already exists in this organization" + ) + ); + } + + await trx + .insert(userOrgs) + .values({ + orgId, + userId: existingUser.userId, + roleId: role.roleId + }) + .returning(); + } else { + const userId = generateId(15); + + const [newUser] = await trx + .insert(users) + .values({ + userId: userId, + email, + username, + name, + type: "oidc", + idpId, + dateCreated: new Date().toISOString(), + emailVerified: true + }) + .returning(); + + await trx + .insert(userOrgs) + .values({ + orgId, + userId: newUser.userId, + roleId: role.roleId + }) + .returning(); } - await db - .insert(userOrgs) - .values({ - orgId, - userId: existingUser.userId, - roleId: role.roleId - }) - .returning(); - } else { - const userId = generateId(15); + // List all of the users in the org + orgUsers = await trx + .select() + .from(userOrgs) + .where(eq(userOrgs.orgId, orgId)); + }); - const [newUser] = await db - .insert(users) - .values({ - userId: userId, - email, - username, - name, - type: "oidc", - idpId, - dateCreated: new Date().toISOString(), - emailVerified: true - }) - .returning(); - - await db - .insert(userOrgs) - .values({ - orgId, - userId: newUser.userId, - roleId: role.roleId - }) - .returning(); - } } else { return next( createHttpError(HttpCode.BAD_REQUEST, "User type is required") diff --git a/server/routers/user/getOrgUser.ts b/server/routers/user/getOrgUser.ts index 226248a3..38cd70a6 100644 --- a/server/routers/user/getOrgUser.ts +++ b/server/routers/user/getOrgUser.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { roles, userOrgs, users } from "@server/db/schemas"; +import { roles, userOrgs, users } from "@server/db"; import { and, eq, sql } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -23,7 +23,8 @@ async function queryUser(orgId: string, userId: string) { type: users.type, roles: sql`json_group_array(json_object('id', ${roles.roleId}, 'name', ${roles.name}))`, isOwner: userOrgs.isOwner, - isAdmin: roles.isAdmin + isAdmin: roles.isAdmin, + twoFactorEnabled: users.twoFactorEnabled, }) .from(userOrgs) .leftJoin(roles, eq(userOrgs.roleId, roles.roleId)) diff --git a/server/routers/user/getUser.ts b/server/routers/user/getUser.ts index 2f80be90..e33daab6 100644 --- a/server/routers/user/getUser.ts +++ b/server/routers/user/getUser.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { idp, users } from "@server/db/schemas"; +import { idp, users } from "@server/db"; import { eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/user/index.ts b/server/routers/user/index.ts index a9400cdc..4c5dbf86 100644 --- a/server/routers/user/index.ts +++ b/server/routers/user/index.ts @@ -8,6 +8,9 @@ export * from "./acceptInvite"; export * from "./getOrgUser"; export * from "./adminListUsers"; export * from "./adminRemoveUser"; +export * from "./adminGetUser"; export * from "./listInvitations"; export * from "./removeInvitation"; export * from "./createOrgUser"; +export * from "./adminUpdateUser2FA"; +export * from "./adminGetUser"; diff --git a/server/routers/user/inviteUser.ts b/server/routers/user/inviteUser.ts index 042942ab..174600fc 100644 --- a/server/routers/user/inviteUser.ts +++ b/server/routers/user/inviteUser.ts @@ -2,7 +2,7 @@ import NodeCache from "node-cache"; import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { orgs, userInvites, userOrgs, users } from "@server/db/schemas"; +import { orgs, userInvites, userOrgs, users } from "@server/db"; import { and, eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -30,8 +30,8 @@ const inviteUserBodySchema = z .object({ email: z .string() - .email() - .transform((v) => v.toLowerCase()), + .toLowerCase() + .email(), roleId: z.number(), validHours: z.number().gt(0).lte(168), sendEmail: z.boolean().optional(), @@ -99,6 +99,7 @@ export async function inviteUser( regenerate } = parsedBody.data; + // Check if the organization exists const org = await db .select() @@ -188,7 +189,7 @@ export async function inviteUser( ) ); - const inviteLink = `${config.getRawConfig().app.dashboard_url}/invite?token=${inviteId}-${token}`; + const inviteLink = `${config.getRawConfig().app.dashboard_url}/invite?token=${inviteId}-${token}&email=${encodeURIComponent(email)}`; if (doEmail) { await sendEmail( @@ -240,7 +241,7 @@ export async function inviteUser( }); }); - const inviteLink = `${config.getRawConfig().app.dashboard_url}/invite?token=${inviteId}-${token}`; + const inviteLink = `${config.getRawConfig().app.dashboard_url}/invite?token=${inviteId}-${token}&email=${encodeURIComponent(email)}`; if (doEmail) { await sendEmail( diff --git a/server/routers/user/listInvitations.ts b/server/routers/user/listInvitations.ts index 76e82db5..c91a136d 100644 --- a/server/routers/user/listInvitations.ts +++ b/server/routers/user/listInvitations.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { userInvites, roles } from "@server/db/schemas"; +import { userInvites, roles } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; diff --git a/server/routers/user/listUsers.ts b/server/routers/user/listUsers.ts index 89752eb8..edcc5dce 100644 --- a/server/routers/user/listUsers.ts +++ b/server/routers/user/listUsers.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { idp, roles, userOrgs, users } from "@server/db/schemas"; +import { idp, roles, userOrgs, users } from "@server/db"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; @@ -60,7 +60,8 @@ async function queryUsers(orgId: string, limit: number, offset: number) { roles: sql`json_group_array(json_object('id', ${roles.roleId}, 'name', ${roles.name}))`, isOwner: userOrgs.isOwner, idpName: idp.name, - idpId: users.idpId + idpId: users.idpId, + twoFactorEnabled: users.twoFactorEnabled, }) .from(users) .leftJoin(userOrgs, eq(users.userId, userOrgs.userId)) diff --git a/server/routers/user/removeInvitation.ts b/server/routers/user/removeInvitation.ts index c825df6d..e3ee40d0 100644 --- a/server/routers/user/removeInvitation.ts +++ b/server/routers/user/removeInvitation.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { userInvites } from "@server/db/schemas"; +import { userInvites } from "@server/db"; import { eq, and } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/user/removeUserAction.ts b/server/routers/user/removeUserAction.ts index 9364f406..f0bd7d92 100644 --- a/server/routers/user/removeUserAction.ts +++ b/server/routers/user/removeUserAction.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { userActions } from "@server/db/schemas"; +import { userActions } from "@server/db"; import { and, eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/user/removeUserOrg.ts b/server/routers/user/removeUserOrg.ts index b344978c..dcd8c6f2 100644 --- a/server/routers/user/removeUserOrg.ts +++ b/server/routers/user/removeUserOrg.ts @@ -1,8 +1,8 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; -import { db } from "@server/db"; -import { userOrgs, userResources, users, userSites } from "@server/db/schemas"; -import { and, eq } from "drizzle-orm"; +import { db, resources, sites, UserOrg } from "@server/db"; +import { userOrgs, userResources, users, userSites } from "@server/db"; +import { and, eq, exists } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; import createHttpError from "http-errors"; @@ -50,7 +50,7 @@ export async function removeUserOrg( const user = await db .select() .from(userOrgs) - .where(eq(userOrgs.userId, userId)); + .where(and(eq(userOrgs.userId, userId), eq(userOrgs.orgId, orgId))); if (!user || user.length === 0) { return next(createHttpError(HttpCode.NOT_FOUND, "User not found")); @@ -65,6 +65,8 @@ export async function removeUserOrg( ); } + let userCount: UserOrg[] | undefined; + await db.transaction(async (trx) => { await trx .delete(userOrgs) @@ -72,11 +74,47 @@ export async function removeUserOrg( and(eq(userOrgs.userId, userId), eq(userOrgs.orgId, orgId)) ); - await trx - .delete(userResources) - .where(eq(userResources.userId, userId)); + await db.delete(userResources).where( + and( + eq(userResources.userId, userId), + exists( + db + .select() + .from(resources) + .where( + and( + eq( + resources.resourceId, + userResources.resourceId + ), + eq(resources.orgId, orgId) + ) + ) + ) + ) + ); - await trx.delete(userSites).where(eq(userSites.userId, userId)); + await db.delete(userSites).where( + and( + eq(userSites.userId, userId), + exists( + db + .select() + .from(sites) + .where( + and( + eq(sites.siteId, userSites.siteId), + eq(sites.orgId, orgId) + ) + ) + ) + ) + ); + + userCount = await trx + .select() + .from(userOrgs) + .where(eq(userOrgs.orgId, orgId)); }); return response(res, { diff --git a/server/routers/user/removeUserResource.ts b/server/routers/user/removeUserResource.ts index be5acab9..186e8032 100644 --- a/server/routers/user/removeUserResource.ts +++ b/server/routers/user/removeUserResource.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { userResources } from "@server/db/schemas"; +import { userResources } from "@server/db"; import { and, eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/user/removeUserSite.ts b/server/routers/user/removeUserSite.ts index 6142f45c..7dbb4a15 100644 --- a/server/routers/user/removeUserSite.ts +++ b/server/routers/user/removeUserSite.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { resources, userResources, userSites } from "@server/db/schemas"; +import { resources, userResources, userSites } from "@server/db"; import { and, eq } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; @@ -71,22 +71,22 @@ export async function removeUserSite( ); } - const siteResources = await trx - .select() - .from(resources) - .where(eq(resources.siteId, siteId)); - - for (const resource of siteResources) { - await trx - .delete(userResources) - .where( - and( - eq(userResources.userId, userId), - eq(userResources.resourceId, resource.resourceId) - ) - ) - .returning(); - } + // const siteResources = await trx + // .select() + // .from(resources) + // .where(eq(resources.siteId, siteId)); + // + // for (const resource of siteResources) { + // await trx + // .delete(userResources) + // .where( + // and( + // eq(userResources.userId, userId), + // eq(userResources.resourceId, resource.resourceId) + // ) + // ) + // .returning(); + // } }); return response(res, { diff --git a/server/routers/user/setUserRoles.ts b/server/routers/user/setUserRoles.ts index e89c989b..55a17180 100644 --- a/server/routers/user/setUserRoles.ts +++ b/server/routers/user/setUserRoles.ts @@ -1,7 +1,7 @@ import { Request, Response, NextFunction } from "express"; import { z } from "zod"; import { db } from "@server/db"; -import { userOrgs, roles } from "@server/db/schemas"; +import { userOrgs, roles } from "@server/db"; import { eq, and, inArray } from "drizzle-orm"; import response from "@server/lib/response"; import HttpCode from "@server/types/HttpCode"; diff --git a/server/routers/ws.ts b/server/routers/ws.ts deleted file mode 100644 index c4ee8874..00000000 --- a/server/routers/ws.ts +++ /dev/null @@ -1,253 +0,0 @@ -import { Router, Request, Response } from "express"; -import { Server as HttpServer } from "http"; -import { WebSocket, WebSocketServer } from "ws"; -import { IncomingMessage } from "http"; -import { Socket } from "net"; -import { Newt, newts, NewtSession } from "@server/db/schemas"; -import { eq } from "drizzle-orm"; -import db from "@server/db"; -import { validateNewtSessionToken } from "@server/auth/sessions/newt"; -import { messageHandlers } from "./messageHandlers"; -import logger from "@server/logger"; - -// Custom interfaces -interface WebSocketRequest extends IncomingMessage { - token?: string; -} - -interface AuthenticatedWebSocket extends WebSocket { - newt?: Newt; -} - -interface TokenPayload { - newt: Newt; - session: NewtSession; -} - -interface WSMessage { - type: string; - data: any; -} - -interface HandlerResponse { - message: WSMessage; - broadcast?: boolean; - excludeSender?: boolean; - targetNewtId?: string; -} - -interface HandlerContext { - message: WSMessage; - senderWs: WebSocket; - newt: Newt | undefined; - sendToClient: (newtId: string, message: WSMessage) => boolean; - broadcastToAllExcept: (message: WSMessage, excludeNewtId?: string) => void; - connectedClients: Map; -} - -export type MessageHandler = (context: HandlerContext) => Promise; - -const router: Router = Router(); -const wss: WebSocketServer = new WebSocketServer({ noServer: true }); - -// Client tracking map -let connectedClients: Map = new Map(); - -// Helper functions for client management -const addClient = (newtId: string, ws: AuthenticatedWebSocket): void => { - const existingClients = connectedClients.get(newtId) || []; - existingClients.push(ws); - connectedClients.set(newtId, existingClients); - logger.info(`Client added to tracking - Newt ID: ${newtId}, Total connections: ${existingClients.length}`); -}; - -const removeClient = (newtId: string, ws: AuthenticatedWebSocket): void => { - const existingClients = connectedClients.get(newtId) || []; - const updatedClients = existingClients.filter(client => client !== ws); - - if (updatedClients.length === 0) { - connectedClients.delete(newtId); - logger.info(`All connections removed for Newt ID: ${newtId}`); - } else { - connectedClients.set(newtId, updatedClients); - logger.info(`Connection removed - Newt ID: ${newtId}, Remaining connections: ${updatedClients.length}`); - } -}; - -// Helper functions for sending messages -const sendToClient = (newtId: string, message: WSMessage): boolean => { - const clients = connectedClients.get(newtId); - if (!clients || clients.length === 0) { - logger.info(`No active connections found for Newt ID: ${newtId}`); - return false; - } - - const messageString = JSON.stringify(message); - clients.forEach(client => { - if (client.readyState === WebSocket.OPEN) { - client.send(messageString); - } - }); - return true; -}; - -const broadcastToAllExcept = (message: WSMessage, excludeNewtId?: string): void => { - connectedClients.forEach((clients, newtId) => { - if (newtId !== excludeNewtId) { - clients.forEach(client => { - if (client.readyState === WebSocket.OPEN) { - client.send(JSON.stringify(message)); - } - }); - } - }); -}; - -// Token verification middleware (unchanged) -const verifyToken = async (token: string): Promise => { - try { - const { session, newt } = await validateNewtSessionToken(token); - - if (!session || !newt) { - return null; - } - - const existingNewt = await db - .select() - .from(newts) - .where(eq(newts.newtId, newt.newtId)); - - if (!existingNewt || !existingNewt[0]) { - return null; - } - - return { newt: existingNewt[0], session }; - } catch (error) { - logger.error("Token verification failed:", error); - return null; - } -}; - -const setupConnection = (ws: AuthenticatedWebSocket, newt: Newt): void => { - logger.info("Establishing websocket connection"); - - if (!newt) { - logger.error("Connection attempt without newt"); - return ws.terminate(); - } - - ws.newt = newt; - - // Add client to tracking - addClient(newt.newtId, ws); - - ws.on("message", async (data) => { - try { - const message: WSMessage = JSON.parse(data.toString()); - // logger.info(`Message received from Newt ID ${newtId}:`, message); - - // Validate message format - if (!message.type || typeof message.type !== "string") { - throw new Error("Invalid message format: missing or invalid type"); - } - - // Get the appropriate handler for the message type - const handler = messageHandlers[message.type]; - if (!handler) { - throw new Error(`Unsupported message type: ${message.type}`); - } - - // Process the message and get response - const response = await handler({ - message, - senderWs: ws, - newt: ws.newt, - sendToClient, - broadcastToAllExcept, - connectedClients - }); - - // Send response if one was returned - if (response) { - if (response.broadcast) { - // Broadcast to all clients except sender if specified - broadcastToAllExcept(response.message, response.excludeSender ? newt.newtId : undefined); - } else if (response.targetNewtId) { - // Send to specific client if targetNewtId is provided - sendToClient(response.targetNewtId, response.message); - } else { - // Send back to sender - ws.send(JSON.stringify(response.message)); - } - } - - } catch (error) { - logger.error("Message handling error:", error); - ws.send(JSON.stringify({ - type: "error", - data: { - message: error instanceof Error ? error.message : "Unknown error occurred", - originalMessage: data.toString() - } - })); - } - }); - - ws.on("close", () => { - removeClient(newt.newtId, ws); - logger.info(`Client disconnected - Newt ID: ${newt.newtId}`); - }); - - ws.on("error", (error: Error) => { - logger.error(`WebSocket error for Newt ID ${newt.newtId}:`, error); - }); - - logger.info(`WebSocket connection established - Newt ID: ${newt.newtId}`); -}; - -// Router endpoint (unchanged) -router.get("/ws", (req: Request, res: Response) => { - res.status(200).send("WebSocket endpoint"); -}); - -// WebSocket upgrade handler -const handleWSUpgrade = (server: HttpServer): void => { - server.on("upgrade", async (request: WebSocketRequest, socket: Socket, head: Buffer) => { - try { - const token = request.url?.includes("?") - ? new URLSearchParams(request.url.split("?")[1]).get("token") || "" - : request.headers["sec-websocket-protocol"]; - - if (!token) { - logger.warn("Unauthorized connection attempt: no token..."); - socket.write("HTTP/1.1 401 Unauthorized\r\n\r\n"); - socket.destroy(); - return; - } - - const tokenPayload = await verifyToken(token); - if (!tokenPayload) { - logger.warn("Unauthorized connection attempt: invalid token..."); - socket.write("HTTP/1.1 401 Unauthorized\r\n\r\n"); - socket.destroy(); - return; - } - - wss.handleUpgrade(request, socket, head, (ws: AuthenticatedWebSocket) => { - setupConnection(ws, tokenPayload.newt); - }); - } catch (error) { - logger.error("WebSocket upgrade error:", error); - socket.write("HTTP/1.1 500 Internal Server Error\r\n\r\n"); - socket.destroy(); - } - }); -}; - -export { - router, - handleWSUpgrade, - sendToClient, - broadcastToAllExcept, - connectedClients -}; diff --git a/server/routers/ws/client.ts b/server/routers/ws/client.ts new file mode 100644 index 00000000..13b5d0da --- /dev/null +++ b/server/routers/ws/client.ts @@ -0,0 +1,315 @@ +import WebSocket from 'ws'; +import axios from 'axios'; +import { URL } from 'url'; +import { EventEmitter } from 'events'; +import logger from '@server/logger'; + +export interface Config { + id: string; + secret: string; + endpoint: string; +} + +export interface WSMessage { + type: string; + data: any; +} + +export type MessageHandler = (message: WSMessage) => void; + +export interface ClientOptions { + baseURL?: string; + reconnectInterval?: number; + pingInterval?: number; + pingTimeout?: number; +} + +export class WebSocketClient extends EventEmitter { + private conn: WebSocket | null = null; + private baseURL: string; + private handlers: Map = new Map(); + private reconnectInterval: number; + private isConnected: boolean = false; + private pingInterval: number; + private pingTimeout: number; + private shouldReconnect: boolean = true; + private reconnectTimer: NodeJS.Timeout | null = null; + private pingTimer: NodeJS.Timeout | null = null; + private pingTimeoutTimer: NodeJS.Timeout | null = null; + private token: string; + private isConnecting: boolean = false; + + constructor( + token: string, + endpoint: string, + options: ClientOptions = {} + ) { + super(); + + this.token = token; + this.baseURL = options.baseURL || endpoint; + this.reconnectInterval = options.reconnectInterval || 5000; + this.pingInterval = options.pingInterval || 30000; + this.pingTimeout = options.pingTimeout || 10000; + } + + public async connect(): Promise { + this.shouldReconnect = true; + if (!this.isConnecting) { + await this.connectWithRetry(); + } + } + + public async close(): Promise { + this.shouldReconnect = false; + + // Clear timers + if (this.reconnectTimer) { + clearTimeout(this.reconnectTimer); + this.reconnectTimer = null; + } + if (this.pingTimer) { + clearInterval(this.pingTimer); + this.pingTimer = null; + } + if (this.pingTimeoutTimer) { + clearTimeout(this.pingTimeoutTimer); + this.pingTimeoutTimer = null; + } + + if (this.conn) { + this.conn.close(1000, 'Client closing'); + this.conn = null; + } + + this.setConnected(false); + } + + public sendMessage(messageType: string, data: any): Promise { + return new Promise((resolve, reject) => { + if (!this.conn || this.conn.readyState !== WebSocket.OPEN) { + reject(new Error('Not connected')); + return; + } + + const message: WSMessage = { + type: messageType, + data: data + }; + + logger.debug(`Sending message: ${messageType}`, data); + + this.conn.send(JSON.stringify(message), (error) => { + if (error) { + reject(error); + } else { + resolve(); + } + }); + }); + } + + public sendMessageInterval( + messageType: string, + data: any, + interval: number + ): () => void { + // Send immediately + this.sendMessage(messageType, data).catch(err => { + logger.error('Failed to send initial message:', err); + }); + + // Set up interval + const intervalId = setInterval(() => { + this.sendMessage(messageType, data).catch(err => { + logger.error('Failed to send message:', err); + }); + }, interval); + + // Return stop function + return () => { + clearInterval(intervalId); + }; + } + + public registerHandler(messageType: string, handler: MessageHandler): void { + this.handlers.set(messageType, handler); + } + + public unregisterHandler(messageType: string): void { + this.handlers.delete(messageType); + } + + public isClientConnected(): boolean { + return this.isConnected; + } + + private async connectWithRetry(): Promise { + if (this.isConnecting || this.isConnected) return; + + this.isConnecting = true; + + while (this.shouldReconnect && !this.isConnected && this.isConnecting) { + try { + await this.establishConnection(); + this.isConnecting = false; + return; + } catch (error) { + logger.error(`Failed to connect: ${error}. Retrying in ${this.reconnectInterval}ms...`); + + if (!this.shouldReconnect || !this.isConnecting) { + this.isConnecting = false; + return; + } + + await new Promise(resolve => { + this.reconnectTimer = setTimeout(resolve, this.reconnectInterval); + }); + } + } + + this.isConnecting = false; + } + + private async establishConnection(): Promise { + // Clean up any existing connection before establishing a new one + if (this.conn) { + this.conn.removeAllListeners(); + this.conn.close(); + this.conn = null; + } + + // Parse the base URL to determine protocol and hostname + const baseURL = new URL(this.baseURL); + const wsProtocol = baseURL.protocol === 'https:' ? 'wss' : 'ws'; + const wsURL = new URL(`${wsProtocol}://${baseURL.host}/api/v1/ws`); + + // Add token and client type to query parameters + wsURL.searchParams.set('token', this.token); + wsURL.searchParams.set('clientType', "remoteExitNode"); + + return new Promise((resolve, reject) => { + const conn = new WebSocket(wsURL.toString()); + + conn.on('open', () => { + logger.debug('WebSocket connection established'); + this.conn = conn; + this.setConnected(true); + this.isConnecting = false; + this.startPingMonitor(); + this.emit('connect'); + resolve(); + }); + + conn.on('message', (data: WebSocket.Data) => { + try { + const message: WSMessage = JSON.parse(data.toString()); + const handler = this.handlers.get(message.type); + if (handler) { + handler(message); + } + this.emit('message', message); + } catch (error) { + logger.error('Failed to parse message:', error); + } + }); + + conn.on('close', (code, reason) => { + logger.debug(`WebSocket connection closed: ${code} ${reason}`); + this.handleDisconnect(); + }); + + conn.on('error', (error) => { + logger.error('WebSocket error:', error); + if (this.conn === null) { + // Connection failed during establishment + reject(error); + } + // Don't call handleDisconnect here as the 'close' event will handle it + }); + + conn.on('pong', () => { + if (this.pingTimeoutTimer) { + clearTimeout(this.pingTimeoutTimer); + this.pingTimeoutTimer = null; + } + }); + }); + } + + private startPingMonitor(): void { + // Clear any existing ping timer to prevent duplicates + if (this.pingTimer) { + clearInterval(this.pingTimer); + this.pingTimer = null; + } + + this.pingTimer = setInterval(() => { + if (this.conn && this.conn.readyState === WebSocket.OPEN) { + this.conn.ping(); + + // Set timeout for pong response + this.pingTimeoutTimer = setTimeout(() => { + logger.error('Ping timeout - no pong received'); + this.handleDisconnect(); + }, this.pingTimeout); + } + }, this.pingInterval); + } + + private handleDisconnect(): void { + // Prevent multiple disconnect handlers from running simultaneously + if (!this.isConnected && !this.isConnecting) { + return; + } + + this.setConnected(false); + this.isConnecting = false; + + // Clear ping timers + if (this.pingTimer) { + clearInterval(this.pingTimer); + this.pingTimer = null; + } + if (this.pingTimeoutTimer) { + clearTimeout(this.pingTimeoutTimer); + this.pingTimeoutTimer = null; + } + + // Clear any existing reconnect timer to prevent multiple reconnection attempts + if (this.reconnectTimer) { + clearTimeout(this.reconnectTimer); + this.reconnectTimer = null; + } + + if (this.conn) { + this.conn.removeAllListeners(); + this.conn = null; + } + + this.emit('disconnect'); + + // Reconnect if needed + if (this.shouldReconnect) { + // Add a small delay before starting reconnection to prevent immediate retry + this.reconnectTimer = setTimeout(() => { + this.connectWithRetry(); + }, 1000); + } + } + + private setConnected(status: boolean): void { + this.isConnected = status; + } +} + +// Factory function for easier instantiation +export function createWebSocketClient( + token: string, + endpoint: string, + options?: ClientOptions +): WebSocketClient { + return new WebSocketClient(token, endpoint, options); +} + +export default WebSocketClient; \ No newline at end of file diff --git a/server/routers/ws/index.ts b/server/routers/ws/index.ts new file mode 100644 index 00000000..cf95932c --- /dev/null +++ b/server/routers/ws/index.ts @@ -0,0 +1 @@ +export * from "./ws"; \ No newline at end of file diff --git a/server/routers/ws/messageHandlers.ts b/server/routers/ws/messageHandlers.ts new file mode 100644 index 00000000..a30daf43 --- /dev/null +++ b/server/routers/ws/messageHandlers.ts @@ -0,0 +1,29 @@ +import { + handleNewtRegisterMessage, + handleReceiveBandwidthMessage, + handleGetConfigMessage, + handleDockerStatusMessage, + handleDockerContainersMessage, + handleNewtPingRequestMessage +} from "../newt"; +import { + handleOlmRegisterMessage, + handleOlmRelayMessage, + handleOlmPingMessage, + startOlmOfflineChecker +} from "../olm"; +import { MessageHandler } from "./ws"; + +export const messageHandlers: Record = { + "newt/wg/register": handleNewtRegisterMessage, + "olm/wg/register": handleOlmRegisterMessage, + "newt/wg/get-config": handleGetConfigMessage, + "newt/receive-bandwidth": handleReceiveBandwidthMessage, + "olm/wg/relay": handleOlmRelayMessage, + "olm/ping": handleOlmPingMessage, + "newt/socket/status": handleDockerStatusMessage, + "newt/socket/containers": handleDockerContainersMessage, + "newt/ping/request": handleNewtPingRequestMessage +}; + +startOlmOfflineChecker(); // this is to handle the offline check for olms diff --git a/server/routers/ws/ws.ts b/server/routers/ws/ws.ts new file mode 100644 index 00000000..8fb773d3 --- /dev/null +++ b/server/routers/ws/ws.ts @@ -0,0 +1,340 @@ +import { Router, Request, Response } from "express"; +import { Server as HttpServer } from "http"; +import { WebSocket, WebSocketServer } from "ws"; +import { IncomingMessage } from "http"; +import { Socket } from "net"; +import { Newt, newts, NewtSession, olms, Olm, OlmSession } from "@server/db"; +import { eq } from "drizzle-orm"; +import { db } from "@server/db"; +import { validateNewtSessionToken } from "@server/auth/sessions/newt"; +import { validateOlmSessionToken } from "@server/auth/sessions/olm"; +import { messageHandlers } from "./messageHandlers"; +import logger from "@server/logger"; +import { v4 as uuidv4 } from "uuid"; + +// Custom interfaces +interface WebSocketRequest extends IncomingMessage { + token?: string; +} + +type ClientType = 'newt' | 'olm'; + +interface AuthenticatedWebSocket extends WebSocket { + client?: Newt | Olm; + clientType?: ClientType; + connectionId?: string; +} + +interface TokenPayload { + client: Newt | Olm; + session: NewtSession | OlmSession; + clientType: ClientType; +} + +interface WSMessage { + type: string; + data: any; +} + +interface HandlerResponse { + message: WSMessage; + broadcast?: boolean; + excludeSender?: boolean; + targetClientId?: string; +} + +interface HandlerContext { + message: WSMessage; + senderWs: WebSocket; + client: Newt | Olm | undefined; + clientType: ClientType; + sendToClient: (clientId: string, message: WSMessage) => Promise; + broadcastToAllExcept: (message: WSMessage, excludeClientId?: string) => Promise; + connectedClients: Map; +} + +export type MessageHandler = (context: HandlerContext) => Promise; + +const router: Router = Router(); +const wss: WebSocketServer = new WebSocketServer({ noServer: true }); + +// Generate unique node ID for this instance +const NODE_ID = uuidv4(); + +// Client tracking map (local to this node) +const connectedClients: Map = new Map(); +// Helper to get map key +const getClientMapKey = (clientId: string) => clientId; + +// Helper functions for client management +const addClient = async (clientType: ClientType, clientId: string, ws: AuthenticatedWebSocket): Promise => { + // Generate unique connection ID + const connectionId = uuidv4(); + ws.connectionId = connectionId; + + // Add to local tracking + const mapKey = getClientMapKey(clientId); + const existingClients = connectedClients.get(mapKey) || []; + existingClients.push(ws); + connectedClients.set(mapKey, existingClients); + + logger.info(`Client added to tracking - ${clientType.toUpperCase()} ID: ${clientId}, Connection ID: ${connectionId}, Total connections: ${existingClients.length}`); +}; + +const removeClient = async (clientType: ClientType, clientId: string, ws: AuthenticatedWebSocket): Promise => { + const mapKey = getClientMapKey(clientId); + const existingClients = connectedClients.get(mapKey) || []; + const updatedClients = existingClients.filter(client => client !== ws); + if (updatedClients.length === 0) { + connectedClients.delete(mapKey); + + logger.info(`All connections removed for ${clientType.toUpperCase()} ID: ${clientId}`); + } else { + connectedClients.set(mapKey, updatedClients); + + logger.info(`Connection removed - ${clientType.toUpperCase()} ID: ${clientId}, Remaining connections: ${updatedClients.length}`); + } +}; + +// Local message sending (within this node) +const sendToClientLocal = async (clientId: string, message: WSMessage): Promise => { + const mapKey = getClientMapKey(clientId); + const clients = connectedClients.get(mapKey); + if (!clients || clients.length === 0) { + return false; + } + const messageString = JSON.stringify(message); + clients.forEach(client => { + if (client.readyState === WebSocket.OPEN) { + client.send(messageString); + } + }); + return true; +}; + +const broadcastToAllExceptLocal = async (message: WSMessage, excludeClientId?: string): Promise => { + connectedClients.forEach((clients, mapKey) => { + const [type, id] = mapKey.split(":"); + if (!(excludeClientId && id === excludeClientId)) { + clients.forEach(client => { + if (client.readyState === WebSocket.OPEN) { + client.send(JSON.stringify(message)); + } + }); + } + }); +}; + +// Cross-node message sending +const sendToClient = async (clientId: string, message: WSMessage): Promise => { + // Try to send locally first + const localSent = await sendToClientLocal(clientId, message); + + return localSent; +}; + +const broadcastToAllExcept = async (message: WSMessage, excludeClientId?: string): Promise => { + // Broadcast locally + await broadcastToAllExceptLocal(message, excludeClientId); +}; + +// Check if a client has active connections across all nodes +const hasActiveConnections = async (clientId: string): Promise => { + const mapKey = getClientMapKey(clientId); + const clients = connectedClients.get(mapKey); + return !!(clients && clients.length > 0); +}; + +// Get all active nodes for a client +const getActiveNodes = async (clientType: ClientType, clientId: string): Promise => { + const mapKey = getClientMapKey(clientId); + const clients = connectedClients.get(mapKey); + return (clients && clients.length > 0) ? [NODE_ID] : []; +}; + +// Token verification middleware +const verifyToken = async (token: string, clientType: ClientType): Promise => { + +try { + if (clientType === 'newt') { + const { session, newt } = await validateNewtSessionToken(token); + if (!session || !newt) { + return null; + } + const existingNewt = await db + .select() + .from(newts) + .where(eq(newts.newtId, newt.newtId)); + if (!existingNewt || !existingNewt[0]) { + return null; + } + return { client: existingNewt[0], session, clientType }; + } else { + const { session, olm } = await validateOlmSessionToken(token); + if (!session || !olm) { + return null; + } + const existingOlm = await db + .select() + .from(olms) + .where(eq(olms.olmId, olm.olmId)); + if (!existingOlm || !existingOlm[0]) { + return null; + } + return { client: existingOlm[0], session, clientType }; + } + } catch (error) { + logger.error("Token verification failed:", error); + return null; + } +}; + +const setupConnection = async (ws: AuthenticatedWebSocket, client: Newt | Olm, clientType: ClientType): Promise => { + logger.info("Establishing websocket connection"); + if (!client) { + logger.error("Connection attempt without client"); + return ws.terminate(); + } + + ws.client = client; + ws.clientType = clientType; + + // Add client to tracking + const clientId = clientType === 'newt' ? (client as Newt).newtId : (client as Olm).olmId; + await addClient(clientType, clientId, ws); + + ws.on("message", async (data) => { + try { + const message: WSMessage = JSON.parse(data.toString()); + + if (!message.type || typeof message.type !== "string") { + throw new Error("Invalid message format: missing or invalid type"); + } + + const handler = messageHandlers[message.type]; + if (!handler) { + throw new Error(`Unsupported message type: ${message.type}`); + } + + const response = await handler({ + message, + senderWs: ws, + client: ws.client, + clientType: ws.clientType!, + sendToClient, + broadcastToAllExcept, + connectedClients + }); + + if (response) { + if (response.broadcast) { + await broadcastToAllExcept( + response.message, + response.excludeSender ? clientId : undefined + ); + } else if (response.targetClientId) { + await sendToClient(response.targetClientId, response.message); + } else { + ws.send(JSON.stringify(response.message)); + } + } + } catch (error) { + logger.error("Message handling error:", error); + ws.send(JSON.stringify({ + type: "error", + data: { + message: error instanceof Error ? error.message : "Unknown error occurred", + originalMessage: data.toString() + } + })); + } + }); + + ws.on("close", () => { + removeClient(clientType, clientId, ws); + logger.info(`Client disconnected - ${clientType.toUpperCase()} ID: ${clientId}`); + }); + + ws.on("error", (error: Error) => { + logger.error(`WebSocket error for ${clientType.toUpperCase()} ID ${clientId}:`, error); + }); + + logger.info(`WebSocket connection established - ${clientType.toUpperCase()} ID: ${clientId}`); +}; + +// Router endpoint +router.get("/ws", (req: Request, res: Response) => { + res.status(200).send("WebSocket endpoint"); +}); + +// WebSocket upgrade handler +const handleWSUpgrade = (server: HttpServer): void => { + server.on("upgrade", async (request: WebSocketRequest, socket: Socket, head: Buffer) => { + try { + const url = new URL(request.url || '', `http://${request.headers.host}`); + const token = url.searchParams.get('token') || request.headers["sec-websocket-protocol"] || ''; + let clientType = url.searchParams.get('clientType') as ClientType; + + if (!clientType) { + clientType = "newt"; + } + + if (!token || !clientType || !['newt', 'olm'].includes(clientType)) { + logger.warn("Unauthorized connection attempt: invalid token or client type..."); + socket.write("HTTP/1.1 401 Unauthorized\r\n\r\n"); + socket.destroy(); + return; + } + + const tokenPayload = await verifyToken(token, clientType); + if (!tokenPayload) { + logger.warn("Unauthorized connection attempt: invalid token..."); + socket.write("HTTP/1.1 401 Unauthorized\r\n\r\n"); + socket.destroy(); + return; + } + + wss.handleUpgrade(request, socket, head, (ws: AuthenticatedWebSocket) => { + setupConnection(ws, tokenPayload.client, tokenPayload.clientType); + }); + } catch (error) { + logger.error("WebSocket upgrade error:", error); + socket.write("HTTP/1.1 500 Internal Server Error\r\n\r\n"); + socket.destroy(); + } + }); +}; + +// Cleanup function for graceful shutdown +const cleanup = async (): Promise => { + try { + // Close all WebSocket connections + connectedClients.forEach((clients) => { + clients.forEach(client => { + if (client.readyState === WebSocket.OPEN) { + client.terminate(); + } + }); + }); + + logger.info('WebSocket cleanup completed'); + } catch (error) { + logger.error('Error during WebSocket cleanup:', error); + } +}; + +// Handle process termination +process.on('SIGTERM', cleanup); +process.on('SIGINT', cleanup); + +export { + router, + handleWSUpgrade, + sendToClient, + broadcastToAllExcept, + connectedClients, + hasActiveConnections, + getActiveNodes, + NODE_ID, + cleanup +}; diff --git a/server/setup/clearStaleData.ts b/server/setup/clearStaleData.ts index 4d95107e..220a64f5 100644 --- a/server/setup/clearStaleData.ts +++ b/server/setup/clearStaleData.ts @@ -8,7 +8,7 @@ import { resourceSessions, sessions, userInvites -} from "@server/db/schemas"; +} from "@server/db"; import logger from "@server/logger"; import { lt } from "drizzle-orm"; diff --git a/server/setup/copyInConfig.ts b/server/setup/copyInConfig.ts index ec5a137b..b8c00192 100644 --- a/server/setup/copyInConfig.ts +++ b/server/setup/copyInConfig.ts @@ -1,5 +1,5 @@ import { db } from "@server/db"; -import { domains, exitNodes, orgDomains, orgs, resources } from "../db/schemas/schema"; +import { domains, exitNodes, orgDomains, orgs, resources } from "@server/db"; import config from "@server/lib/config"; import { eq, ne } from "drizzle-orm"; import logger from "@server/logger"; @@ -8,8 +8,31 @@ export async function copyInConfig() { const endpoint = config.getRawConfig().gerbil.base_endpoint; const listenPort = config.getRawConfig().gerbil.start_port; + if (!config.getRawConfig().flags?.disable_config_managed_domains && config.getRawConfig().domains) { + await copyInDomains(); + } + + const exitNodeName = config.getRawConfig().gerbil.exit_node_name; + if (exitNodeName) { + await db + .update(exitNodes) + .set({ endpoint, listenPort }) + .where(eq(exitNodes.name, exitNodeName)); + } else { + await db + .update(exitNodes) + .set({ endpoint }) + .where(ne(exitNodes.endpoint, endpoint)); + await db + .update(exitNodes) + .set({ listenPort }) + .where(ne(exitNodes.listenPort, listenPort)); + } +} + +async function copyInDomains() { await db.transaction(async (trx) => { - const rawDomains = config.getRawConfig().domains; + const rawDomains = config.getRawConfig().domains!; // always defined if disable flag is not set const configDomains = Object.entries(rawDomains).map( ([key, value]) => ({ @@ -40,13 +63,19 @@ export async function copyInConfig() { if (existingDomainKeys.has(domainId)) { await trx .update(domains) - .set({ baseDomain }) + .set({ baseDomain, verified: true, type: "wildcard" }) .where(eq(domains.domainId, domainId)) .execute(); } else { await trx .insert(domains) - .values({ domainId, baseDomain, configManaged: true }) + .values({ + domainId, + baseDomain, + configManaged: true, + type: "wildcard", + verified: true + }) .execute(); } } @@ -92,7 +121,7 @@ export async function copyInConfig() { } let fullDomain = ""; - if (resource.isBaseDomain) { + if (!resource.subdomain) { fullDomain = domain.baseDomain; } else { fullDomain = `${resource.subdomain}.${domain.baseDomain}`; @@ -104,15 +133,4 @@ export async function copyInConfig() { .where(eq(resources.resourceId, resource.resourceId)); } }); - - // TODO: eventually each exit node could have a different endpoint - await db - .update(exitNodes) - .set({ endpoint }) - .where(ne(exitNodes.endpoint, endpoint)); - // TODO: eventually each exit node could have a different port - await db - .update(exitNodes) - .set({ listenPort }) - .where(ne(exitNodes.listenPort, listenPort)); } diff --git a/server/setup/ensureActions.ts b/server/setup/ensureActions.ts index 0d789e1d..7fd5384a 100644 --- a/server/setup/ensureActions.ts +++ b/server/setup/ensureActions.ts @@ -1,6 +1,6 @@ import { ActionsEnum } from "@server/auth/actions"; import { db } from "@server/db"; -import { actions, roles, roleActions } from "../db/schemas/schema"; +import { actions, roles, roleActions } from "@server/db"; import { eq, inArray } from "drizzle-orm"; import logger from "@server/logger"; @@ -22,85 +22,37 @@ export async function ensureActions() { .where(eq(roles.isAdmin, true)) .execute(); - await db.transaction(async (trx) => { + await db.transaction(async (trx) => { + // Add new actions + for (const actionId of actionsToAdd) { + logger.debug(`Adding action: ${actionId}`); + await trx.insert(actions).values({ actionId }).execute(); + // Add new actions to the Default role + if (defaultRoles.length != 0) { + await trx + .insert(roleActions) + .values( + defaultRoles.map((role) => ({ + roleId: role.roleId!, + actionId, + orgId: role.orgId! + })) + ) + .execute(); + } + } - // Add new actions - for (const actionId of actionsToAdd) { - logger.debug(`Adding action: ${actionId}`); - await trx.insert(actions).values({ actionId }).execute(); - // Add new actions to the Default role - if (defaultRoles.length != 0) { + // Remove deprecated actions + if (actionsToRemove.length > 0) { + logger.debug(`Removing actions: ${actionsToRemove.join(", ")}`); await trx - .insert(roleActions) - .values( - defaultRoles.map((role) => ({ - roleId: role.roleId!, - actionId, - orgId: role.orgId! - })) - ) + .delete(actions) + .where(inArray(actions.actionId, actionsToRemove)) + .execute(); + await trx + .delete(roleActions) + .where(inArray(roleActions.actionId, actionsToRemove)) .execute(); } - } - - // Remove deprecated actions - if (actionsToRemove.length > 0) { - logger.debug(`Removing actions: ${actionsToRemove.join(", ")}`); - await trx - .delete(actions) - .where(inArray(actions.actionId, actionsToRemove)) - .execute(); - await trx - .delete(roleActions) - .where(inArray(roleActions.actionId, actionsToRemove)) - .execute(); - } -}); -} - -export async function createAdminRole(orgId: string) { - let roleId: any; - await db.transaction(async (trx) => { - - const [insertedRole] = await trx - .insert(roles) - .values({ - orgId, - isAdmin: true, - name: "Admin", - description: "Admin role with the most permissions" - }) - .returning({ roleId: roles.roleId }) - .execute(); - - if (!insertedRole || !insertedRole.roleId) { - throw new Error("Failed to create Admin role"); - } - - roleId = insertedRole.roleId; - - const actionIds = await trx.select().from(actions).execute(); - - if (actionIds.length === 0) { - logger.info("No actions to assign to the Admin role"); - return; - } - - await trx - .insert(roleActions) - .values( - actionIds.map((action) => ({ - roleId, - actionId: action.actionId, - orgId - })) - ) - .execute(); }); - - if (!roleId) { - throw new Error("Failed to create Admin role"); - } - - return roleId; } diff --git a/server/setup/ensureSetupToken.ts b/server/setup/ensureSetupToken.ts new file mode 100644 index 00000000..078c99ee --- /dev/null +++ b/server/setup/ensureSetupToken.ts @@ -0,0 +1,79 @@ +import { db, setupTokens, users } from "@server/db"; +import { eq } from "drizzle-orm"; +import { generateRandomString, RandomReader } from "@oslojs/crypto/random"; +import moment from "moment"; +import logger from "@server/logger"; +import config from "@server/lib/config"; + +const random: RandomReader = { + read(bytes: Uint8Array): void { + crypto.getRandomValues(bytes); + } +}; + +function generateToken(): string { + // Generate a 32-character alphanumeric token + const alphabet = "abcdefghijklmnopqrstuvwxyz0123456789"; + return generateRandomString(random, alphabet, 32); +} + +function generateId(length: number): string { + const alphabet = "abcdefghijklmnopqrstuvwxyz0123456789"; + return generateRandomString(random, alphabet, length); +} + +export async function ensureSetupToken() { + if (config.isManagedMode()) { + // LETS NOT WORRY ABOUT THE SERVER SECRET WHEN HYBRID + return; + } + + try { + // Check if a server admin already exists + const [existingAdmin] = await db + .select() + .from(users) + .where(eq(users.serverAdmin, true)); + + // If admin exists, no need for setup token + if (existingAdmin) { + logger.warn("Server admin exists. Setup token generation skipped."); + return; + } + + // Check if a setup token already exists + const existingTokens = await db + .select() + .from(setupTokens) + .where(eq(setupTokens.used, false)); + + // If unused token exists, display it instead of creating a new one + if (existingTokens.length > 0) { + console.log("=== SETUP TOKEN EXISTS ==="); + console.log("Token:", existingTokens[0].token); + console.log("Use this token on the initial setup page"); + console.log("================================"); + return; + } + + // Generate a new setup token + const token = generateToken(); + const tokenId = generateId(15); + + await db.insert(setupTokens).values({ + tokenId: tokenId, + token: token, + used: false, + dateCreated: moment().toISOString(), + dateUsed: null + }); + + console.log("=== SETUP TOKEN GENERATED ==="); + console.log("Token:", token); + console.log("Use this token on the initial setup page"); + console.log("================================"); + } catch (error) { + console.error("Failed to ensure setup token:", error); + throw error; + } +} \ No newline at end of file diff --git a/server/setup/index.ts b/server/setup/index.ts index b93af2aa..2dfb633e 100644 --- a/server/setup/index.ts +++ b/server/setup/index.ts @@ -1,17 +1,11 @@ import { ensureActions } from "./ensureActions"; import { copyInConfig } from "./copyInConfig"; -import { setupServerAdmin } from "./setupServerAdmin"; -import logger from "@server/logger"; import { clearStaleData } from "./clearStaleData"; +import { ensureSetupToken } from "./ensureSetupToken"; export async function runSetupFunctions() { - try { - await copyInConfig(); // copy in the config to the db as needed - await setupServerAdmin(); - await ensureActions(); // make sure all of the actions are in the db and the roles - await clearStaleData(); - } catch (error) { - logger.error("Error running setup functions:", error); - process.exit(1); - } + await copyInConfig(); // copy in the config to the db as needed + await ensureActions(); // make sure all of the actions are in the db and the roles + await clearStaleData(); + await ensureSetupToken(); // ensure setup token exists for initial setup } diff --git a/server/setup/migrationsPg.ts b/server/setup/migrationsPg.ts new file mode 100644 index 00000000..6b3f20b9 --- /dev/null +++ b/server/setup/migrationsPg.ts @@ -0,0 +1,146 @@ +#! /usr/bin/env node +import { migrate } from "drizzle-orm/node-postgres/migrator"; +import { db } from "../db/pg"; +import semver from "semver"; +import { versionMigrations } from "../db/pg"; +import { __DIRNAME, APP_VERSION } from "@server/lib/consts"; +import path from "path"; +import m1 from "./scriptsPg/1.6.0"; +import m2 from "./scriptsPg/1.7.0"; +import m3 from "./scriptsPg/1.8.0"; +import m4 from "./scriptsPg/1.9.0"; + +// THIS CANNOT IMPORT ANYTHING FROM THE SERVER +// EXCEPT FOR THE DATABASE AND THE SCHEMA + +// Define the migration list with versions and their corresponding functions +const migrations = [ + { version: "1.6.0", run: m1 }, + { version: "1.7.0", run: m2 }, + { version: "1.8.0", run: m3 }, + { version: "1.9.0", run: m4 } + // Add new migrations here as they are created +] as { + version: string; + run: () => Promise; +}[]; + +await run(); + +async function run() { + // run the migrations + await runMigrations(); +} + +export async function runMigrations() { + if (process.env.DISABLE_MIGRATIONS) { + console.log("Migrations are disabled. Skipping..."); + return; + } + try { + const appVersion = APP_VERSION; + + // determine if the migrations table exists + const exists = await db + .select() + .from(versionMigrations) + .limit(1) + .execute() + .then((res) => res.length > 0) + .catch(() => false); + + if (exists) { + console.log("Migrations table exists, running scripts..."); + await executeScripts(); + } else { + console.log("Migrations table does not exist, creating it..."); + console.log("Running migrations..."); + try { + await migrate(db, { + migrationsFolder: path.join(__DIRNAME, "init") // put here during the docker build + }); + console.log("Migrations completed successfully."); + } catch (error) { + console.error("Error running migrations:", error); + } + + await db + .insert(versionMigrations) + .values({ + version: appVersion, + executedAt: Date.now() + }) + .execute(); + } + } catch (e) { + console.error("Error running migrations:", e); + await new Promise((resolve) => + setTimeout(resolve, 1000 * 60 * 60 * 24 * 1) + ); + } +} + +async function executeScripts() { + try { + // Get the last executed version from the database + const lastExecuted = await db.select().from(versionMigrations); + + // Filter and sort migrations + const pendingMigrations = lastExecuted + .map((m) => m) + .sort((a, b) => semver.compare(b.version, a.version)); + const startVersion = pendingMigrations[0]?.version ?? "0.0.0"; + console.log(`Starting migrations from version ${startVersion}`); + + const migrationsToRun = migrations.filter((migration) => + semver.gt(migration.version, startVersion) + ); + + console.log( + "Migrations to run:", + migrationsToRun.map((m) => m.version).join(", ") + ); + + // Run migrations in order + for (const migration of migrationsToRun) { + console.log(`Running migration ${migration.version}`); + + try { + await migration.run(); + + // Update version in database + await db + .insert(versionMigrations) + .values({ + version: migration.version, + executedAt: Date.now() + }) + .execute(); + + console.log( + `Successfully completed migration ${migration.version}` + ); + } catch (e) { + if ( + e instanceof Error && + typeof (e as any).code === "string" && + (e as any).code === "23505" + ) { + console.error("Migration has already run! Skipping..."); + continue; // or return, depending on context + } + + console.error( + `Failed to run migration ${migration.version}:`, + e + ); + throw e; + } + } + + console.log("All migrations completed successfully"); + } catch (error) { + console.error("Migration process failed:", error); + throw error; + } +} diff --git a/server/setup/migrations.ts b/server/setup/migrationsSqlite.ts similarity index 80% rename from server/setup/migrations.ts rename to server/setup/migrationsSqlite.ts index 753ed6a7..5b0850c8 100644 --- a/server/setup/migrations.ts +++ b/server/setup/migrationsSqlite.ts @@ -1,26 +1,31 @@ +#! /usr/bin/env node import { migrate } from "drizzle-orm/better-sqlite3/migrator"; -import db, { exists } from "@server/db"; +import { db, exists } from "../db/sqlite"; import path from "path"; import semver from "semver"; -import { versionMigrations } from "@server/db/schemas"; +import { versionMigrations } from "../db/sqlite"; import { __DIRNAME, APP_PATH, APP_VERSION } from "@server/lib/consts"; import { SqliteError } from "better-sqlite3"; import fs from "fs"; -import m1 from "./scripts/1.0.0-beta1"; -import m2 from "./scripts/1.0.0-beta2"; -import m3 from "./scripts/1.0.0-beta3"; -import m4 from "./scripts/1.0.0-beta5"; -import m5 from "./scripts/1.0.0-beta6"; -import m6 from "./scripts/1.0.0-beta9"; -import m7 from "./scripts/1.0.0-beta10"; -import m8 from "./scripts/1.0.0-beta12"; -import m13 from "./scripts/1.0.0-beta13"; -import m15 from "./scripts/1.0.0-beta15"; -import m16 from "./scripts/1.0.0"; -import m17 from "./scripts/1.1.0"; -import m18 from "./scripts/1.2.0"; -import m19 from "./scripts/1.3.0"; -import { setHostMeta } from "./setHostMeta"; +import m1 from "./scriptsSqlite/1.0.0-beta1"; +import m2 from "./scriptsSqlite/1.0.0-beta2"; +import m3 from "./scriptsSqlite/1.0.0-beta3"; +import m4 from "./scriptsSqlite/1.0.0-beta5"; +import m5 from "./scriptsSqlite/1.0.0-beta6"; +import m6 from "./scriptsSqlite/1.0.0-beta9"; +import m7 from "./scriptsSqlite/1.0.0-beta10"; +import m8 from "./scriptsSqlite/1.0.0-beta12"; +import m13 from "./scriptsSqlite/1.0.0-beta13"; +import m15 from "./scriptsSqlite/1.0.0-beta15"; +import m16 from "./scriptsSqlite/1.0.0"; +import m17 from "./scriptsSqlite/1.1.0"; +import m18 from "./scriptsSqlite/1.2.0"; +import m19 from "./scriptsSqlite/1.3.0"; +import m20 from "./scriptsSqlite/1.5.0"; +import m21 from "./scriptsSqlite/1.6.0"; +import m22 from "./scriptsSqlite/1.7.0"; +import m23 from "./scriptsSqlite/1.8.0"; +import m24 from "./scriptsSqlite/1.9.0"; // THIS CANNOT IMPORT ANYTHING FROM THE SERVER // EXCEPT FOR THE DATABASE AND THE SCHEMA @@ -40,7 +45,12 @@ const migrations = [ { version: "1.0.0", run: m16 }, { version: "1.1.0", run: m17 }, { version: "1.2.0", run: m18 }, - { version: "1.3.0", run: m19 } + { version: "1.3.0", run: m19 }, + { version: "1.5.0", run: m20 }, + { version: "1.6.0", run: m21 }, + { version: "1.7.0", run: m22 }, + { version: "1.8.0", run: m23 }, + { version: "1.9.0", run: m24 }, // Add new migrations here as they are created ] as const; @@ -73,6 +83,10 @@ function backupDb() { } export async function runMigrations() { + if (process.env.DISABLE_MIGRATIONS) { + console.log("Migrations are disabled. Skipping..."); + return; + } try { const appVersion = APP_VERSION; diff --git a/server/setup/scriptsPg/1.6.0.ts b/server/setup/scriptsPg/1.6.0.ts new file mode 100644 index 00000000..30c9c269 --- /dev/null +++ b/server/setup/scriptsPg/1.6.0.ts @@ -0,0 +1,56 @@ +import { db } from "@server/db/pg/driver"; +import { configFilePath1, configFilePath2 } from "@server/lib/consts"; +import { sql } from "drizzle-orm"; +import fs from "fs"; +import yaml from "js-yaml"; + +const version = "1.6.0"; + +export default async function migration() { + console.log(`Running setup script ${version}...`); + + try { + db.execute(sql`UPDATE 'user' SET email = LOWER(email);`); + db.execute(sql`UPDATE 'user' SET username = LOWER(username);`); + console.log(`Migrated database schema`); + } catch (e) { + console.log("Unable to make all usernames and emails lowercase"); + console.log(e); + } + + try { + // Determine which config file exists + const filePaths = [configFilePath1, configFilePath2]; + let filePath = ""; + for (const path of filePaths) { + if (fs.existsSync(path)) { + filePath = path; + break; + } + } + + if (!filePath) { + throw new Error( + `No config file found (expected config.yml or config.yaml).` + ); + } + + // Read and parse the YAML file + const fileContents = fs.readFileSync(filePath, "utf8"); + const rawConfig = yaml.load(fileContents) as any; + + if (rawConfig.server?.trust_proxy) { + rawConfig.server.trust_proxy = 1; + } + + // Write the updated YAML back to the file + const updatedYaml = yaml.dump(rawConfig); + fs.writeFileSync(filePath, updatedYaml, "utf8"); + + console.log(`Set trust_proxy to 1 in config file`); + } catch (e) { + console.log(`Unable to migrate config file. Error: ${e}`); + } + + console.log(`${version} migration complete`); +} diff --git a/server/setup/scriptsPg/1.7.0.ts b/server/setup/scriptsPg/1.7.0.ts new file mode 100644 index 00000000..3cb799e0 --- /dev/null +++ b/server/setup/scriptsPg/1.7.0.ts @@ -0,0 +1,163 @@ +import { db } from "@server/db/pg/driver"; +import { sql } from "drizzle-orm"; + +const version = "1.7.0"; + +export default async function migration() { + console.log(`Running setup script ${version}...`); + + try { + await db.execute(sql` + BEGIN; + + CREATE TABLE "clientSites" ( + "clientId" integer NOT NULL, + "siteId" integer NOT NULL, + "isRelayed" boolean DEFAULT false NOT NULL + ); + + CREATE TABLE "clients" ( + "id" serial PRIMARY KEY NOT NULL, + "orgId" varchar NOT NULL, + "exitNode" integer, + "name" varchar NOT NULL, + "pubKey" varchar, + "subnet" varchar NOT NULL, + "bytesIn" integer, + "bytesOut" integer, + "lastBandwidthUpdate" varchar, + "lastPing" varchar, + "type" varchar NOT NULL, + "online" boolean DEFAULT false NOT NULL, + "endpoint" varchar, + "lastHolePunch" integer, + "maxConnections" integer + ); + + CREATE TABLE "clientSession" ( + "id" varchar PRIMARY KEY NOT NULL, + "olmId" varchar NOT NULL, + "expiresAt" integer NOT NULL + ); + + CREATE TABLE "olms" ( + "id" varchar PRIMARY KEY NOT NULL, + "secretHash" varchar NOT NULL, + "dateCreated" varchar NOT NULL, + "clientId" integer + ); + + CREATE TABLE "roleClients" ( + "roleId" integer NOT NULL, + "clientId" integer NOT NULL + ); + + CREATE TABLE "webauthnCredentials" ( + "credentialId" varchar PRIMARY KEY NOT NULL, + "userId" varchar NOT NULL, + "publicKey" varchar NOT NULL, + "signCount" integer NOT NULL, + "transports" varchar, + "name" varchar, + "lastUsed" varchar NOT NULL, + "dateCreated" varchar NOT NULL, + "securityKeyName" varchar + ); + + CREATE TABLE "userClients" ( + "userId" varchar NOT NULL, + "clientId" integer NOT NULL + ); + + CREATE TABLE "webauthnChallenge" ( + "sessionId" varchar PRIMARY KEY NOT NULL, + "challenge" varchar NOT NULL, + "securityKeyName" varchar, + "userId" varchar, + "expiresAt" bigint NOT NULL + ); + + ALTER TABLE "limits" DISABLE ROW LEVEL SECURITY; + DROP TABLE "limits" CASCADE; + ALTER TABLE "sites" ALTER COLUMN "subnet" DROP NOT NULL; + ALTER TABLE "sites" ALTER COLUMN "bytesIn" SET DEFAULT 0; + ALTER TABLE "sites" ALTER COLUMN "bytesOut" SET DEFAULT 0; + ALTER TABLE "domains" ADD COLUMN "type" varchar; + ALTER TABLE "domains" ADD COLUMN "verified" boolean DEFAULT false NOT NULL; + ALTER TABLE "domains" ADD COLUMN "failed" boolean DEFAULT false NOT NULL; + ALTER TABLE "domains" ADD COLUMN "tries" integer DEFAULT 0 NOT NULL; + ALTER TABLE "exitNodes" ADD COLUMN "maxConnections" integer; + ALTER TABLE "newt" ADD COLUMN "version" varchar; + ALTER TABLE "orgs" ADD COLUMN "subnet" varchar; + ALTER TABLE "sites" ADD COLUMN "address" varchar; + ALTER TABLE "sites" ADD COLUMN "endpoint" varchar; + ALTER TABLE "sites" ADD COLUMN "publicKey" varchar; + ALTER TABLE "sites" ADD COLUMN "lastHolePunch" bigint; + ALTER TABLE "sites" ADD COLUMN "listenPort" integer; + ALTER TABLE "user" ADD COLUMN "twoFactorSetupRequested" boolean DEFAULT false; + ALTER TABLE "clientSites" ADD CONSTRAINT "clientSites_clientId_clients_id_fk" FOREIGN KEY ("clientId") REFERENCES "public"."clients"("id") ON DELETE cascade ON UPDATE no action; + ALTER TABLE "clientSites" ADD CONSTRAINT "clientSites_siteId_sites_siteId_fk" FOREIGN KEY ("siteId") REFERENCES "public"."sites"("siteId") ON DELETE cascade ON UPDATE no action; + ALTER TABLE "clients" ADD CONSTRAINT "clients_orgId_orgs_orgId_fk" FOREIGN KEY ("orgId") REFERENCES "public"."orgs"("orgId") ON DELETE cascade ON UPDATE no action; + ALTER TABLE "clients" ADD CONSTRAINT "clients_exitNode_exitNodes_exitNodeId_fk" FOREIGN KEY ("exitNode") REFERENCES "public"."exitNodes"("exitNodeId") ON DELETE set null ON UPDATE no action; + ALTER TABLE "clientSession" ADD CONSTRAINT "clientSession_olmId_olms_id_fk" FOREIGN KEY ("olmId") REFERENCES "public"."olms"("id") ON DELETE cascade ON UPDATE no action; + ALTER TABLE "olms" ADD CONSTRAINT "olms_clientId_clients_id_fk" FOREIGN KEY ("clientId") REFERENCES "public"."clients"("id") ON DELETE cascade ON UPDATE no action; + ALTER TABLE "roleClients" ADD CONSTRAINT "roleClients_roleId_roles_roleId_fk" FOREIGN KEY ("roleId") REFERENCES "public"."roles"("roleId") ON DELETE cascade ON UPDATE no action; + ALTER TABLE "roleClients" ADD CONSTRAINT "roleClients_clientId_clients_id_fk" FOREIGN KEY ("clientId") REFERENCES "public"."clients"("id") ON DELETE cascade ON UPDATE no action; + ALTER TABLE "webauthnCredentials" ADD CONSTRAINT "webauthnCredentials_userId_user_id_fk" FOREIGN KEY ("userId") REFERENCES "public"."user"("id") ON DELETE cascade ON UPDATE no action; + ALTER TABLE "userClients" ADD CONSTRAINT "userClients_userId_user_id_fk" FOREIGN KEY ("userId") REFERENCES "public"."user"("id") ON DELETE cascade ON UPDATE no action; + ALTER TABLE "userClients" ADD CONSTRAINT "userClients_clientId_clients_id_fk" FOREIGN KEY ("clientId") REFERENCES "public"."clients"("id") ON DELETE cascade ON UPDATE no action; + ALTER TABLE "webauthnChallenge" ADD CONSTRAINT "webauthnChallenge_userId_user_id_fk" FOREIGN KEY ("userId") REFERENCES "public"."user"("id") ON DELETE cascade ON UPDATE no action; + ALTER TABLE "resources" DROP COLUMN "isBaseDomain"; + + COMMIT; + `); + + console.log(`Migrated database schema`); + } catch (e) { + console.log("Unable to migrate database schema"); + console.log(e); + throw e; + } + + try { + await db.execute(sql`BEGIN`); + + // Update all existing orgs to have the default subnet + await db.execute(sql`UPDATE "orgs" SET "subnet" = '100.90.128.0/24'`); + + // Get all orgs and their sites to assign sequential IP addresses + const orgsQuery = await db.execute(sql`SELECT "orgId" FROM "orgs"`); + + const orgs = orgsQuery.rows as { orgId: string }[]; + + for (const org of orgs) { + const sitesQuery = await db.execute(sql` + SELECT "siteId" FROM "sites" + WHERE "orgId" = ${org.orgId} + ORDER BY "siteId" + `); + + const sites = sitesQuery.rows as { siteId: number }[]; + + let ipIndex = 1; + for (const site of sites) { + const address = `100.90.128.${ipIndex}/24`; + await db.execute(sql` + UPDATE "sites" SET "address" = ${address} + WHERE "siteId" = ${site.siteId} + `); + ipIndex++; + } + } + + await db.execute(sql`COMMIT`); + console.log(`Updated org subnets and site addresses`); + } catch (e) { + await db.execute(sql`ROLLBACK`); + console.log("Unable to update org subnets"); + console.log(e); + throw e; + } + + console.log(`${version} migration complete`); +} diff --git a/server/setup/scriptsPg/1.8.0.ts b/server/setup/scriptsPg/1.8.0.ts new file mode 100644 index 00000000..7c0b181b --- /dev/null +++ b/server/setup/scriptsPg/1.8.0.ts @@ -0,0 +1,32 @@ +import { db } from "@server/db/pg/driver"; +import { sql } from "drizzle-orm"; + +const version = "1.8.0"; + +export default async function migration() { + console.log(`Running setup script ${version}...`); + + try { + await db.execute(sql` + BEGIN; + + ALTER TABLE "clients" ALTER COLUMN "bytesIn" SET DATA TYPE real; + ALTER TABLE "clients" ALTER COLUMN "bytesOut" SET DATA TYPE real; + ALTER TABLE "clientSession" ALTER COLUMN "expiresAt" SET DATA TYPE bigint; + ALTER TABLE "resources" ADD COLUMN "enableProxy" boolean DEFAULT true; + ALTER TABLE "sites" ADD COLUMN "remoteSubnets" text; + ALTER TABLE "user" ADD COLUMN "termsAcceptedTimestamp" varchar; + ALTER TABLE "user" ADD COLUMN "termsVersion" varchar; + + COMMIT; + `); + + console.log(`Migrated database schema`); + } catch (e) { + console.log("Unable to migrate database schema"); + console.log(e); + throw e; + } + + console.log(`${version} migration complete`); +} diff --git a/server/setup/scriptsPg/1.9.0.ts b/server/setup/scriptsPg/1.9.0.ts new file mode 100644 index 00000000..fdbf3ae9 --- /dev/null +++ b/server/setup/scriptsPg/1.9.0.ts @@ -0,0 +1,142 @@ +import { db } from "@server/db/pg/driver"; +import { sql } from "drizzle-orm"; + +const version = "1.9.0"; + +export default async function migration() { + console.log(`Running setup script ${version}...`); + + const resourceSiteMap = new Map(); + let firstSiteId: number = 1; + + try { + // Get the first siteId to use as default + const firstSite = await db.execute(sql`SELECT "siteId" FROM "sites" LIMIT 1`); + if (firstSite.rows.length > 0) { + firstSiteId = firstSite.rows[0].siteId as number; + } + + const resources = await db.execute(sql` + SELECT "resourceId", "siteId" FROM "resources" WHERE "siteId" IS NOT NULL + `); + for (const resource of resources.rows) { + resourceSiteMap.set( + resource.resourceId as number, + resource.siteId as number + ); + } + } catch (e) { + console.log("Error getting resources:", e); + } + + try { + await db.execute(sql`BEGIN`); + + await db.execute(sql`CREATE TABLE "setupTokens" ( + "tokenId" varchar PRIMARY KEY NOT NULL, + "token" varchar NOT NULL, + "used" boolean DEFAULT false NOT NULL, + "dateCreated" varchar NOT NULL, + "dateUsed" varchar +);`); + + await db.execute(sql`CREATE TABLE "siteResources" ( + "siteResourceId" serial PRIMARY KEY NOT NULL, + "siteId" integer NOT NULL, + "orgId" varchar NOT NULL, + "name" varchar NOT NULL, + "protocol" varchar NOT NULL, + "proxyPort" integer NOT NULL, + "destinationPort" integer NOT NULL, + "destinationIp" varchar NOT NULL, + "enabled" boolean DEFAULT true NOT NULL +);`); + + await db.execute(sql`ALTER TABLE "resources" DROP CONSTRAINT "resources_siteId_sites_siteId_fk";`); + + await db.execute(sql`ALTER TABLE "clients" ALTER COLUMN "lastPing" TYPE integer USING NULL;`); + + await db.execute(sql`ALTER TABLE "clientSites" ADD COLUMN "endpoint" varchar;`); + + await db.execute(sql`ALTER TABLE "exitNodes" ADD COLUMN "online" boolean DEFAULT false NOT NULL;`); + + await db.execute(sql`ALTER TABLE "exitNodes" ADD COLUMN "lastPing" integer;`); + + await db.execute(sql`ALTER TABLE "exitNodes" ADD COLUMN "type" text DEFAULT 'gerbil';`); + + await db.execute(sql`ALTER TABLE "olms" ADD COLUMN "version" text;`); + + await db.execute(sql`ALTER TABLE "orgs" ADD COLUMN "createdAt" text;`); + + await db.execute(sql`ALTER TABLE "resources" ADD COLUMN "skipToIdpId" integer;`); + + await db.execute(sql.raw(`ALTER TABLE "targets" ADD COLUMN "siteId" integer NOT NULL DEFAULT ${firstSiteId || 1};`)); + + await db.execute(sql`ALTER TABLE "siteResources" ADD CONSTRAINT "siteResources_siteId_sites_siteId_fk" FOREIGN KEY ("siteId") REFERENCES "public"."sites"("siteId") ON DELETE cascade ON UPDATE no action;`); + + await db.execute(sql`ALTER TABLE "siteResources" ADD CONSTRAINT "siteResources_orgId_orgs_orgId_fk" FOREIGN KEY ("orgId") REFERENCES "public"."orgs"("orgId") ON DELETE cascade ON UPDATE no action;`); + + await db.execute(sql`ALTER TABLE "resources" ADD CONSTRAINT "resources_skipToIdpId_idp_idpId_fk" FOREIGN KEY ("skipToIdpId") REFERENCES "public"."idp"("idpId") ON DELETE cascade ON UPDATE no action;`); + + await db.execute(sql`ALTER TABLE "targets" ADD CONSTRAINT "targets_siteId_sites_siteId_fk" FOREIGN KEY ("siteId") REFERENCES "public"."sites"("siteId") ON DELETE cascade ON UPDATE no action;`); + + await db.execute(sql`ALTER TABLE "clients" DROP COLUMN "endpoint";`); + + await db.execute(sql`ALTER TABLE "resources" DROP COLUMN "siteId";`); + + // for each resource, get all of its targets, and update the siteId to be the previously stored siteId + for (const [resourceId, siteId] of resourceSiteMap) { + const targets = await db.execute(sql` + SELECT "targetId" FROM "targets" WHERE "resourceId" = ${resourceId} + `); + for (const target of targets.rows) { + await db.execute(sql` + UPDATE "targets" SET "siteId" = ${siteId} WHERE "targetId" = ${target.targetId} + `); + } + } + + // list resources that have enableProxy false + // move them to the siteResources table + // remove them from the resources table + const proxyFalseResources = await db.execute(sql` + SELECT * FROM "resources" WHERE "enableProxy" = false + `); + + for (const resource of proxyFalseResources.rows) { + // Get the first target to derive destination IP and port + const firstTarget = await db.execute(sql` + SELECT "ip", "port" FROM "targets" WHERE "resourceId" = ${resource.resourceId} LIMIT 1 + `); + + if (firstTarget.rows.length === 0) { + continue; + } + + const target = firstTarget.rows[0]; + + // Insert into siteResources table + await db.execute(sql` + INSERT INTO "siteResources" ("siteId", "orgId", "name", "protocol", "proxyPort", "destinationPort", "destinationIp", "enabled") + VALUES (${resourceSiteMap.get(resource.resourceId as number)}, ${resource.orgId}, ${resource.name}, ${resource.protocol}, ${resource.proxyPort}, ${target.port}, ${target.ip}, ${resource.enabled}) + `); + + // Delete from resources table + await db.execute(sql` + DELETE FROM "resources" WHERE "resourceId" = ${resource.resourceId} + `); + + // Delete the targets for this resource + await db.execute(sql` + DELETE FROM "targets" WHERE "resourceId" = ${resource.resourceId} + `); + } + + await db.execute(sql`COMMIT`); + console.log(`Migrated database`); + } catch (e) { + await db.execute(sql`ROLLBACK`); + console.log("Failed to migrate db:", e); + throw e; + } +} diff --git a/server/setup/scripts/1.0.0-beta1.ts b/server/setup/scriptsSqlite/1.0.0-beta1.ts similarity index 100% rename from server/setup/scripts/1.0.0-beta1.ts rename to server/setup/scriptsSqlite/1.0.0-beta1.ts diff --git a/server/setup/scripts/1.0.0-beta10.ts b/server/setup/scriptsSqlite/1.0.0-beta10.ts similarity index 94% rename from server/setup/scripts/1.0.0-beta10.ts rename to server/setup/scriptsSqlite/1.0.0-beta10.ts index 6fd5289b..400cbc31 100644 --- a/server/setup/scripts/1.0.0-beta10.ts +++ b/server/setup/scriptsSqlite/1.0.0-beta10.ts @@ -23,9 +23,8 @@ export default async function migration() { } // Read and parse the YAML file - let rawConfig: any; const fileContents = fs.readFileSync(filePath, "utf8"); - rawConfig = yaml.load(fileContents); + const rawConfig = yaml.load(fileContents) as any; delete rawConfig.server.secure_cookies; diff --git a/server/setup/scripts/1.0.0-beta12.ts b/server/setup/scriptsSqlite/1.0.0-beta12.ts similarity index 94% rename from server/setup/scripts/1.0.0-beta12.ts rename to server/setup/scriptsSqlite/1.0.0-beta12.ts index 0632b5e1..8c96e663 100644 --- a/server/setup/scripts/1.0.0-beta12.ts +++ b/server/setup/scriptsSqlite/1.0.0-beta12.ts @@ -1,4 +1,4 @@ -import db from "@server/db"; +import { db } from "../../db/sqlite"; import { configFilePath1, configFilePath2 } from "@server/lib/consts"; import { sql } from "drizzle-orm"; import fs from "fs"; @@ -25,9 +25,8 @@ export default async function migration() { } // Read and parse the YAML file - let rawConfig: any; const fileContents = fs.readFileSync(filePath, "utf8"); - rawConfig = yaml.load(fileContents); + const rawConfig = yaml.load(fileContents) as any; if (!rawConfig.flags) { rawConfig.flags = {}; diff --git a/server/setup/scripts/1.0.0-beta13.ts b/server/setup/scriptsSqlite/1.0.0-beta13.ts similarity index 96% rename from server/setup/scripts/1.0.0-beta13.ts rename to server/setup/scriptsSqlite/1.0.0-beta13.ts index 48b68cec..9ced727f 100644 --- a/server/setup/scripts/1.0.0-beta13.ts +++ b/server/setup/scriptsSqlite/1.0.0-beta13.ts @@ -1,4 +1,4 @@ -import db from "@server/db"; +import { db } from "../../db/sqlite"; import { sql } from "drizzle-orm"; const version = "1.0.0-beta.13"; diff --git a/server/setup/scripts/1.0.0-beta15.ts b/server/setup/scriptsSqlite/1.0.0-beta15.ts similarity index 95% rename from server/setup/scripts/1.0.0-beta15.ts rename to server/setup/scriptsSqlite/1.0.0-beta15.ts index a087c5c6..cf39fd8a 100644 --- a/server/setup/scripts/1.0.0-beta15.ts +++ b/server/setup/scriptsSqlite/1.0.0-beta15.ts @@ -1,9 +1,9 @@ -import db from "@server/db"; +import { db } from "../../db/sqlite"; import { configFilePath1, configFilePath2 } from "@server/lib/consts"; import fs from "fs"; import yaml from "js-yaml"; import { sql } from "drizzle-orm"; -import { domains, orgDomains, resources } from "@server/db/schemas"; +import { domains, orgDomains, resources } from "@server/db"; const version = "1.0.0-beta.15"; @@ -30,9 +30,8 @@ export default async function migration() { } // Read and parse the YAML file - let rawConfig: any; const fileContents = fs.readFileSync(filePath, "utf8"); - rawConfig = yaml.load(fileContents); + const rawConfig = yaml.load(fileContents) as any; const baseDomain = rawConfig.app.base_domain; const certResolver = rawConfig.traefik.cert_resolver; diff --git a/server/setup/scripts/1.0.0-beta2.ts b/server/setup/scriptsSqlite/1.0.0-beta2.ts similarity index 96% rename from server/setup/scripts/1.0.0-beta2.ts rename to server/setup/scriptsSqlite/1.0.0-beta2.ts index f8aa9bc3..1241e9c5 100644 --- a/server/setup/scripts/1.0.0-beta2.ts +++ b/server/setup/scriptsSqlite/1.0.0-beta2.ts @@ -22,9 +22,8 @@ export default async function migration() { } // Read and parse the YAML file - let rawConfig: any; const fileContents = fs.readFileSync(filePath, "utf8"); - rawConfig = yaml.load(fileContents); + const rawConfig = yaml.load(fileContents) as any; // Validate the structure if (!rawConfig.app || !rawConfig.app.base_url) { diff --git a/server/setup/scripts/1.0.0-beta3.ts b/server/setup/scriptsSqlite/1.0.0-beta3.ts similarity index 94% rename from server/setup/scripts/1.0.0-beta3.ts rename to server/setup/scriptsSqlite/1.0.0-beta3.ts index 3bbaae81..fccfeb88 100644 --- a/server/setup/scripts/1.0.0-beta3.ts +++ b/server/setup/scriptsSqlite/1.0.0-beta3.ts @@ -22,9 +22,8 @@ export default async function migration() { } // Read and parse the YAML file - let rawConfig: any; const fileContents = fs.readFileSync(filePath, "utf8"); - rawConfig = yaml.load(fileContents); + const rawConfig = yaml.load(fileContents) as any; // Validate the structure if (!rawConfig.gerbil) { diff --git a/server/setup/scripts/1.0.0-beta5.ts b/server/setup/scriptsSqlite/1.0.0-beta5.ts similarity index 97% rename from server/setup/scripts/1.0.0-beta5.ts rename to server/setup/scriptsSqlite/1.0.0-beta5.ts index f0555121..1c49503c 100644 --- a/server/setup/scripts/1.0.0-beta5.ts +++ b/server/setup/scriptsSqlite/1.0.0-beta5.ts @@ -25,9 +25,8 @@ export default async function migration() { } // Read and parse the YAML file - let rawConfig: any; const fileContents = fs.readFileSync(filePath, "utf8"); - rawConfig = yaml.load(fileContents); + const rawConfig = yaml.load(fileContents) as any; // Validate the structure if (!rawConfig.server) { diff --git a/server/setup/scripts/1.0.0-beta6.ts b/server/setup/scriptsSqlite/1.0.0-beta6.ts similarity index 91% rename from server/setup/scripts/1.0.0-beta6.ts rename to server/setup/scriptsSqlite/1.0.0-beta6.ts index 4fcfb114..89129678 100644 --- a/server/setup/scripts/1.0.0-beta6.ts +++ b/server/setup/scriptsSqlite/1.0.0-beta6.ts @@ -23,9 +23,8 @@ export default async function migration() { } // Read and parse the YAML file - let rawConfig: any; const fileContents = fs.readFileSync(filePath, "utf8"); - rawConfig = yaml.load(fileContents); + const rawConfig = yaml.load(fileContents) as any; // Validate the structure if (!rawConfig.server) { @@ -44,8 +43,8 @@ export default async function migration() { const updatedYaml = yaml.dump(rawConfig); fs.writeFileSync(filePath, updatedYaml, "utf8"); } catch (error) { - console.log("We were unable to add CORS to your config file. Please add it manually.") - console.error(error) + console.log("We were unable to add CORS to your config file. Please add it manually."); + console.error(error); } console.log("Done."); diff --git a/server/setup/scripts/1.0.0-beta9.ts b/server/setup/scriptsSqlite/1.0.0-beta9.ts similarity index 96% rename from server/setup/scripts/1.0.0-beta9.ts rename to server/setup/scriptsSqlite/1.0.0-beta9.ts index 64f2beed..350293dc 100644 --- a/server/setup/scripts/1.0.0-beta9.ts +++ b/server/setup/scriptsSqlite/1.0.0-beta9.ts @@ -1,4 +1,4 @@ -import db from "@server/db"; +import { db } from "../../db/sqlite"; import { emailVerificationCodes, passwordResetTokens, @@ -8,7 +8,7 @@ import { targets, userInvites, users -} from "@server/db/schemas"; +} from "../../db/sqlite"; import { APP_PATH, configFilePath1, configFilePath2 } from "@server/lib/consts"; import { eq, sql } from "drizzle-orm"; import fs from "fs"; @@ -58,9 +58,8 @@ export default async function migration() { } // Read and parse the YAML file - let rawConfig: any; const fileContents = fs.readFileSync(filePath, "utf8"); - rawConfig = yaml.load(fileContents); + const rawConfig = yaml.load(fileContents) as any; rawConfig.server.resource_session_request_param = "p_session_request"; @@ -78,7 +77,7 @@ export default async function migration() { fs.writeFileSync(filePath, updatedYaml, "utf8"); } catch (e) { console.log( - `Failed to add resource_session_request_param to config. Please add it manually. https://docs.fossorial.io/Pangolin/Configuration/config` + `Failed to add resource_session_request_param to config. Please add it manually. https://docs.digpangolin.com/self-host/advanced/config-file` ); trx.rollback(); return; @@ -122,7 +121,7 @@ export default async function migration() { const traefikFileContents = fs.readFileSync(traefikPath, "utf8"); const traefikConfig = yaml.load(traefikFileContents) as any; - let parsedConfig: any = schema.safeParse(traefikConfig); + const parsedConfig: any = schema.safeParse(traefikConfig); if (parsedConfig.success) { // Ensure websecure entrypoint exists @@ -179,7 +178,7 @@ export default async function migration() { const traefikFileContents = fs.readFileSync(traefikPath, "utf8"); const traefikConfig = yaml.load(traefikFileContents) as any; - let parsedConfig: any = schema.safeParse(traefikConfig); + const parsedConfig: any = schema.safeParse(traefikConfig); if (parsedConfig.success) { // delete permanent from redirect-to-https middleware diff --git a/server/setup/scripts/1.0.0.ts b/server/setup/scriptsSqlite/1.0.0.ts similarity index 100% rename from server/setup/scripts/1.0.0.ts rename to server/setup/scriptsSqlite/1.0.0.ts diff --git a/server/setup/scripts/1.1.0.ts b/server/setup/scriptsSqlite/1.1.0.ts similarity index 94% rename from server/setup/scripts/1.1.0.ts rename to server/setup/scriptsSqlite/1.1.0.ts index 8bd2cd19..4d121852 100644 --- a/server/setup/scripts/1.1.0.ts +++ b/server/setup/scriptsSqlite/1.1.0.ts @@ -1,4 +1,4 @@ -import db from "@server/db"; +import { db } from "../../db/sqlite"; import { sql } from "drizzle-orm"; const version = "1.1.0"; diff --git a/server/setup/scripts/1.2.0.ts b/server/setup/scriptsSqlite/1.2.0.ts similarity index 94% rename from server/setup/scripts/1.2.0.ts rename to server/setup/scriptsSqlite/1.2.0.ts index fdea9fab..d6008407 100644 --- a/server/setup/scripts/1.2.0.ts +++ b/server/setup/scriptsSqlite/1.2.0.ts @@ -1,4 +1,4 @@ -import db from "@server/db"; +import { db } from "../../db/sqlite"; import { APP_PATH, configFilePath1, configFilePath2 } from "@server/lib/consts"; import { sql } from "drizzle-orm"; import fs from "fs"; @@ -43,9 +43,8 @@ export default async function migration() { } // Read and parse the YAML file - let rawConfig: any; const fileContents = fs.readFileSync(filePath, "utf8"); - rawConfig = yaml.load(fileContents); + const rawConfig = yaml.load(fileContents) as any; if (!rawConfig.flags) { rawConfig.flags = {}; @@ -63,7 +62,7 @@ export default async function migration() { console.log(`Added new config option: resource_access_token_headers`); } catch (e) { console.log( - `Unable to add new config option: resource_access_token_headers. Please add it manually. https://docs.fossorial.io/Pangolin/Configuration/config` + `Unable to add new config option: resource_access_token_headers. Please add it manually. https://docs.digpangolin.com/self-host/advanced/config-file` ); console.error(e); } diff --git a/server/setup/scripts/1.3.0.ts b/server/setup/scriptsSqlite/1.3.0.ts similarity index 99% rename from server/setup/scripts/1.3.0.ts rename to server/setup/scriptsSqlite/1.3.0.ts index a75dc207..a084d59f 100644 --- a/server/setup/scripts/1.3.0.ts +++ b/server/setup/scriptsSqlite/1.3.0.ts @@ -177,7 +177,7 @@ export default async function migration() { } const fileContents = fs.readFileSync(filePath, "utf8"); - let rawConfig: any = yaml.load(fileContents); + const rawConfig = yaml.load(fileContents) as any; if (!rawConfig.server.secret) { rawConfig.server.secret = generateIdFromEntropySize(32); diff --git a/server/setup/scriptsSqlite/1.5.0.ts b/server/setup/scriptsSqlite/1.5.0.ts new file mode 100644 index 00000000..46e9ccca --- /dev/null +++ b/server/setup/scriptsSqlite/1.5.0.ts @@ -0,0 +1,70 @@ +import Database from "better-sqlite3"; +import path from "path"; +import { APP_PATH, configFilePath1, configFilePath2 } from "@server/lib/consts"; +import fs from "fs"; +import yaml from "js-yaml"; + +const version = "1.5.0"; +const location = path.join(APP_PATH, "db", "db.sqlite"); + +export default async function migration() { + console.log(`Running setup script ${version}...`); + + const db = new Database(location); + + try { + db.pragma("foreign_keys = OFF"); + db.transaction(() => { + db.exec(` + ALTER TABLE 'sites' ADD 'dockerSocketEnabled' integer DEFAULT true NOT NULL; + `); + })(); // <-- executes the transaction immediately + db.pragma("foreign_keys = ON"); + console.log(`Migrated database schema`); + } catch (e) { + console.log("Unable to migrate database schema"); + throw e; + } + + try { + // Determine which config file exists + const filePaths = [configFilePath1, configFilePath2]; + let filePath = ""; + for (const path of filePaths) { + if (fs.existsSync(path)) { + filePath = path; + break; + } + } + + if (!filePath) { + throw new Error( + `No config file found (expected config.yml or config.yaml).` + ); + } + + // Read and parse the YAML file + const fileContents = fs.readFileSync(filePath, "utf8"); + const rawConfig = yaml.load(fileContents) as any; + + if (rawConfig.cors?.headers) { + const headers = JSON.parse( + JSON.stringify(rawConfig.cors.headers) + ); + rawConfig.cors.allowed_headers = headers; + delete rawConfig.cors.headers; + } + + // Write the updated YAML back to the file + const updatedYaml = yaml.dump(rawConfig); + fs.writeFileSync(filePath, updatedYaml, "utf8"); + + console.log(`Migrated CORS headers to allowed_headers`); + } catch (e) { + console.log( + `Unable to migrate config file. Error: ${e}` + ); + } + + console.log(`${version} migration complete`); +} diff --git a/server/setup/scriptsSqlite/1.6.0.ts b/server/setup/scriptsSqlite/1.6.0.ts new file mode 100644 index 00000000..adab2697 --- /dev/null +++ b/server/setup/scriptsSqlite/1.6.0.ts @@ -0,0 +1,65 @@ +import { APP_PATH, configFilePath1, configFilePath2 } from "@server/lib/consts"; +import Database from "better-sqlite3"; +import fs from "fs"; +import yaml from "js-yaml"; +import path from "path"; + +const version = "1.6.0"; + +export default async function migration() { + console.log(`Running setup script ${version}...`); + + const location = path.join(APP_PATH, "db", "db.sqlite"); + const db = new Database(location); + + try { + db.pragma("foreign_keys = OFF"); + db.transaction(() => { + db.exec(` + UPDATE 'user' SET email = LOWER(email); + UPDATE 'user' SET username = LOWER(username); + `); + })(); // <-- executes the transaction immediately + db.pragma("foreign_keys = ON"); + console.log(`Migrated database schema`); + } catch (e) { + console.log("Unable to make all usernames and emails lowercase"); + console.log(e); + } + + try { + // Determine which config file exists + const filePaths = [configFilePath1, configFilePath2]; + let filePath = ""; + for (const path of filePaths) { + if (fs.existsSync(path)) { + filePath = path; + break; + } + } + + if (!filePath) { + throw new Error( + `No config file found (expected config.yml or config.yaml).` + ); + } + + // Read and parse the YAML file + const fileContents = fs.readFileSync(filePath, "utf8"); + const rawConfig = yaml.load(fileContents) as any; + + if (rawConfig.server?.trust_proxy) { + rawConfig.server.trust_proxy = 1; + } + + // Write the updated YAML back to the file + const updatedYaml = yaml.dump(rawConfig); + fs.writeFileSync(filePath, updatedYaml, "utf8"); + + console.log(`Set trust_proxy to 1 in config file`); + } catch (e) { + console.log(`Unable to migrate config file. Please do it manually. Error: ${e}`); + } + + console.log(`${version} migration complete`); +} diff --git a/server/setup/scriptsSqlite/1.7.0.ts b/server/setup/scriptsSqlite/1.7.0.ts new file mode 100644 index 00000000..f173d12e --- /dev/null +++ b/server/setup/scriptsSqlite/1.7.0.ts @@ -0,0 +1,187 @@ +import { APP_PATH } from "@server/lib/consts"; +import Database from "better-sqlite3"; +import path from "path"; + +const version = "1.7.0"; + +export default async function migration() { + console.log(`Running setup script ${version}...`); + + const location = path.join(APP_PATH, "db", "db.sqlite"); + const db = new Database(location); + + try { + db.pragma("foreign_keys = OFF"); + + db.transaction(() => { + db.exec(` + CREATE TABLE 'clientSites' ( + 'clientId' integer NOT NULL, + 'siteId' integer NOT NULL, + 'isRelayed' integer DEFAULT 0 NOT NULL, + FOREIGN KEY ('clientId') REFERENCES 'clients'('id') ON UPDATE no action ON DELETE cascade, + FOREIGN KEY ('siteId') REFERENCES 'sites'('siteId') ON UPDATE no action ON DELETE cascade + ); + + CREATE TABLE 'clients' ( + 'id' integer PRIMARY KEY AUTOINCREMENT NOT NULL, + 'orgId' text NOT NULL, + 'exitNode' integer, + 'name' text NOT NULL, + 'pubKey' text, + 'subnet' text NOT NULL, + 'bytesIn' integer, + 'bytesOut' integer, + 'lastBandwidthUpdate' text, + 'lastPing' text, + 'type' text NOT NULL, + 'online' integer DEFAULT 0 NOT NULL, + 'endpoint' text, + 'lastHolePunch' integer, + FOREIGN KEY ('orgId') REFERENCES 'orgs'('orgId') ON UPDATE no action ON DELETE cascade, + FOREIGN KEY ('exitNode') REFERENCES 'exitNodes'('exitNodeId') ON UPDATE no action ON DELETE set null + ); + + CREATE TABLE 'clientSession' ( + 'id' text PRIMARY KEY NOT NULL, + 'olmId' text NOT NULL, + 'expiresAt' integer NOT NULL, + FOREIGN KEY ('olmId') REFERENCES 'olms'('id') ON UPDATE no action ON DELETE cascade + ); + + CREATE TABLE 'olms' ( + 'id' text PRIMARY KEY NOT NULL, + 'secretHash' text NOT NULL, + 'dateCreated' text NOT NULL, + 'clientId' integer, + FOREIGN KEY ('clientId') REFERENCES 'clients'('id') ON UPDATE no action ON DELETE cascade + ); + + CREATE TABLE 'roleClients' ( + 'roleId' integer NOT NULL, + 'clientId' integer NOT NULL, + FOREIGN KEY ('roleId') REFERENCES 'roles'('roleId') ON UPDATE no action ON DELETE cascade, + FOREIGN KEY ('clientId') REFERENCES 'clients'('id') ON UPDATE no action ON DELETE cascade + ); + + CREATE TABLE 'webauthnCredentials' ( + 'credentialId' text PRIMARY KEY NOT NULL, + 'userId' text NOT NULL, + 'publicKey' text NOT NULL, + 'signCount' integer NOT NULL, + 'transports' text, + 'name' text, + 'lastUsed' text NOT NULL, + 'dateCreated' text NOT NULL, + FOREIGN KEY ('userId') REFERENCES 'user'('id') ON UPDATE no action ON DELETE cascade + ); + + CREATE TABLE 'userClients' ( + 'userId' text NOT NULL, + 'clientId' integer NOT NULL, + FOREIGN KEY ('userId') REFERENCES 'user'('id') ON UPDATE no action ON DELETE cascade, + FOREIGN KEY ('clientId') REFERENCES 'clients'('id') ON UPDATE no action ON DELETE cascade + ); + + CREATE TABLE 'userDomains' ( + 'userId' text NOT NULL, + 'domainId' text NOT NULL, + FOREIGN KEY ('userId') REFERENCES 'user'('id') ON UPDATE no action ON DELETE cascade, + FOREIGN KEY ('domainId') REFERENCES 'domains'('domainId') ON UPDATE no action ON DELETE cascade + ); + + CREATE TABLE 'webauthnChallenge' ( + 'sessionId' text PRIMARY KEY NOT NULL, + 'challenge' text NOT NULL, + 'securityKeyName' text, + 'userId' text, + 'expiresAt' integer NOT NULL, + FOREIGN KEY ('userId') REFERENCES 'user'('id') ON UPDATE no action ON DELETE cascade + ); + + `); + + db.exec(` + CREATE TABLE '__new_sites' ( + 'siteId' integer PRIMARY KEY AUTOINCREMENT NOT NULL, + 'orgId' text NOT NULL, + 'niceId' text NOT NULL, + 'exitNode' integer, + 'name' text NOT NULL, + 'pubKey' text, + 'subnet' text, + 'bytesIn' integer DEFAULT 0, + 'bytesOut' integer DEFAULT 0, + 'lastBandwidthUpdate' text, + 'type' text NOT NULL, + 'online' integer DEFAULT 0 NOT NULL, + 'address' text, + 'endpoint' text, + 'publicKey' text, + 'lastHolePunch' integer, + 'listenPort' integer, + 'dockerSocketEnabled' integer DEFAULT 1 NOT NULL, + FOREIGN KEY ('orgId') REFERENCES 'orgs'('orgId') ON UPDATE no action ON DELETE cascade, + FOREIGN KEY ('exitNode') REFERENCES 'exitNodes'('exitNodeId') ON UPDATE no action ON DELETE set null + ); + + INSERT INTO '__new_sites' ( + 'siteId', 'orgId', 'niceId', 'exitNode', 'name', 'pubKey', 'subnet', 'bytesIn', 'bytesOut', 'lastBandwidthUpdate', 'type', 'online', 'address', 'endpoint', 'publicKey', 'lastHolePunch', 'listenPort', 'dockerSocketEnabled' + ) + SELECT siteId, orgId, niceId, exitNode, name, pubKey, subnet, bytesIn, bytesOut, lastBandwidthUpdate, type, online, NULL, NULL, NULL, NULL, NULL, dockerSocketEnabled + FROM sites; + + DROP TABLE 'sites'; + ALTER TABLE '__new_sites' RENAME TO 'sites'; + `); + + db.exec(` + ALTER TABLE 'domains' ADD 'type' text; + ALTER TABLE 'domains' ADD 'verified' integer DEFAULT 0 NOT NULL; + ALTER TABLE 'domains' ADD 'failed' integer DEFAULT 0 NOT NULL; + ALTER TABLE 'domains' ADD 'tries' integer DEFAULT 0 NOT NULL; + ALTER TABLE 'exitNodes' ADD 'maxConnections' integer; + ALTER TABLE 'newt' ADD 'version' text; + ALTER TABLE 'orgs' ADD 'subnet' text; + ALTER TABLE 'user' ADD 'twoFactorSetupRequested' integer DEFAULT 0; + ALTER TABLE 'resources' DROP COLUMN 'isBaseDomain'; + `); + })(); + + db.pragma("foreign_keys = ON"); + + console.log(`Migrated database schema`); + } catch (e) { + console.log("Unable to migrate database schema"); + throw e; + } + + db.transaction(() => { + // Update all existing orgs to have the default subnet + db.exec(`UPDATE 'orgs' SET 'subnet' = '100.90.128.0/24'`); + + // Get all orgs and their sites to assign sequential IP addresses + const orgs = db.prepare(`SELECT orgId FROM 'orgs'`).all() as { + orgId: string; + }[]; + + for (const org of orgs) { + const sites = db + .prepare( + `SELECT siteId FROM 'sites' WHERE orgId = ? ORDER BY siteId` + ) + .all(org.orgId) as { siteId: number }[]; + + let ipIndex = 1; + for (const site of sites) { + const address = `100.90.128.${ipIndex}/24`; + db.prepare( + `UPDATE 'sites' SET 'address' = ? WHERE siteId = ?` + ).run(address, site.siteId); + ipIndex++; + } + } + })(); + + console.log(`${version} migration complete`); +} diff --git a/server/setup/scriptsSqlite/1.8.0.ts b/server/setup/scriptsSqlite/1.8.0.ts new file mode 100644 index 00000000..f8ac7c95 --- /dev/null +++ b/server/setup/scriptsSqlite/1.8.0.ts @@ -0,0 +1,30 @@ +import { APP_PATH } from "@server/lib/consts"; +import Database from "better-sqlite3"; +import path from "path"; + +const version = "1.8.0"; + +export default async function migration() { + console.log(`Running setup script ${version}...`); + + const location = path.join(APP_PATH, "db", "db.sqlite"); + const db = new Database(location); + + try { + db.transaction(() => { + db.exec(` + ALTER TABLE 'resources' ADD 'enableProxy' integer DEFAULT 1; + ALTER TABLE 'sites' ADD 'remoteSubnets' text; + ALTER TABLE 'user' ADD 'termsAcceptedTimestamp' text; + ALTER TABLE 'user' ADD 'termsVersion' text; + `); + })(); + + console.log("Migrated database schema"); + } catch (e) { + console.log("Unable to migrate database schema"); + throw e; + } + + console.log(`${version} migration complete`); +} diff --git a/server/setup/scriptsSqlite/1.9.0.ts b/server/setup/scriptsSqlite/1.9.0.ts new file mode 100644 index 00000000..5f247ea5 --- /dev/null +++ b/server/setup/scriptsSqlite/1.9.0.ts @@ -0,0 +1,191 @@ +import { APP_PATH } from "@server/lib/consts"; +import Database from "better-sqlite3"; +import path from "path"; + +const version = "1.9.0"; + +export default async function migration() { + console.log(`Running setup script ${version}...`); + + const location = path.join(APP_PATH, "db", "db.sqlite"); + const db = new Database(location); + + const resourceSiteMap = new Map(); + let firstSiteId: number = 1; + + try { + // Get the first siteId to use as default + const firstSite = db.prepare("SELECT siteId FROM sites LIMIT 1").get() as { siteId: number } | undefined; + if (firstSite) { + firstSiteId = firstSite.siteId; + } + + const resources = db + .prepare( + "SELECT resourceId, siteId FROM resources WHERE siteId IS NOT NULL" + ) + .all() as Array<{ resourceId: number; siteId: number }>; + for (const resource of resources) { + resourceSiteMap.set(resource.resourceId, resource.siteId); + } + } catch (e) { + console.log("Error getting resources:", e); + } + + try { + db.pragma("foreign_keys = OFF"); + + db.transaction(() => { + db.exec(`CREATE TABLE 'setupTokens' ( + 'tokenId' text PRIMARY KEY NOT NULL, + 'token' text NOT NULL, + 'used' integer DEFAULT false NOT NULL, + 'dateCreated' text NOT NULL, + 'dateUsed' text +); +--> statement-breakpoint +CREATE TABLE 'siteResources' ( + 'siteResourceId' integer PRIMARY KEY AUTOINCREMENT NOT NULL, + 'siteId' integer NOT NULL, + 'orgId' text NOT NULL, + 'name' text NOT NULL, + 'protocol' text NOT NULL, + 'proxyPort' integer NOT NULL, + 'destinationPort' integer NOT NULL, + 'destinationIp' text NOT NULL, + 'enabled' integer DEFAULT true NOT NULL, + FOREIGN KEY ('siteId') REFERENCES 'sites'('siteId') ON UPDATE no action ON DELETE cascade, + FOREIGN KEY ('orgId') REFERENCES 'orgs'('orgId') ON UPDATE no action ON DELETE cascade +); +--> statement-breakpoint +PRAGMA foreign_keys=OFF;--> statement-breakpoint +CREATE TABLE '__new_resources' ( + 'resourceId' integer PRIMARY KEY AUTOINCREMENT NOT NULL, + 'orgId' text NOT NULL, + 'name' text NOT NULL, + 'subdomain' text, + 'fullDomain' text, + 'domainId' text, + 'ssl' integer DEFAULT false NOT NULL, + 'blockAccess' integer DEFAULT false NOT NULL, + 'sso' integer DEFAULT true NOT NULL, + 'http' integer DEFAULT true NOT NULL, + 'protocol' text NOT NULL, + 'proxyPort' integer, + 'emailWhitelistEnabled' integer DEFAULT false NOT NULL, + 'applyRules' integer DEFAULT false NOT NULL, + 'enabled' integer DEFAULT true NOT NULL, + 'stickySession' integer DEFAULT false NOT NULL, + 'tlsServerName' text, + 'setHostHeader' text, + 'enableProxy' integer DEFAULT true, + 'skipToIdpId' integer, + FOREIGN KEY ('orgId') REFERENCES 'orgs'('orgId') ON UPDATE no action ON DELETE cascade, + FOREIGN KEY ('domainId') REFERENCES 'domains'('domainId') ON UPDATE no action ON DELETE set null, + FOREIGN KEY ('skipToIdpId') REFERENCES 'idp'('idpId') ON UPDATE no action ON DELETE cascade +); +--> statement-breakpoint +INSERT INTO '__new_resources'("resourceId", "orgId", "name", "subdomain", "fullDomain", "domainId", "ssl", "blockAccess", "sso", "http", "protocol", "proxyPort", "emailWhitelistEnabled", "applyRules", "enabled", "stickySession", "tlsServerName", "setHostHeader", "enableProxy", "skipToIdpId") SELECT "resourceId", "orgId", "name", "subdomain", "fullDomain", "domainId", "ssl", "blockAccess", "sso", "http", "protocol", "proxyPort", "emailWhitelistEnabled", "applyRules", "enabled", "stickySession", "tlsServerName", "setHostHeader", "enableProxy", null FROM 'resources';--> statement-breakpoint +DROP TABLE 'resources';--> statement-breakpoint +ALTER TABLE '__new_resources' RENAME TO 'resources';--> statement-breakpoint +PRAGMA foreign_keys=ON;--> statement-breakpoint +CREATE TABLE '__new_clients' ( + 'id' integer PRIMARY KEY AUTOINCREMENT NOT NULL, + 'orgId' text NOT NULL, + 'exitNode' integer, + 'name' text NOT NULL, + 'pubKey' text, + 'subnet' text NOT NULL, + 'bytesIn' integer, + 'bytesOut' integer, + 'lastBandwidthUpdate' text, + 'lastPing' integer, + 'type' text NOT NULL, + 'online' integer DEFAULT false NOT NULL, + 'lastHolePunch' integer, + FOREIGN KEY ('orgId') REFERENCES 'orgs'('orgId') ON UPDATE no action ON DELETE cascade, + FOREIGN KEY ('exitNode') REFERENCES 'exitNodes'('exitNodeId') ON UPDATE no action ON DELETE set null +); +--> statement-breakpoint +INSERT INTO '__new_clients'("id", "orgId", "exitNode", "name", "pubKey", "subnet", "bytesIn", "bytesOut", "lastBandwidthUpdate", "lastPing", "type", "online", "lastHolePunch") SELECT "id", "orgId", "exitNode", "name", "pubKey", "subnet", "bytesIn", "bytesOut", "lastBandwidthUpdate", NULL, "type", "online", "lastHolePunch" FROM 'clients';--> statement-breakpoint +DROP TABLE 'clients';--> statement-breakpoint +ALTER TABLE '__new_clients' RENAME TO 'clients';--> statement-breakpoint +ALTER TABLE 'clientSites' ADD 'endpoint' text;--> statement-breakpoint +ALTER TABLE 'exitNodes' ADD 'online' integer DEFAULT false NOT NULL;--> statement-breakpoint +ALTER TABLE 'exitNodes' ADD 'lastPing' integer;--> statement-breakpoint +ALTER TABLE 'exitNodes' ADD 'type' text DEFAULT 'gerbil';--> statement-breakpoint +ALTER TABLE 'olms' ADD 'version' text;--> statement-breakpoint +ALTER TABLE 'orgs' ADD 'createdAt' text;--> statement-breakpoint +ALTER TABLE 'targets' ADD 'siteId' integer NOT NULL DEFAULT ${firstSiteId || 1} REFERENCES sites(siteId);`); + + // for each resource, get all of its targets, and update the siteId to be the previously stored siteId + for (const [resourceId, siteId] of resourceSiteMap) { + const targets = db + .prepare( + "SELECT targetId FROM targets WHERE resourceId = ?" + ) + .all(resourceId) as Array<{ targetId: number }>; + for (const target of targets) { + db.prepare( + "UPDATE targets SET siteId = ? WHERE targetId = ?" + ).run(siteId, target.targetId); + } + } + + // list resources that have enableProxy false + // move them to the siteResources table + // remove them from the resources table + const proxyFalseResources = db + .prepare("SELECT * FROM resources WHERE enableProxy = 0") + .all() as Array; + + for (const resource of proxyFalseResources) { + // Get the first target to derive destination IP and port + const firstTarget = db + .prepare( + "SELECT ip, port FROM targets WHERE resourceId = ? LIMIT 1" + ) + .get(resource.resourceId) as + | { ip: string; port: number } + | undefined; + + if (!firstTarget) { + continue; + } + + // Insert into siteResources table + const stmt = db.prepare(` + INSERT INTO siteResources (siteId, orgId, name, protocol, proxyPort, destinationPort, destinationIp, enabled) + VALUES (?, ?, ?, ?, ?, ?, ?, ?) + `); + stmt.run( + resourceSiteMap.get(resource.resourceId), + resource.orgId, + resource.name, + resource.protocol, + resource.proxyPort, + firstTarget.port, + firstTarget.ip, + resource.enabled + ); + + // Delete from resources table + db.prepare("DELETE FROM resources WHERE resourceId = ?").run( + resource.resourceId + ); + + // Delete the targets for this resource + db.prepare("DELETE FROM targets WHERE resourceId = ?").run( + resource.resourceId + ); + } + })(); + + db.pragma("foreign_keys = ON"); + + console.log(`Migrated database`); + } catch (e) { + console.log("Failed to migrate db:", e); + throw e; + } +} diff --git a/server/setup/setupServerAdmin.ts b/server/setup/setupServerAdmin.ts deleted file mode 100644 index 9a84852a..00000000 --- a/server/setup/setupServerAdmin.ts +++ /dev/null @@ -1,84 +0,0 @@ -import { generateId, invalidateAllSessions } from "@server/auth/sessions/app"; -import { hashPassword, verifyPassword } from "@server/auth/password"; -import config from "@server/lib/config"; -import db from "@server/db"; -import { users } from "@server/db/schemas"; -import logger from "@server/logger"; -import { eq } from "drizzle-orm"; -import moment from "moment"; -import { fromError } from "zod-validation-error"; -import { passwordSchema } from "@server/auth/passwordSchema"; -import { UserType } from "@server/types/UserTypes"; - -export async function setupServerAdmin() { - const { - server_admin: { email, password } - } = config.getRawConfig().users; - - const parsed = passwordSchema.safeParse(password); - - if (!parsed.success) { - throw Error( - `Invalid server admin password: ${fromError(parsed.error).toString()}` - ); - } - - const passwordHash = await hashPassword(password); - - await db.transaction(async (trx) => { - try { - const [existing] = await trx - .select() - .from(users) - .where(eq(users.serverAdmin, true)); - - if (existing) { - const passwordChanged = !(await verifyPassword( - password, - existing.passwordHash! - )); - - if (passwordChanged) { - await trx - .update(users) - .set({ passwordHash }) - .where(eq(users.userId, existing.userId)); - - // this isn't using the transaction, but it's probably fine - await invalidateAllSessions(existing.userId); - - logger.info(`Server admin password updated`); - } - - if (existing.email !== email) { - await trx - .update(users) - .set({ email }) - .where(eq(users.userId, existing.userId)); - - logger.info(`Server admin email updated`); - } - } else { - const userId = generateId(15); - - await trx.update(users).set({ serverAdmin: false }); - - await db.insert(users).values({ - userId: userId, - email: email, - type: UserType.Internal, - username: email, - passwordHash, - dateCreated: moment().toISOString(), - serverAdmin: true, - emailVerified: true - }); - - logger.info(`Server admin created`); - } - } catch (e) { - logger.error(e); - trx.rollback(); - } - }); -} diff --git a/server/types/Auth.ts b/server/types/Auth.ts index ce86623f..8e222987 100644 --- a/server/types/Auth.ts +++ b/server/types/Auth.ts @@ -1,6 +1,6 @@ import { Request } from "express"; -import { User } from "@server/db/schemas"; -import { Session } from "@server/db/schemas"; +import { User } from "@server/db"; +import { Session } from "@server/db"; export interface AuthenticatedRequest extends Request { user: User; diff --git a/src/app/[orgId]/MemberResourcesPortal.tsx b/src/app/[orgId]/MemberResourcesPortal.tsx new file mode 100644 index 00000000..4d3a7717 --- /dev/null +++ b/src/app/[orgId]/MemberResourcesPortal.tsx @@ -0,0 +1,718 @@ +"use client"; + +import { useState, useEffect } from "react"; +import { useTranslations } from "next-intl"; +import { Card, CardHeader, CardTitle, CardContent } from "@/components/ui/card"; +import { Button } from "@/components/ui/button"; +import { Input } from "@/components/ui/input"; +import { + Select, + SelectContent, + SelectItem, + SelectTrigger, + SelectValue +} from "@/components/ui/select"; +import { + ExternalLink, + Globe, + Search, + RefreshCw, + AlertCircle, + ChevronLeft, + ChevronRight, + Key, + KeyRound, + Fingerprint, + AtSign, + Copy, + InfoIcon, + Combine +} from "lucide-react"; +import { createApiClient } from "@app/lib/api"; +import { useEnvContext } from "@app/hooks/useEnvContext"; +import { GetUserResourcesResponse } from "@server/routers/resource/getUserResources"; +import SettingsSectionTitle from "@app/components/SettingsSectionTitle"; +import { useToast } from "@app/hooks/useToast"; +import { InfoPopup } from "@/components/ui/info-popup"; +import { + Tooltip, + TooltipContent, + TooltipProvider, + TooltipTrigger +} from "@/components/ui/tooltip"; + +// Update Resource type to include site information +type Resource = { + resourceId: number; + name: string; + domain: string; + enabled: boolean; + protected: boolean; + protocol: string; + // Auth method fields + sso?: boolean; + password?: boolean; + pincode?: boolean; + whitelist?: boolean; + // Site information + siteName?: string | null; +}; + +type MemberResourcesPortalProps = { + orgId: string; +}; + +// Favicon component with fallback +const ResourceFavicon = ({ + domain, + enabled +}: { + domain: string; + enabled: boolean; +}) => { + const [faviconError, setFaviconError] = useState(false); + const [faviconLoaded, setFaviconLoaded] = useState(false); + + // Extract domain for favicon URL + const cleanDomain = domain.replace(/^https?:\/\//, "").split("/")[0]; + const faviconUrl = `https://www.google.com/s2/favicons?domain=${cleanDomain}&sz=32`; + + const handleFaviconLoad = () => { + setFaviconLoaded(true); + setFaviconError(false); + }; + + const handleFaviconError = () => { + setFaviconError(true); + setFaviconLoaded(false); + }; + + if (faviconError || !enabled) { + return ( + + ); + } + + return ( +
+ {!faviconLoaded && ( +
+ )} + {`${cleanDomain} +
+ ); +}; + +// Resource Info component +const ResourceInfo = ({ resource }: { resource: Resource }) => { + const hasAuthMethods = + resource.sso || + resource.password || + resource.pincode || + resource.whitelist; + + const infoContent = ( +
+ {/* Site Information */} + {resource.siteName && ( +
+
Site
+
+ + {resource.siteName} +
+
+ )} + + {/* Authentication Methods */} + {hasAuthMethods && ( +
+
+ Authentication Methods +
+
+ {resource.sso && ( +
+
+ +
+ + Single Sign-On (SSO) + +
+ )} + {resource.password && ( +
+
+ +
+ + Password Protected + +
+ )} + {resource.pincode && ( +
+
+ +
+ PIN Code +
+ )} + {resource.whitelist && ( +
+
+ +
+ Email Whitelist +
+ )} +
+
+ )} + + {/* Resource Status - if disabled */} + {!resource.enabled && ( +
+
+ + + Resource Disabled + +
+
+ )} +
+ ); + + return {infoContent}; +}; + +// Pagination component +const PaginationControls = ({ + currentPage, + totalPages, + onPageChange, + totalItems, + itemsPerPage +}: { + currentPage: number; + totalPages: number; + onPageChange: (page: number) => void; + totalItems: number; + itemsPerPage: number; +}) => { + const startItem = (currentPage - 1) * itemsPerPage + 1; + const endItem = Math.min(currentPage * itemsPerPage, totalItems); + + if (totalPages <= 1) return null; + + return ( +
+
+ Showing {startItem}-{endItem} of {totalItems} resources +
+ +
+ + +
+ {Array.from({ length: totalPages }, (_, i) => i + 1).map( + (page) => { + // Show first page, last page, current page, and 2 pages around current + const showPage = + page === 1 || + page === totalPages || + Math.abs(page - currentPage) <= 1; + + const showEllipsis = + (page === 2 && currentPage > 4) || + (page === totalPages - 1 && + currentPage < totalPages - 3); + + if (!showPage && !showEllipsis) return null; + + if (showEllipsis) { + return ( + + ... + + ); + } + + return ( + + ); + } + )} +
+ + +
+
+ ); +}; + +// Loading skeleton component +const ResourceCardSkeleton = () => ( + + +
+
+
+
+ + +
+
+
+
+
+
+
+
+
+
+
+
+
+ + +); + +export default function MemberResourcesPortal({ + orgId +}: MemberResourcesPortalProps) { + const t = useTranslations(); + const { env } = useEnvContext(); + const api = createApiClient({ env }); + const { toast } = useToast(); + + const [resources, setResources] = useState([]); + const [filteredResources, setFilteredResources] = useState([]); + const [loading, setLoading] = useState(true); + const [error, setError] = useState(null); + const [searchQuery, setSearchQuery] = useState(""); + const [sortBy, setSortBy] = useState("name-asc"); + const [refreshing, setRefreshing] = useState(false); + + // Pagination state + const [currentPage, setCurrentPage] = useState(1); + const itemsPerPage = 12; // 3x4 grid on desktop + + const fetchUserResources = async (isRefresh = false) => { + try { + if (isRefresh) { + setRefreshing(true); + } else { + setLoading(true); + } + setError(null); + + const response = await api.get( + `/org/${orgId}/user-resources` + ); + + if (response.data.success) { + setResources(response.data.data.resources); + setFilteredResources(response.data.data.resources); + } else { + setError("Failed to load resources"); + } + } catch (err) { + console.error("Error fetching user resources:", err); + setError( + "Failed to load resources. Please check your connection and try again." + ); + } finally { + setLoading(false); + setRefreshing(false); + } + }; + + useEffect(() => { + fetchUserResources(); + }, [orgId, api]); + + // Filter and sort resources + useEffect(() => { + const filtered = resources.filter( + (resource) => + resource.name + .toLowerCase() + .includes(searchQuery.toLowerCase()) || + resource.domain + .toLowerCase() + .includes(searchQuery.toLowerCase()) + ); + + // Sort resources + filtered.sort((a, b) => { + switch (sortBy) { + case "name-asc": + return a.name.localeCompare(b.name); + case "name-desc": + return b.name.localeCompare(a.name); + case "domain-asc": + return a.domain.localeCompare(b.domain); + case "domain-desc": + return b.domain.localeCompare(a.domain); + case "status-enabled": + // Enabled first, then protected vs unprotected + if (a.enabled !== b.enabled) return b.enabled ? 1 : -1; + return b.protected ? 1 : -1; + case "status-disabled": + // Disabled first, then unprotected vs protected + if (a.enabled !== b.enabled) return a.enabled ? 1 : -1; + return a.protected ? 1 : -1; + default: + return a.name.localeCompare(b.name); + } + }); + + setFilteredResources(filtered); + + // Reset to first page when search/sort changes + setCurrentPage(1); + }, [resources, searchQuery, sortBy]); + + // Calculate pagination + const totalPages = Math.ceil(filteredResources.length / itemsPerPage); + const startIndex = (currentPage - 1) * itemsPerPage; + const paginatedResources = filteredResources.slice( + startIndex, + startIndex + itemsPerPage + ); + + const handleOpenResource = (resource: Resource) => { + // Open the resource in a new tab + window.open(resource.domain, "_blank"); + }; + + const handleRefresh = () => { + fetchUserResources(true); + }; + + const handleRetry = () => { + fetchUserResources(); + }; + + const handlePageChange = (page: number) => { + setCurrentPage(page); + // Scroll to top when page changes + window.scrollTo({ top: 0, behavior: "smooth" }); + }; + + if (loading) { + return ( +
+ + + {/* Search and Sort Controls - Skeleton */} +
+
+
+
+
+
+
+
+ + {/* Loading Skeletons */} +
+ {Array.from({ length: 12 }).map((_, index) => ( + + ))} +
+
+ ); + } + + if (error) { + return ( +
+ + + +
+ +
+

+ Unable to Load Resources +

+

+ {error} +

+ + + +
+ ); + } + + return ( +
+ + + {/* Search and Sort Controls with Refresh */} +
+
+ {/* Search */} +
+ setSearchQuery(e.target.value)} + className="w-full pl-8 bg-card" + /> + +
+ + {/* Sort */} +
+ +
+
+ + {/* Refresh Button */} + +
+ + {/* Resources Content */} + {filteredResources.length === 0 ? ( + /* Enhanced Empty State */ + + +
+ {searchQuery ? ( + + ) : ( + + )} +
+

+ {searchQuery + ? "No Resources Found" + : "No Resources Available"} +

+

+ {searchQuery + ? `No resources match "${searchQuery}". Try adjusting your search terms or clearing the search to see all resources.` + : "You don't have access to any resources yet. Contact your administrator to get access to resources you need."} +

+
+ {searchQuery ? ( + + ) : ( + + )} +
+ + + ) : ( + <> + {/* Resources Grid */} +
+ {paginatedResources.map((resource) => ( + +
+
+
+ + + + + {resource.name} + + + +

+ {resource.name} +

+ + + +
+ +
+ +
+
+ +
+ + +
+
+ +
+ +
+ + ))} +
+ + {/* Pagination Controls */} + + + )} +
+ ); +} diff --git a/src/app/[orgId]/OrganizationLandingCard.tsx b/src/app/[orgId]/OrganizationLandingCard.tsx index 6bf0f57f..f4d0d761 100644 --- a/src/app/[orgId]/OrganizationLandingCard.tsx +++ b/src/app/[orgId]/OrganizationLandingCard.tsx @@ -10,7 +10,16 @@ import { CardFooter } from "@/components/ui/card"; import { Button } from "@/components/ui/button"; -import { Users, Settings, Waypoints, Combine } from "lucide-react"; +import { + Users, + Globe, + Database, + Cog, + Settings, + Waypoints, + Combine +} from "lucide-react"; +import { useTranslations } from "next-intl"; import { RoleItem } from "@server/routers/user"; interface OrgStat { @@ -39,19 +48,21 @@ export default function OrganizationLandingCard( ) { const [orgData] = useState(props); + const t = useTranslations(); + const orgStats: OrgStat[] = [ { - label: "Sites", + label: t("sites"), value: orgData.overview.stats.sites, icon: }, { - label: "Resources", + label: t("resources"), value: orgData.overview.stats.resources, icon: }, { - label: "Users", + label: t("users"), value: orgData.overview.stats.users, icon: } @@ -82,21 +93,17 @@ export default function OrganizationLandingCard( ))}
- Your role - {orgData.overview.isOwner || - orgData.overview.isAdmin || - orgData.overview.roles.length === 1 - ? "" - : "s"} - :{" "} + {t("accessRoleYour", { + count: orgData.overview.isOwner + ? 1 + : orgData.overview.roles.length + })}{" "} {orgData.overview.isOwner - ? "Owner" - : orgData.overview.isAdmin - ? "Admin" - : orgData.overview.roles - .map((r) => r.name) - .join(", ")} + ? t("accessRoleOwner") + : orgData.overview.roles + .map((r) => r.name) + .join(", ")}
@@ -105,7 +112,7 @@ export default function OrganizationLandingCard( diff --git a/src/app/[orgId]/layout.tsx b/src/app/[orgId]/layout.tsx index fa41beb2..3ab0b92e 100644 --- a/src/app/[orgId]/layout.tsx +++ b/src/app/[orgId]/layout.tsx @@ -8,6 +8,7 @@ import { GetOrgUserResponse } from "@server/routers/user"; import { AxiosResponse } from "axios"; import { redirect } from "next/navigation"; import { cache } from "react"; +import SetLastOrgCookie from "@app/components/SetLastOrgCookie"; export default async function OrgLayout(props: { children: React.ReactNode; @@ -52,6 +53,7 @@ export default async function OrgLayout(props: { return ( <> {props.children} + ); } diff --git a/src/app/[orgId]/page.tsx b/src/app/[orgId]/page.tsx index a9d78849..4740198b 100644 --- a/src/app/[orgId]/page.tsx +++ b/src/app/[orgId]/page.tsx @@ -2,14 +2,17 @@ import { verifySession } from "@app/lib/auth/verifySession"; import UserProvider from "@app/providers/UserProvider"; import { cache } from "react"; import OrganizationLandingCard from "./OrganizationLandingCard"; +import MemberResourcesPortal from "./MemberResourcesPortal"; import { GetOrgOverviewResponse } from "@server/routers/org/getOrgOverview"; import { internal } from "@app/lib/api"; import { AxiosResponse } from "axios"; import { authCookieHeader } from "@app/lib/api/cookies"; import { redirect } from "next/navigation"; import { Layout } from "@app/components/Layout"; -import { orgLangingNavItems, orgNavItems, rootNavItems } from "../navigation"; import { ListUserOrgsResponse } from "@server/routers/org"; +import { pullEnv } from "@app/lib/pullEnv"; +import EnvProvider from "@app/providers/EnvProvider"; +import { orgLangingNavItems } from "@app/app/navigation"; type OrgPageProps = { params: Promise<{ orgId: string }>; @@ -18,6 +21,7 @@ type OrgPageProps = { export default async function OrgPage(props: OrgPageProps) { const params = await props.params; const orgId = params.orgId; + const env = pullEnv(); const getUser = cache(verifySession); const user = await getUser(); @@ -26,7 +30,6 @@ export default async function OrgPage(props: OrgPageProps) { redirect("/"); } - let redirectToSettings = false; let overview: GetOrgOverviewResponse | undefined; try { const res = await internal.get>( @@ -34,16 +37,14 @@ export default async function OrgPage(props: OrgPageProps) { await authCookieHeader() ); overview = res.data.data; - - if (overview.isAdmin || overview.isOwner) { - redirectToSettings = true; - } } catch (e) {} - if (redirectToSettings) { + // If user is admin or owner, redirect to settings + if (overview?.isAdmin || overview?.isOwner) { redirect(`/${orgId}/settings`); } + // For non-admin users, show the member resources portal let orgs: ListUserOrgsResponse["orgs"] = []; try { const getOrgs = cache(async () => @@ -60,25 +61,8 @@ export default async function OrgPage(props: OrgPageProps) { return ( - - {overview && ( -
- -
- )} + + {overview && } ); diff --git a/src/app/[orgId]/settings/access/AccessPageHeaderAndNav.tsx b/src/app/[orgId]/settings/access/AccessPageHeaderAndNav.tsx index a3053e7e..47690dc6 100644 --- a/src/app/[orgId]/settings/access/AccessPageHeaderAndNav.tsx +++ b/src/app/[orgId]/settings/access/AccessPageHeaderAndNav.tsx @@ -2,6 +2,7 @@ import { HorizontalTabs } from "@app/components/HorizontalTabs"; import SettingsSectionTitle from "@app/components/SettingsSectionTitle"; +import { useTranslations } from "next-intl"; interface AccessPageHeaderAndNavProps { children: React.ReactNode; @@ -12,20 +13,22 @@ export default function AccessPageHeaderAndNav({ children, hasInvitations }: AccessPageHeaderAndNavProps) { + const t = useTranslations(); + const navItems = [ { - title: "Users", + title: t('users'), href: `/{orgId}/settings/access/users` }, { - title: "Roles", + title: t('roles'), href: `/{orgId}/settings/access/roles` } ]; if (hasInvitations) { navItems.push({ - title: "Invitations", + title: t('invite'), href: `/{orgId}/settings/access/invitations` }); } @@ -33,8 +36,8 @@ export default function AccessPageHeaderAndNav({ return ( <> diff --git a/src/app/[orgId]/settings/access/invitations/InvitationsDataTable.tsx b/src/app/[orgId]/settings/access/invitations/InvitationsDataTable.tsx index e2154b2d..396a3c20 100644 --- a/src/app/[orgId]/settings/access/invitations/InvitationsDataTable.tsx +++ b/src/app/[orgId]/settings/access/invitations/InvitationsDataTable.tsx @@ -4,6 +4,7 @@ import { ColumnDef, } from "@tanstack/react-table"; import { DataTable } from "@app/components/ui/data-table"; +import { useTranslations } from 'next-intl'; interface DataTableProps { columns: ColumnDef[]; @@ -14,12 +15,16 @@ export function InvitationsDataTable({ columns, data }: DataTableProps) { + + const t = useTranslations(); + return ( ); diff --git a/src/app/[orgId]/settings/access/invitations/InvitationsTable.tsx b/src/app/[orgId]/settings/access/invitations/InvitationsTable.tsx index 9618df14..dfb3d263 100644 --- a/src/app/[orgId]/settings/access/invitations/InvitationsTable.tsx +++ b/src/app/[orgId]/settings/access/invitations/InvitationsTable.tsx @@ -17,6 +17,8 @@ import { useOrgContext } from "@app/hooks/useOrgContext"; import { toast } from "@app/hooks/useToast"; import { createApiClient } from "@app/lib/api"; import { useEnvContext } from "@app/hooks/useEnvContext"; +import { useTranslations } from "next-intl"; +import moment from "moment"; export type InvitationRow = { id: string; @@ -39,67 +41,75 @@ export default function InvitationsTable({ const [selectedInvitation, setSelectedInvitation] = useState(null); + const t = useTranslations(); + const api = createApiClient(useEnvContext()); const { org } = useOrgContext(); const columns: ColumnDef[] = [ - { - id: "dots", - cell: ({ row }) => { - const invitation = row.original; - return ( - - - - - - { - setIsRegenerateModalOpen(true); - setSelectedInvitation(invitation); - }} - > - Regenerate Invitation - - { - setIsDeleteModalOpen(true); - setSelectedInvitation(invitation); - }} - > - - Remove Invitation - - - - - ); - } - }, { accessorKey: "email", - header: "Email" + header: t("email") }, { accessorKey: "expiresAt", - header: "Expires At", + header: t("expiresAt"), cell: ({ row }) => { const expiresAt = new Date(row.original.expiresAt); const isExpired = expiresAt < new Date(); return ( - {expiresAt.toLocaleString()} + {moment(expiresAt).format("lll")} ); } }, { accessorKey: "role", - header: "Role" + header: t("role") + }, + { + id: "dots", + cell: ({ row }) => { + const invitation = row.original; + return ( +
+ + + + + + { + setIsDeleteModalOpen(true); + setSelectedInvitation(invitation); + }} + > + + {t("inviteRemove")} + + + + + + +
+ ); + } } ]; @@ -112,17 +122,18 @@ export default function InvitationsTable({ .catch((e) => { toast({ variant: "destructive", - title: "Failed to remove invitation", - description: - "An error occurred while removing the invitation." + title: t("inviteRemoveError"), + description: t("inviteRemoveErrorDescription") }); }); if (res && res.status === 200) { toast({ variant: "default", - title: "Invitation removed", - description: `The invitation for ${selectedInvitation.email} has been removed.` + title: t("inviteRemoved"), + description: t("inviteRemovedDescription", { + email: selectedInvitation.email + }) }); setInvitations((prev) => @@ -146,23 +157,18 @@ export default function InvitationsTable({ dialog={

- Are you sure you want to remove the invitation for{" "} - {selectedInvitation?.email}? -

-

- Once removed, this invitation will no longer be - valid. You can always re-invite the user later. -

-

- To confirm, please type the email address of the - invitation below. + {t("inviteQuestionRemove", { + email: selectedInvitation?.email || "" + })}

+

{t("inviteMessageRemove")}

+

{t("inviteMessageConfirm")}

} - buttonText="Confirm Remove Invitation" + buttonText={t("inviteRemoveConfirm")} onConfirm={removeInvitation} string={selectedInvitation?.email ?? ""} - title="Remove Invitation" + title={t("inviteRemove")} /> { @@ -79,9 +82,8 @@ export default function RegenerateInvitationForm({ if (!org?.org.orgId) { toast({ variant: "destructive", - title: "Organization ID Missing", - description: - "Unable to regenerate invitation without an organization ID.", + title: t('orgMissing'), + description: t('orgMissingMessage'), duration: 5000 }); return; @@ -105,15 +107,15 @@ export default function RegenerateInvitationForm({ if (sendEmail) { toast({ variant: "default", - title: "Invitation Regenerated", - description: `A new invitation has been sent to ${invitation.email}.`, + title: t('inviteRegenerated'), + description: t('inviteSent', {email: invitation.email}), duration: 5000 }); } else { toast({ variant: "default", - title: "Invitation Regenerated", - description: `A new invitation has been generated for ${invitation.email}.`, + title: t('inviteRegenerated'), + description: t('inviteGenerate', {email: invitation.email}), duration: 5000 }); } @@ -130,24 +132,22 @@ export default function RegenerateInvitationForm({ if (error.response?.status === 409) { toast({ variant: "destructive", - title: "Duplicate Invite", - description: "An invitation for this user already exists.", + title: t('inviteDuplicateError'), + description: t('inviteDuplicateErrorDescription'), duration: 5000 }); } else if (error.response?.status === 429) { toast({ variant: "destructive", - title: "Rate Limit Exceeded", - description: - "You have exceeded the limit of 3 regenerations per hour. Please try again later.", + title: t('inviteRateLimitError'), + description: t('inviteRateLimitErrorDescription'), duration: 5000 }); } else { toast({ variant: "destructive", - title: "Failed to Regenerate Invitation", - description: - "An error occurred while regenerating the invitation.", + title: t('inviteRegenerateError'), + description: t('inviteRegenerateErrorDescription'), duration: 5000 }); } @@ -168,18 +168,16 @@ export default function RegenerateInvitationForm({ > - Regenerate Invitation + {t('inviteRegenerate')} - Revoke previous invitation and create a new one + {t('inviteRegenerateDescription')} {!inviteLink ? (

- Are you sure you want to regenerate the - invitation for {invitation?.email}? This - will revoke the previous invitation. + {t('inviteQuestionRegenerate', {email: invitation?.email || ""})}

@@ -146,7 +147,7 @@ export default function CreateRoleForm({ name="description" render={({ field }) => ( - Description + {t('description')} @@ -159,7 +160,7 @@ export default function CreateRoleForm({ - + diff --git a/src/app/[orgId]/settings/access/roles/DeleteRoleForm.tsx b/src/app/[orgId]/settings/access/roles/DeleteRoleForm.tsx index 80d97267..f3042f71 100644 --- a/src/app/[orgId]/settings/access/roles/DeleteRoleForm.tsx +++ b/src/app/[orgId]/settings/access/roles/DeleteRoleForm.tsx @@ -38,6 +38,7 @@ import { RoleRow } from "./RolesTable"; import { formatAxiosError } from "@app/lib/api"; import { createApiClient } from "@app/lib/api"; import { useEnvContext } from "@app/hooks/useEnvContext"; +import { useTranslations } from "next-intl"; type CreateRoleFormProps = { open: boolean; @@ -46,10 +47,6 @@ type CreateRoleFormProps = { afterDelete?: () => void; }; -const formSchema = z.object({ - newRoleId: z.string({ message: "New role is required" }) -}); - export default function DeleteRoleForm({ open, roleToDelete, @@ -57,12 +54,17 @@ export default function DeleteRoleForm({ afterDelete }: CreateRoleFormProps) { const { org } = useOrgContext(); + const t = useTranslations(); const [loading, setLoading] = useState(false); const [roles, setRoles] = useState([]); const api = createApiClient(useEnvContext()); + const formSchema = z.object({ + newRoleId: z.string({ message: t('accessRoleErrorNewRequired') }) + }); + useEffect(() => { async function fetchRoles() { const res = await api @@ -73,10 +75,10 @@ export default function DeleteRoleForm({ console.error(e); toast({ variant: "destructive", - title: "Failed to fetch roles", + title: t('accessRoleErrorFetch'), description: formatAxiosError( e, - "An error occurred while fetching the roles" + t('accessRoleErrorFetchDescription') ) }); }); @@ -112,10 +114,10 @@ export default function DeleteRoleForm({ .catch((e) => { toast({ variant: "destructive", - title: "Failed to remove role", + title: t('accessRoleErrorRemove'), description: formatAxiosError( e, - "An error occurred while removing the role." + t('accessRoleErrorRemoveDescription') ) }); }); @@ -123,8 +125,8 @@ export default function DeleteRoleForm({ if (res && res.status === 200) { toast({ variant: "default", - title: "Role removed", - description: "The role has been successfully removed." + title: t('accessRoleRemoved'), + description: t('accessRoleRemovedDescription') }); if (open) { @@ -151,22 +153,18 @@ export default function DeleteRoleForm({ > - Remove Role + {t('accessRoleRemove')} - Remove a role from the organization + {t('accessRoleRemoveDescription')} -

- You're about to delete the{" "} - {roleToDelete.name} role. You cannot - undo this action. + {t('accessRoleQuestionRemove', {name: roleToDelete.name})}

- Before deleting this role, please select a - new role to transfer existing members to. + {t('accessRoleRequiredRemove')}

@@ -180,7 +178,7 @@ export default function DeleteRoleForm({ name="newRoleId" render={({ field }) => ( - Role + {t('role')} - - - + {!inviteLink ? ( + + + + {t("userSettings")} + + + {t("userSettingsDescription")} + + + + + + - - {env.email.emailEnabled && ( -
- - setSendEmail( - e as boolean - ) - } - /> - -
- )} - - ( - - - Valid For - - - - {validFor.map( - ( - option - ) => ( - - { - option.name - } - - ) - )} - - - - - )} - /> + + + )} + /> - ( - - - Role - - + + + + + + + {validFor.map( + ( + option + ) => ( + + { + option.name + } + + ) + )} + + + + + )} + /> + + ( + + + {t("role")} + + + + + )} + /> + + {env.email.emailEnabled && ( +
+ + setSendEmail( + e as boolean + ) + } + /> + +
)} - /> - - {inviteLink && ( -
- {sendEmail && ( -

- An email has - been sent to the - user with the - access link - below. They must - access the link - to accept the - invitation. -

- )} - {!sendEmail && ( -

- The user has - been invited. - They must access - the link below - to accept the - invitation. -

- )} -

- The invite will - expire in{" "} - - {expiresInDays}{" "} - {expiresInDays === - 1 - ? "day" - : "days"} - - . -

- -
- )} - - - - -
+ + + + + + ) : ( + + + + {t("userInvited")} + + + {sendEmail + ? t( + "inviteEmailSentDescription" + ) + : t("inviteSentDescription")} + + + +
+

+ {t("inviteExpiresIn", { + days: expiresInDays + })} +

+ +
+ + + )} )} @@ -554,20 +569,16 @@ export default function Page() { - Identity Provider + {t("idpTitle")} - Select the identity provider for the - external user + {t("idpSelect")} {idps.length === 0 ? (

- No identity providers are - configured. Please configure an - identity provider before creating - external users. + {t("idpNotConfigured")}

) : (
@@ -606,7 +617,7 @@ export default function Page() { idp || null ); }} - cols={3} + cols={2} /> @@ -621,10 +632,10 @@ export default function Page() { - User Information + {t("userSettings")} - Enter the details for the new user + {t("userSettingsDescription")} @@ -645,7 +656,9 @@ export default function Page() { render={({ field }) => ( - Username + {t( + "username" + )}

- This must - match the - unique - username - that exists - in the - selected - identity - provider. + {t( + "usernameUniq" + )}

@@ -676,8 +683,9 @@ export default function Page() { render={({ field }) => ( - Email - (Optional) + {t( + "emailOptional" + )} ( - Name - (Optional) + {t( + "nameOptional" + )} ( - Role + {t("role")} + + + + )} + /> + + + + + + + + + + {t('apiKeysGeneralSettings')} + + + {t('apiKeysGeneralSettingsDescription')} + + + + + + + + )} + + {apiKey && ( + + + + {t('apiKeysList')} + + + + + + + {t('name')} + + + + + + + + {t('created')} + + + {moment( + apiKey.createdAt + ).format("lll")} + + + + + + + + {t('apiKeysSave')} + + + {t('apiKeysSaveDescription')} + + + + {/*

*/} + {/* {t('apiKeysInfo')} */} + {/*

*/} + + + + {/*
*/} + {/* */} + {/* ( */} + {/* */} + {/*
*/} + {/* { */} + {/* copiedForm.setValue( */} + {/* "copied", */} + {/* e as boolean */} + {/* ); */} + {/* }} */} + {/* /> */} + {/* */} + {/*
*/} + {/* */} + {/* */} + {/* )} */} + {/* /> */} + {/* */} + {/* */} +
+ + )} + + +
+ {!apiKey && ( + + )} + {!apiKey && ( + + )} + + {apiKey && ( + + )} +
+
+ )} + + ); +} diff --git a/src/app/[orgId]/settings/api-keys/page.tsx b/src/app/[orgId]/settings/api-keys/page.tsx new file mode 100644 index 00000000..188921e5 --- /dev/null +++ b/src/app/[orgId]/settings/api-keys/page.tsx @@ -0,0 +1,47 @@ +import { internal } from "@app/lib/api"; +import { authCookieHeader } from "@app/lib/api/cookies"; +import { AxiosResponse } from "axios"; +import SettingsSectionTitle from "@app/components/SettingsSectionTitle"; +import OrgApiKeysTable, { OrgApiKeyRow } from "./OrgApiKeysTable"; +import { ListOrgApiKeysResponse } from "@server/routers/apiKeys"; +import { getTranslations } from 'next-intl/server'; + +type ApiKeyPageProps = { + params: Promise<{ orgId: string }>; +}; + +export const dynamic = "force-dynamic"; + +export default async function ApiKeysPage(props: ApiKeyPageProps) { + const params = await props.params; + const t = await getTranslations(); + + let apiKeys: ListOrgApiKeysResponse["apiKeys"] = []; + try { + const res = await internal.get>( + `/org/${params.orgId}/api-keys`, + await authCookieHeader() + ); + apiKeys = res.data.data.apiKeys; + } catch (e) {} + + const rows: OrgApiKeyRow[] = apiKeys.map((key) => { + return { + name: key.name, + id: key.apiKeyId, + key: `${key.apiKeyId}••••••••••••••••••••${key.lastChars}`, + createdAt: key.createdAt + }; + }); + + return ( + <> + + + + + ); +} diff --git a/src/app/[orgId]/settings/resources/ResourcesDataTable.tsx b/src/app/[orgId]/settings/clients/ClientsDataTable.tsx similarity index 60% rename from src/app/[orgId]/settings/resources/ResourcesDataTable.tsx rename to src/app/[orgId]/settings/clients/ClientsDataTable.tsx index a9db3e79..6242ba05 100644 --- a/src/app/[orgId]/settings/resources/ResourcesDataTable.tsx +++ b/src/app/[orgId]/settings/clients/ClientsDataTable.tsx @@ -8,23 +8,24 @@ import { DataTable } from "@app/components/ui/data-table"; interface DataTableProps { columns: ColumnDef[]; data: TData[]; - createResource?: () => void; + addClient?: () => void; } -export function ResourcesDataTable({ +export function ClientsDataTable({ columns, data, - createResource + addClient }: DataTableProps) { return ( ); } diff --git a/src/app/[orgId]/settings/clients/ClientsTable.tsx b/src/app/[orgId]/settings/clients/ClientsTable.tsx new file mode 100644 index 00000000..7fa81622 --- /dev/null +++ b/src/app/[orgId]/settings/clients/ClientsTable.tsx @@ -0,0 +1,298 @@ +"use client"; + +import { ColumnDef } from "@tanstack/react-table"; +import { ClientsDataTable } from "./ClientsDataTable"; +import { + DropdownMenu, + DropdownMenuContent, + DropdownMenuItem, + DropdownMenuTrigger +} from "@app/components/ui/dropdown-menu"; +import { Button } from "@app/components/ui/button"; +import { + ArrowRight, + ArrowUpDown, + ArrowUpRight, + Check, + MoreHorizontal, + X +} from "lucide-react"; +import Link from "next/link"; +import { useRouter } from "next/navigation"; +import { useState } from "react"; +import ConfirmDeleteDialog from "@app/components/ConfirmDeleteDialog"; +import { toast } from "@app/hooks/useToast"; +import { formatAxiosError } from "@app/lib/api"; +import { createApiClient } from "@app/lib/api"; +import { useEnvContext } from "@app/hooks/useEnvContext"; + +export type ClientRow = { + id: number; + name: string; + subnet: string; + // siteIds: string; + mbIn: string; + mbOut: string; + orgId: string; + online: boolean; +}; + +type ClientTableProps = { + clients: ClientRow[]; + orgId: string; +}; + +export default function ClientsTable({ clients, orgId }: ClientTableProps) { + const router = useRouter(); + + const [isCreateModalOpen, setIsCreateModalOpen] = useState(false); + const [isDeleteModalOpen, setIsDeleteModalOpen] = useState(false); + const [selectedClient, setSelectedClient] = useState( + null + ); + const [rows, setRows] = useState(clients); + + const api = createApiClient(useEnvContext()); + + const deleteClient = (clientId: number) => { + api.delete(`/client/${clientId}`) + .catch((e) => { + console.error("Error deleting client", e); + toast({ + variant: "destructive", + title: "Error deleting client", + description: formatAxiosError(e, "Error deleting client") + }); + }) + .then(() => { + router.refresh(); + setIsDeleteModalOpen(false); + + const newRows = rows.filter((row) => row.id !== clientId); + + setRows(newRows); + }); + }; + + const columns: ColumnDef[] = [ + { + accessorKey: "name", + header: ({ column }) => { + return ( + + ); + } + }, + // { + // accessorKey: "siteName", + // header: ({ column }) => { + // return ( + // + // ); + // }, + // cell: ({ row }) => { + // const r = row.original; + // return ( + // + // + // + // ); + // } + // }, + { + accessorKey: "online", + header: ({ column }) => { + return ( + + ); + }, + cell: ({ row }) => { + const originalRow = row.original; + if (originalRow.online) { + return ( + +
+ Connected + + ); + } else { + return ( + +
+ Disconnected + + ); + } + } + }, + { + accessorKey: "mbIn", + header: ({ column }) => { + return ( + + ); + } + }, + { + accessorKey: "mbOut", + header: ({ column }) => { + return ( + + ); + } + }, + { + accessorKey: "subnet", + header: ({ column }) => { + return ( + + ); + } + }, + { + id: "actions", + cell: ({ row }) => { + const clientRow = row.original; + return ( +
+ + + + + + + {/* */} + {/* */} + {/* View settings */} + {/* */} + {/* */} + { + setSelectedClient(clientRow); + setIsDeleteModalOpen(true); + }} + > + Delete + + + + + + +
+ ); + } + } + ]; + + return ( + <> + {selectedClient && ( + { + setIsDeleteModalOpen(val); + setSelectedClient(null); + }} + dialog={ +
+

+ Are you sure you want to remove the client{" "} + + {selectedClient?.name || selectedClient?.id} + {" "} + from the site and organization? +

+ +

+ + Once removed, the client will no longer be + able to connect to the site.{" "} + +

+ +

+ To confirm, please type the name of the client + below. +

+
+ } + buttonText="Confirm Delete Client" + onConfirm={async () => deleteClient(selectedClient!.id)} + string={selectedClient.name} + title="Delete Client" + /> + )} + + { + router.push(`/${orgId}/settings/clients/create`); + }} + /> + + ); +} diff --git a/src/app/[orgId]/settings/clients/[clientId]/ClientInfoCard.tsx b/src/app/[orgId]/settings/clients/[clientId]/ClientInfoCard.tsx new file mode 100644 index 00000000..ec8ecacf --- /dev/null +++ b/src/app/[orgId]/settings/clients/[clientId]/ClientInfoCard.tsx @@ -0,0 +1,54 @@ +"use client"; + +import { Alert, AlertDescription, AlertTitle } from "@/components/ui/alert"; +import { InfoIcon } from "lucide-react"; +import { useClientContext } from "@app/hooks/useClientContext"; +import { + InfoSection, + InfoSectionContent, + InfoSections, + InfoSectionTitle +} from "@app/components/InfoSection"; +import { useTranslations } from "next-intl"; + +type ClientInfoCardProps = {}; + +export default function SiteInfoCard({}: ClientInfoCardProps) { + const { client, updateClient } = useClientContext(); + const t = useTranslations(); + + return ( + + + {t("clientInformation")} + + + <> + + {t("status")} + + {client.online ? ( +
+
+ {t("online")} +
+ ) : ( +
+
+ {t("offline")} +
+ )} + + + + + {t("address")} + + {client.subnet.split("/")[0]} + + + + + + ); +} diff --git a/src/app/[orgId]/settings/clients/[clientId]/general/page.tsx b/src/app/[orgId]/settings/clients/[clientId]/general/page.tsx new file mode 100644 index 00000000..27d708a4 --- /dev/null +++ b/src/app/[orgId]/settings/clients/[clientId]/general/page.tsx @@ -0,0 +1,227 @@ +"use client"; + +import { zodResolver } from "@hookform/resolvers/zod"; +import { z } from "zod"; +import { Button } from "@/components/ui/button"; +import { + Form, + FormControl, + FormDescription, + FormField, + FormItem, + FormLabel, + FormMessage +} from "@/components/ui/form"; +import { Input } from "@/components/ui/input"; +import { useClientContext } from "@app/hooks/useClientContext"; +import { useForm } from "react-hook-form"; +import { toast } from "@app/hooks/useToast"; +import { useRouter } from "next/navigation"; +import { + SettingsContainer, + SettingsSection, + SettingsSectionHeader, + SettingsSectionTitle, + SettingsSectionDescription, + SettingsSectionBody, + SettingsSectionForm, + SettingsSectionFooter +} from "@app/components/Settings"; +import { formatAxiosError } from "@app/lib/api"; +import { createApiClient } from "@app/lib/api"; +import { useEnvContext } from "@app/hooks/useEnvContext"; +import { useEffect, useState } from "react"; +import { Tag, TagInput } from "@app/components/tags/tag-input"; +import { AxiosResponse } from "axios"; +import { ListSitesResponse } from "@server/routers/site"; +import { useTranslations } from "next-intl"; + +const GeneralFormSchema = z.object({ + name: z.string().nonempty("Name is required"), + siteIds: z.array( + z.object({ + id: z.string(), + text: z.string() + }) + ) +}); + +type GeneralFormValues = z.infer; + +export default function GeneralPage() { + const t = useTranslations(); + const { client, updateClient } = useClientContext(); + const api = createApiClient(useEnvContext()); + const [loading, setLoading] = useState(false); + const router = useRouter(); + const [sites, setSites] = useState([]); + const [clientSites, setClientSites] = useState([]); + const [activeSitesTagIndex, setActiveSitesTagIndex] = useState(null); + + const form = useForm({ + resolver: zodResolver(GeneralFormSchema), + defaultValues: { + name: client?.name, + siteIds: [] + }, + mode: "onChange" + }); + + // Fetch available sites and client's assigned sites + useEffect(() => { + const fetchSites = async () => { + try { + // Fetch all available sites + const res = await api.get>( + `/org/${client?.orgId}/sites/` + ); + + const availableSites = res.data.data.sites + .filter((s) => s.type === "newt" && s.subnet) + .map((site) => ({ + id: site.siteId.toString(), + text: site.name + })); + + setSites(availableSites); + + // Filter sites to only include those assigned to the client + const assignedSites = availableSites.filter((site) => + client?.siteIds?.includes(parseInt(site.id)) + ); + setClientSites(assignedSites); + // Set the default values for the form + form.setValue("siteIds", assignedSites); + } catch (e) { + toast({ + variant: "destructive", + title: "Failed to fetch sites", + description: formatAxiosError( + e, + "An error occurred while fetching sites." + ) + }); + } + }; + + if (client?.clientId) { + fetchSites(); + } + }, [client?.clientId, client?.orgId, api, form]); + + async function onSubmit(data: GeneralFormValues) { + setLoading(true); + + try { + await api.post(`/client/${client?.clientId}`, { + name: data.name, + siteIds: data.siteIds.map(site => site.id) + }); + + updateClient({ name: data.name }); + + toast({ + title: t("clientUpdated"), + description: t("clientUpdatedDescription") + }); + + router.refresh(); + } catch (e) { + toast({ + variant: "destructive", + title: t("clientUpdateFailed"), + description: formatAxiosError( + e, + t("clientUpdateError") + ) + }); + } finally { + setLoading(false); + } + } + + return ( + + + + + {t("generalSettings")} + + + {t("generalSettingsDescription")} + + + + + +
+ + ( + + {t("name")} + + + + + + )} + /> + + ( + + {t("sites")} + { + form.setValue( + "siteIds", + newTags as [Tag, ...Tag[]] + ); + }} + enableAutocomplete={true} + autocompleteOptions={sites} + allowDuplicates={false} + restrictTagsToAutocompleteOptions={true} + sortTags={true} + /> + + {t("sitesDescription")} + + + + )} + /> + + +
+ + + + + + + + ); +} \ No newline at end of file diff --git a/src/app/[orgId]/settings/clients/[clientId]/layout.tsx b/src/app/[orgId]/settings/clients/[clientId]/layout.tsx new file mode 100644 index 00000000..d137b00c --- /dev/null +++ b/src/app/[orgId]/settings/clients/[clientId]/layout.tsx @@ -0,0 +1,57 @@ +import { internal } from "@app/lib/api"; +import { AxiosResponse } from "axios"; +import { authCookieHeader } from "@app/lib/api/cookies"; +import SettingsSectionTitle from "@app/components/SettingsSectionTitle"; +import { GetClientResponse } from "@server/routers/client"; +import ClientInfoCard from "./ClientInfoCard"; +import ClientProvider from "@app/providers/ClientProvider"; +import { redirect } from "next/navigation"; +import { HorizontalTabs } from "@app/components/HorizontalTabs"; + +type SettingsLayoutProps = { + children: React.ReactNode; + params: Promise<{ clientId: number; orgId: string }>; +} + +export default async function SettingsLayout(props: SettingsLayoutProps) { + const params = await props.params; + + const { children } = props; + + let client = null; + try { + const res = await internal.get>( + `/client/${params.clientId}`, + await authCookieHeader() + ); + client = res.data.data; + } catch (error) { + console.error("Error fetching client data:", error); + redirect(`/${params.orgId}/settings/clients`); + } + + const navItems = [ + { + title: "General", + href: `/{orgId}/settings/clients/{clientId}/general` + } + ]; + + return ( + <> + + + +
+ + + {children} + +
+ + + ); +} diff --git a/src/app/[orgId]/settings/clients/[clientId]/page.tsx b/src/app/[orgId]/settings/clients/[clientId]/page.tsx new file mode 100644 index 00000000..c484ec8c --- /dev/null +++ b/src/app/[orgId]/settings/clients/[clientId]/page.tsx @@ -0,0 +1,8 @@ +import { redirect } from "next/navigation"; + +export default async function ClientPage(props: { + params: Promise<{ orgId: string; clientId: number }>; +}) { + const params = await props.params; + redirect(`/${params.orgId}/settings/clients/${params.clientId}/general`); +} diff --git a/src/app/[orgId]/settings/clients/create/page.tsx b/src/app/[orgId]/settings/clients/create/page.tsx new file mode 100644 index 00000000..0736ee64 --- /dev/null +++ b/src/app/[orgId]/settings/clients/create/page.tsx @@ -0,0 +1,719 @@ +"use client"; + +import { + SettingsContainer, + SettingsSection, + SettingsSectionBody, + SettingsSectionDescription, + SettingsSectionForm, + SettingsSectionHeader, + SettingsSectionTitle +} from "@app/components/Settings"; +import { StrategySelect } from "@app/components/StrategySelect"; +import { + Form, + FormControl, + FormDescription, + FormField, + FormItem, + FormLabel, + FormMessage +} from "@app/components/ui/form"; +import HeaderTitle from "@app/components/SettingsSectionTitle"; +import { z } from "zod"; +import { createElement, useEffect, useState } from "react"; +import { useForm } from "react-hook-form"; +import { zodResolver } from "@hookform/resolvers/zod"; +import { Input } from "@app/components/ui/input"; +import { InfoIcon, Terminal } from "lucide-react"; +import { Button } from "@app/components/ui/button"; +import CopyTextBox from "@app/components/CopyTextBox"; +import CopyToClipboard from "@app/components/CopyToClipboard"; +import { + InfoSection, + InfoSectionContent, + InfoSections, + InfoSectionTitle +} from "@app/components/InfoSection"; +import { + FaApple, + FaCubes, + FaDocker, + FaFreebsd, + FaWindows +} from "react-icons/fa"; +import { Alert, AlertDescription, AlertTitle } from "@app/components/ui/alert"; +import { createApiClient, formatAxiosError } from "@app/lib/api"; +import { useEnvContext } from "@app/hooks/useEnvContext"; +import { + CreateClientBody, + CreateClientResponse, + PickClientDefaultsResponse +} from "@server/routers/client"; +import { ListSitesResponse } from "@server/routers/site"; +import { toast } from "@app/hooks/useToast"; +import { AxiosResponse } from "axios"; +import { useParams, useRouter } from "next/navigation"; +import { Tag, TagInput } from "@app/components/tags/tag-input"; + +import { useTranslations } from "next-intl"; + +type ClientType = "olm"; + +interface TunnelTypeOption { + id: ClientType; + title: string; + description: string; + disabled?: boolean; +} + +type Commands = { + mac: Record; + linux: Record; + windows: Record; +}; + +const platforms = ["linux", "mac", "windows"] as const; + +type Platform = (typeof platforms)[number]; + +export default function Page() { + const { env } = useEnvContext(); + const api = createApiClient({ env }); + const { orgId } = useParams(); + const router = useRouter(); + const t = useTranslations(); + + const createClientFormSchema = z.object({ + name: z + .string() + .min(2, { message: t("nameMin", { len: 2 }) }) + .max(30, { message: t("nameMax", { len: 30 }) }), + method: z.enum(["olm"]), + siteIds: z + .array( + z.object({ + id: z.string(), + text: z.string() + }) + ) + .refine((val) => val.length > 0, { + message: t("siteRequired") + }), + subnet: z.string().ip().min(1, { + message: t("subnetRequired") + }) + }); + + type CreateClientFormValues = z.infer; + + const [tunnelTypes, setTunnelTypes] = useState< + ReadonlyArray + >([ + { + id: "olm", + title: t("olmTunnel"), + description: t("olmTunnelDescription"), + disabled: true + } + ]); + + const [loadingPage, setLoadingPage] = useState(true); + const [sites, setSites] = useState([]); + const [activeSitesTagIndex, setActiveSitesTagIndex] = useState< + number | null + >(null); + + const [platform, setPlatform] = useState("linux"); + const [architecture, setArchitecture] = useState("amd64"); + const [commands, setCommands] = useState(null); + + const [olmId, setOlmId] = useState(""); + const [olmSecret, setOlmSecret] = useState(""); + const [olmCommand, setOlmCommand] = useState(""); + + const [createLoading, setCreateLoading] = useState(false); + + const [clientDefaults, setClientDefaults] = + useState(null); + + const hydrateCommands = ( + id: string, + secret: string, + endpoint: string, + version: string + ) => { + const commands = { + mac: { + "Apple Silicon (arm64)": [ + `curl -L -o olm "https://github.com/fosrl/olm/releases/download/${version}/olm_darwin_arm64" && chmod +x ./olm`, + `sudo ./olm --id ${id} --secret ${secret} --endpoint ${endpoint}` + ], + "Intel x64 (amd64)": [ + `curl -L -o olm "https://github.com/fosrl/olm/releases/download/${version}/olm_darwin_amd64" && chmod +x ./olm`, + `sudo ./olm --id ${id} --secret ${secret} --endpoint ${endpoint}` + ] + }, + linux: { + amd64: [ + `wget -O olm "https://github.com/fosrl/olm/releases/download/${version}/olm_linux_amd64" && chmod +x ./olm`, + `sudo ./olm --id ${id} --secret ${secret} --endpoint ${endpoint}` + ], + arm64: [ + `wget -O olm "https://github.com/fosrl/olm/releases/download/${version}/olm_linux_arm64" && chmod +x ./olm`, + `sudo ./olm --id ${id} --secret ${secret} --endpoint ${endpoint}` + ], + arm32: [ + `wget -O olm "https://github.com/fosrl/olm/releases/download/${version}/olm_linux_arm32" && chmod +x ./olm`, + `sudo ./olm --id ${id} --secret ${secret} --endpoint ${endpoint}` + ], + arm32v6: [ + `wget -O olm "https://github.com/fosrl/olm/releases/download/${version}/olm_linux_arm32v6" && chmod +x ./olm`, + `sudo ./olm --id ${id} --secret ${secret} --endpoint ${endpoint}` + ], + riscv64: [ + `wget -O olm "https://github.com/fosrl/olm/releases/download/${version}/olm_linux_riscv64" && chmod +x ./olm`, + `sudo ./olm --id ${id} --secret ${secret} --endpoint ${endpoint}` + ] + }, + windows: { + x64: [ + `curl -o olm.exe -L "https://github.com/fosrl/olm/releases/download/${version}/olm_windows_installer.exe"`, + `# Run the installer to install olm and wintun`, + `olm.exe --id ${id} --secret ${secret} --endpoint ${endpoint}` + ] + } + }; + setCommands(commands); + }; + + const getArchitectures = () => { + switch (platform) { + case "linux": + return ["amd64", "arm64", "arm32", "arm32v6", "riscv64"]; + case "mac": + return ["Apple Silicon (arm64)", "Intel x64 (amd64)"]; + case "windows": + return ["x64"]; + default: + return ["x64"]; + } + }; + + const getPlatformName = (platformName: string) => { + switch (platformName) { + case "windows": + return "Windows"; + case "mac": + return "macOS"; + case "docker": + return "Docker"; + default: + return "Linux"; + } + }; + + const getCommand = () => { + const placeholder = [t("unknownCommand")]; + if (!commands) { + return placeholder; + } + let platformCommands = commands[platform as keyof Commands]; + + if (!platformCommands) { + // get first key + const firstPlatform = Object.keys(commands)[0] as Platform; + platformCommands = commands[firstPlatform as keyof Commands]; + + setPlatform(firstPlatform); + } + + let architectureCommands = platformCommands[architecture]; + if (!architectureCommands) { + // get first key + const firstArchitecture = Object.keys(platformCommands)[0]; + architectureCommands = platformCommands[firstArchitecture]; + + setArchitecture(firstArchitecture); + } + + return architectureCommands || placeholder; + }; + + const getPlatformIcon = (platformName: string) => { + switch (platformName) { + case "windows": + return ; + case "mac": + return ; + case "docker": + return ; + case "podman": + return ; + case "freebsd": + return ; + default: + return ; + } + }; + + const form = useForm({ + resolver: zodResolver(createClientFormSchema), + defaultValues: { + name: "", + method: "olm", + siteIds: [], + subnet: "" + } + }); + + async function onSubmit(data: CreateClientFormValues) { + setCreateLoading(true); + + if (!clientDefaults) { + toast({ + variant: "destructive", + title: t("errorCreatingClient"), + description: t("clientDefaultsNotFound") + }); + setCreateLoading(false); + return; + } + + const payload: CreateClientBody = { + name: data.name, + type: data.method as "olm", + siteIds: data.siteIds.map((site) => parseInt(site.id)), + olmId: clientDefaults.olmId, + secret: clientDefaults.olmSecret, + subnet: data.subnet + }; + + const res = await api + .put< + AxiosResponse + >(`/org/${orgId}/client`, payload) + .catch((e) => { + toast({ + variant: "destructive", + title: t("errorCreatingClient"), + description: formatAxiosError(e) + }); + }); + + if (res && res.status === 201) { + const data = res.data.data; + router.push(`/${orgId}/settings/clients/${data.clientId}`); + } + + setCreateLoading(false); + } + + useEffect(() => { + const load = async () => { + setLoadingPage(true); + + // Fetch available sites + + const res = await api.get>( + `/org/${orgId}/sites/` + ); + const sites = res.data.data.sites.filter( + (s) => s.type === "newt" && s.subnet + ); + setSites( + sites.map((site) => ({ + id: site.siteId.toString(), + text: site.name + })) + ); + + let olmVersion = "latest"; + + try { + const controller = new AbortController(); + const timeoutId = setTimeout(() => controller.abort(), 3000); + + const response = await fetch( + `https://api.github.com/repos/fosrl/olm/releases/latest`, + { signal: controller.signal } + ); + + clearTimeout(timeoutId); + + if (!response.ok) { + throw new Error( + t("olmErrorFetchReleases", { + err: response.statusText + }) + ); + } + const data = await response.json(); + const latestVersion = data.tag_name; + olmVersion = latestVersion; + } catch (error) { + if (error instanceof Error && error.name === 'AbortError') { + console.error(t("olmErrorFetchTimeout")); + } else { + console.error( + t("olmErrorFetchLatest", { + err: + error instanceof Error + ? error.message + : String(error) + }) + ); + } + } + + await api + .get(`/org/${orgId}/pick-client-defaults`) + .catch((e) => { + form.setValue("method", "olm"); + }) + .then((res) => { + if (res && res.status === 200) { + const data = res.data.data; + + setClientDefaults(data); + + const olmId = data.olmId; + const olmSecret = data.olmSecret; + const olmCommand = `olm --id ${olmId} --secret ${olmSecret} --endpoint ${env.app.dashboardUrl}`; + + setOlmId(olmId); + setOlmSecret(olmSecret); + setOlmCommand(olmCommand); + + hydrateCommands( + olmId, + olmSecret, + env.app.dashboardUrl, + olmVersion + ); + + if (data.subnet) { + form.setValue("subnet", data.subnet); + } + + setTunnelTypes((prev: any) => { + return prev.map((item: any) => { + return { ...item, disabled: false }; + }); + }); + } + }); + + setLoadingPage(false); + }; + + load(); + }, []); + + return ( + <> +
+ + +
+ + {!loadingPage && ( +
+ + + + + {t("clientInformation")} + + + + +
+ + ( + + + {t("name")} + + + + + + + )} + /> + + ( + + + {t("address")} + + + + + + + {t("addressDescription")} + + + )} + /> + + ( + + + {t("sites")} + + { + form.setValue( + "siteIds", + olmags as [ + Tag, + ...Tag[] + ] + ); + }} + enableAutocomplete={ + true + } + autocompleteOptions={ + sites + } + allowDuplicates={ + false + } + restrictTagsToAutocompleteOptions={ + true + } + sortTags={true} + /> + + {t("sitesDescription")} + + + + )} + /> + + +
+ + + + {form.watch("method") === "olm" && ( + <> + + + + {t("clientOlmCredentials")} + + + {t("clientOlmCredentialsDescription")} + + + + + + + {t("olmEndpoint")} + + + + + + + + {t("olmId")} + + + + + + + + {t("olmSecretKey")} + + + + + + + + + + + {t("clientCredentialsSave")} + + + {t( + "clientCredentialsSaveDescription" + )} + + + + + + + + {t("clientInstallOlm")} + + + {t("clientInstallOlmDescription")} + + + +
+

+ {t("operatingSystem")} +

+
+ {platforms.map((os) => ( + + ))} +
+
+ +
+

+ {["docker", "podman"].includes( + platform + ) + ? t("method") + : t("architecture")} +

+
+ {getArchitectures().map( + (arch) => ( + + ) + )} +
+
+

+ {t("commands")} +

+
+ +
+
+
+ + + + )} + + +
+ + +
+
+ )} + + ); +} diff --git a/src/app/[orgId]/settings/clients/layout.tsx b/src/app/[orgId]/settings/clients/layout.tsx new file mode 100644 index 00000000..59a46414 --- /dev/null +++ b/src/app/[orgId]/settings/clients/layout.tsx @@ -0,0 +1,21 @@ +import { redirect } from "next/navigation"; +import { pullEnv } from "@app/lib/pullEnv"; + +export const dynamic = "force-dynamic"; + +interface SettingsLayoutProps { + children: React.ReactNode; + params: Promise<{ orgId: string }>; +} + +export default async function SettingsLayout(props: SettingsLayoutProps) { + const params = await props.params; + const { children } = props; + const env = pullEnv(); + + if (!env.flags.enableClients) { + redirect(`/${params.orgId}/settings`); + } + + return children; +} diff --git a/src/app/[orgId]/settings/clients/page.tsx b/src/app/[orgId]/settings/clients/page.tsx new file mode 100644 index 00000000..83cc11e3 --- /dev/null +++ b/src/app/[orgId]/settings/clients/page.tsx @@ -0,0 +1,58 @@ +import { internal } from "@app/lib/api"; +import { authCookieHeader } from "@app/lib/api/cookies"; +import { AxiosResponse } from "axios"; +import { ClientRow } from "./ClientsTable"; +import SettingsSectionTitle from "@app/components/SettingsSectionTitle"; +import { ListClientsResponse } from "@server/routers/client"; +import ClientsTable from "./ClientsTable"; + +type ClientsPageProps = { + params: Promise<{ orgId: string }>; +}; + +export const dynamic = "force-dynamic"; + +export default async function ClientsPage(props: ClientsPageProps) { + const params = await props.params; + let clients: ListClientsResponse["clients"] = []; + try { + const res = await internal.get>( + `/org/${params.orgId}/clients`, + await authCookieHeader() + ); + clients = res.data.data.clients; + } catch (e) {} + + function formatSize(mb: number): string { + if (mb >= 1024 * 1024) { + return `${(mb / (1024 * 1024)).toFixed(2)} TB`; + } else if (mb >= 1024) { + return `${(mb / 1024).toFixed(2)} GB`; + } else { + return `${mb.toFixed(2)} MB`; + } + } + + const clientRows: ClientRow[] = clients.map((client) => { + return { + name: client.name, + id: client.clientId, + subnet: client.subnet.split("/")[0], + mbIn: formatSize(client.megabytesIn || 0), + mbOut: formatSize(client.megabytesOut || 0), + orgId: params.orgId, + online: client.online + }; + }); + + return ( + <> + + + + + ); +} diff --git a/src/app/[orgId]/settings/domains/CreateDomainForm.tsx b/src/app/[orgId]/settings/domains/CreateDomainForm.tsx new file mode 100644 index 00000000..e609a8ac --- /dev/null +++ b/src/app/[orgId]/settings/domains/CreateDomainForm.tsx @@ -0,0 +1,607 @@ +"use client"; + +import { Button } from "@app/components/ui/button"; +import { + Form, + FormControl, + FormField, + FormItem, + FormLabel, + FormMessage, + FormDescription +} from "@app/components/ui/form"; +import { Input } from "@app/components/ui/input"; +import { useToast } from "@app/hooks/useToast"; +import { zodResolver } from "@hookform/resolvers/zod"; +import { useState, useMemo } from "react"; +import { useForm } from "react-hook-form"; +import { z } from "zod"; +import { + Credenza, + CredenzaBody, + CredenzaClose, + CredenzaContent, + CredenzaDescription, + CredenzaFooter, + CredenzaHeader, + CredenzaTitle +} from "@app/components/Credenza"; +import { createApiClient } from "@app/lib/api"; +import { useEnvContext } from "@app/hooks/useEnvContext"; +import { useTranslations } from "next-intl"; +import { formatAxiosError } from "@app/lib/api"; +import { CreateDomainResponse } from "@server/routers/domain/createOrgDomain"; +import { StrategySelect } from "@app/components/StrategySelect"; +import { AxiosResponse } from "axios"; +import { Alert, AlertDescription, AlertTitle } from "@app/components/ui/alert"; +import { InfoIcon, AlertTriangle, Globe } from "lucide-react"; +import CopyToClipboard from "@app/components/CopyToClipboard"; +import { + InfoSection, + InfoSectionContent, + InfoSections, + InfoSectionTitle +} from "@app/components/InfoSection"; +import { useOrgContext } from "@app/hooks/useOrgContext"; +import { build } from "@server/build"; +import { toASCII, toUnicode } from 'punycode'; + + +// Helper functions for Unicode domain handling +function toPunycode(domain: string): string { + try { + const parts = toASCII(domain); + return parts; + } catch (error) { + return domain.toLowerCase(); + } +} + +function fromPunycode(domain: string): string { + try { + const parts = toUnicode(domain); + return parts; + } catch (error) { + return domain; + } +} + +function isValidDomainFormat(domain: string): boolean { + const unicodeRegex = /^(?!:\/\/)([^\s.]+\.)*[^\s.]+$/; + + if (!unicodeRegex.test(domain)) { + return false; + } + + const parts = domain.split('.'); + for (const part of parts) { + if (part.length === 0 || part.startsWith('-') || part.endsWith('-')) { + return false; + } + if (part.length > 63) { + return false; + } + } + + if (domain.length > 253) { + return false; + } + + return true; +} + +const formSchema = z.object({ + baseDomain: z + .string() + .min(1, "Domain is required") + .refine((val) => isValidDomainFormat(val), "Invalid domain format") + .transform((val) => toPunycode(val)), + type: z.enum(["ns", "cname", "wildcard"]) +}); + +type FormValues = z.infer; + +type CreateDomainFormProps = { + open: boolean; + setOpen: (open: boolean) => void; + onCreated?: (domain: CreateDomainResponse) => void; +}; + +export default function CreateDomainForm({ + open, + setOpen, + onCreated +}: CreateDomainFormProps) { + const [loading, setLoading] = useState(false); + const [createdDomain, setCreatedDomain] = + useState(null); + const api = createApiClient(useEnvContext()); + const t = useTranslations(); + const { toast } = useToast(); + const { org } = useOrgContext(); + + const form = useForm({ + resolver: zodResolver(formSchema), + defaultValues: { + baseDomain: "", + type: build == "oss" ? "wildcard" : "ns" + } + }); + + function reset() { + form.reset(); + setLoading(false); + setCreatedDomain(null); + } + + async function onSubmit(values: FormValues) { + setLoading(true); + try { + const response = await api.put>( + `/org/${org.org.orgId}/domain`, + values + ); + const domainData = response.data.data; + setCreatedDomain(domainData); + toast({ + title: t("success"), + description: t("domainCreatedDescription") + }); + onCreated?.(domainData); + } catch (e) { + toast({ + title: t("error"), + description: formatAxiosError(e), + variant: "destructive" + }); + } finally { + setLoading(false); + } + } + + const baseDomain = form.watch("baseDomain"); + const domainInputValue = form.watch("baseDomain") || ""; + + const punycodePreview = useMemo(() => { + if (!domainInputValue) return ""; + const punycode = toPunycode(domainInputValue); + return punycode !== domainInputValue.toLowerCase() ? punycode : ""; + }, [domainInputValue]); + + let domainOptions: any = []; + if (build == "enterprise" || build == "saas") { + domainOptions = [ + { + id: "ns", + title: t("selectDomainTypeNsName"), + description: t("selectDomainTypeNsDescription") + }, + { + id: "cname", + title: t("selectDomainTypeCnameName"), + description: t("selectDomainTypeCnameDescription") + } + ]; + } else if (build == "oss") { + domainOptions = [ + { + id: "wildcard", + title: t("selectDomainTypeWildcardName"), + description: t("selectDomainTypeWildcardDescription") + } + ]; + } + + return ( + { + setOpen(val); + reset(); + }} + > + + + {t("domainAdd")} + + {t("domainAddDescription")} + + + + {!createdDomain ? ( +
+ + ( + + + + + )} + /> + ( + + {t("domain")} + + + + {punycodePreview && ( + + + + {t("internationaldomaindetected")} + +
+

{t("willbestoredas")} {punycodePreview}

+
+ + + + )} + + + )} + /> + + + ) : ( +
+ + + + {t("createDomainAddDnsRecords")} + + + {t("createDomainAddDnsRecordsDescription")} + + + +
+ {createdDomain.nsRecords && + createdDomain.nsRecords.length > 0 && ( +
+

+ {t("createDomainNsRecords")} +

+ + + + {t("createDomainRecord")} + + +
+
+ + {t( + "createDomainType" + )} + + + NS + +
+
+ + {t( + "createDomainName" + )} + +
+ + {fromPunycode(baseDomain)} + + {fromPunycode(baseDomain) !== baseDomain && ( + + ({baseDomain}) + + )} +
+
+ + {t( + "createDomainValue" + )} + + {createdDomain.nsRecords.map( + ( + nsRecord, + index + ) => ( +
+ +
+ ) + )} +
+ + + +
+ )} + + {createdDomain.cnameRecords && + createdDomain.cnameRecords.length > 0 && ( +
+

+ {t("createDomainCnameRecords")} +

+ + {createdDomain.cnameRecords.map( + (cnameRecord, index) => ( + + + {t( + "createDomainRecordNumber", + { + number: + index + + 1 + } + )} + + +
+
+ + {t( + "createDomainType" + )} + + + CNAME + +
+
+ + {t( + "createDomainName" + )} + +
+ + {fromPunycode(cnameRecord.baseDomain)} + + {fromPunycode(cnameRecord.baseDomain) !== cnameRecord.baseDomain && ( + + ({cnameRecord.baseDomain}) + + )} +
+
+
+ + {t( + "createDomainValue" + )} + + +
+
+ + + ) + )} + +
+ )} + + {createdDomain.aRecords && + createdDomain.aRecords.length > 0 && ( +
+

+ {t("createDomainARecords")} +

+ + {createdDomain.aRecords.map( + (aRecord, index) => ( + + + {t( + "createDomainRecordNumber", + { + number: + index + + 1 + } + )} + + +
+
+ + {t( + "createDomainType" + )} + + + A + +
+
+ + {t( + "createDomainName" + )} + +
+ + {fromPunycode(aRecord.baseDomain)} + + {fromPunycode(aRecord.baseDomain) !== aRecord.baseDomain && ( + + ({aRecord.baseDomain}) + + )} +
+
+
+ + {t( + "createDomainValue" + )} + + + { + aRecord.value + } + +
+
+ + + ) + )} + +
+ )} + {createdDomain.txtRecords && + createdDomain.txtRecords.length > 0 && ( +
+

+ {t("createDomainTxtRecords")} +

+ + {createdDomain.txtRecords.map( + (txtRecord, index) => ( + + + {t( + "createDomainRecordNumber", + { + number: + index + + 1 + } + )} + + +
+
+ + {t( + "createDomainType" + )} + + + TXT + +
+
+ + {t( + "createDomainName" + )} + +
+ + {fromPunycode(txtRecord.baseDomain)} + + {fromPunycode(txtRecord.baseDomain) !== txtRecord.baseDomain && ( + + ({txtRecord.baseDomain}) + + )} +
+
+
+ + {t( + "createDomainValue" + )} + + +
+
+ + + ) + )} + +
+ )} +
+ + {build == "saas" || + (build == "enterprise" && ( + + + + {t("createDomainSaveTheseRecords")} + + + {t( + "createDomainSaveTheseRecordsDescription" + )} + + + ))} + + + + + {t("createDomainDnsPropagation")} + + + {t("createDomainDnsPropagationDescription")} + + +
+ )} +
+ + + + + {!createdDomain && ( + + )} + + + + ); +} \ No newline at end of file diff --git a/src/app/[orgId]/settings/domains/DomainsDataTable.tsx b/src/app/[orgId]/settings/domains/DomainsDataTable.tsx new file mode 100644 index 00000000..4059b7d3 --- /dev/null +++ b/src/app/[orgId]/settings/domains/DomainsDataTable.tsx @@ -0,0 +1,38 @@ +"use client"; + +import { ColumnDef } from "@tanstack/react-table"; +import { DataTable } from "@app/components/ui/data-table"; +import { useTranslations } from "next-intl"; + +interface DataTableProps { + columns: ColumnDef[]; + data: TData[]; + onAdd?: () => void; + onRefresh?: () => void; + isRefreshing?: boolean; +} + +export function DomainsDataTable({ + columns, + data, + onAdd, + onRefresh, + isRefreshing +}: DataTableProps) { + const t = useTranslations(); + + return ( + + ); +} diff --git a/src/app/[orgId]/settings/domains/DomainsTable.tsx b/src/app/[orgId]/settings/domains/DomainsTable.tsx new file mode 100644 index 00000000..84bc8bc6 --- /dev/null +++ b/src/app/[orgId]/settings/domains/DomainsTable.tsx @@ -0,0 +1,278 @@ +"use client"; + +import { ColumnDef } from "@tanstack/react-table"; +import { DomainsDataTable } from "./DomainsDataTable"; +import { Button } from "@app/components/ui/button"; +import { ArrowUpDown } from "lucide-react"; +import { useState } from "react"; +import ConfirmDeleteDialog from "@app/components/ConfirmDeleteDialog"; +import { formatAxiosError } from "@app/lib/api"; +import { createApiClient } from "@app/lib/api"; +import { useEnvContext } from "@app/hooks/useEnvContext"; +import { Badge } from "@app/components/ui/badge"; +import { useRouter } from "next/navigation"; +import { useTranslations } from "next-intl"; +import CreateDomainForm from "./CreateDomainForm"; +import { useToast } from "@app/hooks/useToast"; +import { useOrgContext } from "@app/hooks/useOrgContext"; + +export type DomainRow = { + domainId: string; + baseDomain: string; + type: string; + verified: boolean; + failed: boolean; + tries: number; + configManaged: boolean; +}; + +type Props = { + domains: DomainRow[]; +}; + +export default function DomainsTable({ domains }: Props) { + const [isDeleteModalOpen, setIsDeleteModalOpen] = useState(false); + const [isCreateModalOpen, setIsCreateModalOpen] = useState(false); + const [selectedDomain, setSelectedDomain] = useState( + null + ); + const [isRefreshing, setIsRefreshing] = useState(false); + const [restartingDomains, setRestartingDomains] = useState>( + new Set() + ); + const api = createApiClient(useEnvContext()); + const router = useRouter(); + const t = useTranslations(); + const { toast } = useToast(); + const { org } = useOrgContext(); + + const refreshData = async () => { + setIsRefreshing(true); + try { + await new Promise((resolve) => setTimeout(resolve, 200)); + router.refresh(); + } catch (error) { + toast({ + title: t("error"), + description: t("refreshError"), + variant: "destructive" + }); + } finally { + setIsRefreshing(false); + } + }; + + const deleteDomain = async (domainId: string) => { + try { + await api.delete(`/org/${org.org.orgId}/domain/${domainId}`); + toast({ + title: t("success"), + description: t("domainDeletedDescription") + }); + setIsDeleteModalOpen(false); + refreshData(); + } catch (e) { + toast({ + title: t("error"), + description: formatAxiosError(e), + variant: "destructive" + }); + } + }; + + const restartDomain = async (domainId: string) => { + setRestartingDomains((prev) => new Set(prev).add(domainId)); + try { + await api.post(`/org/${org.org.orgId}/domain/${domainId}/restart`); + toast({ + title: t("success"), + description: t("domainRestartedDescription", { + fallback: "Domain verification restarted successfully" + }) + }); + refreshData(); + } catch (e) { + toast({ + title: t("error"), + description: formatAxiosError(e), + variant: "destructive" + }); + } finally { + setRestartingDomains((prev) => { + const newSet = new Set(prev); + newSet.delete(domainId); + return newSet; + }); + } + }; + + const getTypeDisplay = (type: string) => { + switch (type) { + case "ns": + return t("selectDomainTypeNsName"); + case "cname": + return t("selectDomainTypeCnameName"); + case "wildcard": + return t("selectDomainTypeWildcardName"); + default: + return type; + } + }; + + const columns: ColumnDef[] = [ + { + accessorKey: "baseDomain", + header: ({ column }) => { + return ( + + ); + } + }, + { + accessorKey: "type", + header: ({ column }) => { + return ( + + ); + }, + cell: ({ row }) => { + const type = row.original.type; + return ( + {getTypeDisplay(type)} + ); + } + }, + { + accessorKey: "verified", + header: ({ column }) => { + return ( + + ); + }, + cell: ({ row }) => { + const { verified, failed } = row.original; + if (verified) { + return {t("verified")}; + } else if (failed) { + return ( + + {t("failed", { fallback: "Failed" })} + + ); + } else { + return {t("pending")}; + } + } + }, + { + id: "actions", + cell: ({ row }) => { + const domain = row.original; + const isRestarting = restartingDomains.has(domain.domainId); + + return ( +
+ {domain.failed && ( + + )} + +
+ ); + } + } + ]; + + return ( + <> + {selectedDomain && ( + { + setIsDeleteModalOpen(val); + setSelectedDomain(null); + }} + dialog={ +
+

+ {t("domainQuestionRemove", { + domain: selectedDomain.baseDomain + })} +

+

+ {t("domainMessageRemove")} +

+

{t("domainMessageConfirm")}

+
+ } + buttonText={t("domainConfirmDelete")} + onConfirm={async () => + deleteDomain(selectedDomain.domainId) + } + string={selectedDomain.baseDomain} + title={t("domainDelete")} + /> + )} + + { + refreshData(); + }} + /> + + setIsCreateModalOpen(true)} + onRefresh={refreshData} + isRefreshing={isRefreshing} + /> + + ); +} diff --git a/src/app/[orgId]/settings/domains/page.tsx b/src/app/[orgId]/settings/domains/page.tsx new file mode 100644 index 00000000..c85fe10d --- /dev/null +++ b/src/app/[orgId]/settings/domains/page.tsx @@ -0,0 +1,67 @@ +import { internal } from "@app/lib/api"; +import { authCookieHeader } from "@app/lib/api/cookies"; +import { AxiosResponse } from "axios"; +import SettingsSectionTitle from "@app/components/SettingsSectionTitle"; +import DomainsTable, { DomainRow } from "./DomainsTable"; +import { getTranslations } from "next-intl/server"; +import { cache } from "react"; +import { GetOrgResponse } from "@server/routers/org"; +import { redirect } from "next/navigation"; +import OrgProvider from "@app/providers/OrgProvider"; +import { ListDomainsResponse } from "@server/routers/domain"; +import { toUnicode } from 'punycode'; + +type Props = { + params: Promise<{ orgId: string }>; +}; + +export default async function DomainsPage(props: Props) { + const params = await props.params; + + let domains: DomainRow[] = []; + try { + const res = await internal.get< + AxiosResponse + >(`/org/${params.orgId}/domains`, await authCookieHeader()); + + const rawDomains = res.data.data.domains as DomainRow[]; + + domains = rawDomains.map((domain) => ({ + ...domain, + baseDomain: toUnicode(domain.baseDomain), + })); + } catch (e) { + console.error(e); + } + + let org = null; + try { + const getOrg = cache(async () => + internal.get>( + `/org/${params.orgId}`, + await authCookieHeader() + ) + ); + const res = await getOrg(); + org = res.data.data; + } catch { + redirect(`/${params.orgId}`); + } + + if (!org) { + } + + const t = await getTranslations(); + + return ( + <> + + + + + + ); +} diff --git a/src/app/[orgId]/settings/general/layout.tsx b/src/app/[orgId]/settings/general/layout.tsx index a2d9cc0a..3fae9ce4 100644 --- a/src/app/[orgId]/settings/general/layout.tsx +++ b/src/app/[orgId]/settings/general/layout.tsx @@ -10,6 +10,7 @@ import { GetOrgUserResponse } from "@server/routers/user"; import { AxiosResponse } from "axios"; import { redirect } from "next/navigation"; import { cache } from "react"; +import { getTranslations } from 'next-intl/server'; type GeneralSettingsProps = { children: React.ReactNode; @@ -57,9 +58,11 @@ export default async function GeneralSettingsPage({ redirect(`/${orgId}`); } + const t = await getTranslations(); + const navItems = [ { - title: "General", + title: t('general'), href: `/{orgId}/settings/general`, }, ]; @@ -69,8 +72,8 @@ export default async function GeneralSettingsPage({ diff --git a/src/app/[orgId]/settings/general/page.tsx b/src/app/[orgId]/settings/general/page.tsx index 9819be59..0eba0a3d 100644 --- a/src/app/[orgId]/settings/general/page.tsx +++ b/src/app/[orgId]/settings/general/page.tsx @@ -1,5 +1,4 @@ "use client"; - import ConfirmDeleteDialog from "@app/components/ConfirmDeleteDialog"; import { Button } from "@app/components/ui/button"; import { useOrgContext } from "@app/hooks/useOrgContext"; @@ -22,17 +21,9 @@ import { zodResolver } from "@hookform/resolvers/zod"; import { createApiClient } from "@app/lib/api"; import { useEnvContext } from "@app/hooks/useEnvContext"; import { formatAxiosError } from "@app/lib/api"; -import { AlertTriangle, Trash2 } from "lucide-react"; -import { - Card, - CardContent, - CardFooter, - CardHeader, - CardTitle -} from "@/components/ui/card"; import { AxiosResponse } from "axios"; import { DeleteOrgResponse, ListUserOrgsResponse } from "@server/routers/org"; -import { redirect, useRouter } from "next/navigation"; +import { useRouter } from "next/navigation"; import { SettingsContainer, SettingsSection, @@ -44,21 +35,26 @@ import { SettingsSectionFooter } from "@app/components/Settings"; import { useUserContext } from "@app/hooks/useUserContext"; +import { useTranslations } from "next-intl"; +import { build } from "@server/build"; +// Updated schema to include subnet field const GeneralFormSchema = z.object({ - name: z.string() + name: z.string(), + subnet: z.string().optional() }); type GeneralFormValues = z.infer; export default function GeneralPage() { const [isDeleteModalOpen, setIsDeleteModalOpen] = useState(false); - const { orgUser } = userOrgUserContext(); const router = useRouter(); const { org } = useOrgContext(); const api = createApiClient(useEnvContext()); const { user } = useUserContext(); + const t = useTranslations(); + const { env } = useEnvContext(); const [loadingDelete, setLoadingDelete] = useState(false); const [loadingSave, setLoadingSave] = useState(false); @@ -66,7 +62,8 @@ export default function GeneralPage() { const form = useForm({ resolver: zodResolver(GeneralFormSchema), defaultValues: { - name: org?.org.name + name: org?.org.name, + subnet: org?.org.subnet || "" // Add default value for subnet }, mode: "onChange" }); @@ -77,12 +74,10 @@ export default function GeneralPage() { const res = await api.delete>( `/org/${org?.org.orgId}` ); - toast({ - title: "Organization deleted", - description: "The organization and its data has been deleted." + title: t("orgDeleted"), + description: t("orgDeletedMessage") }); - if (res.status === 200) { pickNewOrgAndNavigate(); } @@ -90,11 +85,8 @@ export default function GeneralPage() { console.error(err); toast({ variant: "destructive", - title: "Failed to delete org", - description: formatAxiosError( - err, - "An error occurred while deleting the org." - ) + title: t("orgErrorDelete"), + description: formatAxiosError(err, t("orgErrorDeleteMessage")) }); } finally { setLoadingDelete(false); @@ -121,11 +113,8 @@ export default function GeneralPage() { console.error(err); toast({ variant: "destructive", - title: "Failed to fetch orgs", - description: formatAxiosError( - err, - "An error occurred while listing your orgs" - ) + title: t("orgErrorFetch"), + description: formatAxiosError(err, t("orgErrorFetchMessage")) }); } } @@ -134,24 +123,21 @@ export default function GeneralPage() { setLoadingSave(true); await api .post(`/org/${org?.org.orgId}`, { - name: data.name + name: data.name, + // subnet: data.subnet // Include subnet in the API request }) .then(() => { toast({ - title: "Organization updated", - description: "The organization has been updated." + title: t("orgUpdated"), + description: t("orgUpdatedDescription") }); - router.refresh(); }) .catch((e) => { toast({ variant: "destructive", - title: "Failed to update org", - description: formatAxiosError( - e, - "An error occurred while updating the org." - ) + title: t("orgErrorUpdate"), + description: formatAxiosError(e, t("orgErrorUpdateMessage")) }); }) .finally(() => { @@ -169,34 +155,28 @@ export default function GeneralPage() { dialog={

- Are you sure you want to delete the organization{" "} - {org?.org.name}? -

-

- This action is irreversible and will delete all - associated data. -

-

- To confirm, type the name of the organization below. + {t("orgQuestionRemove", { + selectedOrg: org?.org.name + })}

+

{t("orgMessageRemove")}

+

{t("orgMessageConfirm")}

} - buttonText="Confirm Delete Organization" + buttonText={t("orgDeleteConfirm")} onConfirm={deleteOrg} string={org?.org.name || ""} - title="Delete Organization" + title={t("orgDelete")} /> - - Organization Settings + {t("orgGeneralSettings")} - Manage your organization details and configuration + {t("orgGeneralSettingsDescription")} -
@@ -210,23 +190,44 @@ export default function GeneralPage() { name="name" render={({ field }) => ( - Name + {t("name")} - This is the display name of the - organization. + {t("orgDisplayName")} )} /> + {env.flags.enableClients && ( + ( + + Subnet + + + + + + The subnet for this + organization's network + configuration. + + + )} + /> + )}
- - - - - - - Danger Zone - - Once you delete this org, there is no going back. Please - be certain. - - - - - + {build === "oss" && ( + + + + {t("orgDangerZone")} + + + {t("orgDangerZoneDescription")} + + + + + + + )} ); } diff --git a/src/app/[orgId]/settings/layout.tsx b/src/app/[orgId]/settings/layout.tsx index ac5e552b..7db530dd 100644 --- a/src/app/[orgId]/settings/layout.tsx +++ b/src/app/[orgId]/settings/layout.tsx @@ -1,16 +1,18 @@ import { Metadata } from "next"; import { - Cog, Combine, + KeyRound, LinkIcon, Settings, Users, - Waypoints + Waypoints, + Workflow } from "lucide-react"; import { verifySession } from "@app/lib/auth/verifySession"; import { redirect } from "next/navigation"; import { internal } from "@app/lib/api"; import { AxiosResponse } from "axios"; +import { ListOrgsResponse } from "@server/routers/org"; import { GetOrgResponse, ListUserOrgsResponse } from "@server/routers/org"; import { authCookieHeader } from "@app/lib/api/cookies"; import { cache } from "react"; @@ -18,7 +20,9 @@ import { GetOrgUserResponse } from "@server/routers/user"; import UserProvider from "@app/providers/UserProvider"; import { Layout } from "@app/components/Layout"; import { SidebarNavItem, SidebarNavProps } from "@app/components/SidebarNav"; -import { orgNavItems } from "@app/app/navigation"; +import { getTranslations } from "next-intl/server"; +import { pullEnv } from "@app/lib/pullEnv"; +import { orgNavSections } from "@app/app/navigation"; export const dynamic = "force-dynamic"; @@ -40,12 +44,16 @@ export default async function SettingsLayout(props: SettingsLayoutProps) { const getUser = cache(verifySession); const user = await getUser(); + const env = pullEnv(); + if (!user) { redirect(`/`); } const cookie = await authCookieHeader(); + const t = await getTranslations(); + try { const getOrgUser = cache(() => internal.get>( @@ -56,7 +64,7 @@ export default async function SettingsLayout(props: SettingsLayoutProps) { const orgUser = await getOrgUser(); if (!orgUser.data.data.isAdmin && !orgUser.data.data.isOwner) { - throw new Error("User is not an admin or owner"); + throw new Error(t("userErrorNotAdminOrOwner")); } } catch { redirect(`/${params.orgId}`); @@ -78,7 +86,7 @@ export default async function SettingsLayout(props: SettingsLayoutProps) { return ( - + {children} diff --git a/src/app/[orgId]/settings/resources/ResourcesSplashCard.tsx b/src/app/[orgId]/settings/resources/ResourcesSplashCard.tsx deleted file mode 100644 index d16a0a57..00000000 --- a/src/app/[orgId]/settings/resources/ResourcesSplashCard.tsx +++ /dev/null @@ -1,68 +0,0 @@ -"use client"; - -import React, { useState, useEffect } from "react"; -import { Server, Lock, Key, Users, X, ArrowRight } from "lucide-react"; // Replace with actual imports -import { Card, CardContent } from "@app/components/ui/card"; -import { Button } from "@app/components/ui/button"; - -export const ResourcesSplashCard = () => { - const [isDismissed, setIsDismissed] = useState(false); - - const key = "resources-splash-dismissed"; - - useEffect(() => { - const dismissed = localStorage.getItem(key); - if (dismissed === "true") { - setIsDismissed(true); - } - }, []); - - const handleDismiss = () => { - setIsDismissed(true); - localStorage.setItem(key, "true"); - }; - - if (isDismissed) { - return null; - } - - return ( - - - -
-

- - Resources -

-

- Resources are proxies to applications running on your private network. Create a resource for any HTTP/HTTPS or raw TCP/UDP service on your private network. - Each resource must be connected to a site to enable private, secure connectivity through an encrypted WireGuard tunnel. -

-
    -
  • - - Secure connectivity with WireGuard encryption -
    • -
  • - - Configure multiple authentication methods -
    • -
  • - - User and role-based access control -
    • -
-
- - - ); -}; - -export default ResourcesSplashCard; diff --git a/src/app/[orgId]/settings/resources/ResourcesTable.tsx b/src/app/[orgId]/settings/resources/ResourcesTable.tsx index bfb4f08b..622d42da 100644 --- a/src/app/[orgId]/settings/resources/ResourcesTable.tsx +++ b/src/app/[orgId]/settings/resources/ResourcesTable.tsx @@ -1,7 +1,16 @@ "use client"; -import { ColumnDef } from "@tanstack/react-table"; -import { ResourcesDataTable } from "./ResourcesDataTable"; +import { + ColumnDef, + flexRender, + getCoreRowModel, + useReactTable, + getPaginationRowModel, + SortingState, + getSortedRowModel, + ColumnFiltersState, + getFilteredRowModel +} from "@tanstack/react-table"; import { DropdownMenu, DropdownMenuContent, @@ -10,18 +19,16 @@ import { } from "@app/components/ui/dropdown-menu"; import { Button } from "@app/components/ui/button"; import { - Copy, ArrowRight, ArrowUpDown, MoreHorizontal, - Check, ArrowUpRight, ShieldOff, ShieldCheck } from "lucide-react"; import Link from "next/link"; import { useRouter } from "next/navigation"; -import { useState } from "react"; +import { useState, useEffect } from "react"; import ConfirmDeleteDialog from "@app/components/ConfirmDeleteDialog"; import { formatAxiosError } from "@app/lib/api"; import { toast } from "@app/hooks/useToast"; @@ -31,43 +38,239 @@ import CopyToClipboard from "@app/components/CopyToClipboard"; import { Switch } from "@app/components/ui/switch"; import { AxiosResponse } from "axios"; import { UpdateResourceResponse } from "@server/routers/resource"; +import { ListSitesResponse } from "@server/routers/site"; +import { useTranslations } from "next-intl"; +import { InfoPopup } from "@app/components/ui/info-popup"; +import { Input } from "@app/components/ui/input"; +import { DataTablePagination } from "@app/components/DataTablePagination"; +import { Plus, Search } from "lucide-react"; +import { Card, CardContent, CardHeader } from "@app/components/ui/card"; +import { + Table, + TableBody, + TableCell, + TableHead, + TableHeader, + TableRow +} from "@app/components/ui/table"; +import { + Tabs, + TabsContent, + TabsList, + TabsTrigger +} from "@app/components/ui/tabs"; +import { useSearchParams } from "next/navigation"; +import EditInternalResourceDialog from "@app/components/EditInternalResourceDialog"; +import CreateInternalResourceDialog from "@app/components/CreateInternalResourceDialog"; +import { Alert, AlertDescription } from "@app/components/ui/alert"; export type ResourceRow = { id: number; name: string; orgId: string; domain: string; - site: string; - siteId: string; authState: string; http: boolean; protocol: string; proxyPort: number | null; enabled: boolean; + domainId?: string; }; +export type InternalResourceRow = { + id: number; + name: string; + orgId: string; + siteName: string; + protocol: string; + proxyPort: number | null; + siteId: number; + siteNiceId: string; + destinationIp: string; + destinationPort: number; +}; + +type Site = ListSitesResponse["sites"][0]; + type ResourcesTableProps = { resources: ResourceRow[]; + internalResources: InternalResourceRow[]; orgId: string; + defaultView?: "proxy" | "internal"; }; -export default function SitesTable({ resources, orgId }: ResourcesTableProps) { - const router = useRouter(); - const api = createApiClient(useEnvContext()); +const STORAGE_KEYS = { + PAGE_SIZE: 'datatable-page-size', + getTablePageSize: (tableId?: string) => + tableId ? `datatable-${tableId}-page-size` : STORAGE_KEYS.PAGE_SIZE +}; + +const getStoredPageSize = (tableId?: string, defaultSize = 20): number => { + if (typeof window === 'undefined') return defaultSize; + + try { + const key = STORAGE_KEYS.getTablePageSize(tableId); + const stored = localStorage.getItem(key); + if (stored) { + const parsed = parseInt(stored, 10); + if (parsed > 0 && parsed <= 1000) { + return parsed; + } + } + } catch (error) { + console.warn('Failed to read page size from localStorage:', error); + } + return defaultSize; +}; + +const setStoredPageSize = (pageSize: number, tableId?: string): void => { + if (typeof window === 'undefined') return; + + try { + const key = STORAGE_KEYS.getTablePageSize(tableId); + localStorage.setItem(key, pageSize.toString()); + } catch (error) { + console.warn('Failed to save page size to localStorage:', error); + } +}; + + +export default function ResourcesTable({ + resources, + internalResources, + orgId, + defaultView = "proxy" +}: ResourcesTableProps) { + const router = useRouter(); + const searchParams = useSearchParams(); + const t = useTranslations(); + + const { env } = useEnvContext(); + + const api = createApiClient({ env }); + + const [proxyPageSize, setProxyPageSize] = useState(() => + getStoredPageSize('proxy-resources', 20) + ); + const [internalPageSize, setInternalPageSize] = useState(() => + getStoredPageSize('internal-resources', 20) + ); const [isDeleteModalOpen, setIsDeleteModalOpen] = useState(false); const [selectedResource, setSelectedResource] = useState(); + const [selectedInternalResource, setSelectedInternalResource] = + useState(); + const [isEditDialogOpen, setIsEditDialogOpen] = useState(false); + const [editingResource, setEditingResource] = + useState(); + const [isCreateDialogOpen, setIsCreateDialogOpen] = useState(false); + const [sites, setSites] = useState([]); + + const [proxySorting, setProxySorting] = useState([]); + const [proxyColumnFilters, setProxyColumnFilters] = + useState([]); + const [proxyGlobalFilter, setProxyGlobalFilter] = useState([]); + + const [internalSorting, setInternalSorting] = useState([]); + const [internalColumnFilters, setInternalColumnFilters] = + useState([]); + const [internalGlobalFilter, setInternalGlobalFilter] = useState([]); + + const currentView = searchParams.get("view") || defaultView; + + useEffect(() => { + const fetchSites = async () => { + try { + const res = await api.get>( + `/org/${orgId}/sites` + ); + setSites(res.data.data.sites); + } catch (error) { + console.error("Failed to fetch sites:", error); + } + }; + + if (orgId) { + fetchSites(); + } + }, [orgId]); + + const handleTabChange = (value: string) => { + const params = new URLSearchParams(searchParams); + if (value === "internal") { + params.set("view", "internal"); + } else { + params.delete("view"); + } + + const newUrl = `${window.location.pathname}${params.toString() ? "?" + params.toString() : ""}`; + router.replace(newUrl, { scroll: false }); + }; + + const getSearchInput = () => { + if (currentView === "internal") { + return ( +
+ + internalTable.setGlobalFilter( + String(e.target.value) + ) + } + className="w-full pl-8" + /> + +
+ ); + } + return ( +
+ + proxyTable.setGlobalFilter(String(e.target.value)) + } + className="w-full pl-8" + /> + +
+ ); + }; + + const getActionButton = () => { + if (currentView === "internal") { + return ( + + ); + } + return ( + + ); + }; const deleteResource = (resourceId: number) => { api.delete(`/resource/${resourceId}`) .catch((e) => { - console.error("Error deleting resource", e); + console.error(t("resourceErrorDelte"), e); toast({ variant: "destructive", - title: "Error deleting resource", - description: formatAxiosError(e, "Error deleting resource") + title: t("resourceErrorDelte"), + description: formatAxiosError(e, t("resourceErrorDelte")) }); }) .then(() => { @@ -76,6 +279,26 @@ export default function SitesTable({ resources, orgId }: ResourcesTableProps) { }); }; + const deleteInternalResource = async ( + resourceId: number, + siteId: number + ) => { + try { + await api.delete( + `/org/${orgId}/site/${siteId}/resource/${resourceId}` + ); + router.refresh(); + setIsDeleteModalOpen(false); + } catch (e) { + console.error(t("resourceErrorDelete"), e); + toast({ + variant: "destructive", + title: t("resourceErrorDelte"), + description: formatAxiosError(e, t("v")) + }); + } + }; + async function toggleResourceEnabled(val: boolean, resourceId: number) { const res = await api .post>( @@ -87,53 +310,16 @@ export default function SitesTable({ resources, orgId }: ResourcesTableProps) { .catch((e) => { toast({ variant: "destructive", - title: "Failed to toggle resource", + title: t("resourcesErrorUpdate"), description: formatAxiosError( e, - "An error occurred while updating the resource" + t("resourcesErrorUpdateDescription") ) }); }); } - const columns: ColumnDef[] = [ - { - accessorKey: "dots", - header: "", - cell: ({ row }) => { - const resourceRow = row.original; - const router = useRouter(); - - return ( - - - - - - - - View settings - - - { - setSelectedResource(resourceRow); - setIsDeleteModalOpen(true); - }} - > - Delete - - - - ); - } - }, + const proxyColumns: ColumnDef[] = [ { accessorKey: "name", header: ({ column }) => { @@ -144,44 +330,15 @@ export default function SitesTable({ resources, orgId }: ResourcesTableProps) { column.toggleSorting(column.getIsSorted() === "asc") } > - Name + {t("name")} ); } }, - { - accessorKey: "site", - header: ({ column }) => { - return ( - - ); - }, - cell: ({ row }) => { - const resourceRow = row.original; - return ( - - - - ); - } - }, { accessorKey: "protocol", - header: "Protocol", + header: t("protocol"), cell: ({ row }) => { const resourceRow = row.original; return {resourceRow.protocol.toUpperCase()}; @@ -189,16 +346,21 @@ export default function SitesTable({ resources, orgId }: ResourcesTableProps) { }, { accessorKey: "domain", - header: "Access", + header: t("access"), cell: ({ row }) => { const resourceRow = row.original; return ( -
+
{!resourceRow.http ? ( + ) : !resourceRow.domainId ? ( + ) : ( - Authentication + {t("authentication")} ); @@ -231,12 +393,12 @@ export default function SitesTable({ resources, orgId }: ResourcesTableProps) { {resourceRow.authState === "protected" ? ( - Protected + {t("protected")} ) : resourceRow.authState === "not_protected" ? ( - Not Protected + {t("notProtected")} ) : ( - @@ -247,10 +409,17 @@ export default function SitesTable({ resources, orgId }: ResourcesTableProps) { }, { accessorKey: "enabled", - header: "Enabled", + header: t("enabled"), cell: ({ row }) => ( toggleResourceEnabled(val, row.original.id) } @@ -263,11 +432,45 @@ export default function SitesTable({ resources, orgId }: ResourcesTableProps) { const resourceRow = row.original; return (
+ + + + + + + + {t("viewSettings")} + + + { + setSelectedResource(resourceRow); + setIsDeleteModalOpen(true); + }} + > + + {t("delete")} + + + + - @@ -277,6 +480,173 @@ export default function SitesTable({ resources, orgId }: ResourcesTableProps) { } ]; + const internalColumns: ColumnDef[] = [ + { + accessorKey: "name", + header: ({ column }) => { + return ( + + ); + } + }, + { + accessorKey: "siteName", + header: t("siteName"), + cell: ({ row }) => { + const resourceRow = row.original; + return ( + + + + ); + } + }, + { + accessorKey: "protocol", + header: t("protocol"), + cell: ({ row }) => { + const resourceRow = row.original; + return {resourceRow.protocol.toUpperCase()}; + } + }, + { + accessorKey: "proxyPort", + header: t("proxyPort"), + cell: ({ row }) => { + const resourceRow = row.original; + return ( + + ); + } + }, + { + accessorKey: "destination", + header: t("resourcesTableDestination"), + cell: ({ row }) => { + const resourceRow = row.original; + const destination = `${resourceRow.destinationIp}:${resourceRow.destinationPort}`; + return ; + } + }, + + { + id: "actions", + cell: ({ row }) => { + const resourceRow = row.original; + return ( +
+ + + + + + { + setSelectedInternalResource( + resourceRow + ); + setIsDeleteModalOpen(true); + }} + > + + {t("delete")} + + + + + +
+ ); + } + } + ]; + + const proxyTable = useReactTable({ + data: resources, + columns: proxyColumns, + getCoreRowModel: getCoreRowModel(), + getPaginationRowModel: getPaginationRowModel(), + onSortingChange: setProxySorting, + getSortedRowModel: getSortedRowModel(), + onColumnFiltersChange: setProxyColumnFilters, + getFilteredRowModel: getFilteredRowModel(), + onGlobalFilterChange: setProxyGlobalFilter, + initialState: { + pagination: { + pageSize: proxyPageSize, + pageIndex: 0 + } + }, + state: { + sorting: proxySorting, + columnFilters: proxyColumnFilters, + globalFilter: proxyGlobalFilter + } + }); + + const internalTable = useReactTable({ + data: internalResources, + columns: internalColumns, + getCoreRowModel: getCoreRowModel(), + getPaginationRowModel: getPaginationRowModel(), + onSortingChange: setInternalSorting, + getSortedRowModel: getSortedRowModel(), + onColumnFiltersChange: setInternalColumnFilters, + getFilteredRowModel: getFilteredRowModel(), + onGlobalFilterChange: setInternalGlobalFilter, + initialState: { + pagination: { + pageSize: internalPageSize, + pageIndex: 0 + } + }, + state: { + sorting: internalSorting, + columnFilters: internalColumnFilters, + globalFilter: internalGlobalFilter + } + }); + + const handleProxyPageSizeChange = (newPageSize: number) => { + setProxyPageSize(newPageSize); + setStoredPageSize(newPageSize, 'proxy-resources'); + }; + + const handleInternalPageSizeChange = (newPageSize: number) => { + setInternalPageSize(newPageSize); + setStoredPageSize(newPageSize, 'internal-resources'); + }; + return ( <> {selectedResource && ( @@ -289,38 +659,294 @@ export default function SitesTable({ resources, orgId }: ResourcesTableProps) { dialog={

- Are you sure you want to remove the resource{" "} - - {selectedResource?.name || - selectedResource?.id} - {" "} - from the organization? + {t("resourceQuestionRemove", { + selectedResource: + selectedResource?.name || + selectedResource?.id + })}

-

- Once removed, the resource will no longer be - accessible. All targets attached to the resource - will be removed. -

+

{t("resourceMessageRemove")}

-

- To confirm, please type the name of the resource - below. -

+

{t("resourceMessageConfirm")}

} - buttonText="Confirm Delete Resource" + buttonText={t("resourceDeleteConfirm")} onConfirm={async () => deleteResource(selectedResource!.id)} string={selectedResource.name} - title="Delete Resource" + title={t("resourceDelete")} /> )} - { - router.push(`/${orgId}/settings/resources/create`); + {selectedInternalResource && ( + { + setIsDeleteModalOpen(val); + setSelectedInternalResource(null); + }} + dialog={ +
+

+ {t("resourceQuestionRemove", { + selectedResource: + selectedInternalResource?.name || + selectedInternalResource?.id + })} +

+ +

{t("resourceMessageRemove")}

+ +

{t("resourceMessageConfirm")}

+
+ } + buttonText={t("resourceDeleteConfirm")} + onConfirm={async () => + deleteInternalResource( + selectedInternalResource!.id, + selectedInternalResource!.siteId + ) + } + string={selectedInternalResource.name} + title={t("resourceDelete")} + /> + )} + +
+ + + +
+ {getSearchInput()} + + {env.flags.enableClients && ( + + + {t("resourcesTableProxyResources")} + + + {t("resourcesTableClientResources")} + + + )} +
+
+ {getActionButton()} +
+ + + + + + {proxyTable + .getHeaderGroups() + .map((headerGroup) => ( + + {headerGroup.headers.map( + (header) => ( + + {header.isPlaceholder + ? null + : flexRender( + header + .column + .columnDef + .header, + header.getContext() + )} + + ) + )} + + ))} + + + {proxyTable.getRowModel().rows + ?.length ? ( + proxyTable + .getRowModel() + .rows.map((row) => ( + + {row + .getVisibleCells() + .map((cell) => ( + + {flexRender( + cell + .column + .columnDef + .cell, + cell.getContext() + )} + + ))} + + )) + ) : ( + + + {t( + "resourcesTableNoProxyResourcesFound" + )} + + + )} + +
+
+ +
+ + +
+ + + {t( + "resourcesTableTheseResourcesForUseWith" + )}{" "} + + {t("resourcesTableClients")} + + {" "} + {t( + "resourcesTableAndOnlyAccessibleInternally" + )} + + +
+ + + {internalTable + .getHeaderGroups() + .map((headerGroup) => ( + + {headerGroup.headers.map( + (header) => ( + + {header.isPlaceholder + ? null + : flexRender( + header + .column + .columnDef + .header, + header.getContext() + )} + + ) + )} + + ))} + + + {internalTable.getRowModel().rows + ?.length ? ( + internalTable + .getRowModel() + .rows.map((row) => ( + + {row + .getVisibleCells() + .map((cell) => ( + + {flexRender( + cell + .column + .columnDef + .cell, + cell.getContext() + )} + + ))} + + )) + ) : ( + + + {t( + "resourcesTableNoInternalResourcesFound" + )} + + + )} + +
+
+ +
+ + + + +
+ + {editingResource && ( + { + router.refresh(); + setEditingResource(null); + }} + /> + )} + + { + router.refresh(); }} /> diff --git a/src/app/[orgId]/settings/resources/[resourceId]/CustomDomainInput.tsx b/src/app/[orgId]/settings/resources/[resourceId]/CustomDomainInput.tsx index 0764d740..171f5683 100644 --- a/src/app/[orgId]/settings/resources/[resourceId]/CustomDomainInput.tsx +++ b/src/app/[orgId]/settings/resources/[resourceId]/CustomDomainInput.tsx @@ -9,6 +9,7 @@ import { SelectTrigger, SelectValue } from "@/components/ui/select"; +import { toUnicode } from "punycode"; interface DomainOption { baseDomain: string; @@ -91,7 +92,7 @@ export default function CustomDomainInput({ key={option.domainId} value={option.domainId} > - .{option.baseDomain} + .{toUnicode(option.baseDomain)} ))} diff --git a/src/app/[orgId]/settings/resources/[resourceId]/ResourceInfoBox.tsx b/src/app/[orgId]/settings/resources/[resourceId]/ResourceInfoBox.tsx index 86916755..8da95ec0 100644 --- a/src/app/[orgId]/settings/resources/[resourceId]/ResourceInfoBox.tsx +++ b/src/app/[orgId]/settings/resources/[resourceId]/ResourceInfoBox.tsx @@ -1,9 +1,8 @@ "use client"; import { Alert, AlertDescription, AlertTitle } from "@/components/ui/alert"; -import { ArrowRight, InfoIcon, ShieldCheck, ShieldOff } from "lucide-react"; +import { InfoIcon, ShieldCheck, ShieldOff } from "lucide-react"; import { useResourceContext } from "@app/hooks/useResourceContext"; -import { Separator } from "@app/components/ui/separator"; import CopyToClipboard from "@app/components/CopyToClipboard"; import { InfoSection, @@ -11,43 +10,45 @@ import { InfoSections, InfoSectionTitle } from "@app/components/InfoSection"; -import Link from "next/link"; -import { Switch } from "@app/components/ui/switch"; +import { useTranslations } from "next-intl"; +import { build } from "@server/build"; +import { toUnicode } from 'punycode'; type ResourceInfoBoxType = {}; -export default function ResourceInfoBox({}: ResourceInfoBoxType) { +export default function ResourceInfoBox({ }: ResourceInfoBoxType) { const { resource, authInfo } = useResourceContext(); - let fullUrl = `${resource.ssl ? "https" : "http"}://${resource.fullDomain}`; + const t = useTranslations(); + + + const fullUrl = `${resource.ssl ? "https" : "http"}://${toUnicode(resource.fullDomain || "")}`; + + return ( - - - Resource Information - - - + + {resource.http ? ( <> - Authentication + {t("authentication")} {authInfo.password || - authInfo.pincode || - authInfo.sso || - authInfo.whitelist ? ( + authInfo.pincode || + authInfo.sso || + authInfo.whitelist ? (
- Protected + {t("protected")}
) : (
- Not Protected + {t("notProtected")}
)} @@ -61,17 +62,31 @@ export default function ResourceInfoBox({}: ResourceInfoBoxType) { /> - - Site - - {resource.siteName} - - + {/* {isEnabled && ( + + Socket + + {isAvailable ? ( + +
+ Online + + ) : ( + +
+ Offline + + )} + + + )} */} ) : ( <> - Protocol + + {t("protocol")} + {resource.protocol.toUpperCase()} @@ -79,7 +94,7 @@ export default function ResourceInfoBox({}: ResourceInfoBoxType) { - Port + {t("port")} + {/* {build == "oss" && ( + + + {t("externalProxyEnabled")} + + + + {resource.enableProxy + ? t("enabled") + : t("disabled")} + + + + )} */} )} - Visibility + {t("visibility")} - {resource.enabled ? "Enabled" : "Disabled"} + + {resource.enabled + ? t("enabled") + : t("disabled")} + diff --git a/src/app/[orgId]/settings/resources/[resourceId]/authentication/SetResourcePasswordForm.tsx b/src/app/[orgId]/settings/resources/[resourceId]/authentication/SetResourcePasswordForm.tsx index 3bf2966a..c5739ca9 100644 --- a/src/app/[orgId]/settings/resources/[resourceId]/authentication/SetResourcePasswordForm.tsx +++ b/src/app/[orgId]/settings/resources/[resourceId]/authentication/SetResourcePasswordForm.tsx @@ -28,9 +28,10 @@ import { } from "@app/components/Credenza"; import { formatAxiosError } from "@app/lib/api"; import { AxiosResponse } from "axios"; -import { Resource } from "@server/db/schemas"; +import { Resource } from "@server/db"; import { createApiClient } from "@app/lib/api"; import { useEnvContext } from "@app/hooks/useEnvContext"; +import { useTranslations } from "next-intl"; const setPasswordFormSchema = z.object({ password: z.string().min(4).max(100) @@ -56,6 +57,7 @@ export default function SetResourcePasswordForm({ onSetPassword }: SetPasswordFormProps) { const api = createApiClient(useEnvContext()); + const t = useTranslations(); const [loading, setLoading] = useState(false); @@ -81,18 +83,17 @@ export default function SetResourcePasswordForm({ .catch((e) => { toast({ variant: "destructive", - title: "Error setting resource password", + title: t('resourceErrorPasswordSetup'), description: formatAxiosError( e, - "An error occurred while setting the resource password" + t('resourceErrorPasswordSetupDescription') ) }); }) .then(() => { toast({ - title: "Resource password set", - description: - "The resource password has been set successfully" + title: t('resourcePasswordSetup'), + description: t('resourcePasswordSetupDescription') }); if (onSetPassword) { @@ -114,9 +115,9 @@ export default function SetResourcePasswordForm({ > - Set Password + {t('resourcePasswordSetupTitle')} - Set a password to protect this resource + {t('resourcePasswordSetupTitleDescription')} @@ -131,7 +132,7 @@ export default function SetResourcePasswordForm({ name="password" render={({ field }) => ( - Password + {t('password')} - + diff --git a/src/app/[orgId]/settings/resources/[resourceId]/authentication/SetResourcePincodeForm.tsx b/src/app/[orgId]/settings/resources/[resourceId]/authentication/SetResourcePincodeForm.tsx index 31ccbea6..2c5e447a 100644 --- a/src/app/[orgId]/settings/resources/[resourceId]/authentication/SetResourcePincodeForm.tsx +++ b/src/app/[orgId]/settings/resources/[resourceId]/authentication/SetResourcePincodeForm.tsx @@ -28,7 +28,7 @@ import { } from "@app/components/Credenza"; import { formatAxiosError } from "@app/lib/api"; import { AxiosResponse } from "axios"; -import { Resource } from "@server/db/schemas"; +import { Resource } from "@server/db"; import { InputOTP, InputOTPGroup, @@ -36,6 +36,7 @@ import { } from "@app/components/ui/input-otp"; import { createApiClient } from "@app/lib/api"; import { useEnvContext } from "@app/hooks/useEnvContext"; +import { useTranslations } from "next-intl"; const setPincodeFormSchema = z.object({ pincode: z.string().length(6) @@ -69,6 +70,8 @@ export default function SetResourcePincodeForm({ defaultValues }); + const t = useTranslations(); + useEffect(() => { if (!open) { return; @@ -86,18 +89,17 @@ export default function SetResourcePincodeForm({ .catch((e) => { toast({ variant: "destructive", - title: "Error setting resource PIN code", + title: t('resourceErrorPincodeSetup'), description: formatAxiosError( e, - "An error occurred while setting the resource PIN code" + t('resourceErrorPincodeSetupDescription') ) }); }) .then(() => { toast({ - title: "Resource PIN code set", - description: - "The resource pincode has been set successfully" + title: t('resourcePincodeSetup'), + description: t('resourcePincodeSetupDescription') }); if (onSetPincode) { @@ -119,9 +121,9 @@ export default function SetResourcePincodeForm({ > - Set Pincode + {t('resourcePincodeSetupTitle')} - Set a pincode to protect this resource + {t('resourcePincodeSetupTitleDescription')} @@ -136,7 +138,7 @@ export default function SetResourcePincodeForm({ name="pincode" render={({ field }) => ( - PIN Code + {t('resourcePincode')}
- + diff --git a/src/app/[orgId]/settings/resources/[resourceId]/authentication/page.tsx b/src/app/[orgId]/settings/resources/[resourceId]/authentication/page.tsx index 0b0535e8..9bb9919a 100644 --- a/src/app/[orgId]/settings/resources/[resourceId]/authentication/page.tsx +++ b/src/app/[orgId]/settings/resources/[resourceId]/authentication/page.tsx @@ -48,6 +48,16 @@ import { useRouter } from "next/navigation"; import { UserType } from "@server/types/UserTypes"; import { Alert, AlertDescription, AlertTitle } from "@app/components/ui/alert"; import { InfoIcon } from "lucide-react"; +import { useTranslations } from "next-intl"; +import { CheckboxWithLabel } from "@app/components/ui/checkbox"; +import { + Select, + SelectContent, + SelectItem, + SelectTrigger, + SelectValue +} from "@app/components/ui/select"; +import { Separator } from "@app/components/ui/separator"; const UsersRolesFormSchema = z.object({ roles: z.array( @@ -82,6 +92,7 @@ export default function ResourceAuthenticationPage() { const api = createApiClient({ env }); const router = useRouter(); + const t = useTranslations(); const [pageLoading, setPageLoading] = useState(true); @@ -108,6 +119,14 @@ export default function ResourceAuthenticationPage() { resource.emailWhitelistEnabled ); + const [autoLoginEnabled, setAutoLoginEnabled] = useState( + resource.skipToIdpId !== null && resource.skipToIdpId !== undefined + ); + const [selectedIdpId, setSelectedIdpId] = useState( + resource.skipToIdpId || null + ); + const [allIdps, setAllIdps] = useState<{ id: number; text: string }[]>([]); + const [loadingSaveUsersRoles, setLoadingSaveUsersRoles] = useState(false); const [loadingSaveWhitelist, setLoadingSaveWhitelist] = useState(false); @@ -137,7 +156,8 @@ export default function ResourceAuthenticationPage() { resourceRolesResponse, usersResponse, resourceUsersResponse, - whitelist + whitelist, + idpsResponse ] = await Promise.all([ api.get>( `/org/${org?.org.orgId}/roles` @@ -153,7 +173,12 @@ export default function ResourceAuthenticationPage() { ), api.get>( `/resource/${resource.resourceId}/whitelist` - ) + ), + api.get< + AxiosResponse<{ + idps: { idpId: number; name: string }[]; + }> + >("/idp") ]); setAllRoles( @@ -198,15 +223,30 @@ export default function ResourceAuthenticationPage() { })) ); + setAllIdps( + idpsResponse.data.data.idps.map((idp) => ({ + id: idp.idpId, + text: idp.name + })) + ); + + if ( + autoLoginEnabled && + !selectedIdpId && + idpsResponse.data.data.idps.length > 0 + ) { + setSelectedIdpId(idpsResponse.data.data.idps[0].idpId); + } + setPageLoading(false); } catch (e) { console.error(e); toast({ variant: "destructive", - title: "Failed to fetch data", + title: t("resourceErrorAuthFetch"), description: formatAxiosError( e, - "An error occurred while fetching the data" + t("resourceErrorAuthFetchDescription") ) }); } @@ -233,18 +273,18 @@ export default function ResourceAuthenticationPage() { }); toast({ - title: "Saved successfully", - description: "Whitelist settings have been saved" + title: t("resourceWhitelistSave"), + description: t("resourceWhitelistSaveDescription") }); router.refresh(); } catch (e) { console.error(e); toast({ variant: "destructive", - title: "Failed to save whitelist", + title: t("resourceErrorWhitelistSave"), description: formatAxiosError( e, - "An error occurred while saving the whitelist" + t("resourceErrorWhitelistSaveDescription") ) }); } finally { @@ -258,6 +298,16 @@ export default function ResourceAuthenticationPage() { try { setLoadingSaveUsersRoles(true); + // Validate that an IDP is selected if auto login is enabled + if (autoLoginEnabled && !selectedIdpId) { + toast({ + variant: "destructive", + title: t("error"), + description: t("selectIdpRequired") + }); + return; + } + const jobs = [ api.post(`/resource/${resource.resourceId}/roles`, { roleIds: data.roles.map((i) => parseInt(i.id)) @@ -266,14 +316,16 @@ export default function ResourceAuthenticationPage() { userIds: data.users.map((i) => i.id) }), api.post(`/resource/${resource.resourceId}`, { - sso: ssoEnabled + sso: ssoEnabled, + skipToIdpId: autoLoginEnabled ? selectedIdpId : null }) ]; await Promise.all(jobs); updateResource({ - sso: ssoEnabled + sso: ssoEnabled, + skipToIdpId: autoLoginEnabled ? selectedIdpId : null }); updateAuthInfo({ @@ -281,18 +333,18 @@ export default function ResourceAuthenticationPage() { }); toast({ - title: "Saved successfully", - description: "Authentication settings have been saved" + title: t("resourceAuthSettingsSave"), + description: t("resourceAuthSettingsSaveDescription") }); router.refresh(); } catch (e) { console.error(e); toast({ variant: "destructive", - title: "Failed to set roles", + title: t("resourceErrorUsersRolesSave"), description: formatAxiosError( e, - "An error occurred while setting the roles" + t("resourceErrorUsersRolesSaveDescription") ) }); } finally { @@ -308,9 +360,8 @@ export default function ResourceAuthenticationPage() { }) .then(() => { toast({ - title: "Resource password removed", - description: - "The resource password has been removed successfully" + title: t("resourcePasswordRemove"), + description: t("resourcePasswordRemoveDescription") }); updateAuthInfo({ @@ -321,10 +372,10 @@ export default function ResourceAuthenticationPage() { .catch((e) => { toast({ variant: "destructive", - title: "Error removing resource password", + title: t("resourceErrorPasswordRemove"), description: formatAxiosError( e, - "An error occurred while removing the resource password" + t("resourceErrorPasswordRemoveDescription") ) }); }) @@ -339,9 +390,8 @@ export default function ResourceAuthenticationPage() { }) .then(() => { toast({ - title: "Resource pincode removed", - description: - "The resource password has been removed successfully" + title: t("resourcePincodeRemove"), + description: t("resourcePincodeRemoveDescription") }); updateAuthInfo({ @@ -352,10 +402,10 @@ export default function ResourceAuthenticationPage() { .catch((e) => { toast({ variant: "destructive", - title: "Error removing resource pincode", + title: t("resourceErrorPincodeRemove"), description: formatAxiosError( e, - "An error occurred while removing the resource pincode" + t("resourceErrorPincodeRemoveDescription") ) }); }) @@ -400,142 +450,234 @@ export default function ResourceAuthenticationPage() { - Users & Roles + {t("resourceUsersRoles")} - Configure which users and roles can visit this - resource + {t("resourceUsersRolesDescription")} - setSsoEnabled(val)} - /> + + setSsoEnabled(val)} + /> -
- - {ssoEnabled && ( - <> - ( - - Roles - - { - usersRolesForm.setValue( - "roles", - newRoles as [ - Tag, - ...Tag[] - ] - ); - }} - enableAutocomplete={ - true - } - autocompleteOptions={ - allRoles - } - allowDuplicates={ - false - } - restrictTagsToAutocompleteOptions={ - true - } - sortTags={true} - /> - - - - Admins can always access - this resource. - - + + + {ssoEnabled && ( + <> + ( + + + {t("roles")} + + + { + usersRolesForm.setValue( + "roles", + newRoles as [ + Tag, + ...Tag[] + ] + ); + }} + enableAutocomplete={ + true + } + autocompleteOptions={ + allRoles + } + allowDuplicates={ + false + } + restrictTagsToAutocompleteOptions={ + true + } + sortTags={true} + /> + + + + {t( + "resourceRoleDescription" + )} + + + )} + /> + ( + + + {t("users")} + + + { + usersRolesForm.setValue( + "users", + newUsers as [ + Tag, + ...Tag[] + ] + ); + }} + enableAutocomplete={ + true + } + autocompleteOptions={ + allUsers + } + allowDuplicates={ + false + } + restrictTagsToAutocompleteOptions={ + true + } + sortTags={true} + /> + + + + )} + /> + + )} + + {ssoEnabled && allIdps.length > 0 && ( +
+
+ { + setAutoLoginEnabled( + checked as boolean + ); + if ( + checked && + allIdps.length > 0 + ) { + setSelectedIdpId( + allIdps[0].id + ); + } else { + setSelectedIdpId( + null + ); + } + }} + /> +

+ {t( + "autoLoginExternalIdpDescription" + )} +

+
+ + {autoLoginEnabled && ( +
+ + +
)} - /> - ( - - Users - - { - usersRolesForm.setValue( - "users", - newUsers as [ - Tag, - ...Tag[] - ] - ); - }} - enableAutocomplete={ - true - } - autocompleteOptions={ - allUsers - } - allowDuplicates={ - false - } - restrictTagsToAutocompleteOptions={ - true - } - sortTags={true} - /> - - - - )} - /> - - )} - - +
+ )} + + +
@@ -552,177 +694,195 @@ export default function ResourceAuthenticationPage() { - Authentication Methods + {t("resourceAuthMethods")} - Allow access to the resource via additional auth - methods + {t("resourceAuthMethodsDescriptions")} - {/* Password Protection */} -
-
- - - Password Protection{" "} - {authInfo.password ? "Enabled" : "Disabled"} - + + {/* Password Protection */} +
+
+ + + {t("resourcePasswordProtection", { + status: authInfo.password + ? t("enabled") + : t("disabled") + })} + +
+
- -
- {/* PIN Code Protection */} -
-
- - - PIN Code Protection{" "} - {authInfo.pincode ? "Enabled" : "Disabled"} - + {/* PIN Code Protection */} +
+
+ + + {t("resourcePincodeProtection", { + status: authInfo.pincode + ? t("enabled") + : t("disabled") + })} + +
+
- -
+ - One-time Passwords + {t("otpEmailTitle")} - Require email-based authentication for resource - access + {t("otpEmailTitleDescription")} - {!env.email.emailEnabled && ( - - - - SMTP Required - - - SMTP must be enabled on the server to use one-time password authentication. - - - )} - + + {!env.email.emailEnabled && ( + + + + {t("otpEmailSmtpRequired")} + + + {t("otpEmailSmtpRequiredDescription")} + + + )} + - {whitelistEnabled && env.email.emailEnabled && ( -
- - ( - - - - - - {/* @ts-ignore */} - { - return z - .string() - .email() - .or( - z - .string() - .regex( - /^\*@[\w.-]+\.[a-zA-Z]{2,}$/, - { - message: - "Invalid email address. Wildcard (*) must be the entire local part." - } - ) - ) - .safeParse( - tag - ).success; - }} - setActiveTagIndex={ - setActiveEmailTagIndex - } - placeholder="Enter an email" - tags={ - whitelistForm.getValues() - .emails - } - setTags={( - newRoles - ) => { - whitelistForm.setValue( - "emails", - newRoles as [ - Tag, - ...Tag[] - ] - ); - }} - allowDuplicates={ - false - } - sortTags={true} - /> - - - Press enter to add an - email after typing it in - the input field. - - - )} - /> - - - )} + {whitelistEnabled && env.email.emailEnabled && ( +
+ + ( + + + + + + {/* @ts-ignore */} + { + return z + .string() + .email() + .or( + z + .string() + .regex( + /^\*@[\w.-]+\.[a-zA-Z]{2,}$/, + { + message: + t( + "otpEmailErrorInvalid" + ) + } + ) + ) + .safeParse( + tag + ).success; + }} + setActiveTagIndex={ + setActiveEmailTagIndex + } + placeholder={t( + "otpEmailEnter" + )} + tags={ + whitelistForm.getValues() + .emails + } + setTags={( + newRoles + ) => { + whitelistForm.setValue( + "emails", + newRoles as [ + Tag, + ...Tag[] + ] + ); + }} + allowDuplicates={ + false + } + sortTags={true} + /> + + + {t( + "otpEmailEnterDescription" + )} + + + )} + /> + + + )} +
diff --git a/src/app/[orgId]/settings/resources/[resourceId]/general/page.tsx b/src/app/[orgId]/settings/resources/[resourceId]/general/page.tsx index f1e152d5..ce8f29a7 100644 --- a/src/app/[orgId]/settings/resources/[resourceId]/general/page.tsx +++ b/src/app/[orgId]/settings/resources/[resourceId]/general/page.tsx @@ -14,19 +14,6 @@ import { FormMessage } from "@/components/ui/form"; import { Input } from "@/components/ui/input"; -import { - Command, - CommandEmpty, - CommandGroup, - CommandInput, - CommandItem -} from "@/components/ui/command"; -import { cn } from "@app/lib/cn"; -import { - Popover, - PopoverContent, - PopoverTrigger -} from "@/components/ui/popover"; import { useResourceContext } from "@app/hooks/useResourceContext"; import { ListSitesResponse } from "@server/routers/site"; import { useEffect, useState } from "react"; @@ -45,72 +32,30 @@ import { SettingsSectionFooter } from "@app/components/Settings"; import { useOrgContext } from "@app/hooks/useOrgContext"; -import CustomDomainInput from "../CustomDomainInput"; import { createApiClient } from "@app/lib/api"; import { useEnvContext } from "@app/hooks/useEnvContext"; -import { subdomainSchema, tlsNameSchema } from "@server/lib/schemas"; -import { CaretSortIcon, CheckIcon } from "@radix-ui/react-icons"; -import { RadioGroup, RadioGroupItem } from "@app/components/ui/radio-group"; import { Label } from "@app/components/ui/label"; import { ListDomainsResponse } from "@server/routers/domain"; -import { - Select, - SelectContent, - SelectItem, - SelectTrigger, - SelectValue -} from "@app/components/ui/select"; -import { - UpdateResourceResponse, - updateResourceRule -} from "@server/routers/resource"; +import { UpdateResourceResponse } from "@server/routers/resource"; import { SwitchInput } from "@app/components/SwitchInput"; - -const GeneralFormSchema = z - .object({ - subdomain: z.string().optional(), - name: z.string().min(1).max(255), - proxyPort: z.number().optional(), - http: z.boolean(), - isBaseDomain: z.boolean().optional(), - domainId: z.string().optional() - }) - .refine( - (data) => { - if (!data.http) { - return z - .number() - .int() - .min(1) - .max(65535) - .safeParse(data.proxyPort).success; - } - return true; - }, - { - message: "Invalid port number", - path: ["proxyPort"] - } - ) - .refine( - (data) => { - if (data.http && !data.isBaseDomain) { - return subdomainSchema.safeParse(data.subdomain).success; - } - return true; - }, - { - message: "Invalid subdomain", - path: ["subdomain"] - } - ); - -const TransferFormSchema = z.object({ - siteId: z.number() -}); - -type GeneralFormValues = z.infer; -type TransferFormValues = z.infer; +import { useTranslations } from "next-intl"; +import { Checkbox } from "@app/components/ui/checkbox"; +import { + Credenza, + CredenzaBody, + CredenzaClose, + CredenzaContent, + CredenzaDescription, + CredenzaFooter, + CredenzaHeader, + CredenzaTitle +} from "@app/components/Credenza"; +import DomainPicker from "@app/components/DomainPicker"; +import { Globe } from "lucide-react"; +import { build } from "@server/build"; +import { finalizeSubdomainSanitize } from "@app/lib/subdomain-utils"; +import { DomainRow } from "../../../domains/DomainsTable"; +import { toASCII, toUnicode } from "punycode"; export default function GeneralForm() { const [formKey, setFormKey] = useState(0); @@ -118,6 +63,8 @@ export default function GeneralForm() { const { resource, updateResource } = useResourceContext(); const { org } = useOrgContext(); const router = useRouter(); + const t = useTranslations(); + const [editDomainOpen, setEditDomainOpen] = useState(false); const { env } = useEnvContext(); @@ -134,30 +81,57 @@ export default function GeneralForm() { >([]); const [loadingPage, setLoadingPage] = useState(true); - const [domainType, setDomainType] = useState<"subdomain" | "basedomain">( - resource.isBaseDomain ? "basedomain" : "subdomain" + const [resourceFullDomain, setResourceFullDomain] = useState( + `${resource.ssl ? "https" : "http"}://${toUnicode(resource.fullDomain || "")}` ); + const [selectedDomain, setSelectedDomain] = useState<{ + domainId: string; + subdomain?: string; + fullDomain: string; + baseDomain: string; + } | null>(null); + + const GeneralFormSchema = z + .object({ + enabled: z.boolean(), + subdomain: z.string().optional(), + name: z.string().min(1).max(255), + domainId: z.string().optional(), + proxyPort: z.number().int().min(1).max(65535).optional(), + // enableProxy: z.boolean().optional() + }) + .refine( + (data) => { + // For non-HTTP resources, proxyPort should be defined + if (!resource.http) { + return data.proxyPort !== undefined; + } + // For HTTP resources, proxyPort should be undefined + return data.proxyPort === undefined; + }, + { + message: !resource.http + ? "Port number is required for non-HTTP resources" + : "Port number should not be set for HTTP resources", + path: ["proxyPort"] + } + ); + + type GeneralFormValues = z.infer; const form = useForm({ resolver: zodResolver(GeneralFormSchema), defaultValues: { + enabled: resource.enabled, name: resource.name, subdomain: resource.subdomain ? resource.subdomain : undefined, - proxyPort: resource.proxyPort ? resource.proxyPort : undefined, - http: resource.http, - isBaseDomain: resource.isBaseDomain ? true : false, - domainId: resource.domainId || undefined + domainId: resource.domainId || undefined, + proxyPort: resource.proxyPort || undefined, + // enableProxy: resource.enableProxy || false }, mode: "onChange" }); - const transferForm = useForm({ - resolver: zodResolver(TransferFormSchema), - defaultValues: { - siteId: resource.siteId ? Number(resource.siteId) : undefined - } - }); - useEffect(() => { const fetchSites = async () => { const res = await api.get>( @@ -174,16 +148,20 @@ export default function GeneralForm() { .catch((e) => { toast({ variant: "destructive", - title: "Error fetching domains", + title: t("domainErrorFetch"), description: formatAxiosError( e, - "An error occurred when fetching the domains" + t("domainErrorFetchDescription") ) }); }); if (res?.status === 200) { - const domains = res.data.data.domains; + const rawDomains = res.data.data.domains as DomainRow[]; + const domains = rawDomains.map((domain) => ({ + ...domain, + baseDomain: toUnicode(domain.baseDomain), + })); setBaseDomains(domains); setFormKey((key) => key + 1); } @@ -206,38 +184,44 @@ export default function GeneralForm() { .post>( `resource/${resource?.resourceId}`, { + enabled: data.enabled, name: data.name, - subdomain: data.http ? data.subdomain : undefined, + subdomain: data.subdomain ? toASCII(data.subdomain) : undefined, + domainId: data.domainId, proxyPort: data.proxyPort, - isBaseDomain: data.http ? data.isBaseDomain : undefined, - domainId: data.http ? data.domainId : undefined + // ...(!resource.http && { + // enableProxy: data.enableProxy + // }) } ) .catch((e) => { toast({ variant: "destructive", - title: "Failed to update resource", + title: t("resourceErrorUpdate"), description: formatAxiosError( e, - "An error occurred while updating the resource" + t("resourceErrorUpdateDescription") ) }); }); if (res && res.status === 200) { toast({ - title: "Resource updated", - description: "The resource has been updated successfully" + title: t("resourceUpdated"), + description: t("resourceUpdatedDescription") }); const resource = res.data.data; updateResource({ + enabled: data.enabled, name: data.name, subdomain: data.subdomain, + fullDomain: resource.fullDomain, proxyPort: data.proxyPort, - isBaseDomain: data.isBaseDomain, - fullDomain: resource.fullDomain + // ...(!resource.http && { + // enableProxy: data.enableProxy + // }) }); router.refresh(); @@ -245,482 +229,266 @@ export default function GeneralForm() { setSaveLoading(false); } - async function onTransfer(data: TransferFormValues) { - setTransferLoading(true); - - const res = await api - .post(`resource/${resource?.resourceId}/transfer`, { - siteId: data.siteId - }) - .catch((e) => { - toast({ - variant: "destructive", - title: "Failed to transfer resource", - description: formatAxiosError( - e, - "An error occurred while transferring the resource" - ) - }); - }); - - if (res && res.status === 200) { - toast({ - title: "Resource transferred", - description: "The resource has been transferred successfully" - }); - router.refresh(); - - updateResource({ - siteName: - sites.find((site) => site.siteId === data.siteId)?.name || - "" - }); - } - setTransferLoading(false); - } - - async function toggleResourceEnabled(val: boolean) { - const res = await api - .post>( - `resource/${resource.resourceId}`, - { - enabled: val - } - ) - .catch((e) => { - toast({ - variant: "destructive", - title: "Failed to toggle resource", - description: formatAxiosError( - e, - "An error occurred while updating the resource" - ) - }); - }); - - updateResource({ - enabled: val - }); - } - return ( !loadingPage && ( - - - - Visibility - - Completely enable or disable resource visibility - - - - { - await toggleResourceEnabled(val); - }} - /> - - + <> + + + + + {t("resourceGeneral")} + + + {t("resourceGeneralDescription")} + + - - - - General Settings - - - Configure the general settings for this resource - - - - - -
- - ( - - Name - - - - - - )} - /> - - {resource.http && ( - <> - {env.flags - .allowBaseDomainResources && ( - ( - - - Domain Type - - - - - )} - /> - )} - -
- {domainType === "subdomain" ? ( -
- - Subdomain - -
-
- ( - - - - - - - )} - /> -
-
- ( - - - - - )} - /> -
-
-
- ) : ( - ( - - - Base Domain - - - - - )} - /> - )} -
- - )} - - {!resource.http && ( + + + + ( + +
+ + + form.setValue( + "enabled", + val + ) + } + /> + +
+ + + )} + /> + + ( - Port Number + {t("name")} - - field.onChange( - e.target - .value - ? parseInt( - e - .target - .value - ) - : null - ) - } - /> + )} /> - )} - - - - - - - -
- - - - - Transfer Resource - - - Transfer this resource to a different site - - - - - -
- - ( - - - Destination Site - - - - - - - - - - - - No sites found. - - - {sites.map( - (site) => ( - { - transferForm.setValue( - "siteId", - site.siteId - ); - setOpen( - false - ); - }} - > - { - site.name - } - - - ) + + + + field.onChange( + e + .target + .value + ? parseInt( + e + .target + .value + ) + : undefined + ) + } + /> + + + + {t( + "resourcePortNumberDescription" )} - - - - - - + + + )} + /> + + {/* {build == "oss" && ( + ( + + + + +
+ + {t( + "resourceEnableProxy" + )} + + + {t( + "resourceEnableProxyDescription" + )} + +
+ + )} + /> + )} */} + )} - /> - - -
- - - - - - + {resource.http && ( +
+ +
+ + + {resourceFullDomain} + + +
+
+ )} + + + + + + + + + + + + setEditDomainOpen(setOpen)} + > + + + Edit Domain + + Select a domain for your resource + + + + { + const selected = { + domainId: res.domainId, + subdomain: res.subdomain, + fullDomain: res.fullDomain, + baseDomain: res.baseDomain + }; + setSelectedDomain(selected); + }} + /> + + + + + + + + + + ) ); } diff --git a/src/app/[orgId]/settings/resources/[resourceId]/layout.tsx b/src/app/[orgId]/settings/resources/[resourceId]/layout.tsx index edb21303..f6d4b3c0 100644 --- a/src/app/[orgId]/settings/resources/[resourceId]/layout.tsx +++ b/src/app/[orgId]/settings/resources/[resourceId]/layout.tsx @@ -13,15 +13,8 @@ import { GetOrgResponse } from "@server/routers/org"; import OrgProvider from "@app/providers/OrgProvider"; import { cache } from "react"; import ResourceInfoBox from "./ResourceInfoBox"; -import { - Breadcrumb, - BreadcrumbItem, - BreadcrumbLink, - BreadcrumbList, - BreadcrumbPage, - BreadcrumbSeparator -} from "@app/components/ui/breadcrumb"; -import Link from "next/link"; +import { GetSiteResponse } from "@server/routers/site"; +import { getTranslations } from 'next-intl/server'; interface ResourceLayoutProps { children: React.ReactNode; @@ -30,6 +23,7 @@ interface ResourceLayoutProps { export default async function ResourceLayout(props: ResourceLayoutProps) { const params = await props.params; + const t = await getTranslations(); const { children } = props; @@ -82,22 +76,22 @@ export default async function ResourceLayout(props: ResourceLayoutProps) { const navItems = [ { - title: "General", + title: t('general'), href: `/{orgId}/settings/resources/{resourceId}/general` }, { - title: "Proxy", + title: t('proxy'), href: `/{orgId}/settings/resources/{resourceId}/proxy` } ]; if (resource.http) { navItems.push({ - title: "Authentication", + title: t('authentication'), href: `/{orgId}/settings/resources/{resourceId}/authentication` }); navItems.push({ - title: "Rules", + title: t('rules'), href: `/{orgId}/settings/resources/{resourceId}/rules` }); } @@ -105,12 +99,15 @@ export default async function ResourceLayout(props: ResourceLayoutProps) { return ( <> - +
diff --git a/src/app/[orgId]/settings/resources/[resourceId]/proxy/page.tsx b/src/app/[orgId]/settings/resources/[resourceId]/proxy/page.tsx index 90e05ff8..87c3dd13 100644 --- a/src/app/[orgId]/settings/resources/[resourceId]/proxy/page.tsx +++ b/src/app/[orgId]/settings/resources/[resourceId]/proxy/page.tsx @@ -3,7 +3,6 @@ import { useEffect, useState, use } from "react"; import { Button } from "@/components/ui/button"; import { Input } from "@/components/ui/input"; -import { Label } from "@/components/ui/label"; import { Select, SelectContent, @@ -34,14 +33,13 @@ import { getPaginationRowModel, getCoreRowModel, useReactTable, - flexRender + flexRender, + Row } from "@tanstack/react-table"; import { Table, TableBody, - TableCaption, TableCell, - TableContainer, TableHead, TableHeader, TableRow @@ -52,7 +50,7 @@ import { ArrayElement } from "@server/types/ArrayElement"; import { formatAxiosError } from "@app/lib/api/formatAxiosError"; import { useEnvContext } from "@app/hooks/useEnvContext"; import { createApiClient } from "@app/lib/api"; -import { GetSiteResponse } from "@server/routers/site"; +import { GetSiteResponse, ListSitesResponse } from "@server/routers/site"; import { SettingsContainer, SettingsSection, @@ -60,24 +58,49 @@ import { SettingsSectionTitle, SettingsSectionDescription, SettingsSectionBody, - SettingsSectionFooter, SettingsSectionForm } from "@app/components/Settings"; import { SwitchInput } from "@app/components/SwitchInput"; import { useRouter } from "next/navigation"; import { isTargetValid } from "@server/lib/validators"; import { tlsNameSchema } from "@server/lib/schemas"; -import { ChevronsUpDown } from "lucide-react"; import { - Collapsible, - CollapsibleContent, - CollapsibleTrigger -} from "@app/components/ui/collapsible"; + CheckIcon, + ChevronsUpDown, + Settings, + Heart, + Check, + CircleCheck, + CircleX +} from "lucide-react"; +import { ContainersSelector } from "@app/components/ContainersSelector"; +import { useTranslations } from "next-intl"; +import { build } from "@server/build"; +import { DockerManager, DockerState } from "@app/lib/docker"; +import { Container } from "@server/routers/site"; +import { + Popover, + PopoverContent, + PopoverTrigger +} from "@app/components/ui/popover"; +import { cn } from "@app/lib/cn"; +import { CaretSortIcon } from "@radix-ui/react-icons"; +import { + Command, + CommandEmpty, + CommandGroup, + CommandInput, + CommandItem, + CommandList +} from "@app/components/ui/command"; +import { Badge } from "@app/components/ui/badge"; +import { parseHostTarget } from "@app/lib/parseHostTarget"; const addTargetSchema = z.object({ ip: z.string().refine(isTargetValid), method: z.string().nullable(), - port: z.coerce.number().int().positive() + port: z.coerce.number().int().positive(), + siteId: z.number().int().positive() }); const targetsSettingsSchema = z.object({ @@ -88,72 +111,105 @@ type LocalTarget = Omit< ArrayElement & { new?: boolean; updated?: boolean; + siteType: string | null; }, "protocol" >; -const proxySettingsSchema = z.object({ - setHostHeader: z - .string() - .optional() - .refine( - (data) => { - if (data) { - return tlsNameSchema.safeParse(data).success; - } - return true; - }, - { - message: - "Invalid custom Host Header value. Use domain name format, or save empty to unset custom Host Header." - } - ) -}); - -const tlsSettingsSchema = z.object({ - ssl: z.boolean(), - tlsServerName: z - .string() - .optional() - .refine( - (data) => { - if (data) { - return tlsNameSchema.safeParse(data).success; - } - return true; - }, - { - message: - "Invalid TLS Server Name. Use domain name format, or save empty to remove the TLS Server Name." - } - ) -}); - -type ProxySettingsValues = z.infer; -type TlsSettingsValues = z.infer; -type TargetsSettingsValues = z.infer; - export default function ReverseProxyTargets(props: { - params: Promise<{ resourceId: number }>; + params: Promise<{ resourceId: number; orgId: string }>; }) { const params = use(props.params); + const t = useTranslations(); const { resource, updateResource } = useResourceContext(); const api = createApiClient(useEnvContext()); const [targets, setTargets] = useState([]); - const [site, setSite] = useState(); const [targetsToRemove, setTargetsToRemove] = useState([]); + const [sites, setSites] = useState([]); + const [dockerStates, setDockerStates] = useState>(new Map()); + + const initializeDockerForSite = async (siteId: number) => { + if (dockerStates.has(siteId)) { + return; // Already initialized + } + + const dockerManager = new DockerManager(api, siteId); + const dockerState = await dockerManager.initializeDocker(); + + setDockerStates(prev => new Map(prev.set(siteId, dockerState))); + }; + + const refreshContainersForSite = async (siteId: number) => { + const dockerManager = new DockerManager(api, siteId); + const containers = await dockerManager.fetchContainers(); + + setDockerStates(prev => { + const newMap = new Map(prev); + const existingState = newMap.get(siteId); + if (existingState) { + newMap.set(siteId, { ...existingState, containers }); + } + return newMap; + }); + }; + + const getDockerStateForSite = (siteId: number): DockerState => { + return dockerStates.get(siteId) || { + isEnabled: false, + isAvailable: false, + containers: [] + }; + }; const [httpsTlsLoading, setHttpsTlsLoading] = useState(false); const [targetsLoading, setTargetsLoading] = useState(false); const [proxySettingsLoading, setProxySettingsLoading] = useState(false); const [pageLoading, setPageLoading] = useState(true); - const [isAdvancedOpen, setIsAdvancedOpen] = useState(false); const router = useRouter(); + const proxySettingsSchema = z.object({ + setHostHeader: z + .string() + .optional() + .refine( + (data) => { + if (data) { + return tlsNameSchema.safeParse(data).success; + } + return true; + }, + { + message: t("proxyErrorInvalidHeader") + } + ) + }); + + const tlsSettingsSchema = z.object({ + ssl: z.boolean(), + tlsServerName: z + .string() + .optional() + .refine( + (data) => { + if (data) { + return tlsNameSchema.safeParse(data).success; + } + return true; + }, + { + message: t("proxyErrorTls") + } + ) + }); + + type ProxySettingsValues = z.infer; + type TlsSettingsValues = z.infer; + type TargetsSettingsValues = z.infer; + const addTargetForm = useForm({ resolver: zodResolver(addTargetSchema), defaultValues: { @@ -163,6 +219,17 @@ export default function ReverseProxyTargets(props: { } as z.infer }); + const watchedIp = addTargetForm.watch("ip"); + const watchedPort = addTargetForm.watch("port"); + const watchedSiteId = addTargetForm.watch("siteId"); + + const handleContainerSelect = (hostname: string, port?: number) => { + addTargetForm.setValue("ip", hostname); + if (port) { + addTargetForm.setValue("port", port); + } + }; + const tlsSettingsForm = useForm({ resolver: zodResolver(tlsSettingsSchema), defaultValues: { @@ -199,10 +266,10 @@ export default function ReverseProxyTargets(props: { console.error(err); toast({ variant: "destructive", - title: "Failed to fetch targets", + title: t("targetErrorFetch"), description: formatAxiosError( err, - "An error occurred while fetching targets" + t("targetErrorFetchDescription") ) }); } finally { @@ -211,28 +278,64 @@ export default function ReverseProxyTargets(props: { }; fetchTargets(); - const fetchSite = async () => { - try { - const res = await api.get>( - `/site/${resource.siteId}` - ); - - if (res.status === 200) { - setSite(res.data.data); - } - } catch (err) { - console.error(err); - toast({ - variant: "destructive", - title: "Failed to fetch resource", - description: formatAxiosError( - err, - "An error occurred while fetching resource" - ) + const fetchSites = async () => { + const res = await api + .get< + AxiosResponse + >(`/org/${params.orgId}/sites`) + .catch((e) => { + toast({ + variant: "destructive", + title: t("sitesErrorFetch"), + description: formatAxiosError( + e, + t("sitesErrorFetchDescription") + ) + }); }); + + if (res?.status === 200) { + setSites(res.data.data.sites); + + // Initialize Docker for newt sites + const newtSites = res.data.data.sites.filter(site => site.type === "newt"); + for (const site of newtSites) { + initializeDockerForSite(site.siteId); + } + + // If there's only one site, set it as the default in the form + if (res.data.data.sites.length) { + addTargetForm.setValue( + "siteId", + res.data.data.sites[0].siteId + ); + } } }; - fetchSite(); + fetchSites(); + + // const fetchSite = async () => { + // try { + // const res = await api.get>( + // `/site/${resource.siteId}` + // ); + // + // if (res.status === 200) { + // setSite(res.data.data); + // } + // } catch (err) { + // console.error(err); + // toast({ + // variant: "destructive", + // title: t("siteErrorFetch"), + // description: formatAxiosError( + // err, + // t("siteErrorFetchDescription") + // ) + // }); + // } + // }; + // fetchSite(); }, []); async function addTarget(data: z.infer) { @@ -241,34 +344,50 @@ export default function ReverseProxyTargets(props: { (target) => target.ip === data.ip && target.port === data.port && - target.method === data.method + target.method === data.method && + target.siteId === data.siteId ); if (isDuplicate) { toast({ variant: "destructive", - title: "Duplicate target", - description: "A target with these settings already exists" + title: t("targetErrorDuplicate"), + description: t("targetErrorDuplicateDescription") }); return; } - if (site && site.type == "wireguard" && site.subnet) { - // make sure that the target IP is within the site subnet - const targetIp = data.ip; - const subnet = site.subnet; - if (!isIPInSubnet(targetIp, subnet)) { - toast({ - variant: "destructive", - title: "Invalid target IP", - description: "Target IP must be within the site subnet" - }); - return; - } - } + // if (site && site.type == "wireguard" && site.subnet) { + // // make sure that the target IP is within the site subnet + // const targetIp = data.ip; + // const subnet = site.subnet; + // try { + // if (!isIPInSubnet(targetIp, subnet)) { + // toast({ + // variant: "destructive", + // title: t("targetWireGuardErrorInvalidIp"), + // description: t( + // "targetWireGuardErrorInvalidIpDescription" + // ) + // }); + // return; + // } + // } catch (error) { + // console.error(error); + // toast({ + // variant: "destructive", + // title: t("targetWireGuardErrorInvalidIp"), + // description: t("targetWireGuardErrorInvalidIpDescription") + // }); + // return; + // } + // } + + const site = sites.find((site) => site.siteId === data.siteId); const newTarget: LocalTarget = { ...data, + siteType: site?.type || null, enabled: true, targetId: new Date().getTime(), new: true, @@ -294,25 +413,35 @@ export default function ReverseProxyTargets(props: { }; async function updateTarget(targetId: number, data: Partial) { + const site = sites.find((site) => site.siteId === data.siteId); setTargets( targets.map((target) => target.targetId === targetId - ? { ...target, ...data, updated: true } + ? { + ...target, + ...data, + updated: true, + siteType: site?.type || null + } : target ) ); } - async function saveTargets() { + async function saveAllSettings() { try { setTargetsLoading(true); + setHttpsTlsLoading(true); + setProxySettingsLoading(true); - for (let target of targets) { + // Save targets + for (const target of targets) { const data = { ip: target.ip, port: target.port, method: target.method, - enabled: target.enabled + enabled: target.enabled, + siteId: target.siteId }; if (target.new) { @@ -320,8 +449,10 @@ export default function ReverseProxyTargets(props: { AxiosResponse >(`/resource/${params.resourceId}/target`, data); target.targetId = res.data.data.targetId; + target.new = false; } else if (target.updated) { await api.post(`/target/${target.targetId}`, data); + target.updated = false; } } @@ -329,16 +460,36 @@ export default function ReverseProxyTargets(props: { await api.delete(`/target/${targetId}`); } - // Save sticky session setting - const stickySessionData = targetsSettingsForm.getValues(); - await api.post(`/resource/${params.resourceId}`, { - stickySession: stickySessionData.stickySession - }); - updateResource({ stickySession: stickySessionData.stickySession }); + if (resource.http) { + // Gather all settings + const stickySessionData = targetsSettingsForm.getValues(); + const tlsData = tlsSettingsForm.getValues(); + const proxyData = proxySettingsForm.getValues(); + + // Combine into one payload + const payload = { + stickySession: stickySessionData.stickySession, + ssl: tlsData.ssl, + tlsServerName: tlsData.tlsServerName || null, + setHostHeader: proxyData.setHostHeader || null + }; + + // Single API call to update all settings + await api.post(`/resource/${params.resourceId}`, payload); + + // Update local resource context + updateResource({ + ...resource, + stickySession: stickySessionData.stickySession, + ssl: tlsData.ssl, + tlsServerName: tlsData.tlsServerName || null, + setHostHeader: proxyData.setHostHeader || null + }); + } toast({ - title: "Targets updated", - description: "Targets and settings updated successfully" + title: t("settingsUpdated"), + description: t("settingsUpdatedDescription") }); setTargetsToRemove([]); @@ -347,97 +498,189 @@ export default function ReverseProxyTargets(props: { console.error(err); toast({ variant: "destructive", - title: "Failed to update targets", + title: t("settingsErrorUpdate"), description: formatAxiosError( err, - "An error occurred while updating targets" + t("settingsErrorUpdateDescription") ) }); } finally { setTargetsLoading(false); - } - } - - async function saveTlsSettings(data: TlsSettingsValues) { - try { - setHttpsTlsLoading(true); - await api.post(`/resource/${params.resourceId}`, { - ssl: data.ssl, - tlsServerName: data.tlsServerName || null - }); - updateResource({ - ...resource, - ssl: data.ssl, - tlsServerName: data.tlsServerName || null - }); - toast({ - title: "TLS settings updated", - description: "Your TLS settings have been updated successfully" - }); - } catch (err) { - console.error(err); - toast({ - variant: "destructive", - title: "Failed to update TLS settings", - description: formatAxiosError( - err, - "An error occurred while updating TLS settings" - ) - }); - } finally { setHttpsTlsLoading(false); - } - } - - async function saveProxySettings(data: ProxySettingsValues) { - try { - setProxySettingsLoading(true); - await api.post(`/resource/${params.resourceId}`, { - setHostHeader: data.setHostHeader || null - }); - updateResource({ - ...resource, - setHostHeader: data.setHostHeader || null - }); - toast({ - title: "Proxy settings updated", - description: - "Your proxy settings have been updated successfully" - }); - } catch (err) { - console.error(err); - toast({ - variant: "destructive", - title: "Failed to update proxy settings", - description: formatAxiosError( - err, - "An error occurred while updating proxy settings" - ) - }); - } finally { setProxySettingsLoading(false); } } const columns: ColumnDef[] = [ + { + accessorKey: "siteId", + header: t("site"), + cell: ({ row }) => { + const selectedSite = sites.find( + (site) => site.siteId === row.original.siteId + ); + + const handleContainerSelectForTarget = ( + hostname: string, + port?: number + ) => { + updateTarget(row.original.targetId, { + ...row.original, + ip: hostname + }); + if (port) { + updateTarget(row.original.targetId, { + ...row.original, + port: port + }); + } + }; + + return ( +
+ + + + + + + + + + {t("siteNotFound")} + + + {sites.map((site) => ( + { + updateTarget( + row.original + .targetId, + { + siteId: site.siteId + } + ); + }} + > + + {site.name} + + ))} + + + + + + {selectedSite && selectedSite.type === "newt" && (() => { + const dockerState = getDockerStateForSite(selectedSite.siteId); + return ( + refreshContainersForSite(selectedSite.siteId)} + /> + ); + })()} +
+ ); + } + }, + ...(resource.http + ? [ + { + accessorKey: "method", + header: t("method"), + cell: ({ row }: { row: Row }) => ( + + ) + } + ] + : []), { accessorKey: "ip", - header: "IP / Hostname", + header: t("targetAddr"), cell: ({ row }) => ( - updateTarget(row.original.targetId, { - ip: e.target.value - }) - } + onBlur={(e) => { + const input = e.target.value.trim(); + const hasProtocol = /^(https?|h2c):\/\//.test(input); + const hasPort = /:\d+(?:\/|$)/.test(input); + + if (hasProtocol || hasPort) { + const parsed = parseHostTarget(input); + if (parsed) { + updateTarget(row.original.targetId, { + ...row.original, + method: hasProtocol ? parsed.protocol : row.original.method, + ip: parsed.host, + port: hasPort ? parsed.port : row.original.port + }); + } else { + updateTarget(row.original.targetId, { + ...row.original, + ip: input + }); + } + } else { + updateTarget(row.original.targetId, { + ...row.original, + ip: input + }); + } + }} /> ) }, { accessorKey: "port", - header: "Port", + header: t("targetPort"), cell: ({ row }) => ( updateTarget(row.original.targetId, { + ...row.original, port: parseInt(e.target.value, 10) }) } @@ -453,7 +697,7 @@ export default function ReverseProxyTargets(props: { }, // { // accessorKey: "protocol", - // header: "Protocol", + // header: t('targetProtocol'), // cell: ({ row }) => ( // // ), - // }, + // }, { accessorKey: "enabled", - header: "Enabled", + header: t("enabled"), cell: ({ row }) => ( - updateTarget(row.original.targetId, { enabled: val }) + updateTarget(row.original.targetId, { + ...row.original, + enabled: val + }) } /> ) @@ -498,7 +745,7 @@ export default function ReverseProxyTargets(props: { variant="outline" onClick={() => removeTarget(row.original.targetId)} > - Delete + {t("delete")}
@@ -506,33 +753,6 @@ export default function ReverseProxyTargets(props: { } ]; - if (resource.http) { - const methodCol: ColumnDef = { - accessorKey: "method", - header: "Method", - cell: ({ row }) => ( - - ) - }; - - // add this to the first column - columns.unshift(methodCol); - } - const table = useReactTable({ data: targets, columns, @@ -554,14 +774,395 @@ export default function ReverseProxyTargets(props: { return ( + + + {t("targets")} + + {t("targetsDescription")} + + + +
+
+ +
+ ( + + + {t("site")} + +
+ + + + + + + + + + + + {t( + "siteNotFound" + )} + + + {sites.map( + ( + site + ) => ( + { + addTargetForm.setValue( + "siteId", + site.siteId + ); + }} + > + + { + site.name + } + + ) + )} + + + + + + + {field.value && + (() => { + const selectedSite = + sites.find( + (site) => + site.siteId === + field.value + ); + return selectedSite && + selectedSite.type === + "newt" ? (() => { + const dockerState = getDockerStateForSite(selectedSite.siteId); + return ( + refreshContainersForSite(selectedSite.siteId)} + /> + ); + })() : null; + })()} +
+ + + )} + /> + + {resource.http && ( + ( + + + {t("method")} + + + + + + + )} + /> + )} + + ( + + {t("targetAddr")} + + { + const input = e.target.value.trim(); + const hasProtocol = /^(https?|h2c):\/\//.test(input); + const hasPort = /:\d+(?:\/|$)/.test(input); + + if (hasProtocol || hasPort) { + const parsed = parseHostTarget(input); + if (parsed) { + if (hasProtocol || !addTargetForm.getValues("method")) { + addTargetForm.setValue("method", parsed.protocol); + } + addTargetForm.setValue("ip", parsed.host); + if (hasPort || !addTargetForm.getValues("port")) { + addTargetForm.setValue("port", parsed.port); + } + } + } else { + field.onBlur(); + } + }} + /> + + + + )} + /> + ( + + + {t("targetPort")} + + + + + + + )} + /> + +
+
+ +
+ + {targets.length > 0 ? ( + <> +
+ {t("targetsList")} +
+ +
+ + ( + + + { + field.onChange( + val + ); + }} + /> + + + )} + /> + + +
+
+ + + {table + .getHeaderGroups() + .map((headerGroup) => ( + + {headerGroup.headers.map( + (header) => ( + + {header.isPlaceholder + ? null + : flexRender( + header + .column + .columnDef + .header, + header.getContext() + )} + + ) + )} + + ))} + + + {table.getRowModel().rows?.length ? ( + table + .getRowModel() + .rows.map((row) => ( + + {row + .getVisibleCells() + .map((cell) => ( + + {flexRender( + cell + .column + .columnDef + .cell, + cell.getContext() + )} + + ))} + + )) + ) : ( + + + {t("targetNoOne")} + + + )} + + {/* */} + {/* {t('targetNoOneDescription')} */} + {/* */} +
+
+ + ) : ( +
+

+ {t("targetNoOne")} +

+
+ )} + + + {resource.http && ( - HTTPS & TLS Settings + {t("proxyAdditional")} - Configure TLS settings for your resource + {t("proxyAdditionalDescription")} @@ -569,317 +1170,68 @@ export default function ReverseProxyTargets(props: {
+ {build == "oss" && ( + ( + + + { + field.onChange( + val + ); + }} + /> + + + )} + /> + )} ( + + {t("targetTlsSni")} + - { - field.onChange(val); - }} - /> - - - )} - /> - -
- - - -
- - ( - - - TLS Server Name - (SNI) - - - - - - The TLS Server Name - to use for SNI. - Leave empty to use - the default. - - - - )} - /> - - - - - -
- - - - - )} - - - - - Targets Configuration - - - Set up targets to route traffic to your services - - - - -
- - {targets.length >= 2 && ( - ( - - - { - field.onChange(val); - }} - /> - - - )} - /> - )} - - -
- -
- -
- {resource.http && ( - ( - - Method - - + + + {t( + "targetTlsSniDescription" + )} + )} /> - )} + + + - ( - - IP / Hostname - - - - - - )} - /> - ( - - Port - - - - - - )} - /> - -
- - - - - - {table.getHeaderGroups().map((headerGroup) => ( - - {headerGroup.headers.map((header) => ( - - {header.isPlaceholder - ? null - : flexRender( - header.column.columnDef - .header, - header.getContext() - )} - - ))} - - ))} - - - {table.getRowModel().rows?.length ? ( - table.getRowModel().rows.map((row) => ( - - {row.getVisibleCells().map((cell) => ( - - {flexRender( - cell.column.columnDef.cell, - cell.getContext() - )} - - ))} - - )) - ) : ( - - - No targets. Add a target using the form. - - - )} - - - Adding more than one target above will enable load - balancing. - -
- - - - - - - {resource.http && ( - - - - Additional Proxy Settings - - - Configure how your resource handles proxy settings - - -
( - Custom Host Header + {t("proxyCustomHeader")} - The host header to set when - proxying requests. Leave - empty to use the default. + {t( + "proxyCustomHeaderDescription" + )} @@ -908,17 +1260,26 @@ export default function ReverseProxyTargets(props: {
- - - )} + +
+ +
); } @@ -929,7 +1290,7 @@ function isIPInSubnet(subnet: string, ip: string): boolean { const mask = parseInt(maskBits); if (mask < 0 || mask > 32) { - throw new Error("Invalid subnet mask. Must be between 0 and 32."); + throw new Error("subnetMaskErrorInvalid"); } // Convert IP addresses to binary numbers @@ -946,15 +1307,16 @@ function isIPInSubnet(subnet: string, ip: string): boolean { function ipToNumber(ip: string): number { // Validate IP address format const parts = ip.split("."); + if (parts.length !== 4) { - throw new Error("Invalid IP address format"); + throw new Error("ipAddressErrorInvalidFormat"); } // Convert IP octets to 32-bit number return parts.reduce((num, octet) => { const oct = parseInt(octet); if (isNaN(oct) || oct < 0 || oct > 255) { - throw new Error("Invalid IP address octet"); + throw new Error("ipAddressErrorInvalidOctet"); } return (num << 8) + oct; }, 0); diff --git a/src/app/[orgId]/settings/resources/[resourceId]/rules/page.tsx b/src/app/[orgId]/settings/resources/[resourceId]/rules/page.tsx index 2a9fa00f..424d7973 100644 --- a/src/app/[orgId]/settings/resources/[resourceId]/rules/page.tsx +++ b/src/app/[orgId]/settings/resources/[resourceId]/rules/page.tsx @@ -1,4 +1,5 @@ "use client"; + import { useEffect, useState, use } from "react"; import { Button } from "@/components/ui/button"; import { Input } from "@/components/ui/input"; @@ -35,7 +36,6 @@ import { TableBody, TableCaption, TableCell, - TableContainer, TableHead, TableHeader, TableRow @@ -64,7 +64,6 @@ import { InfoSections, InfoSectionTitle } from "@app/components/InfoSection"; -import { Separator } from "@app/components/ui/separator"; import { InfoPopup } from "@app/components/ui/info-popup"; import { isValidCIDR, @@ -73,10 +72,11 @@ import { } from "@server/lib/validators"; import { Switch } from "@app/components/ui/switch"; import { useRouter } from "next/navigation"; +import { useTranslations } from "next-intl"; // Schema for rule validation const addRuleSchema = z.object({ - action: z.string(), + action: z.enum(["ACCEPT", "DROP", "PASS"]), match: z.string(), value: z.string(), priority: z.coerce.number().int().optional() @@ -87,17 +87,6 @@ type LocalRule = ArrayElement & { updated?: boolean; }; -enum RuleAction { - ACCEPT = "Always Allow", - DROP = "Always Deny" -} - -enum RuleMatch { - PATH = "Path", - IP = "IP", - CIDR = "IP Range" -} - export default function ResourceRules(props: { params: Promise<{ resourceId: number }>; }) { @@ -110,8 +99,22 @@ export default function ResourceRules(props: { const [pageLoading, setPageLoading] = useState(true); const [rulesEnabled, setRulesEnabled] = useState(resource.applyRules); const router = useRouter(); + const t = useTranslations(); - const addRuleForm = useForm({ + + const RuleAction = { + ACCEPT: t('alwaysAllow'), + DROP: t('alwaysDeny'), + PASS: t('passToAuth') + } as const; + + const RuleMatch = { + PATH: t('path'), + IP: "IP", + CIDR: t('ipAddressRange') + } as const; + + const addRuleForm = useForm>({ resolver: zodResolver(addRuleSchema), defaultValues: { action: "ACCEPT", @@ -133,10 +136,10 @@ export default function ResourceRules(props: { console.error(err); toast({ variant: "destructive", - title: "Failed to fetch rules", + title: t('rulesErrorFetch'), description: formatAxiosError( err, - "An error occurred while fetching rules" + t('rulesErrorFetchDescription') ) }); } finally { @@ -157,8 +160,8 @@ export default function ResourceRules(props: { if (isDuplicate) { toast({ variant: "destructive", - title: "Duplicate rule", - description: "A rule with these settings already exists" + title: t('rulesErrorDuplicate'), + description: t('rulesErrorDuplicateDescription') }); return; } @@ -166,8 +169,8 @@ export default function ResourceRules(props: { if (data.match === "CIDR" && !isValidCIDR(data.value)) { toast({ variant: "destructive", - title: "Invalid CIDR", - description: "Please enter a valid CIDR value" + title: t('rulesErrorInvalidIpAddressRange'), + description: t('rulesErrorInvalidIpAddressRangeDescription') }); setLoading(false); return; @@ -175,8 +178,8 @@ export default function ResourceRules(props: { if (data.match === "PATH" && !isValidUrlGlobPattern(data.value)) { toast({ variant: "destructive", - title: "Invalid URL path", - description: "Please enter a valid URL path value" + title: t('rulesErrorInvalidUrl'), + description: t('rulesErrorInvalidUrlDescription') }); setLoading(false); return; @@ -184,8 +187,8 @@ export default function ResourceRules(props: { if (data.match === "IP" && !isValidIP(data.value)) { toast({ variant: "destructive", - title: "Invalid IP", - description: "Please enter a valid IP address" + title: t('rulesErrorInvalidIpAddress'), + description: t('rulesErrorInvalidIpAddressDescription') }); setLoading(false); return; @@ -231,50 +234,45 @@ export default function ResourceRules(props: { ); } - async function saveApplyRules(val: boolean) { - const res = await api - .post(`/resource/${params.resourceId}`, { - applyRules: val - }) - .catch((err) => { - console.error(err); - toast({ - variant: "destructive", - title: "Failed to update rules", - description: formatAxiosError( - err, - "An error occurred while updating rules" - ) - }); - }); - - if (res && res.status === 200) { - setRulesEnabled(val); - updateResource({ applyRules: val }); - - toast({ - title: "Enable Rules", - description: "Rule evaluation has been updated" - }); - router.refresh(); - } - } - function getValueHelpText(type: string) { switch (type) { case "CIDR": - return "Enter an address in CIDR format (e.g., 103.21.244.0/22)"; + return t('rulesMatchIpAddressRangeDescription'); case "IP": - return "Enter an IP address (e.g., 103.21.244.12)"; + return t('rulesMatchIpAddress'); case "PATH": - return "Enter a URL path or pattern (e.g., /api/v1/todos or /api/v1/*)"; + return t('rulesMatchUrl'); } } - async function saveRules() { + async function saveAllSettings() { try { setLoading(true); - for (let rule of rules) { + + // Save rules enabled state + const res = await api + .post(`/resource/${params.resourceId}`, { + applyRules: rulesEnabled + }) + .catch((err) => { + console.error(err); + toast({ + variant: "destructive", + title: t('rulesErrorUpdate'), + description: formatAxiosError( + err, + t('rulesErrorUpdateDescription') + ) + }); + throw err; + }); + + if (res && res.status === 200) { + updateResource({ applyRules: rulesEnabled }); + } + + // Save rules + for (const rule of rules) { const data = { action: rule.action, match: rule.match, @@ -286,8 +284,8 @@ export default function ResourceRules(props: { if (rule.match === "CIDR" && !isValidCIDR(rule.value)) { toast({ variant: "destructive", - title: "Invalid CIDR", - description: "Please enter a valid CIDR value" + title: t('rulesErrorInvalidIpAddressRange'), + description: t('rulesErrorInvalidIpAddressRangeDescription') }); setLoading(false); return; @@ -298,8 +296,8 @@ export default function ResourceRules(props: { ) { toast({ variant: "destructive", - title: "Invalid URL path", - description: "Please enter a valid URL path value" + title: t('rulesErrorInvalidUrl'), + description: t('rulesErrorInvalidUrlDescription') }); setLoading(false); return; @@ -307,8 +305,8 @@ export default function ResourceRules(props: { if (rule.match === "IP" && !isValidIP(rule.value)) { toast({ variant: "destructive", - title: "Invalid IP", - description: "Please enter a valid IP address" + title: t('rulesErrorInvalidIpAddress'), + description: t('rulesErrorInvalidIpAddressDescription') }); setLoading(false); return; @@ -317,8 +315,8 @@ export default function ResourceRules(props: { if (rule.priority === undefined) { toast({ variant: "destructive", - title: "Invalid Priority", - description: "Please enter a valid priority" + title: t('rulesErrorInvalidPriority'), + description: t('rulesErrorInvalidPriorityDescription') }); setLoading(false); return; @@ -329,8 +327,8 @@ export default function ResourceRules(props: { if (priorities.length !== new Set(priorities).size) { toast({ variant: "destructive", - title: "Duplicate Priorities", - description: "Please enter unique priorities" + title: t('rulesErrorDuplicatePriority'), + description: t('rulesErrorDuplicatePriorityDescription') }); setLoading(false); return; @@ -351,7 +349,7 @@ export default function ResourceRules(props: { setRules([ ...rules.map((r) => { - let res = { + const res = { ...r, new: false, updated: false @@ -369,8 +367,8 @@ export default function ResourceRules(props: { } toast({ - title: "Rules updated", - description: "Rules updated successfully" + title: t('ruleUpdated'), + description: t('ruleUpdatedDescription') }); setRulesToRemove([]); @@ -379,10 +377,10 @@ export default function ResourceRules(props: { console.error(err); toast({ variant: "destructive", - title: "Operation failed", + title: t('ruleErrorUpdate'), description: formatAxiosError( err, - "An error occurred during the save operation" + t('ruleErrorUpdateDescription') ) }); } @@ -400,7 +398,7 @@ export default function ResourceRules(props: { column.toggleSorting(column.getIsSorted() === "asc") } > - Priority + {t('rulesPriority')} ); @@ -420,8 +418,8 @@ export default function ResourceRules(props: { if (!parsed.data) { toast({ variant: "destructive", - title: "Invalid IP", - description: "Please enter a valid priority" + title: t('rulesErrorInvalidIpAddress'), // correct priority or IP? + description: t('rulesErrorInvalidPriorityDescription') }); setLoading(false); return; @@ -436,11 +434,11 @@ export default function ResourceRules(props: { }, { accessorKey: "action", - header: "Action", + header: t('rulesAction'), cell: ({ row }) => ( ) }, { accessorKey: "match", - header: "Match Type", + header: t('rulesMatchType'), cell: ({ row }) => ( ( removeRule(row.original.ruleId)} > - Delete + {t('delete')}
) @@ -540,246 +539,235 @@ export default function ResourceRules(props: { return ( - - - About Rules - -
-

- Rules allow you to control access to your resource - based on a set of criteria. You can create rules to - allow or deny access based on IP address or URL - path. -

-
- - - Actions -
    -
  • - - Always Allow: Bypass all authentication - methods -
    • -
  • - - Always Deny: Block all requests; no - authentication can be attempted -
    • -
- - - - Matching Criteria - -
    -
  • - Match a specific IP address -
    • -
  • - Match a range of IP addresses in CIDR - notation -
    • -
  • - Match a URL path or pattern -
    • -
- - - - - - - - Enable Rules - - Enable or disable rule evaluation for this resource - - - - { - await saveApplyRules(val); - }} - /> - - + {/* */} + {/* */} + {/* {t('rulesAbout')} */} + {/* */} + {/*
*/} + {/*

*/} + {/* {t('rulesAboutDescription')} */} + {/*

*/} + {/*
*/} + {/* */} + {/* */} + {/* {t('rulesActions')} */} + {/*
    */} + {/*
  • */} + {/* */} + {/* {t('rulesActionAlwaysAllow')} */} + {/*
    • */} + {/*
  • */} + {/* */} + {/* {t('rulesActionAlwaysDeny')} */} + {/*
    • */} + {/*
*/} + {/* */} + {/* */} + {/* */} + {/* {t('rulesMatchCriteria')} */} + {/* */} + {/*
    */} + {/*
  • */} + {/* {t('rulesMatchCriteriaIpAddress')} */} + {/*
    • */} + {/*
  • */} + {/* {t('rulesMatchCriteriaIpAddressRange')} */} + {/*
    • */} + {/*
  • */} + {/* {t('rulesMatchCriteriaUrl')} */} + {/*
    • */} + {/*
*/} + {/* */} + {/* */} + {/* */} + {/* */} - Resource Rules Configuration + {t('rulesResource')} - Configure rules to control access to your resource + {t('rulesResourceDescription')} -
- -
- ( - - Action - - - - - - )} - /> - ( - - Match Type - - + + + + + + {RuleAction.ACCEPT} - )} - - {RuleMatch.IP} - - - {RuleMatch.CIDR} - - - - - - - )} - /> - ( - - - - - - - - )} - /> - -
-
- - - - {table.getHeaderGroups().map((headerGroup) => ( - - {headerGroup.headers.map((header) => ( - - {header.isPlaceholder - ? null - : flexRender( - header.column.columnDef - .header, - header.getContext() - )} - - ))} - - ))} - - - {table.getRowModel().rows?.length ? ( - table.getRowModel().rows.map((row) => ( - - {row.getVisibleCells().map((cell) => ( - - {flexRender( - cell.column.columnDef.cell, - cell.getContext() - )} - + + {RuleAction.DROP} + + + {RuleAction.PASS} + + + + + + + )} + /> + ( + + {t('rulesMatchType')} + + + + + + )} + /> + ( + + + + + + + + )} + /> + + + + +
+ + {table.getHeaderGroups().map((headerGroup) => ( + + {headerGroup.headers.map((header) => ( + + {header.isPlaceholder + ? null + : flexRender( + header.column.columnDef + .header, + header.getContext() + )} + ))} - )) - ) : ( - - - No rules. Add a rule using the form. - - - )} - - - Rules are evaluated by priority in ascending order. - -
+ ))} + + + {table.getRowModel().rows?.length ? ( + table.getRowModel().rows.map((row) => ( + + {row.getVisibleCells().map((cell) => ( + + {flexRender( + cell.column.columnDef.cell, + cell.getContext() + )} + + ))} + + )) + ) : ( + + + {t('rulesNoOne')} + + + )} + + {/* */} + {/* {t('rulesOrder')} */} + {/* */} + +
- - - + +
+ +
); } diff --git a/src/app/[orgId]/settings/resources/create/page.tsx b/src/app/[orgId]/settings/resources/create/page.tsx index c1be6353..782b3135 100644 --- a/src/app/[orgId]/settings/resources/create/page.tsx +++ b/src/app/[orgId]/settings/resources/create/page.tsx @@ -25,6 +25,7 @@ import { Controller, useForm } from "react-hook-form"; import { zodResolver } from "@hookform/resolvers/zod"; import { Input } from "@app/components/ui/input"; import { Button } from "@app/components/ui/button"; +import { Checkbox } from "@app/components/ui/checkbox"; import { useParams, useRouter } from "next/navigation"; import { ListSitesResponse } from "@server/routers/site"; import { formatAxiosError } from "@app/lib/api"; @@ -32,7 +33,7 @@ import { createApiClient } from "@app/lib/api"; import { useEnvContext } from "@app/hooks/useEnvContext"; import { toast } from "@app/hooks/useToast"; import { AxiosResponse } from "axios"; -import { Resource } from "@server/db/schemas"; +import { Resource } from "@server/db"; import { StrategySelect } from "@app/components/StrategySelect"; import { Select, @@ -41,9 +42,7 @@ import { SelectTrigger, SelectValue } from "@app/components/ui/select"; -import { subdomainSchema } from "@server/lib/schemas"; import { ListDomainsResponse } from "@server/routers/domain"; -import LoaderPlaceholder from "@app/components/PlaceHolderLoader"; import { Command, CommandEmpty, @@ -62,28 +61,58 @@ import { cn } from "@app/lib/cn"; import { SquareArrowOutUpRight } from "lucide-react"; import CopyTextBox from "@app/components/CopyTextBox"; import Link from "next/link"; +import { useTranslations } from "next-intl"; +import DomainPicker from "@app/components/DomainPicker"; +import { build } from "@server/build"; +import { ContainersSelector } from "@app/components/ContainersSelector"; +import { + ColumnDef, + getFilteredRowModel, + getSortedRowModel, + getPaginationRowModel, + getCoreRowModel, + useReactTable, + flexRender, + Row +} from "@tanstack/react-table"; +import { + Table, + TableBody, + TableCell, + TableHead, + TableHeader, + TableRow +} from "@app/components/ui/table"; +import { Switch } from "@app/components/ui/switch"; +import { ArrayElement } from "@server/types/ArrayElement"; +import { isTargetValid } from "@server/lib/validators"; +import { ListTargetsResponse } from "@server/routers/target"; +import { DockerManager, DockerState } from "@app/lib/docker"; +import { parseHostTarget } from "@app/lib/parseHostTarget"; +import { toASCII, toUnicode } from 'punycode'; +import { DomainRow } from "../../domains/DomainsTable"; const baseResourceFormSchema = z.object({ name: z.string().min(1).max(255), - siteId: z.number(), http: z.boolean() }); -const httpResourceFormSchema = z.discriminatedUnion("isBaseDomain", [ - z.object({ - isBaseDomain: z.literal(true), - domainId: z.string().min(1) - }), - z.object({ - isBaseDomain: z.literal(false), - domainId: z.string().min(1), - subdomain: z.string().pipe(subdomainSchema) - }) -]); +const httpResourceFormSchema = z.object({ + domainId: z.string().nonempty(), + subdomain: z.string().optional() +}); const tcpUdpResourceFormSchema = z.object({ protocol: z.string(), proxyPort: z.number().int().min(1).max(65535) + // enableProxy: z.boolean().default(false) +}); + +const addTargetSchema = z.object({ + ip: z.string().refine(isTargetValid), + method: z.string().nullable(), + port: z.coerce.number().int().positive(), + siteId: z.number().int().positive() }); type BaseResourceFormValues = z.infer; @@ -99,11 +128,21 @@ interface ResourceTypeOption { disabled?: boolean; } +type LocalTarget = Omit< + ArrayElement & { + new?: boolean; + updated?: boolean; + siteType: string | null; + }, + "protocol" +>; + export default function Page() { const { env } = useEnvContext(); const api = createApiClient({ env }); const { orgId } = useParams(); const router = useRouter(); + const t = useTranslations(); const [loadingPage, setLoadingPage] = useState(true); const [sites, setSites] = useState([]); @@ -114,20 +153,26 @@ export default function Page() { const [showSnippets, setShowSnippets] = useState(false); const [resourceId, setResourceId] = useState(null); + // Target management state + const [targets, setTargets] = useState([]); + const [targetsToRemove, setTargetsToRemove] = useState([]); + const [dockerStates, setDockerStates] = useState>(new Map()); + const resourceTypes: ReadonlyArray = [ { id: "http", - title: "HTTPS Resource", - description: - "Proxy requests to your app over HTTPS using a subdomain or base domain." + title: t("resourceHTTP"), + description: t("resourceHTTPDescription") }, - { - id: "raw", - title: "Raw TCP/UDP Resource", - description: - "Proxy requests to your app over TCP/UDP using a port number.", - disabled: !env.flags.allowRawResources - } + ...(!env.flags.allowRawResources + ? [] + : [ + { + id: "raw" as ResourceType, + title: t("resourceRaw"), + description: t("resourceRawDescription") + } + ]) ]; const baseForm = useForm({ @@ -140,11 +185,7 @@ export default function Page() { const httpForm = useForm({ resolver: zodResolver(httpResourceFormSchema), - defaultValues: { - subdomain: "", - domainId: "", - isBaseDomain: false - } + defaultValues: {} }); const tcpUdpForm = useForm({ @@ -152,9 +193,127 @@ export default function Page() { defaultValues: { protocol: "tcp", proxyPort: undefined + // enableProxy: false } }); + const addTargetForm = useForm({ + resolver: zodResolver(addTargetSchema), + defaultValues: { + ip: "", + method: baseForm.watch("http") ? "http" : null, + port: "" as any as number + } as z.infer + }); + + const watchedIp = addTargetForm.watch("ip"); + const watchedPort = addTargetForm.watch("port"); + const watchedSiteId = addTargetForm.watch("siteId"); + + const handleContainerSelect = (hostname: string, port?: number) => { + addTargetForm.setValue("ip", hostname); + if (port) { + addTargetForm.setValue("port", port); + } + }; + + const initializeDockerForSite = async (siteId: number) => { + if (dockerStates.has(siteId)) { + return; // Already initialized + } + + const dockerManager = new DockerManager(api, siteId); + const dockerState = await dockerManager.initializeDocker(); + + setDockerStates(prev => new Map(prev.set(siteId, dockerState))); + }; + + const refreshContainersForSite = async (siteId: number) => { + const dockerManager = new DockerManager(api, siteId); + const containers = await dockerManager.fetchContainers(); + + setDockerStates(prev => { + const newMap = new Map(prev); + const existingState = newMap.get(siteId); + if (existingState) { + newMap.set(siteId, { ...existingState, containers }); + } + return newMap; + }); + }; + + const getDockerStateForSite = (siteId: number): DockerState => { + return dockerStates.get(siteId) || { + isEnabled: false, + isAvailable: false, + containers: [] + }; + }; + + async function addTarget(data: z.infer) { + // Check if target with same IP, port and method already exists + const isDuplicate = targets.some( + (target) => + target.ip === data.ip && + target.port === data.port && + target.method === data.method && + target.siteId === data.siteId + ); + + if (isDuplicate) { + toast({ + variant: "destructive", + title: t("targetErrorDuplicate"), + description: t("targetErrorDuplicateDescription") + }); + return; + } + + const site = sites.find((site) => site.siteId === data.siteId); + + const newTarget: LocalTarget = { + ...data, + siteType: site?.type || null, + enabled: true, + targetId: new Date().getTime(), + new: true, + resourceId: 0 // Will be set when resource is created + }; + + setTargets([...targets, newTarget]); + addTargetForm.reset({ + ip: "", + method: baseForm.watch("http") ? "http" : null, + port: "" as any as number + }); + } + + const removeTarget = (targetId: number) => { + setTargets([ + ...targets.filter((target) => target.targetId !== targetId) + ]); + + if (!targets.find((target) => target.targetId === targetId)?.new) { + setTargetsToRemove([...targetsToRemove, targetId]); + } + }; + + async function updateTarget(targetId: number, data: Partial) { + const site = sites.find((site) => site.siteId === data.siteId); + setTargets( + targets.map((target) => + target.targetId === targetId + ? { + ...target, + ...data, + updated: true, + siteType: site?.type || null + } + : target + ) + ); + } + async function onSubmit() { setCreateLoading(true); @@ -164,45 +323,36 @@ export default function Page() { try { const payload = { name: baseData.name, - siteId: baseData.siteId, http: baseData.http }; if (isHttp) { const httpData = httpForm.getValues(); - if (httpData.isBaseDomain) { - Object.assign(payload, { - domainId: httpData.domainId, - isBaseDomain: true, - protocol: "tcp" - }); - } else { - Object.assign(payload, { - subdomain: httpData.subdomain, - domainId: httpData.domainId, - isBaseDomain: false, - protocol: "tcp" - }); - } + Object.assign(payload, { + subdomain: httpData.subdomain ? toASCII(httpData.subdomain) : undefined, + domainId: httpData.domainId, + protocol: "tcp" + }); } else { const tcpUdpData = tcpUdpForm.getValues(); Object.assign(payload, { protocol: tcpUdpData.protocol, proxyPort: tcpUdpData.proxyPort + // enableProxy: tcpUdpData.enableProxy }); } const res = await api .put< AxiosResponse - >(`/org/${orgId}/site/${baseData.siteId}/resource/`, payload) + >(`/org/${orgId}/resource/`, payload) .catch((e) => { toast({ variant: "destructive", - title: "Error creating resource", + title: t("resourceErrorCreate"), description: formatAxiosError( e, - "An error occurred when creating the resource" + t("resourceErrorCreateDescription") ) }); }); @@ -211,19 +361,53 @@ export default function Page() { const id = res.data.data.resourceId; setResourceId(id); + // Create targets if any exist + if (targets.length > 0) { + try { + for (const target of targets) { + const data = { + ip: target.ip, + port: target.port, + method: target.method, + enabled: target.enabled, + siteId: target.siteId + }; + + await api.put(`/resource/${id}/target`, data); + } + } catch (targetError) { + console.error("Error creating targets:", targetError); + toast({ + variant: "destructive", + title: t("targetErrorCreate"), + description: formatAxiosError( + targetError, + t("targetErrorCreateDescription") + ) + }); + } + } + if (isHttp) { router.push(`/${orgId}/settings/resources/${id}`); } else { + const tcpUdpData = tcpUdpForm.getValues(); + // Only show config snippets if enableProxy is explicitly true + // if (tcpUdpData.enableProxy === true) { setShowSnippets(true); router.refresh(); + // } else { + // // If enableProxy is false or undefined, go directly to resource page + // router.push(`/${orgId}/settings/resources/${id}`); + // } } } } catch (e) { - console.error("Error creating resource:", e); + console.error(t("resourceErrorCreateMessage"), e); toast({ variant: "destructive", - title: "Error creating resource", - description: "An unexpected error occurred" + title: t("resourceErrorCreate"), + description: t("resourceErrorCreateMessageDescription") }); } @@ -242,10 +426,10 @@ export default function Page() { .catch((e) => { toast({ variant: "destructive", - title: "Error fetching sites", + title: t("sitesErrorFetch"), description: formatAxiosError( e, - "An error occurred when fetching the sites" + t("sitesErrorFetchDescription") ) }); }); @@ -253,8 +437,16 @@ export default function Page() { if (res?.status === 200) { setSites(res.data.data.sites); - if (res.data.data.sites.length > 0) { - baseForm.setValue( + // Initialize Docker for newt sites + for (const site of res.data.data.sites) { + if (site.type === "newt") { + initializeDockerForSite(site.siteId); + } + } + + // If there's only one site, set it as the default in the form + if (res.data.data.sites.length) { + addTargetForm.setValue( "siteId", res.data.data.sites[0].siteId ); @@ -270,20 +462,24 @@ export default function Page() { .catch((e) => { toast({ variant: "destructive", - title: "Error fetching domains", + title: t("domainsErrorFetch"), description: formatAxiosError( e, - "An error occurred when fetching the domains" + t("domainsErrorFetchDescription") ) }); }); if (res?.status === 200) { - const domains = res.data.data.domains; + const rawDomains = res.data.data.domains as DomainRow[]; + const domains = rawDomains.map((domain) => ({ + ...domain, + baseDomain: toUnicode(domain.baseDomain), + })); setBaseDomains(domains); - if (domains.length) { - httpForm.setValue("domainId", domains[0].domainId); - } + // if (domains.length) { + // httpForm.setValue("domainId", domains[0].domainId); + // } } }; @@ -296,12 +492,233 @@ export default function Page() { load(); }, []); + const columns: ColumnDef[] = [ + { + accessorKey: "siteId", + header: t("site"), + cell: ({ row }) => { + const selectedSite = sites.find( + (site) => site.siteId === row.original.siteId + ); + + const handleContainerSelectForTarget = ( + hostname: string, + port?: number + ) => { + updateTarget(row.original.targetId, { + ...row.original, + ip: hostname + }); + if (port) { + updateTarget(row.original.targetId, { + ...row.original, + port: port + }); + } + }; + + return ( +
+ + + + + + + + + + {t("siteNotFound")} + + + {sites.map((site) => ( + { + updateTarget( + row.original + .targetId, + { + siteId: site.siteId + } + ); + }} + > + + {site.name} + + ))} + + + + + + {selectedSite && selectedSite.type === "newt" && (() => { + const dockerState = getDockerStateForSite(selectedSite.siteId); + return ( + refreshContainersForSite(selectedSite.siteId)} + /> + ); + })()} +
+ ); + } + }, + ...(baseForm.watch("http") + ? [ + { + accessorKey: "method", + header: t("method"), + cell: ({ row }: { row: Row }) => ( + + ) + } + ] + : []), + { + accessorKey: "ip", + header: t("targetAddr"), + cell: ({ row }) => ( + { + const parsed = parseHostTarget(e.target.value); + + if (parsed) { + updateTarget(row.original.targetId, { + ...row.original, + method: parsed.protocol, + ip: parsed.host, + port: parsed.port ? Number(parsed.port) : undefined, + }); + } else { + updateTarget(row.original.targetId, { + ...row.original, + ip: e.target.value, + }); + } + }} + /> + ) + }, + { + accessorKey: "port", + header: t("targetPort"), + cell: ({ row }) => ( + + updateTarget(row.original.targetId, { + ...row.original, + port: parseInt(e.target.value, 10) + }) + } + /> + ) + }, + { + accessorKey: "enabled", + header: t("enabled"), + cell: ({ row }) => ( + + updateTarget(row.original.targetId, { + ...row.original, + enabled: val + }) + } + /> + ) + }, + { + id: "actions", + cell: ({ row }) => ( + <> +
+ +
+ + ) + } + ]; + + const table = useReactTable({ + data: targets, + columns, + getCoreRowModel: getCoreRowModel(), + getPaginationRowModel: getPaginationRowModel(), + getSortedRowModel: getSortedRowModel(), + getFilteredRowModel: getFilteredRowModel(), + state: { + pagination: { + pageIndex: 0, + pageSize: 1000 + } + } + }); + return ( <>
@@ -320,7 +737,7 @@ export default function Page() { - Resource Information + {t("resourceInfo")} @@ -336,7 +753,7 @@ export default function Page() { render={({ field }) => ( - Name + {t("name")} - This is the - display name for - the resource. - - - )} - /> - - ( - - - Site - - - - - - - - - - - - - No - site - found. - - - {sites.map( - ( - site - ) => ( - { - baseForm.setValue( - "siteId", - site.siteId - ); - }} - > - - { - site.name - } - - ) - )} - - - - - - - - This site will - provide - connectivity to - the resource. + {t( + "resourceNameDescription" + )} )} @@ -451,262 +775,81 @@ export default function Page() { - - - - Resource Type - - - Determine how you want to access your - resource - - - - { - baseForm.setValue( - "http", - value === "http" - ); - }} - cols={2} - /> - - + {resourceTypes.length > 1 && ( + + + + {t("resourceType")} + + + {t("resourceTypeDescription")} + + + + { + baseForm.setValue( + "http", + value === "http" + ); + // Update method default when switching resource type + addTargetForm.setValue( + "method", + value === "http" + ? "http" + : null + ); + }} + cols={2} + /> + + + )} {baseForm.watch("http") ? ( - HTTPS Settings + {t("resourceHTTPSSettings")} - Configure how your resource will be - accessed over HTTPS + {t( + "resourceHTTPSSettingsDescription" + )} - -
- - {env.flags - .allowBaseDomainResources && ( - ( - - - Domain - Type - - - - - )} - /> - )} - - {!httpForm.watch( - "isBaseDomain" - ) && ( - - - Subdomain - -
-
- ( - - - - - - - )} - /> -
-
- ( - - - - - )} - /> -
-
- - The subdomain - where your - resource will be - accessible. - - - )} - - {httpForm.watch( - "isBaseDomain" - ) && ( - ( - - - Base - Domain - - - - - )} - /> - )} - - -
+ { + httpForm.setValue( + "subdomain", + res.subdomain + ); + httpForm.setValue( + "domainId", + res.domainId + ); + console.log( + "Domain changed:", + res + ); + }} + /> ) : ( - TCP/UDP Settings + {t("resourceRawSettings")} - Configure how your resource will be - accessed over TCP/UDP + {t( + "resourceRawSettingsDescription" + )} @@ -724,7 +867,9 @@ export default function Page() { render={({ field }) => ( - Protocol + {t( + "protocol" + )} - The external - port number - to proxy - requests. + {t( + "resourcePortNumberDescription" + )} )} /> + + {/* {build == "oss" && ( + ( + + + + +
+ + {t( + "resourceEnableProxy" + )} + + + {t( + "resourceEnableProxyDescription" + )} + +
+ + )} + /> + )} */} @@ -802,32 +992,414 @@ export default function Page() { )} + + + + {t("targets")} + + + {t("targetsDescription")} + + + +
+
+ +
+ ( + + + {t("site")} + +
+ + + + + + + + + + + + {t( + "siteNotFound" + )} + + + {sites.map( + ( + site + ) => ( + { + addTargetForm.setValue( + "siteId", + site.siteId + ); + }} + > + + { + site.name + } + + ) + )} + + + + + + + {field.value && + (() => { + const selectedSite = + sites.find( + ( + site + ) => + site.siteId === + field.value + ); + return selectedSite && + selectedSite.type === + "newt" ? (() => { + const dockerState = getDockerStateForSite(selectedSite.siteId); + return ( + refreshContainersForSite(selectedSite.siteId)} + /> + ); + })() : null; + })()} +
+ + + )} + /> + + {baseForm.watch("http") && ( + ( + + + {t( + "method" + )} + + + + + + + )} + /> + )} + + ( + + {t("targetAddr")} + + { + const parsed = parseHostTarget(e.target.value); + if (parsed) { + addTargetForm.setValue("method", parsed.protocol); + addTargetForm.setValue("ip", parsed.host); + addTargetForm.setValue("port", parsed.port); + } else { + field.onBlur(); + } + }} + /> + + + + )} + /> + ( + + + {t( + "targetPort" + )} + + + + + + + )} + /> + +
+
+ +
+ + {targets.length > 0 ? ( + <> +
+ {t("targetsList")} +
+
+ + + {table + .getHeaderGroups() + .map( + ( + headerGroup + ) => ( + + {headerGroup.headers.map( + ( + header + ) => ( + + {header.isPlaceholder + ? null + : flexRender( + header + .column + .columnDef + .header, + header.getContext() + )} + + ) + )} + + ) + )} + + + {table.getRowModel() + .rows?.length ? ( + table + .getRowModel() + .rows.map( + (row) => ( + + {row + .getVisibleCells() + .map( + ( + cell + ) => ( + + {flexRender( + cell + .column + .columnDef + .cell, + cell.getContext() + )} + + ) + )} + + ) + ) + ) : ( + + + {t( + "targetNoOne" + )} + + + )} + +
+
+ + ) : ( +
+

+ {t("targetNoOne")} +

+
+ )} + + +
@@ -836,17 +1408,17 @@ export default function Page() { - Configuration Snippets + {t("resourceConfig")} - Copy and paste these configuration snippets to set up your TCP/UDP resource + {t("resourceConfigDescription")}

- Traefik: Add Entrypoints + {t("resourceAddEntrypoints")}

- Gerbil: Expose Ports in Docker Compose + {t("resourceExposePorts")}

- - Learn how to configure TCP/UDP resources - + {t("resourceLearnRaw")}
@@ -887,20 +1457,22 @@ export default function Page() { type="button" variant="outline" onClick={() => - router.push(`/${orgId}/settings/resources`) + router.push( + `/${orgId}/settings/resources` + ) } > - Back to Resources + {t("resourceBack")}
diff --git a/src/app/[orgId]/settings/resources/page.tsx b/src/app/[orgId]/settings/resources/page.tsx index 40f6296e..f8ef5397 100644 --- a/src/app/[orgId]/settings/resources/page.tsx +++ b/src/app/[orgId]/settings/resources/page.tsx @@ -1,23 +1,41 @@ import { internal } from "@app/lib/api"; import { authCookieHeader } from "@app/lib/api/cookies"; -import ResourcesTable, { ResourceRow } from "./ResourcesTable"; +import ResourcesTable, { + ResourceRow, + InternalResourceRow +} from "./ResourcesTable"; import { AxiosResponse } from "axios"; import { ListResourcesResponse } from "@server/routers/resource"; +import { ListAllSiteResourcesByOrgResponse } from "@server/routers/siteResource"; import SettingsSectionTitle from "@app/components/SettingsSectionTitle"; import { redirect } from "next/navigation"; import { cache } from "react"; import { GetOrgResponse } from "@server/routers/org"; import OrgProvider from "@app/providers/OrgProvider"; -import ResourcesSplashCard from "./ResourcesSplashCard"; +import { getTranslations } from "next-intl/server"; +import { pullEnv } from "@app/lib/pullEnv"; +import { toUnicode } from "punycode"; type ResourcesPageProps = { params: Promise<{ orgId: string }>; + searchParams: Promise<{ view?: string }>; }; export const dynamic = "force-dynamic"; export default async function ResourcesPage(props: ResourcesPageProps) { const params = await props.params; + const searchParams = await props.searchParams; + const t = await getTranslations(); + + const env = pullEnv(); + + // Default to 'proxy' view, or use the query param if provided + let defaultView: "proxy" | "internal" = "proxy"; + if (env.flags.enableClients) { + defaultView = searchParams.view === "internal" ? "internal" : "proxy"; + } + let resources: ListResourcesResponse["resources"] = []; try { const res = await internal.get>( @@ -27,6 +45,14 @@ export default async function ResourcesPage(props: ResourcesPageProps) { resources = res.data.data.resources; } catch (e) {} + let siteResources: ListAllSiteResourcesByOrgResponse["siteResources"] = []; + try { + const res = await internal.get< + AxiosResponse + >(`/org/${params.orgId}/site-resources`, await authCookieHeader()); + siteResources = res.data.data.siteResources; + } catch (e) {} + let org = null; try { const getOrg = cache(async () => @@ -50,9 +76,9 @@ export default async function ResourcesPage(props: ResourcesPageProps) { id: resource.resourceId, name: resource.name, orgId: params.orgId, - domain: `${resource.ssl ? "https://" : "http://"}${resource.fullDomain}`, - site: resource.siteName || "None", - siteId: resource.siteId || "Unknown", + + + domain: `${resource.ssl ? "https://" : "http://"}${toUnicode(resource.fullDomain || "")}`, protocol: resource.protocol, proxyPort: resource.proxyPort, http: resource.http, @@ -64,21 +90,44 @@ export default async function ResourcesPage(props: ResourcesPageProps) { resource.whitelist ? "protected" : "not_protected", - enabled: resource.enabled + enabled: resource.enabled, + domainId: resource.domainId || undefined }; }); + const internalResourceRows: InternalResourceRow[] = siteResources.map( + (siteResource) => { + return { + id: siteResource.siteResourceId, + name: siteResource.name, + orgId: params.orgId, + siteName: siteResource.siteName, + protocol: siteResource.protocol, + proxyPort: siteResource.proxyPort, + siteId: siteResource.siteId, + destinationIp: siteResource.destinationIp, + destinationPort: siteResource.destinationPort, + siteNiceId: siteResource.siteNiceId + }; + } + ); + return ( <> - {/* */} - - + ); diff --git a/src/app/[orgId]/settings/share-links/AccessTokenUsage.tsx b/src/app/[orgId]/settings/share-links/AccessTokenUsage.tsx index 5f44ca52..c44f43b7 100644 --- a/src/app/[orgId]/settings/share-links/AccessTokenUsage.tsx +++ b/src/app/[orgId]/settings/share-links/AccessTokenUsage.tsx @@ -15,6 +15,7 @@ import { Alert, AlertDescription, AlertTitle } from "@/components/ui/alert"; import { useEnvContext } from "@app/hooks/useEnvContext"; import CopyToClipboard from "@app/components/CopyToClipboard"; import CopyTextBox from "@app/components/CopyTextBox"; +import { useTranslations } from "next-intl"; interface AccessTokenSectionProps { token: string; @@ -37,37 +38,37 @@ export default function AccessTokenSection({ setTimeout(() => setCopied(null), 2000); }; + const t = useTranslations(); + return ( <>

- Your access token can be passed in two ways: as a query - parameter or in the request headers. These must be passed - from the client on every request for authenticated access. + {t('shareTokenDescription')}

- Access Token - Usage Examples + {t('accessToken')} + {t('usageExamples')}
-
Token ID
+
{t('tokenId')}
-
Token
+
{t('token')}
-

Request Headers

+

{t('requestHeades')}

-

Query Parameter

+

{t('queryParameter')}

@@ -84,21 +85,17 @@ ${env.server.resourceAccessTokenHeadersToken}: ${token}`} - Important Note + {t('importantNote')} - For security reasons, using headers is recommended - over query parameters when possible, as query - parameters may be logged in server logs or browser - history. + {t('shareImportantDescription')}
- Keep your access token secure. Do not share it in publicly - accessible areas or client-side code. + {t('shareTokenSecurety')}
); diff --git a/src/app/[orgId]/settings/share-links/CreateShareLinkForm.tsx b/src/app/[orgId]/settings/share-links/CreateShareLinkForm.tsx index 871f0ca0..18c989ab 100644 --- a/src/app/[orgId]/settings/share-links/CreateShareLinkForm.tsx +++ b/src/app/[orgId]/settings/share-links/CreateShareLinkForm.tsx @@ -66,6 +66,8 @@ import { CollapsibleTrigger } from "@app/components/ui/collapsible"; import AccessTokenSection from "./AccessTokenUsage"; +import { useTranslations } from "next-intl"; +import { toUnicode } from 'punycode'; type FormProps = { open: boolean; @@ -73,15 +75,6 @@ type FormProps = { onCreated?: (result: ShareLinkRow) => void; }; -const formSchema = z.object({ - resourceId: z.number({ message: "Please select a resource" }), - resourceName: z.string(), - resourceUrl: z.string(), - timeUnit: z.string(), - timeValue: z.coerce.number().int().positive().min(1), - title: z.string().optional() -}); - export default function CreateShareLinkForm({ open, setOpen, @@ -99,23 +92,32 @@ export default function CreateShareLinkForm({ const [neverExpire, setNeverExpire] = useState(false); const [isOpen, setIsOpen] = useState(false); + const t = useTranslations(); const [resources, setResources] = useState< { resourceId: number; name: string; resourceUrl: string; - siteName: string | null; }[] >([]); + const formSchema = z.object({ + resourceId: z.number({ message: t('shareErrorSelectResource') }), + resourceName: z.string(), + resourceUrl: z.string(), + timeUnit: z.string(), + timeValue: z.coerce.number().int().positive().min(1), + title: z.string().optional() + }); + const timeUnits = [ - { unit: "minutes", name: "Minutes" }, - { unit: "hours", name: "Hours" }, - { unit: "days", name: "Days" }, - { unit: "weeks", name: "Weeks" }, - { unit: "months", name: "Months" }, - { unit: "years", name: "Years" } + { unit: "minutes", name: t('minutes') }, + { unit: "hours", name: t('hours') }, + { unit: "days", name: t('days') }, + { unit: "weeks", name: t('weeks') }, + { unit: "months", name: t('months') }, + { unit: "years", name: t('years') } ]; const form = useForm>({ @@ -141,10 +143,10 @@ export default function CreateShareLinkForm({ console.error(e); toast({ variant: "destructive", - title: "Failed to fetch resources", + title: t('shareErrorFetchResource'), description: formatAxiosError( e, - "An error occurred while fetching the resources" + t('shareErrorFetchResourceDescription') ) }); }); @@ -158,8 +160,7 @@ export default function CreateShareLinkForm({ .map((r) => ({ resourceId: r.resourceId, name: r.name, - resourceUrl: `${r.ssl ? "https://" : "http://"}${r.fullDomain}/`, - siteName: r.siteName + resourceUrl: `${r.ssl ? "https://" : "http://"}${toUnicode(r.fullDomain || "")}/` })) ); } @@ -201,17 +202,17 @@ export default function CreateShareLinkForm({ validForSeconds: neverExpire ? undefined : timeInSeconds, title: values.title || - `${values.resourceName || "Resource" + values.resourceId} Share Link` + t('shareLink', {resource: (values.resourceName || "Resource" + values.resourceId)}) } ) .catch((e) => { console.error(e); toast({ variant: "destructive", - title: "Failed to create share link", + title: t('shareErrorCreate'), description: formatAxiosError( e, - "An error occurred while creating the share link" + t('shareErrorCreateDescription') ) }); }); @@ -234,8 +235,7 @@ export default function CreateShareLinkForm({ resourceName: values.resourceName, title: token.title, createdAt: token.createdAt, - expiresAt: token.expiresAt, - siteName: resource?.siteName || null + expiresAt: token.expiresAt }); } @@ -244,7 +244,7 @@ export default function CreateShareLinkForm({ function getSelectedResourceName(id: number) { const resource = resources.find((r) => r.resourceId === id); - return `${resource?.name} ${resource?.siteName ? `(${resource.siteName})` : ""}`; + return `${resource?.name}`; } return ( @@ -260,9 +260,9 @@ export default function CreateShareLinkForm({ > - Create Shareable Link + {t('shareCreate')} - Anyone with this link can access the resource + {t('shareCreateDescription')} @@ -280,7 +280,7 @@ export default function CreateShareLinkForm({ render={({ field }) => ( - Resource + {t('resource')} @@ -298,19 +298,17 @@ export default function CreateShareLinkForm({ ? getSelectedResourceName( field.value ) - : "Select resource"} + : t('resourceSelect')} - + - No - resources - found + {t('resourcesNotFound')} {resources.map( @@ -346,7 +344,7 @@ export default function CreateShareLinkForm({ : "opacity-0" )} /> - {`${r.name} ${r.siteName ? `(${r.siteName})` : ""}`} + {`${r.name}`} ) )} @@ -366,7 +364,7 @@ export default function CreateShareLinkForm({ render={({ field }) => ( - Title (optional) + {t('shareTitleOptional')} @@ -378,7 +376,7 @@ export default function CreateShareLinkForm({
- Expire In + {t('expireIn')}
- - + + @@ -455,18 +453,12 @@ export default function CreateShareLinkForm({ htmlFor="terms" className="text-sm font-medium leading-none peer-disabled:cursor-not-allowed peer-disabled:opacity-70" > - Never expire + {t('neverExpire')}

- Expiration time is how long the - link will be usable and provide - access to the resource. After - this time, the link will no - longer work, and users who used - this link will lose access to - the resource. + {t('shareExpireDescription')}

@@ -475,12 +467,10 @@ export default function CreateShareLinkForm({ {link && (

- You will only be able to see this link - once. Make sure to copy it. + {t('shareSeeOnce')}

- Anyone with this link can access the - resource. Share it with care. + {t('shareAccessHint')}

@@ -506,12 +496,12 @@ export default function CreateShareLinkForm({ className="p-0 flex items-center justify-between w-full" >

- See Access Token Usage + {t('shareTokenUsage')}

- Toggle + {t('toggle')}
@@ -541,7 +531,7 @@ export default function CreateShareLinkForm({ - + diff --git a/src/app/[orgId]/settings/share-links/ShareLinksDataTable.tsx b/src/app/[orgId]/settings/share-links/ShareLinksDataTable.tsx index 35ab6d3d..dd266bcf 100644 --- a/src/app/[orgId]/settings/share-links/ShareLinksDataTable.tsx +++ b/src/app/[orgId]/settings/share-links/ShareLinksDataTable.tsx @@ -4,6 +4,7 @@ import { ColumnDef, } from "@tanstack/react-table"; import { DataTable } from "@app/components/ui/data-table"; +import { useTranslations } from "next-intl"; interface DataTableProps { columns: ColumnDef[]; @@ -16,15 +17,19 @@ export function ShareLinksDataTable({ data, createShareLink }: DataTableProps) { + + const t = useTranslations(); + return ( ); } diff --git a/src/app/[orgId]/settings/share-links/ShareLinksSplash.tsx b/src/app/[orgId]/settings/share-links/ShareLinksSplash.tsx index decaafdf..8bba8787 100644 --- a/src/app/[orgId]/settings/share-links/ShareLinksSplash.tsx +++ b/src/app/[orgId]/settings/share-links/ShareLinksSplash.tsx @@ -4,6 +4,7 @@ import React, { useState, useEffect } from "react"; import { Link, X, Clock, Share, ArrowRight, Lock } from "lucide-react"; // Replace with actual imports import { Card, CardContent } from "@app/components/ui/card"; import { Button } from "@app/components/ui/button"; +import { useTranslations } from "next-intl"; export const ShareableLinksSplash = () => { const [isDismissed, setIsDismissed] = useState(false); @@ -22,6 +23,8 @@ export const ShareableLinksSplash = () => { localStorage.setItem(key, "true"); }; + const t = useTranslations(); + if (isDismissed) { return null; } @@ -31,7 +34,7 @@ export const ShareableLinksSplash = () => { @@ -39,26 +42,23 @@ export const ShareableLinksSplash = () => {

- Shareable Links + {t('share')}

- Create shareable links to your resources. Links provide - temporary or unlimited access to your resource. You can - configure the expiration duration of the link when you - create one. + {t('shareDescription2')}

  • - Easy to create and share + {t('shareEasyCreate')}
  • - Configurable expiration duration + {t('shareConfigurableExpirationDuration')}
  • - Secure and revocable + {t('shareSecureAndRevocable')}
diff --git a/src/app/[orgId]/settings/share-links/ShareLinksTable.tsx b/src/app/[orgId]/settings/share-links/ShareLinksTable.tsx index 69c88cf7..41768255 100644 --- a/src/app/[orgId]/settings/share-links/ShareLinksTable.tsx +++ b/src/app/[orgId]/settings/share-links/ShareLinksTable.tsx @@ -33,6 +33,7 @@ import { ListAccessTokensResponse } from "@server/routers/accessToken"; import moment from "moment"; import CreateShareLinkForm from "./CreateShareLinkForm"; import { constructShareLink } from "@app/lib/shareLinks"; +import { useTranslations } from "next-intl"; export type ShareLinkRow = { accessTokenId: string; @@ -41,7 +42,6 @@ export type ShareLinkRow = { title: string | null; createdAt: number; expiresAt: number | null; - siteName: string | null; }; type ShareLinksTableProps = { @@ -54,6 +54,7 @@ export default function ShareLinksTable({ orgId }: ShareLinksTableProps) { const router = useRouter(); + const t = useTranslations(); const api = createApiClient(useEnvContext()); @@ -67,11 +68,8 @@ export default function ShareLinksTable({ async function deleteSharelink(id: string) { await api.delete(`/access-token/${id}`).catch((e) => { toast({ - title: "Failed to delete link", - description: formatAxiosError( - e, - "An error occurred deleting link" - ) + title: t("shareErrorDelete"), + description: formatAxiosError(e, t("shareErrorDeleteMessage")) }); }); @@ -79,53 +77,12 @@ export default function ShareLinksTable({ setRows(newRows); toast({ - title: "Link deleted", - description: "The link has been deleted" + title: t("shareDeleted"), + description: t("shareDeletedDescription") }); } const columns: ColumnDef[] = [ - { - id: "actions", - cell: ({ row }) => { - const router = useRouter(); - - const resourceRow = row.original; - - return ( - <> -
- - - - - - { - deleteSharelink( - resourceRow.accessTokenId - ); - }} - > - - - - -
- - ); - } - }, { accessorKey: "resourceName", header: ({ column }) => { @@ -136,7 +93,7 @@ export default function ShareLinksTable({ column.toggleSorting(column.getIsSorted() === "asc") } > - Resource + {t("resource")} ); @@ -145,9 +102,8 @@ export default function ShareLinksTable({ const r = row.original; return ( - @@ -164,7 +120,7 @@ export default function ShareLinksTable({ column.toggleSorting(column.getIsSorted() === "asc") } > - Title + {t("title")} ); @@ -243,7 +199,7 @@ export default function ShareLinksTable({ column.toggleSorting(column.getIsSorted() === "asc") } > - Created + {t("created")} ); @@ -263,7 +219,7 @@ export default function ShareLinksTable({ column.toggleSorting(column.getIsSorted() === "asc") } > - Expires + {t("expires")} ); @@ -273,23 +229,50 @@ export default function ShareLinksTable({ if (r.expiresAt) { return moment(r.expiresAt).format("lll"); } - return "Never"; + return t("never"); } }, { id: "delete", - cell: ({ row }) => ( -
- -
- ) + cell: ({ row }) => { + const resourceRow = row.original; + return ( +
+ {/* */} + {/* */} + {/* */} + {/* */} + {/* */} + {/* { */} + {/* deleteSharelink( */} + {/* resourceRow.accessTokenId */} + {/* ); */} + {/* }} */} + {/* > */} + {/* */} + {/* */} + {/* */} + {/* */} + +
+ ); + } } ]; diff --git a/src/app/[orgId]/settings/share-links/page.tsx b/src/app/[orgId]/settings/share-links/page.tsx index 0bfa023d..e4efabd9 100644 --- a/src/app/[orgId]/settings/share-links/page.tsx +++ b/src/app/[orgId]/settings/share-links/page.tsx @@ -9,6 +9,7 @@ import OrgProvider from "@app/providers/OrgProvider"; import { ListAccessTokensResponse } from "@server/routers/accessToken"; import ShareLinksTable, { ShareLinkRow } from "./ShareLinksTable"; import ShareableLinksSplash from "./ShareLinksSplash"; +import { getTranslations } from "next-intl/server"; type ShareLinksPageProps = { params: Promise<{ orgId: string }>; @@ -51,13 +52,15 @@ export default async function ShareLinksPage(props: ShareLinksPageProps) { (token) => ({ ...token }) as ShareLinkRow ); + const t = await getTranslations(); + return ( <> {/* */} diff --git a/src/app/[orgId]/settings/sites/CreateSiteForm.tsx b/src/app/[orgId]/settings/sites/CreateSiteForm.tsx deleted file mode 100644 index c4da2336..00000000 --- a/src/app/[orgId]/settings/sites/CreateSiteForm.tsx +++ /dev/null @@ -1,461 +0,0 @@ -"use client"; - -import { - Form, - FormControl, - FormDescription, - FormField, - FormItem, - FormLabel, - FormMessage -} from "@app/components/ui/form"; -import { Input } from "@app/components/ui/input"; -import { toast } from "@app/hooks/useToast"; -import { zodResolver } from "@hookform/resolvers/zod"; -import { useEffect, useState } from "react"; -import { useForm } from "react-hook-form"; -import { z } from "zod"; -import { useParams, useRouter } from "next/navigation"; -import { - CreateSiteBody, - CreateSiteResponse, - PickSiteDefaultsResponse -} from "@server/routers/site"; -import { generateKeypair } from "./[niceId]/wireguardConfig"; -import CopyTextBox from "@app/components/CopyTextBox"; -import { Checkbox } from "@app/components/ui/checkbox"; -import { - Select, - SelectContent, - SelectItem, - SelectTrigger, - SelectValue -} from "@app/components/ui/select"; -import { formatAxiosError } from "@app/lib/api"; -import { createApiClient } from "@app/lib/api"; -import { useEnvContext } from "@app/hooks/useEnvContext"; -import { SiteRow } from "./SitesTable"; -import { AxiosResponse } from "axios"; -import { Button } from "@app/components/ui/button"; -import Link from "next/link"; -import { - ArrowUpRight, - ChevronsUpDown, - Loader2, - SquareArrowOutUpRight -} from "lucide-react"; -import { - Collapsible, - CollapsibleContent, - CollapsibleTrigger -} from "@app/components/ui/collapsible"; -import LoaderPlaceholder from "@app/components/PlaceHolderLoader"; - -const createSiteFormSchema = z.object({ - name: z - .string() - .min(2, { - message: "Name must be at least 2 characters." - }) - .max(30, { - message: "Name must not be longer than 30 characters." - }), - method: z.enum(["wireguard", "newt", "local"]) -}); - -type CreateSiteFormValues = z.infer; - -const defaultValues: Partial = { - name: "", - method: "newt" -}; - -type CreateSiteFormProps = { - onCreate?: (site: SiteRow) => void; - setLoading?: (loading: boolean) => void; - setChecked?: (checked: boolean) => void; - orgId: string; -}; - -export default function CreateSiteForm({ - onCreate, - setLoading, - setChecked, - orgId -}: CreateSiteFormProps) { - const api = createApiClient(useEnvContext()); - const { env } = useEnvContext(); - - const [isLoading, setIsLoading] = useState(false); - const [isChecked, setIsChecked] = useState(false); - - const [isOpen, setIsOpen] = useState(false); - - const [keypair, setKeypair] = useState<{ - publicKey: string; - privateKey: string; - } | null>(null); - - const [siteDefaults, setSiteDefaults] = - useState(null); - - const [loadingPage, setLoadingPage] = useState(true); - - const handleCheckboxChange = (checked: boolean) => { - // setChecked?.(checked); - setIsChecked(checked); - }; - - const form = useForm({ - resolver: zodResolver(createSiteFormSchema), - defaultValues - }); - - const nameField = form.watch("name"); - const methodField = form.watch("method"); - - useEffect(() => { - const nameIsValid = nameField?.length >= 2 && nameField?.length <= 30; - const isFormValid = methodField === "local" || isChecked; - - // Only set checked to true if name is valid AND (method is local OR checkbox is checked) - setChecked?.(nameIsValid && isFormValid); - }, [nameField, methodField, isChecked, setChecked]); - - useEffect(() => { - if (!open) return; - - const load = async () => { - setLoadingPage(true); - // reset all values - setLoading?.(false); - setIsLoading(false); - form.reset(); - setChecked?.(false); - setKeypair(null); - setSiteDefaults(null); - - const generatedKeypair = generateKeypair(); - setKeypair(generatedKeypair); - - await api - .get(`/org/${orgId}/pick-site-defaults`) - .catch((e) => { - // update the default value of the form to be local method - form.setValue("method", "local"); - }) - .then((res) => { - if (res && res.status === 200) { - setSiteDefaults(res.data.data); - } - }); - await new Promise((resolve) => setTimeout(resolve, 200)); - - setLoadingPage(false); - }; - - load(); - }, [open]); - - async function onSubmit(data: CreateSiteFormValues) { - setLoading?.(true); - setIsLoading(true); - let payload: CreateSiteBody = { - name: data.name, - type: data.method - }; - - if (data.method == "wireguard") { - if (!keypair || !siteDefaults) { - toast({ - variant: "destructive", - title: "Error creating site", - description: "Key pair or site defaults not found" - }); - setLoading?.(false); - setIsLoading(false); - return; - } - - payload = { - ...payload, - subnet: siteDefaults.subnet, - exitNodeId: siteDefaults.exitNodeId, - pubKey: keypair.publicKey - }; - } - if (data.method === "newt") { - if (!siteDefaults) { - toast({ - variant: "destructive", - title: "Error creating site", - description: "Site defaults not found" - }); - setLoading?.(false); - setIsLoading(false); - return; - } - - payload = { - ...payload, - subnet: siteDefaults.subnet, - exitNodeId: siteDefaults.exitNodeId, - secret: siteDefaults.newtSecret, - newtId: siteDefaults.newtId - }; - } - - const res = await api - .put< - AxiosResponse - >(`/org/${orgId}/site/`, payload) - .catch((e) => { - toast({ - variant: "destructive", - title: "Error creating site", - description: formatAxiosError(e) - }); - }); - - if (res && res.status === 201) { - const data = res.data.data; - - onCreate?.({ - name: data.name, - id: data.siteId, - nice: data.niceId.toString(), - mbIn: - data.type == "wireguard" || data.type == "newt" - ? "0 MB" - : "-", - mbOut: - data.type == "wireguard" || data.type == "newt" - ? "0 MB" - : "-", - orgId: orgId as string, - type: data.type as any, - online: false - }); - } - - setLoading?.(false); - setIsLoading(false); - } - - const wgConfig = - keypair && siteDefaults - ? `[Interface] -Address = ${siteDefaults.subnet} -ListenPort = 51820 -PrivateKey = ${keypair.privateKey} - -[Peer] -PublicKey = ${siteDefaults.publicKey} -AllowedIPs = ${siteDefaults.address.split("/")[0]}/32 -Endpoint = ${siteDefaults.endpoint}:${siteDefaults.listenPort} -PersistentKeepalive = 5` - : ""; - - const newtConfig = `newt --id ${siteDefaults?.newtId} --secret ${siteDefaults?.newtSecret} --endpoint ${env.app.dashboardUrl}`; - - const newtConfigDockerCompose = `services: - newt: - image: fosrl/newt - container_name: newt - restart: unless-stopped - environment: - - PANGOLIN_ENDPOINT=${env.app.dashboardUrl} - - NEWT_ID=${siteDefaults?.newtId} - - NEWT_SECRET=${siteDefaults?.newtSecret}`; - - const newtConfigDockerRun = `docker run -it fosrl/newt --id ${siteDefaults?.newtId} --secret ${siteDefaults?.newtSecret} --endpoint ${env.app.dashboardUrl}`; - - return loadingPage ? ( - - ) : ( -
-
- - ( - - Name - - - - - - This is the display name for the site. - - - )} - /> - ( - - Method - - - - - - This is how you will expose connections. - - - )} - /> - - {form.watch("method") === "newt" && ( - - - Learn how to install Newt on your system - - - - )} - -
- {form.watch("method") === "wireguard" && !isLoading ? ( - <> - - - You will only be able to see the - configuration once. - - - ) : form.watch("method") === "wireguard" && - isLoading ? ( -

Loading WireGuard configuration...

- ) : form.watch("method") === "newt" && siteDefaults ? ( - <> -
- -
- -
- - You will only be able to see the - configuration once. - -
- - - -
- -
- Docker Compose - -
-
- Docker Run - - -
- - -
- - ) : null} -
- - {form.watch("method") === "local" && ( - - Local sites do not tunnel, learn more - - - )} - - {(form.watch("method") === "newt" || - form.watch("method") === "wireguard") && ( -
- - -
- )} - - -
- ); -} diff --git a/src/app/[orgId]/settings/sites/CreateSiteModal.tsx b/src/app/[orgId]/settings/sites/CreateSiteModal.tsx deleted file mode 100644 index 1666000d..00000000 --- a/src/app/[orgId]/settings/sites/CreateSiteModal.tsx +++ /dev/null @@ -1,80 +0,0 @@ -"use client"; - -import { Button } from "@app/components/ui/button"; -import { useState } from "react"; -import { - Credenza, - CredenzaBody, - CredenzaClose, - CredenzaContent, - CredenzaDescription, - CredenzaFooter, - CredenzaHeader, - CredenzaTitle -} from "@app/components/Credenza"; -import { SiteRow } from "./SitesTable"; -import CreateSiteForm from "./CreateSiteForm"; - -type CreateSiteFormProps = { - open: boolean; - setOpen: (open: boolean) => void; - onCreate?: (site: SiteRow) => void; - orgId: string; -}; - -export default function CreateSiteFormModal({ - open, - setOpen, - onCreate, - orgId -}: CreateSiteFormProps) { - const [loading, setLoading] = useState(false); - const [isChecked, setIsChecked] = useState(false); - - return ( - <> - { - setOpen(val); - setLoading(false); - }} - > - - - Create Site - - Create a new site to start connecting your resources - - - -
- setLoading(val)} - setChecked={(val) => setIsChecked(val)} - onCreate={onCreate} - orgId={orgId} - /> -
- - - - - - - - - - - ); -} diff --git a/src/app/[orgId]/settings/sites/SitesDataTable.tsx b/src/app/[orgId]/settings/sites/SitesDataTable.tsx index 08d97955..5dc39077 100644 --- a/src/app/[orgId]/settings/sites/SitesDataTable.tsx +++ b/src/app/[orgId]/settings/sites/SitesDataTable.tsx @@ -1,30 +1,43 @@ "use client"; -import { - ColumnDef, -} from "@tanstack/react-table"; +import { ColumnDef } from "@tanstack/react-table"; import { DataTable } from "@app/components/ui/data-table"; +import { useTranslations } from "next-intl"; interface DataTableProps { columns: ColumnDef[]; data: TData[]; createSite?: () => void; + onRefresh?: () => void; + isRefreshing?: boolean; } export function SitesDataTable({ columns, data, - createSite + createSite, + onRefresh, + isRefreshing }: DataTableProps) { + + const t = useTranslations(); + return ( ); } diff --git a/src/app/[orgId]/settings/sites/SitesSplashCard.tsx b/src/app/[orgId]/settings/sites/SitesSplashCard.tsx index 6734e66b..35d7bd83 100644 --- a/src/app/[orgId]/settings/sites/SitesSplashCard.tsx +++ b/src/app/[orgId]/settings/sites/SitesSplashCard.tsx @@ -5,11 +5,15 @@ import { Card, CardContent } from "@/components/ui/card"; import { Button } from "@/components/ui/button"; import { ArrowRight, DockIcon as Docker, Globe, Server, X } from "lucide-react"; import Link from "next/link"; +import { useEnvContext } from "@app/hooks/useEnvContext"; +import { useTranslations } from 'next-intl'; export const SitesSplashCard = () => { const [isDismissed, setIsDismissed] = useState(true); + const { env } = useEnvContext(); const key = "sites-splash-card-dismissed"; + const t = useTranslations(); useEffect(() => { const dismissed = localStorage.getItem(key); @@ -34,7 +38,7 @@ export const SitesSplashCard = () => { @@ -42,28 +46,25 @@ export const SitesSplashCard = () => {

- Newt (Recommended) + Newt ({t('recommended')})

- For the best user experience, use Newt. It uses - WireGuard under the hood and allows you to address your - private resources by their LAN address on your private - network from within the Pangolin dashboard. + {t('siteNewtDescription')}

  • - Runs in Docker + {t('siteRunsInDocker')}
  • - Runs in shell on macOS, Linux, and Windows + {t('siteRunsInShell')}
@@ -71,7 +72,7 @@ export const SitesSplashCard = () => { className="w-full flex items-center" variant="secondary" > - Install Newt{" "} + {t('siteInstallNewt')}{" "} @@ -79,20 +80,19 @@ export const SitesSplashCard = () => {

- Basic WireGuard + {t('siteWg')}

- Use any WireGuard client to connect. You will have to - address your internal resources using the peer IP. + {t('siteWgAnyClients')}

  • - Compatible with all WireGuard clients + {t('siteWgCompatibleAllClients')}
  • - Manual configuration required + {t('siteWgManualConfigurationRequired')}
diff --git a/src/app/[orgId]/settings/sites/SitesTable.tsx b/src/app/[orgId]/settings/sites/SitesTable.tsx index c032800f..8387ab7c 100644 --- a/src/app/[orgId]/settings/sites/SitesTable.tsx +++ b/src/app/[orgId]/settings/sites/SitesTable.tsx @@ -1,6 +1,6 @@ "use client"; -import { ColumnDef } from "@tanstack/react-table"; +import { Column, ColumnDef } from "@tanstack/react-table"; import { SitesDataTable } from "./SitesDataTable"; import { DropdownMenu, @@ -19,14 +19,16 @@ import { import Link from "next/link"; import { useRouter } from "next/navigation"; import { AxiosResponse } from "axios"; -import { useState } from "react"; -import CreateSiteForm from "./CreateSiteForm"; +import { useState, useEffect } from "react"; import ConfirmDeleteDialog from "@app/components/ConfirmDeleteDialog"; import { toast } from "@app/hooks/useToast"; import { formatAxiosError } from "@app/lib/api"; import { createApiClient } from "@app/lib/api"; import { useEnvContext } from "@app/hooks/useEnvContext"; -import CreateSiteFormModal from "./CreateSiteModal"; +import { useTranslations } from "next-intl"; +import { parseDataSize } from "@app/lib/dataSize"; +import { Badge } from "@app/components/ui/badge"; +import { InfoPopup } from "@app/components/ui/info-popup"; export type SiteRow = { id: number; @@ -36,7 +38,10 @@ export type SiteRow = { mbOut: string; orgId: string; type: "newt" | "wireguard"; + newtVersion?: string; + newtUpdateAvailable?: boolean; online: boolean; + address?: string; }; type SitesTableProps = { @@ -50,17 +55,42 @@ export default function SitesTable({ sites, orgId }: SitesTableProps) { const [isDeleteModalOpen, setIsDeleteModalOpen] = useState(false); const [selectedSite, setSelectedSite] = useState(null); const [rows, setRows] = useState(sites); + const [isRefreshing, setIsRefreshing] = useState(false); const api = createApiClient(useEnvContext()); + const t = useTranslations(); + const { env } = useEnvContext(); + + // Update local state when props change (e.g., after refresh) + useEffect(() => { + setRows(sites); + }, [sites]); + + const refreshData = async () => { + console.log("Data refreshed"); + setIsRefreshing(true); + try { + await new Promise((resolve) => setTimeout(resolve, 200)); + router.refresh(); + } catch (error) { + toast({ + title: t("error"), + description: t("refreshError"), + variant: "destructive" + }); + } finally { + setIsRefreshing(false); + } + }; const deleteSite = (siteId: number) => { api.delete(`/site/${siteId}`) .catch((e) => { - console.error("Error deleting site", e); + console.error(t("siteErrorDelete"), e); toast({ variant: "destructive", - title: "Error deleting site", - description: formatAxiosError(e, "Error deleting site") + title: t("siteErrorDelete"), + description: formatAxiosError(e, t("siteErrorDelete")) }); }) .then(() => { @@ -74,42 +104,6 @@ export default function SitesTable({ sites, orgId }: SitesTableProps) { }; const columns: ColumnDef[] = [ - { - id: "dots", - cell: ({ row }) => { - const siteRow = row.original; - const router = useRouter(); - - return ( - - - - - - - - View settings - - - { - setSelectedSite(siteRow); - setIsDeleteModalOpen(true); - }} - > - Delete - - - - ); - } - }, { accessorKey: "name", header: ({ column }) => { @@ -120,7 +114,7 @@ export default function SitesTable({ sites, orgId }: SitesTableProps) { column.toggleSorting(column.getIsSorted() === "asc") } > - Name + {t("name")} ); @@ -136,7 +130,7 @@ export default function SitesTable({ sites, orgId }: SitesTableProps) { column.toggleSorting(column.getIsSorted() === "asc") } > - Online + {t("online")} ); @@ -151,14 +145,14 @@ export default function SitesTable({ sites, orgId }: SitesTableProps) { return (
- Online + {t("online")} ); } else { return (
- Offline + {t("offline")} ); } @@ -176,11 +170,19 @@ export default function SitesTable({ sites, orgId }: SitesTableProps) { onClick={() => column.toggleSorting(column.getIsSorted() === "asc") } + className="hidden md:flex whitespace-nowrap" > - Site + {t("site")} ); + }, + cell: ({ row }) => { + return ( +
+ {row.original.nice} +
+ ); } }, { @@ -193,11 +195,14 @@ export default function SitesTable({ sites, orgId }: SitesTableProps) { column.toggleSorting(column.getIsSorted() === "asc") } > - Data In + {t("dataIn")} ); - } + }, + sortingFn: (rowA, rowB) => + parseDataSize(rowA.original.mbIn) - + parseDataSize(rowB.original.mbIn) }, { accessorKey: "mbOut", @@ -209,11 +214,14 @@ export default function SitesTable({ sites, orgId }: SitesTableProps) { column.toggleSorting(column.getIsSorted() === "asc") } > - Data Out + {t("dataOut")} ); - } + }, + sortingFn: (rowA, rowB) => + parseDataSize(rowA.original.mbOut) - + parseDataSize(rowB.original.mbOut) }, { accessorKey: "type", @@ -225,7 +233,7 @@ export default function SitesTable({ sites, orgId }: SitesTableProps) { column.toggleSorting(column.getIsSorted() === "asc") } > - Connection Type + {t("connectionType")} ); @@ -235,8 +243,22 @@ export default function SitesTable({ sites, orgId }: SitesTableProps) { if (originalRow.type === "newt") { return ( -
- Newt +
+ +
+ Newt + {originalRow.newtVersion && ( + + v{originalRow.newtVersion} + + )} +
+ + {originalRow.newtUpdateAvailable && ( + + )}
); } @@ -252,23 +274,68 @@ export default function SitesTable({ sites, orgId }: SitesTableProps) { if (originalRow.type === "local") { return (
- Local + {t("local")}
); } } }, + ...(env.flags.enableClients ? [{ + accessorKey: "address", + header: ({ column }: { column: Column }) => { + return ( + + ); + } + }] : []), { id: "actions", cell: ({ row }) => { const siteRow = row.original; return ( -
+
+ + + + + + + + {t("viewSettings")} + + + { + setSelectedSite(siteRow); + setIsDeleteModalOpen(true); + }} + > + + {t("delete")} + + + + + - @@ -290,30 +357,21 @@ export default function SitesTable({ sites, orgId }: SitesTableProps) { dialog={

- Are you sure you want to remove the site{" "} - {selectedSite?.name || selectedSite?.id}{" "} - from the organization? + {t("siteQuestionRemove", { + selectedSite: + selectedSite?.name || selectedSite?.id + })}

-

- Once removed, the site will no longer be - accessible.{" "} - - All resources and targets associated with - the site will also be removed. - -

+

{t("siteMessageRemove")}

-

- To confirm, please type the name of the site - below. -

+

{t("siteMessageConfirm")}

} - buttonText="Confirm Delete Site" + buttonText={t("siteConfirmDelete")} onConfirm={async () => deleteSite(selectedSite!.id)} string={selectedSite.name} - title="Delete Site" + title={t("siteDelete")} /> )} @@ -323,6 +381,8 @@ export default function SitesTable({ sites, orgId }: SitesTableProps) { createSite={() => router.push(`/${orgId}/settings/sites/create`) } + onRefresh={refreshData} + isRefreshing={isRefreshing} /> ); diff --git a/src/app/[orgId]/settings/sites/[niceId]/SiteInfoCard.tsx b/src/app/[orgId]/settings/sites/[niceId]/SiteInfoCard.tsx index ee4758be..5eed91c5 100644 --- a/src/app/[orgId]/settings/sites/[niceId]/SiteInfoCard.tsx +++ b/src/app/[orgId]/settings/sites/[niceId]/SiteInfoCard.tsx @@ -9,11 +9,15 @@ import { InfoSections, InfoSectionTitle } from "@app/components/InfoSection"; +import { useTranslations } from "next-intl"; +import { useEnvContext } from "@app/hooks/useEnvContext"; type SiteInfoCardProps = {}; export default function SiteInfoCard({}: SiteInfoCardProps) { const { site, updateSite } = useSiteContext(); + const t = useTranslations(); + const { env } = useEnvContext(); const getConnectionTypeString = (type: string) => { if (type === "newt") { @@ -21,32 +25,32 @@ export default function SiteInfoCard({}: SiteInfoCardProps) { } else if (type === "wireguard") { return "WireGuard"; } else if (type === "local") { - return "Local"; + return t("local"); } else { - return "Unknown"; + return t("unknown"); } }; return ( - - Site Information - - + + {(site.type == "newt" || site.type == "wireguard") && ( <> - Status + + {t("status")} + {site.online ? (
- Online + {t("online")}
) : (
- Offline + {t("offline")}
)} @@ -54,11 +58,22 @@ export default function SiteInfoCard({}: SiteInfoCardProps) { )} - Connection Type + + {t("connectionType")} + {getConnectionTypeString(site.type)} + + {env.flags.enableClients && site.type == "newt" && ( + + Address + + {site.address?.split("/")[0]} + + + )} diff --git a/src/app/[orgId]/settings/sites/[niceId]/general/page.tsx b/src/app/[orgId]/settings/sites/[niceId]/general/page.tsx index f107d960..8bd8dc4b 100644 --- a/src/app/[orgId]/settings/sites/[niceId]/general/page.tsx +++ b/src/app/[orgId]/settings/sites/[niceId]/general/page.tsx @@ -24,16 +24,28 @@ import { SettingsSectionTitle, SettingsSectionDescription, SettingsSectionBody, - SettingsSectionForm, - SettingsSectionFooter + SettingsSectionForm } from "@app/components/Settings"; import { formatAxiosError } from "@app/lib/api"; import { createApiClient } from "@app/lib/api"; import { useEnvContext } from "@app/hooks/useEnvContext"; import { useState } from "react"; +import { SwitchInput } from "@app/components/SwitchInput"; +import { useTranslations } from "next-intl"; +import Link from "next/link"; +import { Tag, TagInput } from "@app/components/tags/tag-input"; const GeneralFormSchema = z.object({ - name: z.string().nonempty("Name is required") + name: z.string().nonempty("Name is required"), + dockerSocketEnabled: z.boolean().optional(), + remoteSubnets: z + .array( + z.object({ + id: z.string(), + text: z.string() + }) + ) + .optional() }); type GeneralFormValues = z.infer; @@ -41,16 +53,28 @@ type GeneralFormValues = z.infer; export default function GeneralPage() { const { site, updateSite } = useSiteContext(); + const { env } = useEnvContext(); const api = createApiClient(useEnvContext()); const [loading, setLoading] = useState(false); + const [activeCidrTagIndex, setActiveCidrTagIndex] = useState( + null + ); const router = useRouter(); + const t = useTranslations(); const form = useForm({ resolver: zodResolver(GeneralFormSchema), defaultValues: { - name: site?.name + name: site?.name, + dockerSocketEnabled: site?.dockerSocketEnabled ?? false, + remoteSubnets: site?.remoteSubnets + ? site.remoteSubnets.split(",").map((subnet, index) => ({ + id: subnet.trim(), + text: subnet.trim() + })) + : [] }, mode: "onChange" }); @@ -60,24 +84,34 @@ export default function GeneralPage() { await api .post(`/site/${site?.siteId}`, { - name: data.name + name: data.name, + dockerSocketEnabled: data.dockerSocketEnabled, + remoteSubnets: + data.remoteSubnets + ?.map((subnet) => subnet.text) + .join(",") || "" }) .catch((e) => { toast({ variant: "destructive", - title: "Failed to update site", + title: t("siteErrorUpdate"), description: formatAxiosError( e, - "An error occurred while updating the site." + t("siteErrorUpdateDescription") ) }); }); - updateSite({ name: data.name }); + updateSite({ + name: data.name, + dockerSocketEnabled: data.dockerSocketEnabled, + remoteSubnets: + data.remoteSubnets?.map((subnet) => subnet.text).join(",") || "" + }); toast({ - title: "Site updated", - description: "The site has been updated." + title: t("siteUpdated"), + description: t("siteUpdatedDescription") }); setLoading(false); @@ -90,10 +124,10 @@ export default function GeneralPage() { - General Settings + {t("generalSettings")} - Configure the general settings for this site + {t("siteGeneralDescription")} @@ -102,7 +136,7 @@ export default function GeneralPage() {
( - Name + {t("name")} - - This is the display name of the - site. - )} /> + + {env.flags.enableClients && + site.type === "newt" ? ( + ( + + + {t("remoteSubnets")} + + + { + form.setValue( + "remoteSubnets", + newSubnets as Tag[] + ); + }} + validateTag={(tag) => { + // Basic CIDR validation regex + const cidrRegex = + /^(\d{1,3}\.){3}\d{1,3}\/\d{1,2}$/; + return cidrRegex.test( + tag + ); + }} + allowDuplicates={false} + sortTags={true} + /> + + + {t( + "remoteSubnetsDescription" + )} + + + + )} + /> + ) : null} + + {site && site.type === "newt" && ( + ( + + + + + + + {t( + "enableDockerSocketDescription" + )}{" "} + + + {t( + "enableDockerSocketLink" + )} + + + + + )} + /> + )} - - - -
+ +
+ +
); } diff --git a/src/app/[orgId]/settings/sites/[niceId]/layout.tsx b/src/app/[orgId]/settings/sites/[niceId]/layout.tsx index 5bcc8af9..597cc852 100644 --- a/src/app/[orgId]/settings/sites/[niceId]/layout.tsx +++ b/src/app/[orgId]/settings/sites/[niceId]/layout.tsx @@ -5,17 +5,9 @@ import { AxiosResponse } from "axios"; import { redirect } from "next/navigation"; import { authCookieHeader } from "@app/lib/api/cookies"; import { HorizontalTabs } from "@app/components/HorizontalTabs"; -import Link from "next/link"; -import { ArrowLeft } from "lucide-react"; import SettingsSectionTitle from "@app/components/SettingsSectionTitle"; -import { - Breadcrumb, - BreadcrumbItem, - BreadcrumbList, - BreadcrumbPage, - BreadcrumbSeparator -} from "@app/components/ui/breadcrumb"; import SiteInfoCard from "./SiteInfoCard"; +import { getTranslations } from "next-intl/server"; interface SettingsLayoutProps { children: React.ReactNode; @@ -38,9 +30,11 @@ export default async function SettingsLayout(props: SettingsLayoutProps) { redirect(`/${params.orgId}/settings/sites`); } + const t = await getTranslations(); + const navItems = [ { - title: "General", + title: t('general'), href: "/{orgId}/settings/sites/{niceId}/general" } ]; @@ -48,8 +42,8 @@ export default async function SettingsLayout(props: SettingsLayoutProps) { return ( <> diff --git a/src/app/[orgId]/settings/sites/create/page.tsx b/src/app/[orgId]/settings/sites/create/page.tsx index 38c8a772..b9e172a3 100644 --- a/src/app/[orgId]/settings/sites/create/page.tsx +++ b/src/app/[orgId]/settings/sites/create/page.tsx @@ -21,7 +21,7 @@ import { } from "@app/components/ui/form"; import HeaderTitle from "@app/components/SettingsSectionTitle"; import { z } from "zod"; -import { useEffect, useState } from "react"; +import { createElement, useEffect, useState } from "react"; import { useForm } from "react-hook-form"; import { zodResolver } from "@hookform/resolvers/zod"; import { Input } from "@app/components/ui/input"; @@ -42,7 +42,8 @@ import { FaFreebsd, FaWindows } from "react-icons/fa"; -import { Checkbox } from "@app/components/ui/checkbox"; +import { SiNixos } from "react-icons/si"; +import { Checkbox, CheckboxWithLabel } from "@app/components/ui/checkbox"; import { Alert, AlertDescription, AlertTitle } from "@app/components/ui/alert"; import { generateKeypair } from "../[niceId]/wireguardConfig"; import { createApiClient, formatAxiosError } from "@app/lib/api"; @@ -55,41 +56,10 @@ import { import { toast } from "@app/hooks/useToast"; import { AxiosResponse } from "axios"; import { useParams, useRouter } from "next/navigation"; -import { - Breadcrumb, - BreadcrumbItem, - BreadcrumbList, - BreadcrumbPage, - BreadcrumbSeparator -} from "@app/components/ui/breadcrumb"; -import Link from "next/link"; import { QRCodeCanvas } from "qrcode.react"; -const createSiteFormSchema = z - .object({ - name: z - .string() - .min(2, { message: "Name must be at least 2 characters." }) - .max(30, { - message: "Name must not be longer than 30 characters." - }), - method: z.enum(["newt", "wireguard", "local"]), - copied: z.boolean() - }) - .refine( - (data) => { - if (data.method !== "local") { - return data.copied; - } - return true; - }, - { - message: "Please confirm that you have copied the config.", - path: ["copied"] - } - ); - -type CreateSiteFormValues = z.infer; +import { useTranslations } from "next-intl"; +import { build } from "@server/build"; type SiteType = "newt" | "wireguard" | "local"; @@ -103,9 +73,11 @@ interface TunnelTypeOption { type Commands = { mac: Record; linux: Record; + freebsd: Record; windows: Record; docker: Record; podman: Record; + nixos: Record; }; const platforms = [ @@ -114,7 +86,8 @@ const platforms = [ "podman", "mac", "windows", - "freebsd" + "freebsd", + "nixos" ] as const; type Platform = (typeof platforms)[number]; @@ -124,29 +97,65 @@ export default function Page() { const api = createApiClient({ env }); const { orgId } = useParams(); const router = useRouter(); + const t = useTranslations(); + + const createSiteFormSchema = z + .object({ + name: z + .string() + .min(2, { message: t("nameMin", { len: 2 }) }) + .max(30, { + message: t("nameMax", { len: 30 }) + }), + method: z.enum(["newt", "wireguard", "local"]), + copied: z.boolean(), + clientAddress: z.string().optional(), + acceptClients: z.boolean() + }) + .refine( + (data) => { + if (data.method !== "local") { + // return data.copied; + return true; + } + return true; + }, + { + message: t("sitesConfirmCopy"), + path: ["copied"] + } + ); + + type CreateSiteFormValues = z.infer; const [tunnelTypes, setTunnelTypes] = useState< ReadonlyArray >([ { id: "newt", - title: "Newt Tunnel (Recommended)", - description: - "Easiest way to create an entrypoint into your network. No extra setup.", + title: t("siteNewtTunnel"), + description: t("siteNewtTunnelDescription"), disabled: true }, - { - id: "wireguard", - title: "Basic WireGuard", - description: - "Use any WireGuard client to establish a tunnel. Manual NAT setup required.", - disabled: true - }, - { - id: "local", - title: "Local", - description: "Local resources only. No tunneling." - } + ...(env.flags.disableBasicWireguardSites + ? [] + : [ + { + id: "wireguard" as SiteType, + title: t("siteWg"), + description: build == "saas" ? t("siteWgDescriptionSaas") : t("siteWgDescription"), + disabled: true + } + ]), + ...(env.flags.disableLocalSites + ? [] + : [ + { + id: "local" as SiteType, + title: t("local"), + description: build == "saas" ? t("siteLocalDescriptionSaas") : t("siteLocalDescription") + } + ]) ]); const [loadingPage, setLoadingPage] = useState(true); @@ -158,12 +167,14 @@ export default function Page() { const [newtId, setNewtId] = useState(""); const [newtSecret, setNewtSecret] = useState(""); const [newtEndpoint, setNewtEndpoint] = useState(""); - + const [clientAddress, setClientAddress] = useState(""); const [publicKey, setPublicKey] = useState(""); const [privateKey, setPrivateKey] = useState(""); const [wgConfig, setWgConfig] = useState(""); const [createLoading, setCreateLoading] = useState(false); + const [acceptClients, setAcceptClients] = useState(false); + const [newtVersion, setNewtVersion] = useState("latest"); const [siteDefaults, setSiteDefaults] = useState(null); @@ -193,55 +204,61 @@ PersistentKeepalive = 5`; id: string, secret: string, endpoint: string, - version: string + version: string, + acceptClients: boolean = false ) => { + const acceptClientsFlag = acceptClients ? " --accept-clients" : ""; + const acceptClientsEnv = acceptClients + ? "\n - ACCEPT_CLIENTS=true" + : ""; + const commands = { mac: { - "Apple Silicon (arm64)": [ - `curl -L -o newt "https://github.com/fosrl/newt/releases/download/${version}/newt_darwin_arm64" && chmod +x ./newt`, - `./newt --id ${id} --secret ${secret} --endpoint ${endpoint}` - ], - "Intel x64 (amd64)": [ - `curl -L -o newt "https://github.com/fosrl/newt/releases/download/${version}/newt_darwin_amd64" && chmod +x ./newt`, - `./newt --id ${id} --secret ${secret} --endpoint ${endpoint}` + All: [ + `curl -fsSL https://digpangolin.com/get-newt.sh | bash`, + `newt --id ${id} --secret ${secret} --endpoint ${endpoint}${acceptClientsFlag}` ] + // "Intel x64 (amd64)": [ + // `curl -fsSL https://digpangolin.com/get-newt.sh | bash`, + // `newt --id ${id} --secret ${secret} --endpoint ${endpoint}${acceptClientsFlag}` + // ] }, linux: { - amd64: [ - `wget -O newt "https://github.com/fosrl/newt/releases/download/${version}/newt_linux_amd64" && chmod +x ./newt`, - `./newt --id ${id} --secret ${secret} --endpoint ${endpoint}` - ], - arm64: [ - `wget -O newt "https://github.com/fosrl/newt/releases/download/${version}/newt_linux_arm64" && chmod +x ./newt`, - `./newt --id ${id} --secret ${secret} --endpoint ${endpoint}` - ], - arm32: [ - `wget -O newt "https://github.com/fosrl/newt/releases/download/${version}/newt_linux_arm32" && chmod +x ./newt`, - `./newt --id ${id} --secret ${secret} --endpoint ${endpoint}` - ], - arm32v6: [ - `wget -O newt "https://github.com/fosrl/newt/releases/download/${version}/newt_linux_arm32v6" && chmod +x ./newt`, - `./newt --id ${id} --secret ${secret} --endpoint ${endpoint}` - ], - riscv64: [ - `wget -O newt "https://github.com/fosrl/newt/releases/download/${version}/newt_linux_riscv64" && chmod +x ./newt`, - `./newt --id ${id} --secret ${secret} --endpoint ${endpoint}` + All: [ + `curl -fsSL https://digpangolin.com/get-newt.sh | bash`, + `newt --id ${id} --secret ${secret} --endpoint ${endpoint}${acceptClientsFlag}` ] + // arm64: [ + // `curl -fsSL https://digpangolin.com/get-newt.sh | bash`, + // `newt --id ${id} --secret ${secret} --endpoint ${endpoint}${acceptClientsFlag}` + // ], + // arm32: [ + // `curl -fsSL https://digpangolin.com/get-newt.sh | bash`, + // `newt --id ${id} --secret ${secret} --endpoint ${endpoint}${acceptClientsFlag}` + // ], + // arm32v6: [ + // `curl -fsSL https://digpangolin.com/get-newt.sh | bash`, + // `newt --id ${id} --secret ${secret} --endpoint ${endpoint}${acceptClientsFlag}` + // ], + // riscv64: [ + // `curl -fsSL https://digpangolin.com/get-newt.sh | bash`, + // `newt --id ${id} --secret ${secret} --endpoint ${endpoint}${acceptClientsFlag}` + // ] }, freebsd: { - amd64: [ - `fetch -o newt "https://github.com/fosrl/newt/releases/download/${version}/newt_freebsd_amd64" && chmod +x ./newt`, - `./newt --id ${id} --secret ${secret} --endpoint ${endpoint}` - ], - arm64: [ - `fetch -o newt "https://github.com/fosrl/newt/releases/download/${version}/newt_freebsd_arm64" && chmod +x ./newt`, - `./newt --id ${id} --secret ${secret} --endpoint ${endpoint}` + All: [ + `curl -fsSL https://digpangolin.com/get-newt.sh | bash`, + `newt --id ${id} --secret ${secret} --endpoint ${endpoint}${acceptClientsFlag}` ] + // arm64: [ + // `curl -fsSL https://digpangolin.com/get-newt.sh | bash`, + // `newt --id ${id} --secret ${secret} --endpoint ${endpoint}${acceptClientsFlag}` + // ] }, windows: { x64: [ `curl -o newt.exe -L "https://github.com/fosrl/newt/releases/download/${version}/newt_windows_amd64.exe"`, - `newt.exe --id ${id} --secret ${secret} --endpoint ${endpoint}` + `newt.exe --id ${id} --secret ${secret} --endpoint ${endpoint}${acceptClientsFlag}` ] }, docker: { @@ -254,10 +271,10 @@ PersistentKeepalive = 5`; environment: - PANGOLIN_ENDPOINT=${endpoint} - NEWT_ID=${id} - - NEWT_SECRET=${secret}` + - NEWT_SECRET=${secret}${acceptClientsEnv}` ], "Docker Run": [ - `docker run -it fosrl/newt --id ${id} --secret ${secret} --endpoint ${endpoint}` + `docker run -dit fosrl/newt --id ${id} --secret ${secret} --endpoint ${endpoint}${acceptClientsFlag}` ] }, podman: { @@ -270,7 +287,7 @@ ContainerName=newt Image=docker.io/fosrl/newt Environment=PANGOLIN_ENDPOINT=${endpoint} Environment=NEWT_ID=${id} -Environment=NEWT_SECRET=${secret} +Environment=NEWT_SECRET=${secret}${acceptClients ? "\nEnvironment=ACCEPT_CLIENTS=true" : ""} # Secret=newt-secret,type=env,target=NEWT_SECRET [Service] @@ -280,8 +297,16 @@ Restart=always WantedBy=default.target` ], "Podman Run": [ - `podman run -it docker.io/fosrl/newt --id ${id} --secret ${secret} --endpoint ${endpoint}` + `podman run -dit docker.io/fosrl/newt --id ${id} --secret ${secret} --endpoint ${endpoint}${acceptClientsFlag}` ] + }, + nixos: { + All: [ + `nix run 'nixpkgs#fosrl-newt' -- --id ${id} --secret ${secret} --endpoint ${endpoint}${acceptClientsFlag}` + ], + // aarch64: [ + // `nix run 'nixpkgs#fosrl-newt' -- --id ${id} --secret ${secret} --endpoint ${endpoint}${acceptClientsFlag}` + // ] } }; setCommands(commands); @@ -290,9 +315,11 @@ WantedBy=default.target` const getArchitectures = () => { switch (platform) { case "linux": - return ["amd64", "arm64", "arm32", "arm32v6", "riscv64"]; + // return ["amd64", "arm64", "arm32", "arm32v6", "riscv64"]; + return ["All"]; case "mac": - return ["Apple Silicon (arm64)", "Intel x64 (amd64)"]; + // return ["Apple Silicon (arm64)", "Intel x64 (amd64)"]; + return ["All"]; case "windows": return ["x64"]; case "docker": @@ -300,7 +327,11 @@ WantedBy=default.target` case "podman": return ["Podman Quadlet", "Podman Run"]; case "freebsd": - return ["amd64", "arm64"]; + // return ["amd64", "arm64"]; + return ["All"]; + case "nixos": + // return ["x86_64", "aarch64"]; + return ["All"]; default: return ["x64"]; } @@ -318,13 +349,15 @@ WantedBy=default.target` return "Podman"; case "freebsd": return "FreeBSD"; + case "nixos": + return "NixOS"; default: return "Linux"; } }; const getCommand = () => { - const placeholder = ["Unknown command"]; + const placeholder = [t("unknownCommand")]; if (!commands) { return placeholder; } @@ -362,6 +395,8 @@ WantedBy=default.target` return ; case "freebsd": return ; + case "nixos": + return ; default: return ; } @@ -369,20 +404,29 @@ WantedBy=default.target` const form = useForm({ resolver: zodResolver(createSiteFormSchema), - defaultValues: { name: "", copied: false, method: "newt" } + defaultValues: { + name: "", + copied: false, + method: "newt", + clientAddress: "", + acceptClients: false + } }); async function onSubmit(data: CreateSiteFormValues) { setCreateLoading(true); - let payload: CreateSiteBody = { name: data.name, type: data.method }; + let payload: CreateSiteBody = { + name: data.name, + type: data.method as "newt" | "wireguard" | "local" + }; if (data.method == "wireguard") { if (!siteDefaults || !wgConfig) { toast({ variant: "destructive", - title: "Error creating site", - description: "Key pair or site defaults not found" + title: t("siteErrorCreate"), + description: t("siteErrorCreateKeyPair") }); setCreateLoading(false); return; @@ -399,8 +443,8 @@ WantedBy=default.target` if (!siteDefaults) { toast({ variant: "destructive", - title: "Error creating site", - description: "Site defaults not found" + title: t("siteErrorCreate"), + description: t("siteErrorCreateDefaults") }); setCreateLoading(false); return; @@ -411,7 +455,8 @@ WantedBy=default.target` subnet: siteDefaults.subnet, exitNodeId: siteDefaults.exitNodeId, secret: siteDefaults.newtSecret, - newtId: siteDefaults.newtId + newtId: siteDefaults.newtId, + address: clientAddress }; } @@ -422,7 +467,7 @@ WantedBy=default.target` .catch((e) => { toast({ variant: "destructive", - title: "Error creating site", + title: t("siteErrorCreate"), description: formatAxiosError(e) }); }); @@ -440,22 +485,43 @@ WantedBy=default.target` const load = async () => { setLoadingPage(true); - let newtVersion = "latest"; + let currentNewtVersion = "latest"; try { + const controller = new AbortController(); + const timeoutId = setTimeout(() => controller.abort(), 3000); + const response = await fetch( - `https://api.github.com/repos/fosrl/newt/releases/latest` + `https://api.github.com/repos/fosrl/newt/releases/latest`, + { signal: controller.signal } ); + + clearTimeout(timeoutId); + if (!response.ok) { throw new Error( - `Failed to fetch release info: ${response.statusText}` + t("newtErrorFetchReleases", { + err: response.statusText + }) ); } const data = await response.json(); const latestVersion = data.tag_name; - newtVersion = latestVersion; + currentNewtVersion = latestVersion; + setNewtVersion(latestVersion); } catch (error) { - console.error("Error fetching latest release:", error); + if (error instanceof Error && error.name === 'AbortError') { + console.error(t("newtErrorFetchTimeout")); + } else { + console.error( + t("newtErrorFetchLatest", { + err: + error instanceof Error + ? error.message + : String(error) + }) + ); + } } const generatedKeypair = generateKeypair(); @@ -481,16 +547,19 @@ WantedBy=default.target` const newtId = data.newtId; const newtSecret = data.newtSecret; const newtEndpoint = data.endpoint; + const clientAddress = data.clientAddress; setNewtId(newtId); setNewtSecret(newtSecret); setNewtEndpoint(newtEndpoint); + setClientAddress(clientAddress); hydrateCommands( newtId, newtSecret, env.app.dashboardUrl, - newtVersion + currentNewtVersion, + acceptClients ); hydrateWireGuardConfig( @@ -516,12 +585,17 @@ WantedBy=default.target` load(); }, []); + // Sync form acceptClients value with local state + useEffect(() => { + form.setValue("acceptClients", acceptClients); + }, [acceptClients, form]); + return ( <>
@@ -539,7 +613,7 @@ WantedBy=default.target` - Site Information + {t("siteInfo")} @@ -555,7 +629,7 @@ WantedBy=default.target` render={({ field }) => ( - Name + {t("name")} - - This is the display - name for the site. - )} /> + {env.flags.enableClients && + form.watch("method") === + "newt" && ( + ( + + + {t( + "siteAddress" + )} + + + { + setClientAddress( + e + .target + .value + ); + field.onChange( + e + .target + .value + ); + }} + /> + + + + {t( + "siteAddressDescription" + )} + + + )} + /> + )} - - - - Tunnel Type - - - Determine how you want to connect to your - site - - - - { - form.setValue("method", value); - }} - cols={3} - /> - - + {tunnelTypes.length > 1 && ( + + + + {t("tunnelType")} + + + {t("siteTunnelDescription")} + + + + { + form.setValue("method", value); + }} + cols={3} + /> + + + )} {form.watch("method") === "newt" && ( <> - Newt Credentials + {t("siteNewtCredentials")} - This is how Newt will authenticate - with the server + {t( + "siteNewtCredentialsDescription" + )} - Newt Endpoint + {t("newtEndpoint")} - Newt ID + {t("newtId")} - Newt Secret Key + {t("newtSecretKey")} - Save Your Credentials + {t("siteCredentialsSave")} - You will only be able to see - this once. Make sure to copy it - to a secure place. + {t( + "siteCredentialsSaveDescription" + )} -
- - ( - -
- { - form.setValue( - "copied", - e as boolean - ); - }} - /> - -
- - - )} - /> - - + {/*
*/} + {/* */} + {/* ( */} + {/* */} + {/*
*/} + {/* { */} + {/* form.setValue( */} + {/* "copied", */} + {/* e as boolean */} + {/* ); */} + {/* }} */} + {/* /> */} + {/* */} + {/*
*/} + {/* */} + {/* */} + {/* )} */} + {/* /> */} + {/* */} + {/* */}
- - Install Newt + {t("siteInstallNewt")} - Get Newt running on your system + {t("siteInstallNewtDescription")}

- Operating System + {t("operatingSystem")}

{platforms.map((os) => ( @@ -727,7 +841,7 @@ WantedBy=default.target` ? "squareOutlinePrimary" : "squareOutline" } - className={`flex-1 min-w-[120px] ${platform === os ? "bg-primary/10" : ""}`} + className={`flex-1 min-w-[120px] ${platform === os ? "bg-primary/10" : ""} shadow-none`} onClick={() => { setPlatform(os); }} @@ -744,8 +858,8 @@ WantedBy=default.target` {["docker", "podman"].includes( platform ) - ? "Method" - : "Architecture"} + ? t("method") + : t("architecture")}

{getArchitectures().map( @@ -758,7 +872,7 @@ WantedBy=default.target` ? "squareOutlinePrimary" : "squareOutline" } - className={`flex-1 min-w-[120px] ${architecture === arch ? "bg-primary/10" : ""}`} + className={`flex-1 min-w-[120px] ${architecture === arch ? "bg-primary/10" : ""} shadow-none`} onClick={() => setArchitecture( arch @@ -770,9 +884,62 @@ WantedBy=default.target` ) )}
+

- Commands + {t("siteConfiguration")} +

+
+ { + const value = + checked as boolean; + setAcceptClients( + value + ); + form.setValue( + "acceptClients", + value + ); + // Re-hydrate commands with new acceptClients value + if ( + newtId && + newtSecret && + newtVersion + ) { + hydrateCommands( + newtId, + newtSecret, + env.app + .dashboardUrl, + newtVersion, + value + ); + } + }} + label={t( + "siteAcceptClientConnections" + )} + /> +
+

+ {t( + "siteAcceptClientConnectionsDescription" + )} +

+
+ +
+

+ {t("commands")}

- WireGuard Configuration + {t("WgConfiguration")} - Use the following configuration to - connect to your network + {t("WgConfigurationDescription")} @@ -818,56 +984,14 @@ WantedBy=default.target` - Save Your Credentials + {t("siteCredentialsSave")} - You will only be able to see this - once. Make sure to copy it to a - secure place. + {t( + "siteCredentialsSaveDescription" + )} - -
- - ( - -
- { - form.setValue( - "copied", - e as boolean - ); - }} - /> - -
- - - )} - /> - -
)} @@ -881,15 +1005,17 @@ WantedBy=default.target` router.push(`/${orgId}/settings/sites`); }} > - Cancel + {t("cancel")}
diff --git a/src/app/[orgId]/settings/sites/page.tsx b/src/app/[orgId]/settings/sites/page.tsx index 442328b4..10bcad53 100644 --- a/src/app/[orgId]/settings/sites/page.tsx +++ b/src/app/[orgId]/settings/sites/page.tsx @@ -5,6 +5,7 @@ import { AxiosResponse } from "axios"; import SitesTable, { SiteRow } from "./SitesTable"; import SettingsSectionTitle from "@app/components/SettingsSectionTitle"; import SitesSplashCard from "./SitesSplashCard"; +import { getTranslations } from "next-intl/server"; type SitesPageProps = { params: Promise<{ orgId: string }>; @@ -23,16 +24,18 @@ export default async function SitesPage(props: SitesPageProps) { sites = res.data.data.sites; } catch (e) {} + const t = await getTranslations(); + function formatSize(mb: number, type: string): string { if (type === "local") { return "-"; // because we are not able to track the data use in a local site right now } if (mb >= 1024 * 1024) { - return `${(mb / (1024 * 1024)).toFixed(2)} TB`; + return t('terabytes', {count: (mb / (1024 * 1024)).toFixed(2)}); } else if (mb >= 1024) { - return `${(mb / 1024).toFixed(2)} GB`; + return t('gigabytes', {count: (mb / 1024).toFixed(2)}); } else { - return `${mb.toFixed(2)} MB`; + return t('megabytes', {count: mb.toFixed(2)}); } } @@ -41,11 +44,14 @@ export default async function SitesPage(props: SitesPageProps) { name: site.name, id: site.siteId, nice: site.niceId.toString(), + address: site.address?.split("/")[0], mbIn: formatSize(site.megabytesIn || 0, site.type), mbOut: formatSize(site.megabytesOut || 0, site.type), orgId: params.orgId, type: site.type as any, - online: site.online + online: site.online, + newtVersion: site.newtVersion || undefined, + newtUpdateAvailable: site.newtUpdateAvailable || false, }; }); @@ -54,8 +60,8 @@ export default async function SitesPage(props: SitesPageProps) { {/* */} diff --git a/src/app/admin/api-keys/ApiKeysDataTable.tsx b/src/app/admin/api-keys/ApiKeysDataTable.tsx new file mode 100644 index 00000000..6ac8d68b --- /dev/null +++ b/src/app/admin/api-keys/ApiKeysDataTable.tsx @@ -0,0 +1,58 @@ +"use client"; + +import { + ColumnDef, + flexRender, + getCoreRowModel, + useReactTable, + getPaginationRowModel, + SortingState, + getSortedRowModel, + ColumnFiltersState, + getFilteredRowModel +} from "@tanstack/react-table"; + +import { + Table, + TableBody, + TableCell, + TableContainer, + TableHead, + TableHeader, + TableRow +} from "@/components/ui/table"; +import { Button } from "@app/components/ui/button"; +import { useState } from "react"; +import { Input } from "@app/components/ui/input"; +import { DataTablePagination } from "@app/components/DataTablePagination"; +import { Plus, Search } from "lucide-react"; +import { DataTable } from "@app/components/ui/data-table"; +import { useTranslations } from "next-intl"; + +interface DataTableProps { + columns: ColumnDef[]; + data: TData[]; + addApiKey?: () => void; +} + +export function ApiKeysDataTable({ + addApiKey, + columns, + data +}: DataTableProps) { + + const t = useTranslations(); + + return ( + + ); +} diff --git a/src/app/admin/api-keys/ApiKeysTable.tsx b/src/app/admin/api-keys/ApiKeysTable.tsx new file mode 100644 index 00000000..02aead9e --- /dev/null +++ b/src/app/admin/api-keys/ApiKeysTable.tsx @@ -0,0 +1,192 @@ +"use client"; + +import { ColumnDef } from "@tanstack/react-table"; +import { + DropdownMenu, + DropdownMenuContent, + DropdownMenuItem, + DropdownMenuTrigger +} from "@app/components/ui/dropdown-menu"; +import { Button } from "@app/components/ui/button"; +import { ArrowRight, ArrowUpDown, MoreHorizontal } from "lucide-react"; +import Link from "next/link"; +import { useRouter } from "next/navigation"; +import { useState } from "react"; +import ConfirmDeleteDialog from "@app/components/ConfirmDeleteDialog"; +import { toast } from "@app/hooks/useToast"; +import { formatAxiosError } from "@app/lib/api"; +import { createApiClient } from "@app/lib/api"; +import { useEnvContext } from "@app/hooks/useEnvContext"; +import moment from "moment"; +import { ApiKeysDataTable } from "./ApiKeysDataTable"; +import { useTranslations } from "next-intl"; + +export type ApiKeyRow = { + id: string; + key: string; + name: string; + createdAt: string; +}; + +type ApiKeyTableProps = { + apiKeys: ApiKeyRow[]; +}; + +export default function ApiKeysTable({ apiKeys }: ApiKeyTableProps) { + const router = useRouter(); + + const [isDeleteModalOpen, setIsDeleteModalOpen] = useState(false); + const [selected, setSelected] = useState(null); + const [rows, setRows] = useState(apiKeys); + + const api = createApiClient(useEnvContext()); + + const t = useTranslations(); + + const deleteSite = (apiKeyId: string) => { + api.delete(`/api-key/${apiKeyId}`) + .catch((e) => { + console.error(t("apiKeysErrorDelete"), e); + toast({ + variant: "destructive", + title: t("apiKeysErrorDelete"), + description: formatAxiosError( + e, + t("apiKeysErrorDeleteMessage") + ) + }); + }) + .then(() => { + router.refresh(); + setIsDeleteModalOpen(false); + + const newRows = rows.filter((row) => row.id !== apiKeyId); + + setRows(newRows); + }); + }; + + const columns: ColumnDef[] = [ + { + accessorKey: "name", + header: ({ column }) => { + return ( + + ); + } + }, + { + accessorKey: "key", + header: t("key"), + cell: ({ row }) => { + const r = row.original; + return {r.key}; + } + }, + { + accessorKey: "createdAt", + header: t("createdAt"), + cell: ({ row }) => { + const r = row.original; + return {moment(r.createdAt).format("lll")} ; + } + }, + { + id: "actions", + cell: ({ row }) => { + const r = row.original; + return ( +
+ + + + + + { + setSelected(r); + }} + > + {t("viewSettings")} + + { + setSelected(r); + setIsDeleteModalOpen(true); + }} + > + + {t("delete")} + + + + +
+ + + +
+
+ ); + } + } + ]; + + return ( + <> + {selected && ( + { + setIsDeleteModalOpen(val); + setSelected(null); + }} + dialog={ +
+

+ {t("apiKeysQuestionRemove", { + selectedApiKey: + selected?.name || selected?.id + })} +

+ +

+ {t("apiKeysMessageRemove")} +

+ +

{t("apiKeysMessageConfirm")}

+
+ } + buttonText={t("apiKeysDeleteConfirm")} + onConfirm={async () => deleteSite(selected!.id)} + string={selected.name} + title={t("apiKeysDelete")} + /> + )} + + { + router.push(`/admin/api-keys/create`); + }} + /> + + ); +} diff --git a/src/app/admin/api-keys/[apiKeyId]/layout.tsx b/src/app/admin/api-keys/[apiKeyId]/layout.tsx new file mode 100644 index 00000000..7e9e579f --- /dev/null +++ b/src/app/admin/api-keys/[apiKeyId]/layout.tsx @@ -0,0 +1,51 @@ +import { internal } from "@app/lib/api"; +import { AxiosResponse } from "axios"; +import { redirect } from "next/navigation"; +import { authCookieHeader } from "@app/lib/api/cookies"; +import SettingsSectionTitle from "@app/components/SettingsSectionTitle"; +import { GetApiKeyResponse } from "@server/routers/apiKeys"; +import ApiKeyProvider from "@app/providers/ApiKeyProvider"; +import { HorizontalTabs } from "@app/components/HorizontalTabs"; +import { getTranslations } from "next-intl/server"; + +interface SettingsLayoutProps { + children: React.ReactNode; + params: Promise<{ apiKeyId: string }>; +} + +export default async function SettingsLayout(props: SettingsLayoutProps) { + const params = await props.params; + + const t = await getTranslations(); + + const { children } = props; + + let apiKey = null; + try { + const res = await internal.get>( + `/api-key/${params.apiKeyId}`, + await authCookieHeader() + ); + apiKey = res.data.data; + } catch (e) { + console.error(e); + redirect(`/admin/api-keys`); + } + + const navItems = [ + { + title: t('apiKeysPermissionsTitle'), + href: "/admin/api-keys/{apiKeyId}/permissions" + } + ]; + + return ( + <> + + + + {children} + + + ); +} diff --git a/src/app/admin/api-keys/[apiKeyId]/page.tsx b/src/app/admin/api-keys/[apiKeyId]/page.tsx new file mode 100644 index 00000000..910d1b53 --- /dev/null +++ b/src/app/admin/api-keys/[apiKeyId]/page.tsx @@ -0,0 +1,8 @@ +import { redirect } from "next/navigation"; + +export default async function ApiKeysPage(props: { + params: Promise<{ apiKeyId: string }>; +}) { + const params = await props.params; + redirect(`/admin/api-keys/${params.apiKeyId}/permissions`); +} diff --git a/src/app/admin/api-keys/[apiKeyId]/permissions/page.tsx b/src/app/admin/api-keys/[apiKeyId]/permissions/page.tsx new file mode 100644 index 00000000..e00ae425 --- /dev/null +++ b/src/app/admin/api-keys/[apiKeyId]/permissions/page.tsx @@ -0,0 +1,137 @@ +"use client"; + +import PermissionsSelectBox from "@app/components/PermissionsSelectBox"; +import { + SettingsContainer, + SettingsSection, + SettingsSectionBody, + SettingsSectionDescription, + SettingsSectionFooter, + SettingsSectionHeader, + SettingsSectionTitle +} from "@app/components/Settings"; +import { Button } from "@app/components/ui/button"; +import { useEnvContext } from "@app/hooks/useEnvContext"; +import { toast } from "@app/hooks/useToast"; +import { createApiClient, formatAxiosError } from "@app/lib/api"; +import { ListApiKeyActionsResponse } from "@server/routers/apiKeys"; +import { AxiosResponse } from "axios"; +import { useParams } from "next/navigation"; +import { useEffect, useState } from "react"; +import { useTranslations } from "next-intl"; + +export default function Page() { + const { env } = useEnvContext(); + const api = createApiClient({ env }); + const { apiKeyId } = useParams(); + + const t = useTranslations(); + + const [loadingPage, setLoadingPage] = useState(true); + const [selectedPermissions, setSelectedPermissions] = useState< + Record + >({}); + const [loadingSavePermissions, setLoadingSavePermissions] = + useState(false); + + useEffect(() => { + async function load() { + setLoadingPage(true); + + const res = await api + .get< + AxiosResponse + >(`/api-key/${apiKeyId}/actions`) + .catch((e) => { + toast({ + variant: "destructive", + title: t('apiKeysPermissionsErrorLoadingActions'), + description: formatAxiosError( + e, + t('apiKeysPermissionsErrorLoadingActions') + ) + }); + }); + + if (res && res.status === 200) { + const data = res.data.data; + for (const action of data.actions) { + setSelectedPermissions((prev) => ({ + ...prev, + [action.actionId]: true + })); + } + } + + setLoadingPage(false); + } + + load(); + }, []); + + async function savePermissions() { + setLoadingSavePermissions(true); + + const actionsRes = await api + .post(`/api-key/${apiKeyId}/actions`, { + actionIds: Object.keys(selectedPermissions).filter( + (key) => selectedPermissions[key] + ) + }) + .catch((e) => { + console.error(t('apiKeysErrorSetPermission'), e); + toast({ + variant: "destructive", + title: t('apiKeysErrorSetPermission'), + description: formatAxiosError(e) + }); + }); + + if (actionsRes && actionsRes.status === 200) { + toast({ + title: t('apiKeysPermissionsUpdated'), + description: t('apiKeysPermissionsUpdatedDescription') + }); + } + + setLoadingSavePermissions(false); + } + + return ( + <> + {!loadingPage && ( + + + + + {t('apiKeysPermissionsTitle')} + + + {t('apiKeysPermissionsGeneralSettingsDescription')} + + + + + + + + + + + + )} + + ); +} diff --git a/src/app/admin/api-keys/create/page.tsx b/src/app/admin/api-keys/create/page.tsx new file mode 100644 index 00000000..2f95c7fd --- /dev/null +++ b/src/app/admin/api-keys/create/page.tsx @@ -0,0 +1,387 @@ +"use client"; + +import { + SettingsContainer, + SettingsSection, + SettingsSectionBody, + SettingsSectionDescription, + SettingsSectionForm, + SettingsSectionHeader, + SettingsSectionTitle +} from "@app/components/Settings"; +import { + Form, + FormControl, + FormField, + FormItem, + FormLabel, + FormMessage +} from "@app/components/ui/form"; +import HeaderTitle from "@app/components/SettingsSectionTitle"; +import { z } from "zod"; +import { useEffect, useState } from "react"; +import { useForm } from "react-hook-form"; +import { zodResolver } from "@hookform/resolvers/zod"; +import { Input } from "@app/components/ui/input"; +import { InfoIcon } from "lucide-react"; +import { Button } from "@app/components/ui/button"; +import { Alert, AlertDescription, AlertTitle } from "@app/components/ui/alert"; +import { createApiClient, formatAxiosError } from "@app/lib/api"; +import { useEnvContext } from "@app/hooks/useEnvContext"; +import { toast } from "@app/hooks/useToast"; +import { AxiosResponse } from "axios"; +import { useRouter } from "next/navigation"; +import { + CreateOrgApiKeyBody, + CreateOrgApiKeyResponse +} from "@server/routers/apiKeys"; +import { + InfoSection, + InfoSectionContent, + InfoSections, + InfoSectionTitle +} from "@app/components/InfoSection"; +import CopyToClipboard from "@app/components/CopyToClipboard"; +import moment from "moment"; +import CopyTextBox from "@app/components/CopyTextBox"; +import PermissionsSelectBox from "@app/components/PermissionsSelectBox"; +import { useTranslations } from "next-intl"; + +export default function Page() { + const { env } = useEnvContext(); + const api = createApiClient({ env }); + const router = useRouter(); + const t = useTranslations(); + + const [loadingPage, setLoadingPage] = useState(true); + const [createLoading, setCreateLoading] = useState(false); + const [apiKey, setApiKey] = useState(null); + const [selectedPermissions, setSelectedPermissions] = useState< + Record + >({}); + + const createFormSchema = z.object({ + name: z + .string() + .min(2, { + message: t('nameMin', {len: 2}) + }) + .max(255, { + message: t('nameMax', {len: 255}) + }) + }); + + type CreateFormValues = z.infer; + + const copiedFormSchema = z + .object({ + copied: z.boolean() + }) + .refine( + (data) => { + return data.copied; + }, + { + message: t('apiKeysConfirmCopy2'), + path: ["copied"] + } + ); + + type CopiedFormValues = z.infer; + + const form = useForm({ + resolver: zodResolver(createFormSchema), + defaultValues: { + name: "" + } + }); + + const copiedForm = useForm({ + resolver: zodResolver(copiedFormSchema), + defaultValues: { + copied: true + } + }); + + async function onSubmit(data: CreateFormValues) { + setCreateLoading(true); + + const payload: CreateOrgApiKeyBody = { + name: data.name + }; + + const res = await api + .put>(`/api-key`, payload) + .catch((e) => { + toast({ + variant: "destructive", + title: t('apiKeysErrorCreate'), + description: formatAxiosError(e) + }); + }); + + if (res && res.status === 201) { + const data = res.data.data; + + console.log({ + actionIds: Object.keys(selectedPermissions).filter( + (key) => selectedPermissions[key] + ) + }); + + const actionsRes = await api + .post(`/api-key/${data.apiKeyId}/actions`, { + actionIds: Object.keys(selectedPermissions).filter( + (key) => selectedPermissions[key] + ) + }) + .catch((e) => { + console.error(t('apiKeysErrorSetPermission'), e); + toast({ + variant: "destructive", + title: t('apiKeysErrorSetPermission'), + description: formatAxiosError(e) + }); + }); + + if (actionsRes) { + setApiKey(data); + } + } + + setCreateLoading(false); + } + + async function onCopiedSubmit(data: CopiedFormValues) { + if (!data.copied) { + return; + } + + router.push(`/admin/api-keys`); + } + + useEffect(() => { + const load = async () => { + setLoadingPage(false); + }; + + load(); + }, []); + + return ( + <> +
+ + +
+ + {!loadingPage && ( +
+ + {!apiKey && ( + <> + + + + {t('apiKeysTitle')} + + + + +
+ + ( + + + {t('name')} + + + + + + + )} + /> + + +
+ + + + + + + {t('apiKeysGeneralSettings')} + + + {t('apiKeysGeneralSettingsDescription')} + + + + + + + + )} + + {apiKey && ( + + + + {t('apiKeysList')} + + + + + + + {t('name')} + + + + + + + + {t('created')} + + + {moment( + apiKey.createdAt + ).format("lll")} + + + + + + + + {t('apiKeysSave')} + + + {t('apiKeysSaveDescription')} + + + + {/*

*/} + {/* {t('apiKeysInfo')} */} + {/*

*/} + + + + {/*
*/} + {/* */} + {/* ( */} + {/* */} + {/*
*/} + {/* { */} + {/* copiedForm.setValue( */} + {/* "copied", */} + {/* e as boolean */} + {/* ); */} + {/* }} */} + {/* /> */} + {/* */} + {/*
*/} + {/* */} + {/* */} + {/* )} */} + {/* /> */} + {/* */} + {/* */} +
+ + )} + + +
+ {!apiKey && ( + + )} + {!apiKey && ( + + )} + + {apiKey && ( + + )} +
+
+ )} + + ); +} diff --git a/src/app/admin/api-keys/page.tsx b/src/app/admin/api-keys/page.tsx new file mode 100644 index 00000000..22607f2f --- /dev/null +++ b/src/app/admin/api-keys/page.tsx @@ -0,0 +1,44 @@ +import { internal } from "@app/lib/api"; +import { authCookieHeader } from "@app/lib/api/cookies"; +import { AxiosResponse } from "axios"; +import SettingsSectionTitle from "@app/components/SettingsSectionTitle"; +import { ListRootApiKeysResponse } from "@server/routers/apiKeys"; +import ApiKeysTable, { ApiKeyRow } from "./ApiKeysTable"; +import { getTranslations } from "next-intl/server"; + +type ApiKeyPageProps = {}; + +export const dynamic = "force-dynamic"; + +export default async function ApiKeysPage(props: ApiKeyPageProps) { + let apiKeys: ListRootApiKeysResponse["apiKeys"] = []; + try { + const res = await internal.get>( + `/api-keys`, + await authCookieHeader() + ); + apiKeys = res.data.data.apiKeys; + } catch (e) {} + + const rows: ApiKeyRow[] = apiKeys.map((key) => { + return { + name: key.name, + id: key.apiKeyId, + key: `${key.apiKeyId}••••••••••••••••••••${key.lastChars}`, + createdAt: key.createdAt + }; + }); + + const t = await getTranslations(); + + return ( + <> + + + + + ); +} diff --git a/src/app/admin/idp/AdminIdpDataTable.tsx b/src/app/admin/idp/AdminIdpDataTable.tsx index 8d64ce0b..2efd9e7c 100644 --- a/src/app/admin/idp/AdminIdpDataTable.tsx +++ b/src/app/admin/idp/AdminIdpDataTable.tsx @@ -3,6 +3,7 @@ import { ColumnDef } from "@tanstack/react-table"; import { DataTable } from "@app/components/ui/data-table"; import { useRouter } from "next/navigation"; +import { useTranslations } from "next-intl"; interface DataTableProps { columns: ColumnDef[]; @@ -14,15 +15,17 @@ export function IdpDataTable({ data }: DataTableProps) { const router = useRouter(); + const t = useTranslations(); return ( { router.push("/admin/idp/create"); }} diff --git a/src/app/admin/idp/AdminIdpTable.tsx b/src/app/admin/idp/AdminIdpTable.tsx index b2415280..fa7de6da 100644 --- a/src/app/admin/idp/AdminIdpTable.tsx +++ b/src/app/admin/idp/AdminIdpTable.tsx @@ -19,6 +19,7 @@ import { DropdownMenuTrigger } from "@app/components/ui/dropdown-menu"; import Link from "next/link"; +import { useTranslations } from "next-intl"; export type IdpRow = { idpId: number; @@ -36,19 +37,20 @@ export default function IdpTable({ idps }: Props) { const [selectedIdp, setSelectedIdp] = useState(null); const api = createApiClient(useEnvContext()); const router = useRouter(); + const t = useTranslations(); const deleteIdp = async (idpId: number) => { try { await api.delete(`/idp/${idpId}`); toast({ - title: "Success", - description: "Identity provider deleted successfully" + title: t("success"), + description: t("idpDeletedDescription") }); setIsDeleteModalOpen(false); router.refresh(); } catch (e) { toast({ - title: "Error", + title: t("error"), description: formatAxiosError(e), variant: "destructive" }); @@ -65,41 +67,6 @@ export default function IdpTable({ idps }: Props) { }; const columns: ColumnDef[] = [ - { - id: "dots", - cell: ({ row }) => { - const r = row.original; - - return ( - - - - - - - - View settings - - - { - setSelectedIdp(r); - setIsDeleteModalOpen(true); - }} - > - Delete - - - - ); - } - }, { accessorKey: "idpId", header: ({ column }) => { @@ -126,7 +93,7 @@ export default function IdpTable({ idps }: Props) { column.toggleSorting(column.getIsSorted() === "asc") } > - Name + {t("name")} ); @@ -142,7 +109,7 @@ export default function IdpTable({ idps }: Props) { column.toggleSorting(column.getIsSorted() === "asc") } > - Type + {t("type")} ); @@ -160,9 +127,43 @@ export default function IdpTable({ idps }: Props) { const siteRow = row.original; return (
+ + + + + + + + {t("viewSettings")} + + + { + setSelectedIdp(siteRow); + setIsDeleteModalOpen(true); + }} + > + + {t("delete")} + + + + - @@ -184,27 +185,20 @@ export default function IdpTable({ idps }: Props) { dialog={

- Are you sure you want to permanently delete the - identity provider {selectedIdp.name}? + {t("idpQuestionRemove", { + name: selectedIdp.name + })}

- - This will remove the identity provider and - all associated configurations. Users who - authenticate through this provider will no - longer be able to log in. - -

-

- To confirm, please type the name of the identity - provider below. + {t("idpMessageRemove")}

+

{t("idpMessageConfirm")}

} - buttonText="Confirm Delete Identity Provider" + buttonText={t("idpConfirmDelete")} onConfirm={async () => deleteIdp(selectedIdp.idpId)} string={selectedIdp.name} - title="Delete Identity Provider" + title={t("idpDelete")} /> )} diff --git a/src/app/admin/idp/[idpId]/general/page.tsx b/src/app/admin/idp/[idpId]/general/page.tsx index eba6baea..8aa4f084 100644 --- a/src/app/admin/idp/[idpId]/general/page.tsx +++ b/src/app/admin/idp/[idpId]/general/page.tsx @@ -41,24 +41,7 @@ import { InfoSectionTitle } from "@app/components/InfoSection"; import CopyToClipboard from "@app/components/CopyToClipboard"; -import { Badge } from "@app/components/ui/badge"; - -const GeneralFormSchema = z.object({ - name: z.string().min(2, { message: "Name must be at least 2 characters." }), - clientId: z.string().min(1, { message: "Client ID is required." }), - clientSecret: z.string().min(1, { message: "Client Secret is required." }), - authUrl: z.string().url({ message: "Auth URL must be a valid URL." }), - tokenUrl: z.string().url({ message: "Token URL must be a valid URL." }), - identifierPath: z - .string() - .min(1, { message: "Identifier Path is required." }), - emailPath: z.string().optional(), - namePath: z.string().optional(), - scopes: z.string().min(1, { message: "Scopes are required." }), - autoProvision: z.boolean().default(false) -}); - -type GeneralFormValues = z.infer; +import { useTranslations } from "next-intl"; export default function GeneralPage() { const { env } = useEnvContext(); @@ -69,6 +52,24 @@ export default function GeneralPage() { const [initialLoading, setInitialLoading] = useState(true); const redirectUrl = `${env.app.dashboardUrl}/auth/idp/${idpId}/oidc/callback`; + const t = useTranslations(); + + const GeneralFormSchema = z.object({ + name: z.string().min(2, { message: t('nameMin', {len: 2}) }), + clientId: z.string().min(1, { message: t('idpClientIdRequired') }), + clientSecret: z.string().min(1, { message: t('idpClientSecretRequired') }), + authUrl: z.string().url({ message: t('idpErrorAuthUrlInvalid') }), + tokenUrl: z.string().url({ message: t('idpErrorTokenUrlInvalid') }), + identifierPath: z + .string() + .min(1, { message: t('idpPathRequired') }), + emailPath: z.string().optional(), + namePath: z.string().optional(), + scopes: z.string().min(1, { message: t('idpScopeRequired') }), + autoProvision: z.boolean().default(false) + }); + + type GeneralFormValues = z.infer; const form = useForm({ resolver: zodResolver(GeneralFormSchema), @@ -107,7 +108,7 @@ export default function GeneralPage() { } } catch (e) { toast({ - title: "Error", + title: t('error'), description: formatAxiosError(e), variant: "destructive" }); @@ -141,14 +142,14 @@ export default function GeneralPage() { if (res.status === 200) { toast({ - title: "Success", - description: "Identity provider updated successfully" + title: t('success'), + description: t('idpUpdatedDescription') }); router.refresh(); } } catch (e) { toast({ - title: "Error", + title: t('error'), description: formatAxiosError(e), variant: "destructive" }); @@ -167,18 +168,17 @@ export default function GeneralPage() { - General Information + {t('idpTitle')} - Configure the basic information for your identity - provider + {t('idpSettingsDescription')} - Redirect URL + {t('redirectUrl')} @@ -189,13 +189,10 @@ export default function GeneralPage() { - About Redirect URL + {t('redirectUrlAbout')} - This is the URL to which users will be - redirected after authentication. You need to - configure this URL in your identity provider - settings. + {t('redirectUrlAboutDescription')} @@ -210,13 +207,12 @@ export default function GeneralPage() { name="name" render={({ field }) => ( - Name + {t('name')} - A display name for this - identity provider + {t('idpDisplayName')} @@ -226,7 +222,7 @@ export default function GeneralPage() {
- When enabled, users will be - automatically created in the system upon - first login with the ability to map - users to roles and organizations. + {t('idpAutoProvisionUsersDescription')} @@ -254,11 +247,10 @@ export default function GeneralPage() { - OAuth2/OIDC Configuration + {t('idpOidcConfigure')} - Configure the OAuth2/OIDC provider endpoints and - credentials + {t('idpOidcConfigureDescription')} @@ -275,15 +267,13 @@ export default function GeneralPage() { render={({ field }) => ( - Client ID + {t('idpClientId')} - The OAuth2 client ID - from your identity - provider + {t('idpClientIdDescription')} @@ -296,7 +286,7 @@ export default function GeneralPage() { render={({ field }) => ( - Client Secret + {t('idpClientSecret')} - The OAuth2 client secret - from your identity - provider + {t('idpClientSecretDescription')} @@ -320,14 +308,13 @@ export default function GeneralPage() { render={({ field }) => ( - Authorization URL + {t('idpAuthUrl')} - The OAuth2 authorization - endpoint URL + {t('idpAuthUrlDescription')} @@ -340,14 +327,13 @@ export default function GeneralPage() { render={({ field }) => ( - Token URL + {t('idpTokenUrl')} - The OAuth2 token - endpoint URL + {t('idpTokenUrlDescription')} @@ -362,11 +348,10 @@ export default function GeneralPage() { - Token Configuration + {t('idpToken')} - Configure how to extract user information from - the ID token + {t('idpTokenDescription')} @@ -380,19 +365,17 @@ export default function GeneralPage() { - About JMESPath + {t('idpJmespathAbout')} - The paths below use JMESPath - syntax to extract values from - the ID token. + {t('idpJmespathAboutDescription')} - Learn more about JMESPath{" "} + {t('idpJmespathAboutDescriptionLink')}{" "} @@ -404,15 +387,13 @@ export default function GeneralPage() { render={({ field }) => ( - Identifier Path + {t('idpJmespathLabel')} - The JMESPath to the user - identifier in the ID - token + {t('idpJmespathLabelDescription')} @@ -425,15 +406,13 @@ export default function GeneralPage() { render={({ field }) => ( - Email Path (Optional) + {t('idpJmespathEmailPathOptional')} - The JMESPath to the - user's email in the ID - token + {t('idpJmespathEmailPathOptionalDescription')} @@ -446,15 +425,13 @@ export default function GeneralPage() { render={({ field }) => ( - Name Path (Optional) + {t('idpJmespathNamePathOptional')} - The JMESPath to the - user's name in the ID - token + {t('idpJmespathNamePathOptionalDescription')} @@ -467,14 +444,13 @@ export default function GeneralPage() { render={({ field }) => ( - Scopes + {t('idpOidcConfigureScopes')} - Space-separated list of - OAuth2 scopes to request + {t('idpOidcConfigureScopesDescription')} @@ -495,7 +471,7 @@ export default function GeneralPage() { loading={loading} disabled={loading} > - Save General Settings + {t('saveGeneralSettings')}
diff --git a/src/app/admin/idp/[idpId]/layout.tsx b/src/app/admin/idp/[idpId]/layout.tsx index 559c87ef..af64e440 100644 --- a/src/app/admin/idp/[idpId]/layout.tsx +++ b/src/app/admin/idp/[idpId]/layout.tsx @@ -5,6 +5,7 @@ import { redirect } from "next/navigation"; import { authCookieHeader } from "@app/lib/api/cookies"; import { HorizontalTabs } from "@app/components/HorizontalTabs"; import SettingsSectionTitle from "@app/components/SettingsSectionTitle"; +import { getTranslations } from "next-intl/server"; interface SettingsLayoutProps { children: React.ReactNode; @@ -14,6 +15,7 @@ interface SettingsLayoutProps { export default async function SettingsLayout(props: SettingsLayoutProps) { const params = await props.params; const { children } = props; + const t = await getTranslations(); let idp = null; try { @@ -28,20 +30,20 @@ export default async function SettingsLayout(props: SettingsLayoutProps) { const navItems: HorizontalTabs = [ { - title: "General", + title: t('general'), href: `/admin/idp/${params.idpId}/general` }, { - title: "Organization Policies", - href: `/admin/idp/${params.idpId}/policies`, + title: t('orgPolicies'), + href: `/admin/idp/${params.idpId}/policies` } ]; return ( <>
diff --git a/src/app/admin/idp/[idpId]/policies/EditPolicyForm.tsx b/src/app/admin/idp/[idpId]/policies/EditPolicyForm.tsx deleted file mode 100644 index b967fc80..00000000 --- a/src/app/admin/idp/[idpId]/policies/EditPolicyForm.tsx +++ /dev/null @@ -1,368 +0,0 @@ -import { - Credenza, - CredenzaBody, - CredenzaClose, - CredenzaContent, - CredenzaDescription, - CredenzaFooter, - CredenzaHeader, - CredenzaTitle -} from "@app/components/Credenza"; -import { useEnvContext } from "@app/hooks/useEnvContext"; -import { createApiClient, formatAxiosError } from "@app/lib/api"; -import { zodResolver } from "@hookform/resolvers/zod"; -import { useForm } from "react-hook-form"; -import { z } from "zod"; -import { PolicyRow } from "./PolicyTable"; -import { Button } from "@app/components/ui/button"; -import { useState } from "react"; -import { - Form, - FormControl, - FormDescription, - FormField, - FormItem, - FormLabel, - FormMessage -} from "@app/components/ui/form"; -import { Input } from "@app/components/ui/input"; -import { - Popover, - PopoverContent, - PopoverTrigger -} from "@app/components/ui/popover"; -import { cn } from "@app/lib/cn"; -import { CaretSortIcon, CheckIcon } from "@radix-ui/react-icons"; -import { - Command, - CommandEmpty, - CommandGroup, - CommandInput, - CommandItem, - CommandList -} from "@app/components/ui/command"; -import type { Org } from "@server/db/schemas"; -import { AxiosResponse } from "axios"; -import { CreateIdpOrgPolicyResponse } from "@server/routers/idp"; -import { toast } from "@app/hooks/useToast"; - -type EditPolicyFormProps = { - idpId: string; - orgs: Org[]; - policies: PolicyRow[]; - policyToEdit: PolicyRow | null; - open: boolean; - setOpen: (open: boolean) => void; - afterCreate?: (policy: PolicyRow) => void; - afterEdit?: (policy: PolicyRow) => void; -}; - -const formSchema = z.object({ - orgId: z.string(), - roleMapping: z.string().optional(), - orgMapping: z.string().optional() -}); - -export default function EditPolicyForm({ - idpId, - orgs, - policies, - policyToEdit, - open, - setOpen, - afterCreate, - afterEdit -}: EditPolicyFormProps) { - const [loading, setLoading] = useState(false); - const [orgsPopoverOpen, setOrgsPopoverOpen] = useState(false); - - const api = createApiClient(useEnvContext()); - - const defaultValues = { - roleMapping: "", - orgMapping: "" - }; - - const form = useForm>({ - resolver: zodResolver(formSchema), - defaultValues, - // @ts-ignore - values: policyToEdit - ? { - orgId: policyToEdit.orgId, - roleMapping: policyToEdit.roleMapping || "", - orgMapping: policyToEdit.orgMapping || "" - } - : defaultValues - }); - - async function onSubmit(values: z.infer) { - setLoading(true); - - if (policyToEdit) { - const res = await api - .post>( - `/idp/${idpId}/org/${values.orgId}`, - { - roleMapping: values.roleMapping, - orgMapping: values.orgMapping - } - ) - .catch((e) => { - toast({ - variant: "destructive", - title: "Failed to create org policy", - description: formatAxiosError( - e, - "An error occurred while updating the org policy." - ) - }); - }); - - if (res && res.status === 200) { - toast({ - variant: "default", - title: "Org policy created", - description: "The org policy has been successfully updated." - }); - - setOpen(false); - - if (afterEdit) { - afterEdit({ - orgId: values.orgId, - roleMapping: values.roleMapping ?? null, - orgMapping: values.orgMapping ?? null - }); - } - } - } else { - const res = await api - .put>( - `/idp/${idpId}/org/${values.orgId}`, - { - roleMapping: values.roleMapping, - orgMapping: values.orgMapping - } - ) - .catch((e) => { - toast({ - variant: "destructive", - title: "Failed to create role", - description: formatAxiosError( - e, - "An error occurred while creating the role." - ) - }); - }); - - if (res && res.status === 201) { - toast({ - variant: "default", - title: "Org policy created", - description: "The org policy has been successfully created." - }); - - setOpen(false); - - if (afterCreate) { - afterCreate({ - orgId: values.orgId, - roleMapping: values.roleMapping ?? null, - orgMapping: values.orgMapping ?? null - }); - } - } - } - - setLoading(false); - } - - return ( - { - setOpen(val); - setLoading(false); - setOrgsPopoverOpen(false); - form.reset(); - }} - > - - - - {policyToEdit ? "Edit" : "Create"} Organization Policy - - - Configure access for an organization - - - -
- - ( - - Organization - {policyToEdit ? ( - - ) : ( - - - - - - - - - - - - No site found. - - - {orgs.map( - (org) => { - if ( - policies.find( - ( - p - ) => - p.orgId === - org.orgId - ) - ) { - return undefined; - } - return ( - { - form.setValue( - "orgId", - org.orgId - ); - setOrgsPopoverOpen( - false - ); - }} - > - - { - org.name - } - - ); - } - )} - - - - - - )} - - - )} - /> - ( - - - Role Mapping Path (Optional) - - - - - - JMESPath to extract role information - from the ID token. The result of - this expression must return the role - name(s) as defined in the - organization as a string/list of - strings. - - - - )} - /> - ( - - - Organization Mapping Path (Optional) - - - - - - JMESPath to extract organization - information from the ID token. This - expression must return thr org ID or - true for the user to be allowed to - access the organization. - - - - )} - /> - - -
- - - - - - - - - ); -} diff --git a/src/app/admin/idp/[idpId]/policies/PolicyDataTable.tsx b/src/app/admin/idp/[idpId]/policies/PolicyDataTable.tsx index 73ca2ff8..89c1ed19 100644 --- a/src/app/admin/idp/[idpId]/policies/PolicyDataTable.tsx +++ b/src/app/admin/idp/[idpId]/policies/PolicyDataTable.tsx @@ -2,11 +2,12 @@ import { ColumnDef } from "@tanstack/react-table"; import { DataTable } from "@app/components/ui/data-table"; +import { useTranslations } from "next-intl"; interface DataTableProps { columns: ColumnDef[]; data: TData[]; - onAdd?: () => void; + onAdd: () => void; } export function PolicyDataTable({ @@ -14,15 +15,19 @@ export function PolicyDataTable({ data, onAdd }: DataTableProps) { + + const t = useTranslations(); + return ( ); } diff --git a/src/app/admin/idp/[idpId]/policies/PolicyTable.tsx b/src/app/admin/idp/[idpId]/policies/PolicyTable.tsx index f1c8fb2a..58cf55f3 100644 --- a/src/app/admin/idp/[idpId]/policies/PolicyTable.tsx +++ b/src/app/admin/idp/[idpId]/policies/PolicyTable.tsx @@ -1,78 +1,64 @@ "use client"; import { ColumnDef } from "@tanstack/react-table"; +import { Button } from "@app/components/ui/button"; +import { + ArrowUpDown, + MoreHorizontal, +} from "lucide-react"; +import { PolicyDataTable } from "./PolicyDataTable"; import { DropdownMenu, DropdownMenuContent, DropdownMenuItem, DropdownMenuTrigger } from "@app/components/ui/dropdown-menu"; -import { Button } from "@app/components/ui/button"; -import { ArrowUpDown, MoreHorizontal } from "lucide-react"; -import { PolicyDataTable } from "./PolicyDataTable"; +import { InfoPopup } from "@app/components/ui/info-popup"; +import { useTranslations } from "next-intl"; export interface PolicyRow { orgId: string; - roleMapping: string | null; - orgMapping: string | null; + roleMapping?: string; + orgMapping?: string; } -type PolicyTableProps = { +interface Props { policies: PolicyRow[]; + onDelete: (orgId: string) => void; onAdd: () => void; - onEdit: (row: PolicyRow) => void; - onDelete: (row: PolicyRow) => void; -}; + onEdit: (policy: PolicyRow) => void; +} -export default function PolicyTable({ - policies, - onAdd, - onEdit, - onDelete -}: PolicyTableProps) { +export default function PolicyTable({ policies, onDelete, onAdd, onEdit }: Props) { + const t = useTranslations(); const columns: ColumnDef[] = [ { - id: "actions", + id: "dots", cell: ({ row }) => { - const policyRow = row.original; + const r = row.original; return ( - <> -
- - - - - - onEdit(policyRow)} - > - Edit Policy - - onDelete(policyRow)} - > - - Delete Policy - - - - -
- + + + + + + { + onDelete(r.orgId); + }} + > + {t('delete')} + + + ); } }, { - id: "orgId", accessorKey: "orgId", header: ({ column }) => { return ( @@ -82,7 +68,7 @@ export default function PolicyTable({ column.toggleSorting(column.getIsSorted() === "asc") } > - Organization ID + {t('orgId')} ); @@ -90,24 +76,74 @@ export default function PolicyTable({ }, { accessorKey: "roleMapping", - header: "Role Mapping" + header: ({ column }) => { + return ( + + ); + }, + cell: ({ row }) => { + const mapping = row.original.roleMapping; + return mapping ? ( + 50 ? `${mapping.substring(0, 50)}...` : mapping} + info={mapping} + /> + ) : ( + "--" + ); + } }, { accessorKey: "orgMapping", - header: "Organization Mapping" + header: ({ column }) => { + return ( + + ); + }, + cell: ({ row }) => { + const mapping = row.original.orgMapping; + return mapping ? ( + 50 ? `${mapping.substring(0, 50)}...` : mapping} + info={mapping} + /> + ) : ( + "--" + ); + } }, { - id: "edit", - cell: ({ row }) => ( -
- -
- ) + id: "actions", + cell: ({ row }) => { + const policy = row.original; + return ( +
+ +
+ ); + } } ]; diff --git a/src/app/admin/idp/[idpId]/policies/page.tsx b/src/app/admin/idp/[idpId]/policies/page.tsx index 7114011b..aadd6eb8 100644 --- a/src/app/admin/idp/[idpId]/policies/page.tsx +++ b/src/app/admin/idp/[idpId]/policies/page.tsx @@ -1,8 +1,22 @@ "use client"; -import { zodResolver } from "@hookform/resolvers/zod"; -import { z } from "zod"; +import { useEffect, useState } from "react"; +import { useParams, useRouter } from "next/navigation"; +import { createApiClient, formatAxiosError } from "@app/lib/api"; +import { useEnvContext } from "@app/hooks/useEnvContext"; +import { toast } from "@app/hooks/useToast"; import { Button } from "@app/components/ui/button"; +import { Input } from "@app/components/ui/input"; +import { + Credenza, + CredenzaBody, + CredenzaClose, + CredenzaContent, + CredenzaDescription, + CredenzaFooter, + CredenzaHeader, + CredenzaTitle +} from "@app/components/Credenza"; import { Form, FormControl, @@ -12,10 +26,33 @@ import { FormLabel, FormMessage } from "@app/components/ui/form"; -import { Input } from "@app/components/ui/input"; import { useForm } from "react-hook-form"; -import { toast } from "@app/hooks/useToast"; -import { useRouter, useParams } from "next/navigation"; +import { zodResolver } from "@hookform/resolvers/zod"; +import { z } from "zod"; +import { Alert, AlertDescription, AlertTitle } from "@app/components/ui/alert"; +import { InfoIcon, ExternalLink, CheckIcon } from "lucide-react"; +import PolicyTable, { PolicyRow } from "./PolicyTable"; +import { AxiosResponse } from "axios"; +import { ListOrgsResponse } from "@server/routers/org"; +import { + Popover, + PopoverContent, + PopoverTrigger +} from "@app/components/ui/popover"; +import { cn } from "@app/lib/cn"; +import { + Command, + CommandEmpty, + CommandGroup, + CommandInput, + CommandItem, + CommandList +} from "@app/components/ui/command"; +import { CaretSortIcon } from "@radix-ui/react-icons"; +import Link from "next/link"; +import { Textarea } from "@app/components/ui/textarea"; +import { InfoPopup } from "@app/components/ui/info-popup"; +import { GetIdpResponse } from "@server/routers/idp"; import { SettingsContainer, SettingsSection, @@ -23,51 +60,66 @@ import { SettingsSectionTitle, SettingsSectionDescription, SettingsSectionBody, - SettingsSectionFooter + SettingsSectionFooter, + SettingsSectionForm } from "@app/components/Settings"; -import { formatAxiosError } from "@app/lib/api"; -import { createApiClient } from "@app/lib/api"; -import { useEnvContext } from "@app/hooks/useEnvContext"; -import { useState, useEffect } from "react"; -import { Alert, AlertDescription, AlertTitle } from "@app/components/ui/alert"; -import { InfoIcon, ExternalLink } from "lucide-react"; -import Link from "next/link"; -import { AxiosResponse } from "axios"; -import { - GetIdpResponse, - ListIdpOrgPoliciesResponse -} from "@server/routers/idp"; -import PolicyTable, { PolicyRow } from "./PolicyTable"; -import EditPolicyForm from "./EditPolicyForm"; -import { ListOrgsResponse } from "@server/routers/org"; -import type { Org } from "@server/db/schemas"; +import { useTranslations } from "next-intl"; -const DefaultMappingsFormSchema = z.object({ - defaultRoleMapping: z.string().optional(), - defaultOrgMapping: z.string().optional() -}); - -type DefaultMappingsFormValues = z.infer; +type Organization = { + orgId: string; + name: string; +}; export default function PoliciesPage() { const { env } = useEnvContext(); const api = createApiClient({ env }); const router = useRouter(); const { idpId } = useParams(); - const [loading, setLoading] = useState(false); + const t = useTranslations(); + + const [pageLoading, setPageLoading] = useState(true); + const [addPolicyLoading, setAddPolicyLoading] = useState(false); + const [editPolicyLoading, setEditPolicyLoading] = useState(false); + const [deletePolicyLoading, setDeletePolicyLoading] = useState(false); const [updateDefaultMappingsLoading, setUpdateDefaultMappingsLoading] = useState(false); const [policies, setPolicies] = useState([]); - const [editPolicyFormOpen, setEditPolicyFormOpen] = useState(false); - const [policyToEdit, setPolicyToEdit] = useState(null); - const [orgs, setOrgs] = useState([]); + const [organizations, setOrganizations] = useState([]); + const [showAddDialog, setShowAddDialog] = useState(false); + const [editingPolicy, setEditingPolicy] = useState(null); - const defaultMappingsForm = useForm({ - resolver: zodResolver(DefaultMappingsFormSchema), - defaultValues: { defaultRoleMapping: "", defaultOrgMapping: "" } + const policyFormSchema = z.object({ + orgId: z.string().min(1, { message: t('orgRequired') }), + roleMapping: z.string().optional(), + orgMapping: z.string().optional() }); - async function loadIdp() { + const defaultMappingsSchema = z.object({ + defaultRoleMapping: z.string().optional(), + defaultOrgMapping: z.string().optional() + }); + + type PolicyFormValues = z.infer; + type DefaultMappingsValues = z.infer; + + const form = useForm({ + resolver: zodResolver(policyFormSchema), + defaultValues: { + orgId: "", + roleMapping: "", + orgMapping: "" + } + }); + + const defaultMappingsForm = useForm({ + resolver: zodResolver(defaultMappingsSchema), + defaultValues: { + defaultRoleMapping: "", + defaultOrgMapping: "" + } + }); + + const loadIdp = async () => { try { const res = await api.get>( `/idp/${idpId}` @@ -81,56 +133,160 @@ export default function PoliciesPage() { } } catch (e) { toast({ - title: "Error", + title: t('error'), description: formatAxiosError(e), variant: "destructive" }); } - } + }; - async function loadIdpOrgPolicies() { + const loadPolicies = async () => { try { - const res = await api.get< - AxiosResponse - >(`/idp/${idpId}/org`); + const res = await api.get(`/idp/${idpId}/org`); if (res.status === 200) { setPolicies(res.data.data.policies); } } catch (e) { toast({ - title: "Error", + title: t('error'), description: formatAxiosError(e), variant: "destructive" }); } - } + }; - async function loadOrgs() { + const loadOrganizations = async () => { try { - const res = await api.get>(`/orgs`); + const res = await api.get>("/orgs"); if (res.status === 200) { - setOrgs(res.data.data.orgs); + const existingOrgIds = policies.map((p) => p.orgId); + const availableOrgs = res.data.data.orgs.filter( + (org) => !existingOrgIds.includes(org.orgId) + ); + setOrganizations(availableOrgs); } } catch (e) { toast({ - title: "Error", + title: t('error'), description: formatAxiosError(e), variant: "destructive" }); } - } + }; useEffect(() => { - const load = async () => { - setLoading(true); - await Promise.all([loadIdp(), loadIdpOrgPolicies(), loadOrgs()]); - setLoading(false); - }; - + async function load() { + setPageLoading(true); + await loadPolicies(); + await loadIdp(); + setPageLoading(false); + } load(); - }, [idpId, api, router]); + }, [idpId]); - async function onDefaultMappingsSubmit(data: DefaultMappingsFormValues) { + const onAddPolicy = async (data: PolicyFormValues) => { + setAddPolicyLoading(true); + try { + const res = await api.put(`/idp/${idpId}/org/${data.orgId}`, { + roleMapping: data.roleMapping, + orgMapping: data.orgMapping + }); + if (res.status === 201) { + const newPolicy = { + orgId: data.orgId, + name: + organizations.find((org) => org.orgId === data.orgId) + ?.name || "", + roleMapping: data.roleMapping, + orgMapping: data.orgMapping + }; + setPolicies([...policies, newPolicy]); + toast({ + title: t('success'), + description: t('orgPolicyAddedDescription') + }); + setShowAddDialog(false); + form.reset(); + } + } catch (e) { + toast({ + title: t('error'), + description: formatAxiosError(e), + variant: "destructive" + }); + } finally { + setAddPolicyLoading(false); + } + }; + + const onEditPolicy = async (data: PolicyFormValues) => { + if (!editingPolicy) return; + + setEditPolicyLoading(true); + try { + const res = await api.post( + `/idp/${idpId}/org/${editingPolicy.orgId}`, + { + roleMapping: data.roleMapping, + orgMapping: data.orgMapping + } + ); + if (res.status === 200) { + setPolicies( + policies.map((policy) => + policy.orgId === editingPolicy.orgId + ? { + ...policy, + roleMapping: data.roleMapping, + orgMapping: data.orgMapping + } + : policy + ) + ); + toast({ + title: t('success'), + description: t('orgPolicyUpdatedDescription') + }); + setShowAddDialog(false); + setEditingPolicy(null); + form.reset(); + } + } catch (e) { + toast({ + title: t('error'), + description: formatAxiosError(e), + variant: "destructive" + }); + } finally { + setEditPolicyLoading(false); + } + }; + + const onDeletePolicy = async (orgId: string) => { + setDeletePolicyLoading(true); + try { + const res = await api.delete(`/idp/${idpId}/org/${orgId}`); + if (res.status === 200) { + setPolicies( + policies.filter((policy) => policy.orgId !== orgId) + ); + toast({ + title: t('success'), + description: t('orgPolicyDeletedDescription') + }); + } + } catch (e) { + toast({ + title: t('error'), + description: formatAxiosError(e), + variant: "destructive" + }); + } finally { + setDeletePolicyLoading(false); + } + }; + + const onUpdateDefaultMappings = async (data: DefaultMappingsValues) => { setUpdateDefaultMappingsLoading(true); try { const res = await api.post(`/idp/${idpId}/oidc`, { @@ -139,80 +295,43 @@ export default function PoliciesPage() { }); if (res.status === 200) { toast({ - title: "Success", - description: "Default mappings updated successfully" + title: t('success'), + description: t('defaultMappingsUpdatedDescription') }); } } catch (e) { toast({ - title: "Error", + title: t('error'), description: formatAxiosError(e), variant: "destructive" }); } finally { setUpdateDefaultMappingsLoading(false); } - } + }; - // Button clicks - - function onAdd() { - setPolicyToEdit(null); - setEditPolicyFormOpen(true); - } - function onEdit(row: PolicyRow) { - setPolicyToEdit(row); - setEditPolicyFormOpen(true); - } - function onDelete(row: PolicyRow) { - api.delete(`/idp/${idpId}/org/${row.orgId}`) - .then((res) => { - if (res.status === 200) { - toast({ - title: "Success", - description: "Org policy deleted successfully" - }); - const p2 = policies.filter((p) => p.orgId !== row.orgId); - setPolicies(p2); - } - }) - .catch((e) => { - toast({ - title: "Error", - description: formatAxiosError(e), - variant: "destructive" - }); - }); - } - - function afterCreate(row: PolicyRow) { - setPolicies([...policies, row]); - } - - function afterEdit(row: PolicyRow) { - const p2 = policies.map((p) => (p.orgId === row.orgId ? row : p)); - setPolicies(p2); + if (pageLoading) { + return null; } return ( <> - + - About Organization Policies + {t('orgPoliciesAbout')} - Organization policies are used to configure access - control for a specific organization based on the user's - ID token. For more information, see{" "} + {/*TODO(vlalx): Validate replacing */} + {t('orgPoliciesAboutDescription')}{" "} - the documentation + {t('orgPoliciesAboutDescriptionLink')} @@ -221,23 +340,20 @@ export default function PoliciesPage() { - Default Mappings (Optional) + {t('defaultMappingsOptional')} - The default mappings are used when there is no - organization policy defined for an organization. You - can specify the default role and organization - mappings to fall back to here. + {t('defaultMappingsOptionalDescription')}
( - Default Role Mapping + {t('defaultMappingsRole')} - JMESPath to extract role - information from the ID - token. The result of this - expression must return the - role name(s) as defined in - the organization as a - string/list of strings. + {t('defaultMappingsRoleDescription')} )} /> + ( - Default Organization Mapping + {t('defaultMappingsOrg')} - JMESPath to extract - organization information - from the ID token. This - expression must return thr - org ID or true for the user - to be allowed to access the - organization. + {t('defaultMappingsOrgDescription')} @@ -297,7 +402,7 @@ export default function PoliciesPage() { form="policy-default-mappings-form" loading={updateDefaultMappingsLoading} > - Save Default Mappings + {t('defaultMappingsSubmit')} @@ -305,22 +410,204 @@ export default function PoliciesPage() { - - { + loadOrganizations(); + form.reset({ + orgId: "", + roleMapping: "", + orgMapping: "" + }); + setEditingPolicy(null); + setShowAddDialog(true); + }} + onEdit={(policy) => { + setEditingPolicy(policy); + form.reset({ + orgId: policy.orgId, + roleMapping: policy.roleMapping || "", + orgMapping: policy.orgMapping || "" + }); + setShowAddDialog(true); + }} /> + + { + setShowAddDialog(val); + setEditingPolicy(null); + form.reset(); + }} + > + + + + {editingPolicy + ? t('orgPoliciesEdit') + : t('orgPoliciesAdd')} + + + {t('orgPolicyConfig')} + + + + + + ( + + {t('org')} + {editingPolicy ? ( + + ) : ( + + + + + + + + + + + + {t('orgNotFound')} + + + {organizations.map( + ( + org + ) => ( + { + form.setValue( + "orgId", + org.orgId + ); + }} + > + + { + org.name + } + + ) + )} + + + + + + )} + + + )} + /> + + ( + + + {t('roleMappingPathOptional')} + + + + + + {t('defaultMappingsRoleDescription')} + + + + )} + /> + + ( + + + {t('orgMappingPathOptional')} + + + + + + {t('defaultMappingsOrgDescription')} + + + + )} + /> + + + + + + + + + + + ); } diff --git a/src/app/admin/idp/create/page.tsx b/src/app/admin/idp/create/page.tsx index 58e6667c..3a645d27 100644 --- a/src/app/admin/idp/create/page.tsx +++ b/src/app/admin/idp/create/page.tsx @@ -35,45 +35,46 @@ import { Alert, AlertDescription, AlertTitle } from "@app/components/ui/alert"; import { InfoIcon, ExternalLink } from "lucide-react"; import { StrategySelect } from "@app/components/StrategySelect"; import { SwitchInput } from "@app/components/SwitchInput"; -import { Badge } from "@app/components/ui/badge"; - -const createIdpFormSchema = z.object({ - name: z.string().min(2, { message: "Name must be at least 2 characters." }), - type: z.enum(["oidc"]), - clientId: z.string().min(1, { message: "Client ID is required." }), - clientSecret: z.string().min(1, { message: "Client Secret is required." }), - authUrl: z.string().url({ message: "Auth URL must be a valid URL." }), - tokenUrl: z.string().url({ message: "Token URL must be a valid URL." }), - identifierPath: z - .string() - .min(1, { message: "Identifier Path is required." }), - emailPath: z.string().optional(), - namePath: z.string().optional(), - scopes: z.string().min(1, { message: "Scopes are required." }), - autoProvision: z.boolean().default(false) -}); - -type CreateIdpFormValues = z.infer; - -interface ProviderTypeOption { - id: "oidc"; - title: string; - description: string; -} - -const providerTypes: ReadonlyArray = [ - { - id: "oidc", - title: "OAuth2/OIDC", - description: "Configure an OpenID Connect identity provider" - } -]; +import { useTranslations } from "next-intl"; export default function Page() { const { env } = useEnvContext(); const api = createApiClient({ env }); const router = useRouter(); const [createLoading, setCreateLoading] = useState(false); + const t = useTranslations(); + + const createIdpFormSchema = z.object({ + name: z.string().min(2, { message: t('nameMin', {len: 2}) }), + type: z.enum(["oidc"]), + clientId: z.string().min(1, { message: t('idpClientIdRequired') }), + clientSecret: z.string().min(1, { message: t('idpClientSecretRequired') }), + authUrl: z.string().url({ message: t('idpErrorAuthUrlInvalid') }), + tokenUrl: z.string().url({ message: t('idpErrorTokenUrlInvalid') }), + identifierPath: z + .string() + .min(1, { message: t('idpPathRequired') }), + emailPath: z.string().optional(), + namePath: z.string().optional(), + scopes: z.string().min(1, { message: t('idpScopeRequired') }), + autoProvision: z.boolean().default(false) + }); + + type CreateIdpFormValues = z.infer; + + interface ProviderTypeOption { + id: "oidc"; + title: string; + description: string; + } + + const providerTypes: ReadonlyArray = [ + { + id: "oidc", + title: "OAuth2/OIDC", + description: t('idpOidcDescription') + } + ]; const form = useForm({ resolver: zodResolver(createIdpFormSchema), @@ -113,14 +114,14 @@ export default function Page() { if (res.status === 201) { toast({ - title: "Success", - description: "Identity provider created successfully" + title: t('success'), + description: t('idpCreatedDescription') }); router.push(`/admin/idp/${res.data.data.idpId}`); } } catch (e) { toast({ - title: "Error", + title: t('error'), description: formatAxiosError(e), variant: "destructive" }); @@ -133,8 +134,8 @@ export default function Page() { <>
@@ -150,11 +151,10 @@ export default function Page() { - General Information + {t('idpTitle')} - Configure the basic information for your identity - provider + {t('idpCreateSettingsDescription')} @@ -170,13 +170,12 @@ export default function Page() { name="name" render={({ field }) => ( - Name + {t('name')} - A display name for this - identity provider + {t('idpDisplayName')} @@ -186,7 +185,7 @@ export default function Page() {
- When enabled, users will be - automatically created in the system upon - first login with the ability to map - users to roles and organizations. + {t('idpAutoProvisionUsersDescription')} @@ -213,11 +209,10 @@ export default function Page() { - Provider Type + {t('idpType')} - Select the type of identity provider you want to - configure + {t('idpTypeDescription')} @@ -237,11 +232,10 @@ export default function Page() { - OAuth2/OIDC Configuration + {t('idpOidcConfigure')} - Configure the OAuth2/OIDC provider endpoints - and credentials + {t('idpOidcConfigureDescription')} @@ -257,15 +251,13 @@ export default function Page() { render={({ field }) => ( - Client ID + {t('idpClientId')} - The OAuth2 client ID - from your identity - provider + {t('idpClientIdDescription')} @@ -278,7 +270,7 @@ export default function Page() { render={({ field }) => ( - Client Secret + {t('idpClientSecret')} - The OAuth2 client secret - from your identity - provider + {t('idpClientSecretDescription')} @@ -302,7 +292,7 @@ export default function Page() { render={({ field }) => ( - Authorization URL + {t('idpAuthUrl')} - The OAuth2 authorization - endpoint URL + {t('idpAuthUrlDescription')} @@ -325,7 +314,7 @@ export default function Page() { render={({ field }) => ( - Token URL + {t('idpTokenUrl')} - The OAuth2 token - endpoint URL + {t('idpTokenUrlDescription')} @@ -347,14 +335,10 @@ export default function Page() { - Important Information + {t('idpOidcConfigureAlert')} - After creating the identity provider, - you will need to configure the callback - URL in your identity provider's - settings. The callback URL will be - provided after successful creation. + {t('idpOidcConfigureAlertDescription')} @@ -363,11 +347,10 @@ export default function Page() { - Token Configuration + {t('idpToken')} - Configure how to extract user information - from the ID token + {t('idpTokenDescription')} @@ -380,19 +363,17 @@ export default function Page() { - About JMESPath + {t('idpJmespathAbout')} - The paths below use JMESPath - syntax to extract values from - the ID token. + {t('idpJmespathAboutDescription')}{" "} - Learn more about JMESPath{" "} + {t('idpJmespathAboutDescriptionLink')}{" "} @@ -404,15 +385,13 @@ export default function Page() { render={({ field }) => ( - Identifier Path + {t('idpJmespathLabel')} - The JMESPath to the user - identifier in the ID - token + {t('idpJmespathLabelDescription')} @@ -425,15 +404,13 @@ export default function Page() { render={({ field }) => ( - Email Path (Optional) + {t('idpJmespathEmailPathOptional')} - The JMESPath to the - user's email in the ID - token + {t('idpJmespathEmailPathOptionalDescription')} @@ -446,15 +423,13 @@ export default function Page() { render={({ field }) => ( - Name Path (Optional) + {t('idpJmespathNamePathOptional')} - The JMESPath to the - user's name in the ID - token + {t('idpJmespathNamePathOptionalDescription')} @@ -467,14 +442,13 @@ export default function Page() { render={({ field }) => ( - Scopes + {t('idpOidcConfigureScopes')} - Space-separated list of - OAuth2 scopes to request + {t('idpOidcConfigureScopesDescription')} @@ -496,7 +470,7 @@ export default function Page() { router.push("/admin/idp"); }} > - Cancel + {t('cancel')}
diff --git a/src/app/admin/idp/page.tsx b/src/app/admin/idp/page.tsx index 54657c2d..4db77785 100644 --- a/src/app/admin/idp/page.tsx +++ b/src/app/admin/idp/page.tsx @@ -3,6 +3,7 @@ import { authCookieHeader } from "@app/lib/api/cookies"; import { AxiosResponse } from "axios"; import SettingsSectionTitle from "@app/components/SettingsSectionTitle"; import IdpTable, { IdpRow } from "./AdminIdpTable"; +import { getTranslations } from "next-intl/server"; export default async function IdpPage() { let idps: IdpRow[] = []; @@ -15,12 +16,14 @@ export default async function IdpPage() { } catch (e) { console.error(e); } + + const t = await getTranslations(); return ( <> diff --git a/src/app/admin/layout.tsx b/src/app/admin/layout.tsx index fdc6c8e7..060f18ac 100644 --- a/src/app/admin/layout.tsx +++ b/src/app/admin/layout.tsx @@ -1,5 +1,6 @@ import { Metadata } from "next"; -import { Users } from "lucide-react"; +import { TopbarNav } from "@app/components/TopbarNav"; +import { KeyRound, Users } from "lucide-react"; import { verifySession } from "@app/lib/auth/verifySession"; import { redirect } from "next/navigation"; import { cache } from "react"; @@ -9,7 +10,7 @@ import { internal } from "@app/lib/api"; import { AxiosResponse } from "axios"; import { authCookieHeader } from "@app/lib/api/cookies"; import { Layout } from "@app/components/Layout"; -import { adminNavItems } from "../navigation"; +import { adminNavSections } from "../navigation"; export const dynamic = "force-dynamic"; @@ -47,7 +48,7 @@ export default async function AdminLayout(props: LayoutProps) { return ( - + {props.children} diff --git a/src/app/admin/users/AdminUsersDataTable.tsx b/src/app/admin/users/AdminUsersDataTable.tsx index 7532a8cc..fecba7fb 100644 --- a/src/app/admin/users/AdminUsersDataTable.tsx +++ b/src/app/admin/users/AdminUsersDataTable.tsx @@ -4,6 +4,7 @@ import { ColumnDef, } from "@tanstack/react-table"; import { DataTable } from "@app/components/ui/data-table"; +import { useTranslations } from "next-intl"; interface DataTableProps { columns: ColumnDef[]; @@ -14,12 +15,16 @@ export function UsersDataTable({ columns, data }: DataTableProps) { + + const t = useTranslations(); + return ( ); diff --git a/src/app/admin/users/AdminUsersTable.tsx b/src/app/admin/users/AdminUsersTable.tsx index 68ad2790..6c5e4613 100644 --- a/src/app/admin/users/AdminUsersTable.tsx +++ b/src/app/admin/users/AdminUsersTable.tsx @@ -3,7 +3,7 @@ import { ColumnDef } from "@tanstack/react-table"; import { UsersDataTable } from "./AdminUsersDataTable"; import { Button } from "@app/components/ui/button"; -import { ArrowRight, ArrowUpDown } from "lucide-react"; +import { ArrowRight, ArrowUpDown, MoreHorizontal } from "lucide-react"; import { useRouter } from "next/navigation"; import { useState } from "react"; import ConfirmDeleteDialog from "@app/components/ConfirmDeleteDialog"; @@ -11,6 +11,13 @@ import { toast } from "@app/hooks/useToast"; import { formatAxiosError } from "@app/lib/api"; import { createApiClient } from "@app/lib/api"; import { useEnvContext } from "@app/hooks/useEnvContext"; +import { useTranslations } from "next-intl"; +import { + DropdownMenu, + DropdownMenuItem, + DropdownMenuContent, + DropdownMenuTrigger +} from "@app/components/ui/dropdown-menu"; export type GlobalUserRow = { id: string; @@ -21,6 +28,8 @@ export type GlobalUserRow = { idpId: number | null; idpName: string; dateCreated: string; + twoFactorEnabled: boolean | null; + twoFactorSetupRequested: boolean | null; }; type Props = { @@ -29,6 +38,7 @@ type Props = { export default function UsersTable({ users }: Props) { const router = useRouter(); + const t = useTranslations(); const [isDeleteModalOpen, setIsDeleteModalOpen] = useState(false); const [selected, setSelected] = useState(null); @@ -39,11 +49,11 @@ export default function UsersTable({ users }: Props) { const deleteUser = (id: string) => { api.delete(`/user/${id}`) .catch((e) => { - console.error("Error deleting user", e); + console.error(t("userErrorDelete"), e); toast({ variant: "destructive", - title: "Error deleting user", - description: formatAxiosError(e, "Error deleting user") + title: t("userErrorDelete"), + description: formatAxiosError(e, t("userErrorDelete")) }); }) .then(() => { @@ -82,7 +92,7 @@ export default function UsersTable({ users }: Props) { column.toggleSorting(column.getIsSorted() === "asc") } > - Username + {t("username")} ); @@ -98,7 +108,7 @@ export default function UsersTable({ users }: Props) { column.toggleSorting(column.getIsSorted() === "asc") } > - Email + {t("email")} ); @@ -114,7 +124,7 @@ export default function UsersTable({ users }: Props) { column.toggleSorting(column.getIsSorted() === "asc") } > - Name + {t("name")} ); @@ -130,28 +140,85 @@ export default function UsersTable({ users }: Props) { column.toggleSorting(column.getIsSorted() === "asc") } > - Identity Provider + {t("identityProvider")} ); } }, + { + accessorKey: "twoFactorEnabled", + header: ({ column }) => { + return ( + + ); + }, + cell: ({ row }) => { + const userRow = row.original; + + return ( +
+ + {userRow.twoFactorEnabled || + userRow.twoFactorSetupRequested ? ( + + {t("enabled")} + + ) : ( + {t("disabled")} + )} + +
+ ); + } + }, { id: "actions", cell: ({ row }) => { const r = row.original; return ( <> -
+
+ + + + + + { + setSelected(r); + setIsDeleteModalOpen(true); + }} + > + {t("delete")} + + +
@@ -172,35 +239,27 @@ export default function UsersTable({ users }: Props) { dialog={

- Are you sure you want to permanently delete{" "} - - {selected?.email || + {t("userQuestionRemove", { + selectedUser: + selected?.email || selected?.name || - selected?.username} - {" "} - from the server? + selected?.username + })}

- - The user will be removed from all - organizations and be completely removed from - the server. - + {t("userMessageRemove")}

-

- To confirm, please type the name of the user - below. -

+

{t("userMessageConfirm")}

} - buttonText="Confirm Delete User" + buttonText={t("userDeleteConfirm")} onConfirm={async () => deleteUser(selected!.id)} string={ selected.email || selected.name || selected.username } - title="Delete User from Server" + title={t("userDeleteServer")} /> )} diff --git a/src/app/admin/users/[userId]/general/page.tsx b/src/app/admin/users/[userId]/general/page.tsx new file mode 100644 index 00000000..ae720a6f --- /dev/null +++ b/src/app/admin/users/[userId]/general/page.tsx @@ -0,0 +1,134 @@ +"use client"; + +import { useEffect, useState } from "react"; +import { SwitchInput } from "@app/components/SwitchInput"; +import { Button } from "@app/components/ui/button"; +import { toast } from "@app/hooks/useToast"; +import { formatAxiosError } from "@app/lib/api"; +import { createApiClient } from "@app/lib/api"; +import { useEnvContext } from "@app/hooks/useEnvContext"; +import { useTranslations } from "next-intl"; +import { useParams } from "next/navigation"; +import { + SettingsContainer, + SettingsSection, + SettingsSectionHeader, + SettingsSectionTitle, + SettingsSectionDescription, + SettingsSectionBody, + SettingsSectionForm +} from "@app/components/Settings"; +import { UserType } from "@server/types/UserTypes"; + +export default function GeneralPage() { + const { userId } = useParams(); + const api = createApiClient(useEnvContext()); + const t = useTranslations(); + + const [loadingData, setLoadingData] = useState(true); + const [loading, setLoading] = useState(false); + const [twoFactorEnabled, setTwoFactorEnabled] = useState(false); + const [userType, setUserType] = useState(null); + + useEffect(() => { + // Fetch current user 2FA status + const fetchUserData = async () => { + setLoadingData(true); + try { + const response = await api.get(`/user/${userId}`); + if (response.status === 200) { + const userData = response.data.data; + setTwoFactorEnabled( + userData.twoFactorEnabled || + userData.twoFactorSetupRequested + ); + setUserType(userData.type); + } + } catch (error) { + console.error("Failed to fetch user data:", error); + toast({ + variant: "destructive", + title: t("userErrorDelete"), + description: formatAxiosError(error, t("userErrorDelete")) + }); + } + setLoadingData(false); + }; + + fetchUserData(); + }, [userId]); + + const handleTwoFactorToggle = (enabled: boolean) => { + setTwoFactorEnabled(enabled); + }; + + const handleSaveSettings = async () => { + setLoading(true); + + try { + console.log("twoFactorEnabled", twoFactorEnabled); + await api.post(`/user/${userId}/2fa`, { + twoFactorSetupRequested: twoFactorEnabled + }); + + setTwoFactorEnabled(twoFactorEnabled); + } catch (error) { + toast({ + variant: "destructive", + title: t("otpErrorEnable"), + description: formatAxiosError( + error, + t("otpErrorEnableDescription") + ) + }); + } finally { + setLoading(false); + } + }; + + if (loadingData) { + return null; + } + + return ( + <> + + + + + {t("general")} + + + {t("userDescription2")} + + + + + +
+ +
+ + + + + +
+ +
+ + ); +} diff --git a/src/app/admin/users/[userId]/layout.tsx b/src/app/admin/users/[userId]/layout.tsx new file mode 100644 index 00000000..062b40d8 --- /dev/null +++ b/src/app/admin/users/[userId]/layout.tsx @@ -0,0 +1,55 @@ +import { internal } from "@app/lib/api"; +import { AxiosResponse } from "axios"; +import { redirect } from "next/navigation"; +import { authCookieHeader } from "@app/lib/api/cookies"; +import { AdminGetUserResponse } from "@server/routers/user/adminGetUser"; +import { HorizontalTabs } from "@app/components/HorizontalTabs"; +import { cache } from "react"; +import SettingsSectionTitle from "@app/components/SettingsSectionTitle"; +import { getTranslations } from 'next-intl/server'; + +interface UserLayoutProps { + children: React.ReactNode; + params: Promise<{ userId: string }>; +} + +export default async function UserLayoutProps(props: UserLayoutProps) { + const params = await props.params; + + const { children } = props; + + const t = await getTranslations(); + + let user = null; + try { + const getUser = cache(async () => + internal.get>( + `/user/${params.userId}`, + await authCookieHeader() + ) + ); + const res = await getUser(); + user = res.data.data; + } catch { + redirect(`/admin/users`); + } + + const navItems = [ + { + title: t('general'), + href: "/admin/users/{userId}/general" + } + ]; + + return ( + <> + + + {children} + + + ); +} \ No newline at end of file diff --git a/src/app/admin/users/[userId]/page.tsx b/src/app/admin/users/[userId]/page.tsx new file mode 100644 index 00000000..edf5aaed --- /dev/null +++ b/src/app/admin/users/[userId]/page.tsx @@ -0,0 +1,8 @@ +import { redirect } from "next/navigation"; + +export default async function UserPage(props: { + params: Promise<{ userId: string }>; +}) { + const { userId } = await props.params; + redirect(`/admin/users/${userId}/general`); +} \ No newline at end of file diff --git a/src/app/admin/users/page.tsx b/src/app/admin/users/page.tsx index 6e2290cb..e9673374 100644 --- a/src/app/admin/users/page.tsx +++ b/src/app/admin/users/page.tsx @@ -6,6 +6,7 @@ import { AdminListUsersResponse } from "@server/routers/user/adminListUsers"; import UsersTable, { GlobalUserRow } from "./AdminUsersTable"; import { Alert, AlertDescription, AlertTitle } from "@app/components/ui/alert"; import { InfoIcon } from "lucide-react"; +import { getTranslations } from "next-intl/server"; type PageProps = { params: Promise<{ orgId: string }>; @@ -25,6 +26,8 @@ export default async function UsersPage(props: PageProps) { console.error(e); } + const t = await getTranslations(); + const userRows: GlobalUserRow[] = rows.map((row) => { return { id: row.id, @@ -33,23 +36,25 @@ export default async function UsersPage(props: PageProps) { username: row.username, type: row.type, idpId: row.idpId, - idpName: row.idpName || "Internal", + idpName: row.idpName || t('idpNameInternal'), dateCreated: row.dateCreated, - serverAdmin: row.serverAdmin + serverAdmin: row.serverAdmin, + twoFactorEnabled: row.twoFactorEnabled, + twoFactorSetupRequested: row.twoFactorSetupRequested }; }); return ( <> - About User Management + {t('userAbount')} - This table displays all root user objects in the system. Each user may belong to multiple organizations. Removing a user from an organization does not delete their root user object - they will remain in the system. To completely remove a user from the system, you must delete their root user object using the delete action in this table. + {t('userAbountDescription')} diff --git a/src/app/auth/2fa/setup/page.tsx b/src/app/auth/2fa/setup/page.tsx new file mode 100644 index 00000000..64a6cf57 --- /dev/null +++ b/src/app/auth/2fa/setup/page.tsx @@ -0,0 +1,62 @@ +"use client"; + +import { useEffect } from "react"; +import { useRouter, useSearchParams } from "next/navigation"; +import { + Card, + CardContent, + CardDescription, + CardHeader, + CardTitle +} from "@/components/ui/card"; +import TwoFactorSetupForm from "@app/components/TwoFactorSetupForm"; +import { useTranslations } from "next-intl"; +import { cleanRedirect } from "@app/lib/cleanRedirect"; + +export default function Setup2FAPage() { + const router = useRouter(); + const searchParams = useSearchParams(); + const redirect = searchParams?.get("redirect"); + const email = searchParams?.get("email"); + + const t = useTranslations(); + + // Redirect to login if no email is provided + useEffect(() => { + if (!email) { + router.push("/auth/login"); + } + }, [email, router]); + + const handleComplete = () => { + console.log("2FA setup complete", redirect, email); + if (redirect) { + const cleanUrl = cleanRedirect(redirect); + console.log("Redirecting to:", cleanUrl); + router.push(cleanUrl); + } else { + router.push("/"); + } + }; + + return ( +
+ + + {t("otpSetup")} + + {t("adminEnabled2FaOnYourAccount", { email: email || "your account" })} + + + + + + +
+ ); +} diff --git a/src/app/auth/idp/[idpId]/oidc/callback/ValidateOidcToken.tsx b/src/app/auth/idp/[idpId]/oidc/callback/ValidateOidcToken.tsx index c946869b..bc87d1c1 100644 --- a/src/app/auth/idp/[idpId]/oidc/callback/ValidateOidcToken.tsx +++ b/src/app/auth/idp/[idpId]/oidc/callback/ValidateOidcToken.tsx @@ -15,6 +15,7 @@ import { } from "@/components/ui/card"; import { Alert, AlertDescription } from "@/components/ui/alert"; import { Loader2, CheckCircle2, AlertCircle } from "lucide-react"; +import { useTranslations } from "next-intl"; type ValidateOidcTokenParams = { orgId: string; @@ -33,11 +34,13 @@ export default function ValidateOidcToken(props: ValidateOidcTokenParams) { const [loading, setLoading] = useState(true); const [error, setError] = useState(null); + const t = useTranslations(); + useEffect(() => { async function validate() { setLoading(true); - console.log("Validating OIDC token", { + console.log(t('idpOidcTokenValidating'), { code: props.code, expectedState: props.expectedState, stateCookie: props.stateCookie @@ -52,7 +55,7 @@ export default function ValidateOidcToken(props: ValidateOidcTokenParams) { storedState: props.stateCookie }); - console.log("Validate OIDC token response", res.data); + console.log(t('idpOidcTokenResponse'), res.data); const redirectUrl = res.data.data.redirectUrl; @@ -69,7 +72,7 @@ export default function ValidateOidcToken(props: ValidateOidcTokenParams) { router.push(res.data.data.redirectUrl); } } catch (e) { - setError(formatAxiosError(e, "Error validating OIDC token")); + setError(formatAxiosError(e, t('idpErrorOidcTokenValidating'))); } finally { setLoading(false); } @@ -82,20 +85,20 @@ export default function ValidateOidcToken(props: ValidateOidcTokenParams) {
- Connecting to {props.idp.name} - Validating your identity + {t('idpConnectingTo', {name: props.idp.name})} + {t('idpConnectingToDescription')} {loading && (
- Connecting... + {t('idpConnectingToProcess')}
)} {!loading && !error && (
- Connected + {t('idpConnectingToFinished')}
)} {error && ( @@ -103,9 +106,7 @@ export default function ValidateOidcToken(props: ValidateOidcTokenParams) { - There was a problem connecting to{" "} - {props.idp.name}. Please contact your - administrator. + {t('idpErrorConnectingTo', {name: props.idp.name})} {error} diff --git a/src/app/auth/idp/[idpId]/oidc/callback/page.tsx b/src/app/auth/idp/[idpId]/oidc/callback/page.tsx index cba74790..1c0f8125 100644 --- a/src/app/auth/idp/[idpId]/oidc/callback/page.tsx +++ b/src/app/auth/idp/[idpId]/oidc/callback/page.tsx @@ -1,8 +1,12 @@ import { cookies } from "next/headers"; import ValidateOidcToken from "./ValidateOidcToken"; -import { idp } from "@server/db/schemas"; -import db from "@server/db"; -import { eq } from "drizzle-orm"; +import { cache } from "react"; +import { priv } from "@app/lib/api"; +import { AxiosResponse } from "axios"; +import { GetIdpResponse } from "@server/routers/idp"; +import { getTranslations } from "next-intl/server"; + +export const dynamic = "force-dynamic"; export default async function Page(props: { params: Promise<{ orgId: string; idpId: string }>; @@ -13,18 +17,20 @@ export default async function Page(props: { }) { const params = await props.params; const searchParams = await props.searchParams; + const t = await getTranslations(); const allCookies = await cookies(); const stateCookie = allCookies.get("p_oidc_state")?.value; - // query db directly in server component because just need the name - const [idpRes] = await db - .select({ name: idp.name }) - .from(idp) - .where(eq(idp.idpId, parseInt(params.idpId!))); - if (!idpRes) { - return
IdP not found
; + const idpRes = await cache( + async () => await priv.get>(`/idp/${params.idpId}`) + )(); + + const foundIdp = idpRes.data?.data?.idp; + + if (!foundIdp) { + return
{t('idpErrorNotFound')}
; } return ( @@ -35,7 +41,7 @@ export default async function Page(props: { code={searchParams.code} expectedState={searchParams.state} stateCookie={stateCookie} - idp={{ name: idpRes.name }} + idp={{ name: foundIdp.name }} /> ); diff --git a/src/app/auth/initial-setup/layout.tsx b/src/app/auth/initial-setup/layout.tsx new file mode 100644 index 00000000..8407f0da --- /dev/null +++ b/src/app/auth/initial-setup/layout.tsx @@ -0,0 +1,17 @@ +import { internal } from "@app/lib/api"; +import { authCookieHeader } from "@app/lib/api/cookies"; +import { InitialSetupCompleteResponse } from "@server/routers/auth"; +import { AxiosResponse } from "axios"; +import { redirect } from "next/navigation"; + +export default async function Layout(props: { children: React.ReactNode }) { + const setupRes = await internal.get< + AxiosResponse + >(`/auth/initial-setup-complete`, await authCookieHeader()); + const complete = setupRes.data.data.complete; + if (complete) { + redirect("/"); + } + + return
{props.children}
; +} diff --git a/src/app/auth/initial-setup/page.tsx b/src/app/auth/initial-setup/page.tsx new file mode 100644 index 00000000..e1dd3f06 --- /dev/null +++ b/src/app/auth/initial-setup/page.tsx @@ -0,0 +1,194 @@ +"use client"; + +import { useEffect, useState } from "react"; +import { useRouter } from "next/navigation"; +import { useForm } from "react-hook-form"; +import { zodResolver } from "@hookform/resolvers/zod"; +import * as z from "zod"; +import { Button } from "@/components/ui/button"; +import { Input } from "@/components/ui/input"; +import { + Form, + FormControl, + FormDescription, + FormField, + FormItem, + FormLabel, + FormMessage +} from "@/components/ui/form"; +import { + Card, + CardContent, + CardDescription, + CardHeader, + CardTitle +} from "@/components/ui/card"; +import { Alert, AlertDescription } from "@/components/ui/alert"; +import { createApiClient, formatAxiosError } from "@app/lib/api"; +import { useEnvContext } from "@app/hooks/useEnvContext"; +import { useTranslations } from "next-intl"; +import Image from "next/image"; +import { passwordSchema } from "@server/auth/passwordSchema"; + +const formSchema = z + .object({ + setupToken: z.string().min(1, "Setup token is required"), + email: z.string().email({ message: "Invalid email address" }), + password: passwordSchema, + confirmPassword: z.string() + }) + .refine((data) => data.password === data.confirmPassword, { + path: ["confirmPassword"], + message: "Passwords do not match" + }); + +export default function InitialSetupPage() { + const router = useRouter(); + const api = createApiClient(useEnvContext()); + const t = useTranslations(); + + const [loading, setLoading] = useState(false); + const [error, setError] = useState(null); + const [checking, setChecking] = useState(true); + + const form = useForm>({ + resolver: zodResolver(formSchema), + defaultValues: { + setupToken: "", + email: "", + password: "", + confirmPassword: "" + } + }); + + async function onSubmit(values: z.infer) { + setLoading(true); + setError(null); + try { + const res = await api.put("/auth/set-server-admin", { + setupToken: values.setupToken, + email: values.email, + password: values.password + }); + if (res && res.status === 200) { + router.replace("/"); + return; + } + } catch (e) { + setError(formatAxiosError(e, t("setupErrorCreateAdmin"))); + } + setLoading(false); + } + + return ( + + +
+ {t("pangolinLogoAlt")} +
+
+

+ {t("initialSetupTitle")} +

+ + {t("initialSetupDescription")} + +
+ + +
+ + ( + + {t("setupToken")} + + + + + {t("setupTokenDescription")} + + + + )} + /> + ( + + {t("email")} + + + + + + )} + /> + ( + + {t("password")} + + + + + + )} + /> + ( + + + {t("confirmPassword")} + + + + + + + )} + /> + {error && ( + + {error} + + )} + + + +
+ + ); +} diff --git a/src/app/auth/layout.tsx b/src/app/auth/layout.tsx index 9a149f75..97d35db3 100644 --- a/src/app/auth/layout.tsx +++ b/src/app/auth/layout.tsx @@ -1,8 +1,10 @@ -import ProfileIcon from "@app/components/ProfileIcon"; +import ThemeSwitcher from "@app/components/ThemeSwitcher"; +import { Separator } from "@app/components/ui/separator"; import { verifySession } from "@app/lib/auth/verifySession"; -import UserProvider from "@app/providers/UserProvider"; +import { ExternalLink } from "lucide-react"; import { Metadata } from "next"; import { cache } from "react"; +import { getTranslations } from "next-intl/server"; export const metadata: Metadata = { title: `Auth - Pangolin`, @@ -16,22 +18,54 @@ type AuthLayoutProps = { export default async function AuthLayout({ children }: AuthLayoutProps) { const getUser = cache(verifySession); const user = await getUser(); + const t = await getTranslations(); return (
- {user && ( - -
- -
- - )} +
+ +
-
- {children} -
+
{children}
+ +
); } diff --git a/src/app/auth/login/DashboardLoginForm.tsx b/src/app/auth/login/DashboardLoginForm.tsx index b15dd518..2a98ab0b 100644 --- a/src/app/auth/login/DashboardLoginForm.tsx +++ b/src/app/auth/login/DashboardLoginForm.tsx @@ -14,6 +14,8 @@ import { useRouter } from "next/navigation"; import { useEffect } from "react"; import Image from "next/image"; import { cleanRedirect } from "@app/lib/cleanRedirect"; +import BrandingLogo from "@app/components/BrandingLogo"; +import { useTranslations } from "next-intl"; type DashboardLoginFormProps = { redirect?: string; @@ -25,40 +27,24 @@ export default function DashboardLoginForm({ idps }: DashboardLoginFormProps) { const router = useRouter(); - // const api = createApiClient(useEnvContext()); - // - // useEffect(() => { - // const logout = async () => { - // try { - // await api.post("/auth/logout"); - // console.log("user logged out"); - // } catch (e) {} - // }; - // - // logout(); - // }); + const { env } = useEnvContext(); + const t = useTranslations(); + + function getSubtitle() { + return t("loginStart"); + } return ( - - + +
- Pangolin Logo +
-
-

- Welcome to Pangolin -

-

- Log in to get started -

+
+

{getSubtitle()}

- + ({ + const idpsRes = await cache( + async () => await priv.get>("/idp") + )(); + const loginIdps = idpsRes.data.data.idps.map((idp) => ({ idpId: idp.idpId, name: idp.name })) as LoginFormIDP[]; + const t = await getTranslations(); + return ( <> {isInvite && ( @@ -47,11 +54,10 @@ export default async function Page(props: {

- Looks like you've been invited! + {t("inviteAlready")}

- To accept the invite, you must log in or create an - account. + {t("inviteAlreadyDescription")}

@@ -61,7 +67,7 @@ export default async function Page(props: { {(!signUpDisabled || isInvite) && (

- Don't have an account?{" "} + {t("authNoAccount")}{" "} - Sign up + {t("signup")}

)} diff --git a/src/app/auth/reset-password/ResetPasswordForm.tsx b/src/app/auth/reset-password/ResetPasswordForm.tsx index 7ddac325..596afb99 100644 --- a/src/app/auth/reset-password/ResetPasswordForm.tsx +++ b/src/app/auth/reset-password/ResetPasswordForm.tsx @@ -44,43 +44,31 @@ import { useEnvContext } from "@app/hooks/useEnvContext"; import { REGEXP_ONLY_DIGITS_AND_CHARS } from "input-otp"; import { passwordSchema } from "@server/auth/passwordSchema"; import { cleanRedirect } from "@app/lib/cleanRedirect"; +import { useTranslations } from "next-intl"; const requestSchema = z.object({ email: z.string().email() }); -const formSchema = z - .object({ - email: z.string().email({ message: "Invalid email address" }), - token: z.string().min(8, { message: "Invalid token" }), - password: passwordSchema, - confirmPassword: passwordSchema - }) - .refine((data) => data.password === data.confirmPassword, { - path: ["confirmPassword"], - message: "Passwords do not match" - }); - -const mfaSchema = z.object({ - code: z.string().length(6, { message: "Invalid code" }) -}); - export type ResetPasswordFormProps = { emailParam?: string; tokenParam?: string; redirect?: string; + quickstart?: boolean; }; export default function ResetPasswordForm({ emailParam, tokenParam, - redirect + redirect, + quickstart }: ResetPasswordFormProps) { const router = useRouter(); const [error, setError] = useState(null); const [successMessage, setSuccessMessage] = useState(null); const [isSubmitting, setIsSubmitting] = useState(false); + const t = useTranslations(); function getState() { if (emailParam && !tokenParam) { @@ -98,6 +86,22 @@ export default function ResetPasswordForm({ const api = createApiClient(useEnvContext()); + const formSchema = z + .object({ + email: z.string().email({ message: t('emailInvalid') }), + token: z.string().min(8, { message: t('tokenInvalid') }), + password: passwordSchema, + confirmPassword: passwordSchema + }) + .refine((data) => data.password === data.confirmPassword, { + path: ["confirmPassword"], + message: t('passwordNotMatch') + }); + + const mfaSchema = z.object({ + code: z.string().length(6, { message: t('pincodeInvalid') }) + }); + const form = useForm>({ resolver: zodResolver(formSchema), defaultValues: { @@ -135,8 +139,8 @@ export default function ResetPasswordForm({ } as RequestPasswordResetBody ) .catch((e) => { - setError(formatAxiosError(e, "An error occurred")); - console.error("Failed to request reset:", e); + setError(formatAxiosError(e, t('errorOccurred'))); + console.error(t('passwordErrorRequestReset'), e); setIsSubmitting(false); }); @@ -165,8 +169,8 @@ export default function ResetPasswordForm({ } as ResetPasswordBody ) .catch((e) => { - setError(formatAxiosError(e, "An error occurred")); - console.error("Failed to reset password:", e); + setError(formatAxiosError(e, t('errorOccurred'))); + console.error(t('passwordErrorReset'), e); setIsSubmitting(false); }); @@ -182,17 +186,63 @@ export default function ResetPasswordForm({ return; } - setSuccessMessage("Password reset successfully! Back to log in..."); + setSuccessMessage(quickstart ? t('accountSetupSuccess') : t('passwordResetSuccess')); - setTimeout(() => { - if (redirect) { - const safe = cleanRedirect(redirect); - router.push(safe); - } else { - router.push("/login"); + // Auto-login after successful password reset + try { + const loginRes = await api.post("/auth/login", { + email: form.getValues("email"), + password: form.getValues("password") + }); + + if (loginRes.data.data?.codeRequested) { + if (redirect) { + router.push(`/auth/login?redirect=${redirect}`); + } else { + router.push("/auth/login"); + } + return; } - setIsSubmitting(false); - }, 1500); + + if (loginRes.data.data?.emailVerificationRequired) { + try { + await api.post("/auth/verify-email/request"); + } catch (verificationError) { + console.error("Failed to send verification code:", verificationError); + } + + if (redirect) { + router.push(`/auth/verify-email?redirect=${redirect}`); + } else { + router.push("/auth/verify-email"); + } + return; + } + + // Login successful, redirect + setTimeout(() => { + if (redirect) { + const safe = cleanRedirect(redirect); + router.push(safe); + } else { + router.push("/"); + } + setIsSubmitting(false); + }, 1500); + + } catch (loginError) { + // Auto-login failed, but password reset was successful + console.error("Auto-login failed:", loginError); + setTimeout(() => { + if (redirect) { + const safe = cleanRedirect(redirect); + router.push(safe); + } else { + router.push("/login"); + } + setIsSubmitting(false); + }, 1500); + } } } @@ -200,9 +250,14 @@ export default function ResetPasswordForm({
- Reset Password + + {quickstart ? t('completeAccountSetup') : t('passwordReset')} + - Follow the steps to reset your password + {quickstart + ? t('completeAccountSetupDescription') + : t('passwordResetDescription') + } @@ -221,14 +276,16 @@ export default function ResetPasswordForm({ name="email" render={({ field }) => ( - Email + {t('email')} - We'll send a password reset - code to this email address. + {quickstart + ? t('accountSetupSent') + : t('passwordResetSent') + } )} @@ -249,7 +306,7 @@ export default function ResetPasswordForm({ name="email" render={({ field }) => ( - Email + {t('email')} ( - Reset Code + {quickstart + ? t('accountSetupCode') + : t('passwordResetCode') + } - Check your email for the - reset code. + {quickstart + ? t('accountSetupCodeDescription') + : t('passwordResetCodeDescription') + } )} @@ -292,7 +354,10 @@ export default function ResetPasswordForm({ render={({ field }) => ( - New Password + {quickstart + ? t('passwordCreate') + : t('passwordNew') + } ( - Confirm New Password + {quickstart + ? t('passwordCreateConfirm') + : t('passwordNewConfirm') + } ( - Authenticator Code + {t('pincodeAuth')}
@@ -407,8 +475,8 @@ export default function ResetPasswordForm({ )} {state === "reset" - ? "Reset Password" - : "Submit Code"} + ? (quickstart ? t('completeSetup') : t('passwordReset')) + : t('pincodeSubmit2')} )} @@ -422,7 +490,10 @@ export default function ResetPasswordForm({ {isSubmitting && ( )} - Request Reset + {quickstart + ? t('accountSetupSubmit') + : t('passwordResetSubmit') + } )} @@ -436,7 +507,7 @@ export default function ResetPasswordForm({ mfaForm.reset(); }} > - Back to Password + {t('passwordBack')} )} @@ -450,7 +521,7 @@ export default function ResetPasswordForm({ form.reset(); }} > - Back to Email + {t('backToEmail')} )}
diff --git a/src/app/auth/reset-password/page.tsx b/src/app/auth/reset-password/page.tsx index 73654beb..f06c7c4c 100644 --- a/src/app/auth/reset-password/page.tsx +++ b/src/app/auth/reset-password/page.tsx @@ -4,6 +4,7 @@ import { cache } from "react"; import ResetPasswordForm from "./ResetPasswordForm"; import Link from "next/link"; import { cleanRedirect } from "@app/lib/cleanRedirect"; +import { getTranslations } from "next-intl/server"; export const dynamic = "force-dynamic"; @@ -12,11 +13,13 @@ export default async function Page(props: { redirect: string | undefined; email: string | undefined; token: string | undefined; + quickstart?: string | undefined; }>; }) { const searchParams = await props.searchParams; const getUser = cache(verifySession); const user = await getUser(); + const t = await getTranslations(); if (user) { redirect("/"); @@ -33,6 +36,9 @@ export default async function Page(props: { redirect={searchParams.redirect} tokenParam={searchParams.token} emailParam={searchParams.email} + quickstart={ + searchParams.quickstart === "true" ? true : undefined + } />

@@ -44,7 +50,7 @@ export default async function Page(props: { } className="underline" > - Go back to log in + {t("loginBack")}

diff --git a/src/app/auth/resource/[resourceId]/AccessToken.tsx b/src/app/auth/resource/[resourceId]/AccessToken.tsx index 467ea036..969a2d4e 100644 --- a/src/app/auth/resource/[resourceId]/AccessToken.tsx +++ b/src/app/auth/resource/[resourceId]/AccessToken.tsx @@ -13,6 +13,7 @@ import { AuthWithAccessTokenResponse } from "@server/routers/resource"; import { AxiosResponse } from "axios"; import Link from "next/link"; import { useEffect, useState } from "react"; +import { useTranslations } from "next-intl"; type AccessTokenProps = { token: string; @@ -29,6 +30,8 @@ export default function AccessToken({ const { env } = useEnvContext(); const api = createApiClient({ env }); + const t = useTranslations(); + function appendRequestToken(url: string, token: string) { const fullUrl = new URL(url); fullUrl.searchParams.append( @@ -76,7 +79,7 @@ export default function AccessToken({ ); } } catch (e) { - console.error("Error checking access token", e); + console.error(t('accessTokenError'), e); } finally { setLoading(false); } @@ -99,7 +102,7 @@ export default function AccessToken({ ); } } catch (e) { - console.error("Error checking access token", e); + console.error(t('accessTokenError'), e); } finally { setLoading(false); } @@ -115,9 +118,9 @@ export default function AccessToken({ function renderTitle() { if (isValid) { - return "Access Granted"; + return t('accessGranted'); } else { - return "Access URL Invalid"; + return t('accessUrlInvalid'); } } @@ -125,18 +128,16 @@ export default function AccessToken({ if (isValid) { return (
- You have been granted access to this resource. Redirecting - you... + {t('accessGrantedDescription')}
); } else { return (
- This shared access URL is invalid. Please contact the - resource owner for a new URL. + {t('accessUrlInvalidDescription')}
diff --git a/src/app/auth/resource/[resourceId]/AutoLoginHandler.tsx b/src/app/auth/resource/[resourceId]/AutoLoginHandler.tsx new file mode 100644 index 00000000..c489a759 --- /dev/null +++ b/src/app/auth/resource/[resourceId]/AutoLoginHandler.tsx @@ -0,0 +1,100 @@ +"use client"; + +import { useEffect, useState } from "react"; +import { useEnvContext } from "@app/hooks/useEnvContext"; +import { createApiClient, formatAxiosError } from "@app/lib/api"; +import { GenerateOidcUrlResponse } from "@server/routers/idp"; +import { AxiosResponse } from "axios"; +import { useRouter } from "next/navigation"; +import { + Card, + CardHeader, + CardTitle, + CardContent, + CardDescription +} from "@app/components/ui/card"; +import { Alert, AlertDescription } from "@app/components/ui/alert"; +import { Loader2, CheckCircle2, AlertCircle } from "lucide-react"; +import { useTranslations } from "next-intl"; + +type AutoLoginHandlerProps = { + resourceId: number; + skipToIdpId: number; + redirectUrl: string; +}; + +export default function AutoLoginHandler({ + resourceId, + skipToIdpId, + redirectUrl +}: AutoLoginHandlerProps) { + const { env } = useEnvContext(); + const api = createApiClient({ env }); + const router = useRouter(); + const t = useTranslations(); + + const [loading, setLoading] = useState(true); + const [error, setError] = useState(null); + + useEffect(() => { + async function initiateAutoLogin() { + setLoading(true); + + try { + const res = await api.post< + AxiosResponse + >(`/auth/idp/${skipToIdpId}/oidc/generate-url`, { + redirectUrl + }); + + if (res.data.data.redirectUrl) { + // Redirect to the IDP for authentication + window.location.href = res.data.data.redirectUrl; + } else { + setError(t("autoLoginErrorNoRedirectUrl")); + } + } catch (e) { + console.error("Failed to generate OIDC URL:", e); + setError(formatAxiosError(e, t("autoLoginErrorGeneratingUrl"))); + } finally { + setLoading(false); + } + } + + initiateAutoLogin(); + }, []); + + return ( +
+ + + {t("autoLoginTitle")} + {t("autoLoginDescription")} + + + {loading && ( +
+ + {t("autoLoginProcessing")} +
+ )} + {!loading && !error && ( +
+ + {t("autoLoginRedirecting")} +
+ )} + {error && ( + + + + {t("autoLoginError")} + {error} + + + )} + + +
+ ); +} diff --git a/src/app/auth/resource/[resourceId]/ResourceAccessDenied.tsx b/src/app/auth/resource/[resourceId]/ResourceAccessDenied.tsx index 088782a5..871ef36f 100644 --- a/src/app/auth/resource/[resourceId]/ResourceAccessDenied.tsx +++ b/src/app/auth/resource/[resourceId]/ResourceAccessDenied.tsx @@ -9,21 +9,23 @@ import { CardTitle, } from "@app/components/ui/card"; import Link from "next/link"; +import { useTranslations } from "next-intl"; export default function ResourceAccessDenied() { + const t = useTranslations(); + return ( - Access Denied + {t('accessDenied')} - You're not allowed to access this resource. If this is a mistake, - please contact the administrator. + {t('accessDeniedDescription')}
diff --git a/src/app/auth/resource/[resourceId]/ResourceAuthPortal.tsx b/src/app/auth/resource/[resourceId]/ResourceAuthPortal.tsx index 428d09c2..6f14f915 100644 --- a/src/app/auth/resource/[resourceId]/ResourceAuthPortal.tsx +++ b/src/app/auth/resource/[resourceId]/ResourceAuthPortal.tsx @@ -43,6 +43,8 @@ import { createApiClient } from "@app/lib/api"; import { useEnvContext } from "@app/hooks/useEnvContext"; import { toast } from "@app/hooks/useToast"; import Link from "next/link"; +import Image from "next/image"; +import { useTranslations } from "next-intl"; const pinSchema = z.object({ pin: z @@ -85,6 +87,7 @@ type ResourceAuthPortalProps = { export default function ResourceAuthPortal(props: ResourceAuthPortalProps) { const router = useRouter(); + const t = useTranslations(); const getNumMethods = () => { let colLength = 0; @@ -180,8 +183,8 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) { setOtpState("otp_sent"); submitOtpForm.setValue("email", values.email); toast({ - title: "OTP Sent", - description: "An OTP has been sent to your email" + title: t("otpEmailSent"), + description: t("otpEmailSentDescription") }); return; } @@ -197,7 +200,7 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) { .catch((e) => { console.error(e); setWhitelistError( - formatAxiosError(e, "Failed to authenticate with email") + formatAxiosError(e, t("otpEmailErrorAuthenticate")) ); }) .then(() => setLoadingLogin(false)); @@ -222,7 +225,7 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) { .catch((e) => { console.error(e); setPincodeError( - formatAxiosError(e, "Failed to authenticate with pincode") + formatAxiosError(e, t("pincodeErrorAuthenticate")) ); }) .then(() => setLoadingLogin(false)); @@ -250,7 +253,7 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) { .catch((e) => { console.error(e); setPasswordError( - formatAxiosError(e, "Failed to authenticate with password") + formatAxiosError(e, t("passwordErrorAuthenticate")) ); }) .finally(() => setLoadingLogin(false)); @@ -271,13 +274,23 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) { } } + function getTitle() { + return t("authenticationRequired"); + } + + function getSubtitle(resourceName: string) { + return numMethods > 1 + ? t("authenticationMethodChoose", { name: props.resource.name }) + : t("authenticationRequest", { name: props.resource.name }); + } + return (
{!accessDenied ? (
- Powered by{" "} + {t("poweredBy")}{" "} - Authentication Required + {getTitle()} - {numMethods > 1 - ? `Choose your preferred method to access ${props.resource.name}` - : `You must authenticate to access ${props.resource.name}`} + {getSubtitle(props.resource.name)} @@ -324,19 +335,19 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) { {props.methods.password && ( {" "} - Password + {t("password")} )} {props.methods.sso && ( {" "} - User + {t("user")} )} {props.methods.whitelist && ( {" "} - Email + {t("email")} )} @@ -359,7 +370,9 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) { render={({ field }) => ( - 6-digit PIN Code + {t( + "pincodeInput" + )}
@@ -428,7 +441,7 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) { disabled={loadingLogin} > - Log in with PIN + {t("pincodeSubmit")} @@ -454,7 +467,7 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) { render={({ field }) => ( - Password + {t("password")} - Log In with Password + {t("passwordSubmit")} @@ -523,7 +536,7 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) { render={({ field }) => ( - Email + {t("email")} - A one-time - code will be - sent to this - email. + {t( + "otpEmailDescription" + )} @@ -557,7 +569,7 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) { disabled={loadingLogin} > - Send One-time Code + {t("otpEmailSend")} @@ -579,9 +591,9 @@ export default function ResourceAuthPortal(props: ResourceAuthPortalProps) { render={({ field }) => ( - One-Time - Password - (OTP) + {t( + "otpEmail" + )} - Submit OTP + {t("otpEmailSubmit")} diff --git a/src/app/auth/resource/[resourceId]/ResourceNotFound.tsx b/src/app/auth/resource/[resourceId]/ResourceNotFound.tsx index 5b101297..518fe488 100644 --- a/src/app/auth/resource/[resourceId]/ResourceNotFound.tsx +++ b/src/app/auth/resource/[resourceId]/ResourceNotFound.tsx @@ -7,20 +7,24 @@ import { CardTitle, } from "@app/components/ui/card"; import Link from "next/link"; +import { getTranslations } from "next-intl/server"; export default async function ResourceNotFound() { + + const t = await getTranslations(); + return ( - Resource Not Found + {t('resourceNotFound')} - The resource you're trying to access does not exist. + {t('resourceNotFoundDescription')}
diff --git a/src/app/auth/resource/[resourceId]/page.tsx b/src/app/auth/resource/[resourceId]/page.tsx index af31de98..347d3586 100644 --- a/src/app/auth/resource/[resourceId]/page.tsx +++ b/src/app/auth/resource/[resourceId]/page.tsx @@ -14,8 +14,10 @@ import ResourceAccessDenied from "./ResourceAccessDenied"; import AccessToken from "./AccessToken"; import { pullEnv } from "@app/lib/pullEnv"; import { LoginFormIDP } from "@app/components/LoginForm"; -import db from "@server/db"; -import { idp } from "@server/db/schemas"; +import { ListIdpsResponse } from "@server/routers/idp"; +import AutoLoginHandler from "./AutoLoginHandler"; + +export const dynamic = "force-dynamic"; export default async function ResourceAuthPage(props: { params: Promise<{ resourceId: number }>; @@ -29,11 +31,13 @@ export default async function ResourceAuthPage(props: { const env = pullEnv(); + const authHeader = await authCookieHeader(); + let authInfo: GetResourceAuthInfoResponse | undefined; try { const res = await internal.get< AxiosResponse - >(`/resource/${params.resourceId}/auth`, await authCookieHeader()); + >(`/resource/${params.resourceId}/auth`, authHeader); if (res && res.status === 200) { authInfo = res.data.data; @@ -58,9 +62,13 @@ export default async function ResourceAuthPage(props: { try { const serverResourceHost = new URL(authInfo.url).host; const redirectHost = new URL(searchParams.redirect).host; + const redirectPort = new URL(searchParams.redirect).port; + const serverResourceHostWithPort = `${serverResourceHost}:${redirectPort}`; if (serverResourceHost === redirectHost) { redirectUrl = searchParams.redirect; + } else if (serverResourceHostWithPort === redirectHost) { + redirectUrl = searchParams.redirect; } } catch (e) {} } @@ -130,12 +138,27 @@ export default async function ResourceAuthPage(props: { ); } - const idps = await db.select().from(idp); - const loginIdps = idps.map((idp) => ({ + const idpsRes = await cache( + async () => await priv.get>("/idp") + )(); + const loginIdps = idpsRes.data.data.idps.map((idp) => ({ idpId: idp.idpId, name: idp.name })) as LoginFormIDP[]; + if (authInfo.skipToIdpId && authInfo.skipToIdpId !== null) { + const idp = loginIdps.find((idp) => idp.idpId === authInfo.skipToIdpId); + if (idp) { + return ( + + ); + } + } + return ( <> {userIsUnauthorized && isSSOOnly ? ( diff --git a/src/app/auth/signup/SignupForm.tsx b/src/app/auth/signup/SignupForm.tsx index 9a4129b4..f4690683 100644 --- a/src/app/auth/signup/SignupForm.tsx +++ b/src/app/auth/signup/SignupForm.tsx @@ -1,11 +1,12 @@ "use client"; -import { useState } from "react"; +import { useState, useEffect } from "react"; import { useForm } from "react-hook-form"; import { zodResolver } from "@hookform/resolvers/zod"; import * as z from "zod"; import { Button } from "@/components/ui/button"; import { Input } from "@/components/ui/input"; +import { Checkbox } from "@/components/ui/checkbox"; import { Form, FormControl, @@ -22,6 +23,7 @@ import { CardTitle } from "@/components/ui/card"; import { Alert, AlertDescription } from "@/components/ui/alert"; +import { Progress } from "@/components/ui/progress"; import { SignUpResponse } from "@server/routers/auth"; import { useRouter } from "next/navigation"; import { passwordSchema } from "@server/auth/passwordSchema"; @@ -31,18 +33,68 @@ import { createApiClient } from "@app/lib/api"; import { useEnvContext } from "@app/hooks/useEnvContext"; import Image from "next/image"; import { cleanRedirect } from "@app/lib/cleanRedirect"; +import { useTranslations } from "next-intl"; +import BrandingLogo from "@app/components/BrandingLogo"; +import { build } from "@server/build"; +import { Check, X } from "lucide-react"; +import { cn } from "@app/lib/cn"; + +// Password strength calculation +const calculatePasswordStrength = (password: string) => { + const requirements = { + length: password.length >= 8, + uppercase: /[A-Z]/.test(password), + lowercase: /[a-z]/.test(password), + number: /[0-9]/.test(password), + special: /[~!`@#$%^&*()_\-+={}[\]|\\:;"'<>,.\/?]/.test(password) + }; + + const score = Object.values(requirements).filter(Boolean).length; + let strength: "weak" | "medium" | "strong" = "weak"; + let color = "bg-red-500"; + let percentage = 0; + + if (score >= 5) { + strength = "strong"; + color = "bg-green-500"; + percentage = 100; + } else if (score >= 3) { + strength = "medium"; + color = "bg-yellow-500"; + percentage = 60; + } else if (score >= 1) { + strength = "weak"; + color = "bg-red-500"; + percentage = 30; + } + + return { requirements, strength, color, percentage, score }; +}; type SignupFormProps = { redirect?: string; inviteId?: string; inviteToken?: string; + emailParam?: string; }; const formSchema = z .object({ email: z.string().email({ message: "Invalid email address" }), password: passwordSchema, - confirmPassword: passwordSchema + confirmPassword: passwordSchema, + agreeToTerms: z.boolean().refine( + (val) => { + if (build === "saas") { + val === true; + } + return true; + }, + { + message: + "You must agree to the terms of service and privacy policy" + } + ) }) .refine((data) => data.password === data.confirmPassword, { path: ["confirmPassword"], @@ -52,24 +104,33 @@ const formSchema = z export default function SignupForm({ redirect, inviteId, - inviteToken + inviteToken, + emailParam }: SignupFormProps) { const router = useRouter(); - const api = createApiClient(useEnvContext()); + const t = useTranslations(); const [loading, setLoading] = useState(false); const [error, setError] = useState(null); + const [termsAgreedAt, setTermsAgreedAt] = useState(null); + const [passwordValue, setPasswordValue] = useState(""); + const [confirmPasswordValue, setConfirmPasswordValue] = useState(""); const form = useForm>({ resolver: zodResolver(formSchema), defaultValues: { - email: "", + email: emailParam || "", password: "", - confirmPassword: "" - } + confirmPassword: "", + agreeToTerms: false + }, + mode: "onChange" // Enable real-time validation }); + const passwordStrength = calculatePasswordStrength(passwordValue); + const doPasswordsMatch = passwordValue.length > 0 && confirmPasswordValue.length > 0 && passwordValue === confirmPasswordValue; + async function onSubmit(values: z.infer) { const { email, password } = values; @@ -79,13 +140,12 @@ export default function SignupForm({ email, password, inviteId, - inviteToken + inviteToken, + termsAcceptedTimestamp: termsAgreedAt }) .catch((e) => { console.error(e); - setError( - formatAxiosError(e, "An error occurred while signing up") - ); + setError(formatAxiosError(e, t("signupError"))); }); if (res && res.status === 200) { @@ -112,27 +172,33 @@ export default function SignupForm({ setLoading(false); } + function getSubtitle() { + return t("authCreateAccount"); + } + + const handleTermsChange = (checked: boolean) => { + if (checked) { + const isoNow = new Date().toISOString(); + console.log("Terms agreed at:", isoNow); + setTermsAgreedAt(isoNow); + form.setValue("agreeToTerms", true); + } else { + form.setValue("agreeToTerms", false); + setTermsAgreedAt(null); + } + }; + return ( - - + +
- Pangolin Logo +
-
-

- Welcome to Pangolin -

-

- Create an account to get started -

+
+

{getSubtitle()}

- +
( - Email + {t("email")} - + @@ -156,14 +225,128 @@ export default function SignupForm({ name="password" render={({ field }) => ( - Password +
+ {t("password")} + {passwordStrength.strength === "strong" && ( + + )} +
- +
+ { + field.onChange(e); + setPasswordValue(e.target.value); + }} + className={cn( + passwordStrength.strength === "strong" && "border-green-500 focus-visible:ring-green-500", + passwordStrength.strength === "medium" && "border-yellow-500 focus-visible:ring-yellow-500", + passwordStrength.strength === "weak" && passwordValue.length > 0 && "border-red-500 focus-visible:ring-red-500" + )} + autoComplete="new-password" + /> +
- + + {passwordValue.length > 0 && ( +
+ {/* Password Strength Meter */} +
+
+ {t("passwordStrength")} + + {t(`passwordStrength${passwordStrength.strength.charAt(0).toUpperCase() + passwordStrength.strength.slice(1)}`)} + +
+ +
+ + {/* Requirements Checklist */} +
+
{t("passwordRequirements")}
+
+
+ {passwordStrength.requirements.length ? ( + + ) : ( + + )} + + {t("passwordRequirementLengthText")} + +
+
+ {passwordStrength.requirements.uppercase ? ( + + ) : ( + + )} + + {t("passwordRequirementUppercaseText")} + +
+
+ {passwordStrength.requirements.lowercase ? ( + + ) : ( + + )} + + {t("passwordRequirementLowercaseText")} + +
+
+ {passwordStrength.requirements.number ? ( + + ) : ( + + )} + + {t("passwordRequirementNumberText")} + +
+
+ {passwordStrength.requirements.special ? ( + + ) : ( + + )} + + {t("passwordRequirementSpecialText")} + +
+
+
+
+ )} + + {/* Only show FormMessage when not showing our custom requirements */} + {passwordValue.length === 0 && } )} /> @@ -172,17 +355,87 @@ export default function SignupForm({ name="confirmPassword" render={({ field }) => ( - Confirm Password +
+ {t('confirmPassword')} + {doPasswordsMatch && ( + + )} +
- +
+ { + field.onChange(e); + setConfirmPasswordValue(e.target.value); + }} + className={cn( + doPasswordsMatch && "border-green-500 focus-visible:ring-green-500", + confirmPasswordValue.length > 0 && !doPasswordsMatch && "border-red-500 focus-visible:ring-red-500" + )} + autoComplete="new-password" + /> +
- + {confirmPasswordValue.length > 0 && !doPasswordsMatch && ( +

+ {t("passwordsDoNotMatch")} +

+ )} + {/* Only show FormMessage when field is empty */} + {confirmPasswordValue.length === 0 && } )} /> + {build === "saas" && ( + ( + + + { + field.onChange(checked); + handleTermsChange( + checked as boolean + ); + }} + /> + +
+ + {t("signUpTerms.IAgreeToThe")} + + {t( + "signUpTerms.termsOfService" + )} + + {t("signUpTerms.and")} + + {t( + "signUpTerms.privacyPolicy" + )} + + + +
+ + )} + /> + )} {error && ( @@ -191,11 +444,11 @@ export default function SignupForm({ )}
); -} +} \ No newline at end of file diff --git a/src/app/auth/signup/page.tsx b/src/app/auth/signup/page.tsx index 7f2205b4..673e69bf 100644 --- a/src/app/auth/signup/page.tsx +++ b/src/app/auth/signup/page.tsx @@ -6,15 +6,20 @@ import { Mail } from "lucide-react"; import Link from "next/link"; import { redirect } from "next/navigation"; import { cache } from "react"; +import { getTranslations } from "next-intl/server"; export const dynamic = "force-dynamic"; export default async function Page(props: { - searchParams: Promise<{ redirect: string | undefined }>; + searchParams: Promise<{ + redirect: string | undefined; + email: string | undefined; + }>; }) { const searchParams = await props.searchParams; const getUser = cache(verifySession); - const user = await getUser(); + const user = await getUser({ skipCheckVerifyEmail: true }); + const t = await getTranslations(); const env = pullEnv(); @@ -54,11 +59,10 @@ export default async function Page(props: {

- Looks like you've been invited! + {t("inviteAlready")}

- To accept the invite, you must log in or create an - account. + {t("inviteAlreadyDescription")}

@@ -68,10 +72,11 @@ export default async function Page(props: { redirect={redirectUrl} inviteToken={inviteToken} inviteId={inviteId} + emailParam={searchParams.email} />

- Already have an account?{" "} + {t("signupQuestion")}{" "} - Log in + {t("login")}

diff --git a/src/app/auth/verify-email/VerifyEmailForm.tsx b/src/app/auth/verify-email/VerifyEmailForm.tsx index 7d68263e..e9761eef 100644 --- a/src/app/auth/verify-email/VerifyEmailForm.tsx +++ b/src/app/auth/verify-email/VerifyEmailForm.tsx @@ -10,7 +10,7 @@ import { CardContent, CardDescription, CardHeader, - CardTitle, + CardTitle } from "@/components/ui/card"; import { Form, @@ -19,31 +19,25 @@ import { FormField, FormItem, FormLabel, - FormMessage, + FormMessage } from "@/components/ui/form"; import { Input } from "@/components/ui/input"; import { InputOTP, InputOTPGroup, - InputOTPSlot, + InputOTPSlot } from "@/components/ui/input-otp"; import { AxiosResponse } from "axios"; import { VerifyEmailResponse } from "@server/routers/auth"; -import { Loader2 } from "lucide-react"; +import { ArrowRight, IdCard, Loader2 } from "lucide-react"; import { Alert, AlertDescription } from "../../../components/ui/alert"; import { toast } from "@app/hooks/useToast"; import { useRouter } from "next/navigation"; -import { formatAxiosError } from "@app/lib/api";; +import { formatAxiosError } from "@app/lib/api"; import { createApiClient } from "@app/lib/api"; import { useEnvContext } from "@app/hooks/useEnvContext"; import { cleanRedirect } from "@app/lib/cleanRedirect"; - -const FormSchema = z.object({ - email: z.string().email({ message: "Invalid email address" }), - pin: z.string().min(8, { - message: "Your verification code must be 8 characters.", - }), -}); +import { useTranslations } from "next-intl"; export type VerifyEmailFormProps = { email: string; @@ -52,9 +46,10 @@ export type VerifyEmailFormProps = { export default function VerifyEmailForm({ email, - redirect, + redirect }: VerifyEmailFormProps) { const router = useRouter(); + const t = useTranslations(); const [error, setError] = useState(null); const [successMessage, setSuccessMessage] = useState(null); @@ -63,12 +58,34 @@ export default function VerifyEmailForm({ const api = createApiClient(useEnvContext()); + function logout() { + api.post("/auth/logout") + .catch((e) => { + console.error(t("logoutError"), e); + toast({ + title: t("logoutError"), + description: formatAxiosError(e, t("logoutError")) + }); + }) + .then(() => { + router.push("/auth/login"); + router.refresh(); + }); + } + + const FormSchema = z.object({ + email: z.string().email({ message: t("emailInvalid") }), + pin: z.string().min(8, { + message: t("verificationCodeLengthRequirements") + }) + }); + const form = useForm>({ resolver: zodResolver(FormSchema), defaultValues: { email: email, - pin: "", - }, + pin: "" + } }); async function onSubmit(data: z.infer) { @@ -76,19 +93,17 @@ export default function VerifyEmailForm({ const res = await api .post>("/auth/verify-email", { - code: data.pin, + code: data.pin }) .catch((e) => { - setError(formatAxiosError(e, "An error occurred")); - console.error("Failed to verify email:", e); + setError(formatAxiosError(e, t("errorOccurred"))); + console.error(t("emailErrorVerify"), e); setIsSubmitting(false); }); if (res && res.data?.data?.valid) { setError(null); - setSuccessMessage( - "Email successfully verified! Redirecting you..." - ); + setSuccessMessage(t("emailVerified")); setTimeout(() => { if (redirect) { const safe = cleanRedirect(redirect); @@ -105,17 +120,16 @@ export default function VerifyEmailForm({ setIsResending(true); const res = await api.post("/auth/verify-email/request").catch((e) => { - setError(formatAxiosError(e, "An error occurred")); - console.error("Failed to resend verification code:", e); + setError(formatAxiosError(e, t("errorOccurred"))); + console.error(t("verificationCodeErrorResend"), e); }); if (res) { setError(null); toast({ variant: "default", - title: "Verification code resent", - description: - "We've resent a verification code to your email address. Please check your inbox.", + title: t("verificationCodeResend"), + description: t("verificationCodeResendDescription") }); } @@ -126,40 +140,26 @@ export default function VerifyEmailForm({
- Verify Email + {t("emailVerify")} - Enter the verification code sent to your email address. + {t("emailVerifyDescription")} +

+ {email} +

- ( - - Email - - - - - - )} - /> - ( - Verification Code
- - We sent a verification code to your - email address. - )} /> +
+ +
+ {error && ( {error} @@ -222,29 +231,26 @@ export default function VerifyEmailForm({ type="submit" className="w-full" disabled={isSubmitting} + form="verify-email-form" > {isSubmitting && ( )} - Submit + {t("submit")} + + + - -
- -
); } diff --git a/src/app/favicon.ico b/src/app/favicon.ico index 0ffb1c54..bcaab339 100644 Binary files a/src/app/favicon.ico and b/src/app/favicon.ico differ diff --git a/src/app/globals.css b/src/app/globals.css index e2a6e31a..e643cfb6 100644 --- a/src/app/globals.css +++ b/src/app/globals.css @@ -1,120 +1,142 @@ @import url("https://fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900&family=Space+Grotesk:wght@300..700&display=swap"); -@import 'tw-animate-css'; -@import 'tailwindcss'; +@import "tw-animate-css"; +@import "tailwindcss"; @custom-variant dark (&:is(.dark *)); :root { - --background: hsl(0 0% 98%); - --foreground: hsl(20 0% 10%); - --card: hsl(0 0% 100%); - --card-foreground: hsl(20 0% 10%); - --popover: hsl(0 0% 100%); - --popover-foreground: hsl(20 0% 10%); - --primary: hsl(24.6 95% 53.1%); - --primary-foreground: hsl(60 9.1% 97.8%); - --secondary: hsl(60 4.8% 95.9%); - --secondary-foreground: hsl(24 9.8% 10%); - --muted: hsl(60 4.8% 85%); - --muted-foreground: hsl(25 5.3% 44.7%); - --accent: hsl(60 4.8% 90%); - --accent-foreground: hsl(24 9.8% 10%); - --destructive: hsl(0 84.2% 60.2%); - --destructive-foreground: hsl(60 9.1% 97.8%); - --border: hsl(20 5.9% 90%); - --input: hsl(20 5.9% 75%); - --ring: hsl(24.6 95% 53.1%); - --radius: 0.75rem; - --chart-1: hsl(12 76% 61%); - --chart-2: hsl(173 58% 39%); - --chart-3: hsl(197 37% 24%); - --chart-4: hsl(43 74% 66%); - --chart-5: hsl(27 87% 67%); + --radius: 0.65rem; + --background: oklch(0.99 0 0); + --foreground: oklch(0.141 0.005 285.823); + --card: oklch(1 0 0); + --card-foreground: oklch(0.141 0.005 285.823); + --popover: oklch(1 0 0); + --popover-foreground: oklch(0.141 0.005 285.823); + --primary: oklch(0.6717 0.1946 41.93); + --primary-foreground: oklch(0.98 0.016 73.684); + --secondary: oklch(0.967 0.001 286.375); + --secondary-foreground: oklch(0.21 0.006 285.885); + --muted: oklch(0.967 0.001 286.375); + --muted-foreground: oklch(0.552 0.016 285.938); + --accent: oklch(0.967 0.001 286.375); + --accent-foreground: oklch(0.21 0.006 285.885); + --destructive: oklch(0.577 0.245 27.325); + --border: oklch(0.92 0.004 286.32); + --input: oklch(0.92 0.004 286.32); + --ring: oklch(0.705 0.213 47.604); + --chart-1: oklch(0.646 0.222 41.116); + --chart-2: oklch(0.6 0.118 184.704); + --chart-3: oklch(0.398 0.07 227.392); + --chart-4: oklch(0.828 0.189 84.429); + --chart-5: oklch(0.769 0.188 70.08); + --sidebar: oklch(0.985 0 0); + --sidebar-foreground: oklch(0.141 0.005 285.823); + --sidebar-primary: oklch(0.705 0.213 47.604); + --sidebar-primary-foreground: oklch(0.98 0.016 73.684); + --sidebar-accent: oklch(0.967 0.001 286.375); + --sidebar-accent-foreground: oklch(0.21 0.006 285.885); + --sidebar-border: oklch(0.92 0.004 286.32); + --sidebar-ring: oklch(0.705 0.213 47.604); } .dark { - --background: hsl(20 0% 8%); - --foreground: hsl(60 9.1% 97.8%); - --card: hsl(20 0% 10%); - --card-foreground: hsl(60 9.1% 97.8%); - --popover: hsl(20 0% 10%); - --popover-foreground: hsl(60 9.1% 97.8%); - --primary: hsl(20.5 90.2% 48.2%); - --primary-foreground: hsl(60 9.1% 97.8%); - --secondary: hsl(12 6.5% 15%); - --secondary-foreground: hsl(60 9.1% 97.8%); - --muted: hsl(12 6.5% 25%); - --muted-foreground: hsl(24 5.4% 63.9%); - --accent: hsl(12 2.5% 15%); - --accent-foreground: hsl(60 9.1% 97.8%); - --destructive: hsl(0 72.2% 50.6%); - --destructive-foreground: hsl(60 9.1% 97.8%); - --border: hsl(12 6.5% 15%); - --input: hsl(12 6.5% 35%); - --ring: hsl(20.5 90.2% 48.2%); - --chart-1: hsl(220 70% 50%); - --chart-2: hsl(160 60% 45%); - --chart-3: hsl(30 80% 55%); - --chart-4: hsl(280 65% 60%); - --chart-5: hsl(340 75% 55%); + --background: oklch(0.20 0.006 285.885); + --foreground: oklch(0.985 0 0); + --card: oklch(0.21 0.006 285.885); + --card-foreground: oklch(0.985 0 0); + --popover: oklch(0.21 0.006 285.885); + --popover-foreground: oklch(0.985 0 0); + --primary: oklch(0.6717 0.1946 41.93); + --primary-foreground: oklch(0.98 0.016 73.684); + --secondary: oklch(0.274 0.006 286.033); + --secondary-foreground: oklch(0.985 0 0); + --muted: oklch(0.274 0.006 286.033); + --muted-foreground: oklch(0.705 0.015 286.067); + --accent: oklch(0.274 0.006 286.033); + --accent-foreground: oklch(0.985 0 0); + --destructive: oklch(0.704 0.191 22.216); + --border: oklch(1 0 0 / 10%); + --input: oklch(1 0 0 / 15%); + --ring: oklch(0.646 0.222 41.116); + --chart-1: oklch(0.488 0.243 264.376); + --chart-2: oklch(0.696 0.17 162.48); + --chart-3: oklch(0.769 0.188 70.08); + --chart-4: oklch(0.627 0.265 303.9); + --chart-5: oklch(0.645 0.246 16.439); + --sidebar: oklch(0.21 0.006 285.885); + --sidebar-foreground: oklch(0.985 0 0); + --sidebar-primary: oklch(0.646 0.222 41.116); + --sidebar-primary-foreground: oklch(0.98 0.016 73.684); + --sidebar-accent: oklch(0.274 0.006 286.033); + --sidebar-accent-foreground: oklch(0.985 0 0); + --sidebar-border: oklch(1 0 0 / 10%); + --sidebar-ring: oklch(0.646 0.222 41.116); } @theme inline { - --color-background: var(--background); - --color-foreground: var(--foreground); + --color-background: var(--background); + --color-foreground: var(--foreground); - --color-card: var(--card); - --color-card-foreground: var(--card-foreground); + --color-card: var(--card); + --color-card-foreground: var(--card-foreground); - --color-popover: var(--popover); - --color-popover-foreground: var(--popover-foreground); + --color-popover: var(--popover); + --color-popover-foreground: var(--popover-foreground); - --color-primary: var(--primary); - --color-primary-foreground: var(--primary-foreground); + --color-primary: var(--primary); + --color-primary-foreground: var(--primary-foreground); - --color-secondary: var(--secondary); - --color-secondary-foreground: var(--secondary-foreground); + --color-secondary: var(--secondary); + --color-secondary-foreground: var(--secondary-foreground); - --color-muted: var(--muted); - --color-muted-foreground: var(--muted-foreground); + --color-muted: var(--muted); + --color-muted-foreground: var(--muted-foreground); - --color-accent: var(--accent); - --color-accent-foreground: var(--accent-foreground); + --color-accent: var(--accent); + --color-accent-foreground: var(--accent-foreground); - --color-destructive: var(--destructive); - --color-destructive-foreground: var(--destructive-foreground); + --color-destructive: var(--destructive); + --color-destructive-foreground: var(--destructive-foreground); - --color-border: var(--border); - --color-input: var(--input); - --color-ring: var(--ring); + --color-border: var(--border); + --color-input: var(--input); + --color-ring: var(--ring); - --color-chart-1: var(--chart-1); - --color-chart-2: var(--chart-2); - --color-chart-3: var(--chart-3); - --color-chart-4: var(--chart-4); - --color-chart-5: var(--chart-5); + --color-chart-1: var(--chart-1); + --color-chart-2: var(--chart-2); + --color-chart-3: var(--chart-3); + --color-chart-4: var(--chart-4); + --color-chart-5: var(--chart-5); - --radius-lg: var(--radius); - --radius-md: calc(var(--radius) - 2px); - --radius-sm: calc(var(--radius) - 4px); + --radius-lg: var(--radius); + --radius-md: calc(var(--radius) - 2px); + --radius-sm: calc(var(--radius) - 4px); + + --shadow-2xs: 0 1px 1px rgba(0, 0, 0, 0.03); + --inset-shadow-2xs: inset 0 1px 1px rgba(0, 0, 1, 0.03); } @layer base { - *, - ::after, - ::before, - ::backdrop, - ::file-selector-button { - border-color: var(--color-gray-200, currentcolor); - } + *, + ::after, + ::before, + ::backdrop, + ::file-selector-button { + border-color: var(--color-gray-200, currentcolor); + } } @layer base { - * { - @apply border-border; - } + * { + @apply border-border; + } - body { - @apply bg-background text-foreground; - } + body { + @apply bg-background text-foreground; + } +} + +p { + word-break: keep-all; + white-space: normal; } diff --git a/src/app/invite/InviteStatusCard.tsx b/src/app/invite/InviteStatusCard.tsx index 313bee66..6d7db4dc 100644 --- a/src/app/invite/InviteStatusCard.tsx +++ b/src/app/invite/InviteStatusCard.tsx @@ -12,28 +12,37 @@ import { import { useEnvContext } from "@app/hooks/useEnvContext"; import { XCircle } from "lucide-react"; import { useRouter } from "next/navigation"; +import { useTranslations } from "next-intl"; type InviteStatusCardProps = { type: "rejected" | "wrong_user" | "user_does_not_exist" | "not_logged_in"; token: string; + email?: string; }; export default function InviteStatusCard({ type, token, + email, }: InviteStatusCardProps) { const router = useRouter(); - const api = createApiClient(useEnvContext()); + const t = useTranslations(); async function goToLogin() { await api.post("/auth/logout", {}); - router.push(`/auth/login?redirect=/invite?token=${token}`); + const redirectUrl = email + ? `/auth/login?redirect=/invite?token=${token}&email=${encodeURIComponent(email)}` + : `/auth/login?redirect=/invite?token=${token}`; + router.push(redirectUrl); } async function goToSignup() { await api.post("/auth/logout", {}); - router.push(`/auth/signup?redirect=/invite?token=${token}`); + const redirectUrl = email + ? `/auth/signup?redirect=/invite?token=${token}&email=${encodeURIComponent(email)}` + : `/auth/signup?redirect=/invite?token=${token}`; + router.push(redirectUrl); } function renderBody() { @@ -41,13 +50,12 @@ export default function InviteStatusCard({ return (

- We're sorry, but it looks like the invite you're trying - to access has not been accepted or is no longer valid. + {t('inviteErrorNotValid')}

    -
  • The invite may have expired
    • -
  • The invite might have been revoked
    • -
  • There could be a typo in the invite link
    • +
  • {t('inviteErrorExpired')}
    • +
  • {t('inviteErrorRevoked')}
    • +
  • {t('inviteErrorTypo')}
); @@ -55,11 +63,10 @@ export default function InviteStatusCard({ return (

- We're sorry, but it looks like the invite you're trying - to access is not for this user. + {t('inviteErrorUser')}

- Please make sure you're logged in as the correct user. + {t('inviteLoginUser')}

); @@ -67,11 +74,10 @@ export default function InviteStatusCard({ return (

- We're sorry, but it looks like the invite you're trying - to access is not for a user that exists. + {t('inviteErrorNoUser')}

- Please create an account first. + {t('inviteCreateUser')}

); @@ -86,15 +92,15 @@ export default function InviteStatusCard({ router.push("/"); }} > - Go Home + {t('goHome')} ); } else if (type === "wrong_user") { return ( - + ); } else if (type === "user_does_not_exist") { - return ; + return ; } } @@ -109,7 +115,7 @@ export default function InviteStatusCard({ />
*/} - Invite Not Accepted + {t('inviteNotAccepted')} {renderBody()} diff --git a/src/app/invite/page.tsx b/src/app/invite/page.tsx index b105c0b1..2e0c11e2 100644 --- a/src/app/invite/page.tsx +++ b/src/app/invite/page.tsx @@ -5,7 +5,8 @@ import { AcceptInviteResponse } from "@server/routers/user"; import { AxiosResponse } from "axios"; import { redirect } from "next/navigation"; import InviteStatusCard from "./InviteStatusCard"; -import { formatAxiosError } from "@app/lib/api";; +import { formatAxiosError } from "@app/lib/api"; +import { getTranslations } from "next-intl/server"; export default async function InvitePage(props: { searchParams: Promise<{ [key: string]: string | string[] | undefined }>; @@ -13,19 +14,21 @@ export default async function InvitePage(props: { const params = await props.searchParams; const tokenParam = params.token as string; + const emailParam = params.email as string; if (!tokenParam) { redirect("/"); } const user = await verifySession(); + const t = await getTranslations(); const parts = tokenParam.split("-"); if (parts.length !== 2) { return ( <> -

Invalid Invite

-

The invite link is invalid.

+

{t('inviteInvalid')}

+

{t('inviteInvalidDescription')}

); } @@ -45,6 +48,7 @@ export default async function InvitePage(props: { ) .catch((e) => { error = formatAxiosError(e); + console.error(error); }); if (res && res.status === 200) { @@ -55,9 +59,7 @@ export default async function InvitePage(props: { if (error.includes("Invite is not for this user")) { return "wrong_user"; } else if ( - error.includes( - "User does not exist. Please create an account first." - ) + error.includes("User does not exist. Please create an account first.") ) { return "user_does_not_exist"; } else if (error.includes("You must be logged in to accept an invite")) { @@ -70,16 +72,22 @@ export default async function InvitePage(props: { const type = cardType(); if (!user && type === "user_does_not_exist") { - redirect(`/auth/signup?redirect=/invite?token=${params.token}`); + const redirectUrl = emailParam + ? `/auth/signup?redirect=/invite?token=${params.token}&email=${encodeURIComponent(emailParam)}` + : `/auth/signup?redirect=/invite?token=${params.token}`; + redirect(redirectUrl); } if (!user && type === "not_logged_in") { - redirect(`/auth/login?redirect=/invite?token=${params.token}`); + const redirectUrl = emailParam + ? `/auth/login?redirect=/invite?token=${params.token}&email=${encodeURIComponent(emailParam)}` + : `/auth/login?redirect=/invite?token=${params.token}`; + redirect(redirectUrl); } return ( <> - + ); } diff --git a/src/app/layout.tsx b/src/app/layout.tsx index d99c026f..a60ffb6c 100644 --- a/src/app/layout.tsx +++ b/src/app/layout.tsx @@ -1,14 +1,16 @@ import type { Metadata } from "next"; import "./globals.css"; import { Inter } from "next/font/google"; -import { Toaster } from "@/components/ui/toaster"; import { ThemeProvider } from "@app/providers/ThemeProvider"; import EnvProvider from "@app/providers/EnvProvider"; import { pullEnv } from "@app/lib/pullEnv"; +import { NextIntlClientProvider } from "next-intl"; +import { getLocale } from "next-intl/server"; +import { Toaster } from "@app/components/ui/toaster"; export const metadata: Metadata = { title: `Dashboard - Pangolin`, - description: "" + description: "", }; export const dynamic = "force-dynamic"; @@ -21,27 +23,29 @@ export default async function RootLayout({ }: Readonly<{ children: React.ReactNode; }>) { - const env = pullEnv(); + const locale = await getLocale(); return ( - + - - - {/* Main content */} -
-
- {children} + + + + {/* Main content */} +
+
+ {children} +
-
- - - + + + + ); diff --git a/src/app/navigation.tsx b/src/app/navigation.tsx index 821f12c4..dd309c57 100644 --- a/src/app/navigation.tsx +++ b/src/app/navigation.tsx @@ -1,4 +1,5 @@ import { SidebarNavItem } from "@app/components/SidebarNav"; +import { build } from "@server/build"; import { Home, Settings, @@ -7,96 +8,123 @@ import { Waypoints, Combine, Fingerprint, + Workflow, KeyRound, - TicketCheck + TicketCheck, + User, + Globe, // Added from 'dev' branch + MonitorUp, // Added from 'dev' branch + Zap } from "lucide-react"; +export type SidebarNavSection = { + // Added from 'dev' branch + heading: string; + items: SidebarNavItem[]; +}; + +// Merged from 'user-management-and-resources' branch export const orgLangingNavItems: SidebarNavItem[] = [ { - title: "Overview", + title: "sidebarAccount", href: "/{orgId}", - icon: + icon: } ]; -export const rootNavItems: SidebarNavItem[] = [ +export const orgNavSections = ( + enableClients: boolean = true +): SidebarNavSection[] => [ { - title: "Home", - href: "/", - icon: - } -]; - -export const orgNavItems: SidebarNavItem[] = [ - { - title: "Sites", - href: "/{orgId}/settings/sites", - icon: - }, - { - title: "Resources", - href: "/{orgId}/settings/resources", - icon: - }, - { - title: "Access Control", - href: "/{orgId}/settings/access", - icon: , - autoExpand: true, - children: [ + heading: "General", + items: [ { - title: "Users", - href: "/{orgId}/settings/access/users", - children: [ - { - title: "Invitations", - href: "/{orgId}/settings/access/invitations" - } - ] + title: "sidebarSites", + href: "/{orgId}/settings/sites", + icon: }, { - title: "Roles", - href: "/{orgId}/settings/access/roles" + title: "sidebarResources", + href: "/{orgId}/settings/resources", + icon: + }, + ...(enableClients + ? [ + { + title: "sidebarClients", + href: "/{orgId}/settings/clients", + icon: + } + ] + : []), + { + title: "sidebarDomains", + href: "/{orgId}/settings/domains", + icon: } ] }, { - title: "Shareable Links", - href: "/{orgId}/settings/share-links", - icon: + heading: "Access Control", + items: [ + { + title: "sidebarUsers", + href: "/{orgId}/settings/access/users", + icon: + }, + { + title: "sidebarRoles", + href: "/{orgId}/settings/access/roles", + icon: + }, + { + title: "sidebarInvitations", + href: "/{orgId}/settings/access/invitations", + icon: + }, + { + title: "sidebarShareableLinks", + href: "/{orgId}/settings/share-links", + icon: + } + ] }, - /* - TODO: { - title: "API Keys", - href: "/{orgId}/settings/api-keys", - icon: , - }, - */ - { - title: "Settings", - href: "/{orgId}/settings/general", - icon: + heading: "Organization", + items: [ + { + title: "sidebarApiKeys", + href: "/{orgId}/settings/api-keys", + icon: + }, + { + title: "sidebarSettings", + href: "/{orgId}/settings/general", + icon: + } + ] } ]; -export const adminNavItems: SidebarNavItem[] = [ +export const adminNavSections: SidebarNavSection[] = [ { - title: "All Users", - href: "/admin/users", - icon: - }, - /* - TODO: - { - title: "API Keys", - href: "/admin/api-keys", - icon: , - }, - */ - { - title: "Identity Providers", - href: "/admin/idp", - icon: + heading: "Admin", + items: [ + { + title: "sidebarAllUsers", + href: "/admin/users", + icon: + }, + { + title: "sidebarApiKeys", + href: "/admin/api-keys", + icon: + }, + { + title: "sidebarIdentityProviders", + href: "/admin/idp", + icon: + }, + ] } ]; diff --git a/src/app/not-found.tsx b/src/app/not-found.tsx index cb831311..60c02bee 100644 --- a/src/app/not-found.tsx +++ b/src/app/not-found.tsx @@ -1,14 +1,17 @@ -import Link from "next/link"; +import { getTranslations } from "next-intl/server"; export default async function NotFound() { + + const t = await getTranslations(); + return (

404

- Page Not Found + {t('pageNotFound')}

- Oops! The page you're looking for doesn't exist. + {t('pageNotFoundDescription')}

); diff --git a/src/app/page.tsx b/src/app/page.tsx index 6cab7cbd..5c150c58 100644 --- a/src/app/page.tsx +++ b/src/app/page.tsx @@ -6,11 +6,13 @@ import { ListUserOrgsResponse } from "@server/routers/org"; import { AxiosResponse } from "axios"; import { redirect } from "next/navigation"; import { cache } from "react"; -import OrganizationLanding from "./components/OrganizationLanding"; +import OrganizationLanding from "@app/components/OrganizationLanding"; import { pullEnv } from "@app/lib/pullEnv"; import { cleanRedirect } from "@app/lib/cleanRedirect"; import { Layout } from "@app/components/Layout"; -import { rootNavItems } from "./navigation"; +import { InitialSetupCompleteResponse } from "@server/routers/auth"; +import { cookies } from "next/headers"; +import { build } from "@server/build"; export const dynamic = "force-dynamic"; @@ -27,6 +29,14 @@ export default async function Page(props: { const getUser = cache(verifySession); const user = await getUser({ skipCheckVerifyEmail: true }); + const setupRes = await internal.get< + AxiosResponse + >(`/auth/initial-setup-complete`, await authCookieHeader()); + const complete = setupRes.data.data.complete; + if (!complete) { + redirect("/auth/initial-setup"); + } + if (!user) { if (params.redirect) { const safe = cleanRedirect(params.redirect); @@ -63,9 +73,26 @@ export default async function Page(props: { } } + const allCookies = await cookies(); + const lastOrgCookie = allCookies.get("pangolin-last-org")?.value; + + const lastOrgExists = orgs.some((org) => org.orgId === lastOrgCookie); + if (lastOrgExists) { + redirect(`/${lastOrgCookie}`); + } else { + const ownedOrg = orgs.find((org) => org.isOwner); + if (ownedOrg) { + redirect(`/${ownedOrg.orgId}`); + } else { + if (!env.flags.disableUserCreateOrg || user.serverAdmin) { + redirect("/setup"); + } + } + } + return ( - +
- +
{children}
diff --git a/src/app/setup/page.tsx b/src/app/setup/page.tsx index 5420748c..42c64b16 100644 --- a/src/app/setup/page.tsx +++ b/src/app/setup/page.tsx @@ -2,8 +2,6 @@ import { Button } from "@/components/ui/button"; import { Input } from "@/components/ui/input"; -import { Label } from "@/components/ui/label"; -import Link from "next/link"; import { toast } from "@app/hooks/useToast"; import { useCallback, useEffect, useState } from "react"; import { @@ -13,8 +11,7 @@ import { CardHeader, CardTitle } from "@app/components/ui/card"; -import CopyTextBox from "@app/components/CopyTextBox"; -import { formatAxiosError } from "@app/lib/api";; +import { formatAxiosError } from "@app/lib/api"; import { createApiClient } from "@app/lib/api"; import { useEnvContext } from "@app/hooks/useEnvContext"; import { Separator } from "@/components/ui/separator"; @@ -32,57 +29,93 @@ import { FormMessage } from "@app/components/ui/form"; import { Alert, AlertDescription } from "@app/components/ui/alert"; -import CreateSiteForm from "../[orgId]/settings/sites/CreateSiteForm"; +import { useTranslations } from "next-intl"; type Step = "org" | "site" | "resources"; -const orgSchema = z.object({ - orgName: z.string().min(1, { message: "Organization name is required" }), - orgId: z.string().min(1, { message: "Organization ID is required" }) -}); - export default function StepperForm() { const [currentStep, setCurrentStep] = useState("org"); const [orgIdTaken, setOrgIdTaken] = useState(false); + const t = useTranslations(); + const { env } = useEnvContext(); const [loading, setLoading] = useState(false); const [isChecked, setIsChecked] = useState(false); const [error, setError] = useState(null); + const [orgCreated, setOrgCreated] = useState(false); + + const orgSchema = z.object({ + orgName: z.string().min(1, { message: t("orgNameRequired") }), + orgId: z.string().min(1, { message: t("orgIdRequired") }), + subnet: z.string().min(1, { message: t("subnetRequired") }) + }); const orgForm = useForm>({ resolver: zodResolver(orgSchema), defaultValues: { orgName: "", - orgId: "" + orgId: "", + subnet: "" } }); const api = createApiClient(useEnvContext()); const router = useRouter(); - const checkOrgIdAvailability = useCallback(async (value: string) => { - if (loading) { - return; - } - try { - const res = await api.get(`/org/checkId`, { - params: { - orgId: value - } - }); - setOrgIdTaken(res.status !== 404); - } catch (error) { - setOrgIdTaken(false); - } + // Fetch default subnet on component mount + useEffect(() => { + fetchDefaultSubnet(); }, []); + const fetchDefaultSubnet = async () => { + try { + const res = await api.get(`/pick-org-defaults`); + if (res && res.data && res.data.data) { + orgForm.setValue("subnet", res.data.data.subnet); + } + } catch (e) { + console.error("Failed to fetch default subnet:", e); + toast({ + title: "Error", + description: "Failed to fetch default subnet", + variant: "destructive" + }); + } + }; + + const checkOrgIdAvailability = useCallback( + async (value: string) => { + if (loading || orgCreated) { + return; + } + try { + const res = await api.get(`/org/checkId`, { + params: { + orgId: value + } + }); + setOrgIdTaken(res.status !== 404); + } catch (error) { + setOrgIdTaken(false); + } + }, + [loading, orgCreated, api] + ); + const debouncedCheckOrgIdAvailability = useCallback( debounce(checkOrgIdAvailability, 300), [checkOrgIdAvailability] ); const generateId = (name: string) => { - return name.toLowerCase().replace(/\s+/g, "-"); + // Replace any character that is not a letter, number, space, or hyphen with a hyphen + // Also collapse multiple hyphens and trim + return name + .toLowerCase() + .replace(/[^a-z0-9\s-]/g, "-") + .replace(/\s+/g, "-") + .replace(/-+/g, "-") + .replace(/^-+|-+$/g, ""); }; async function orgSubmit(values: z.infer) { @@ -95,18 +128,17 @@ export default function StepperForm() { try { const res = await api.put(`/org`, { orgId: values.orgId, - name: values.orgName + name: values.orgName, + subnet: values.subnet }); if (res && res.status === 201) { - // setCurrentStep("site"); + setOrgCreated(true); router.push(`/${values.orgId}/settings/sites/create`); } } catch (e) { console.error(e); - setError( - formatAxiosError(e, "An error occurred while creating org") - ); + setError(formatAxiosError(e, t("orgErrorCreate"))); } setLoading(false); @@ -116,10 +148,8 @@ export default function StepperForm() { <> - New Organization - - Create your organization, site, and resources - + {t("setupNewOrg")} + {t("setupCreate")}
@@ -141,7 +171,7 @@ export default function StepperForm() { : "text-muted-foreground" }`} > - Create Org + {t("setupCreateOrg")}
@@ -161,7 +191,7 @@ export default function StepperForm() { : "text-muted-foreground" }`} > - Create Site + {t("siteCreate")}
@@ -181,7 +211,7 @@ export default function StepperForm() { : "text-muted-foreground" }`} > - Create Resources + {t("setupCreateResources")}
@@ -200,17 +230,22 @@ export default function StepperForm() { render={({ field }) => ( - Organization Name + {t("setupOrgName")} { + // Prevent "/" in orgName input + const sanitizedValue = + e.target.value.replace( + /\//g, + "-" + ); const orgId = generateId( - e.target - .value + sanitizedValue ); orgForm.setValue( "orgId", @@ -218,18 +253,21 @@ export default function StepperForm() { ); orgForm.setValue( "orgName", - e.target.value + sanitizedValue ); debouncedCheckOrgIdAvailability( orgId ); }} + value={field.value.replace( + /\//g, + "-" + )} /> - This is the display name for - your organization. + {t("orgDisplayName")} )} @@ -240,7 +278,7 @@ export default function StepperForm() { render={({ field }) => ( - Organization ID + {t("orgId")} - This is the unique - identifier for your - organization. This is - separate from the display - name. + {t( + "setupIdentifierMessage" + )} )} /> - {orgIdTaken && ( + {env.flags.enableClients && ( + ( + + + Subnet + + + + + + + Network subnet for this + organization. A default + value has been provided. + + + )} + /> + )} + + {orgIdTaken && !orgCreated ? ( - Organization ID is already - taken. Please choose a different - one. + {t("setupErrorIdentifier")} - )} + ) : null} {error && ( @@ -288,7 +348,7 @@ export default function StepperForm() { orgIdTaken } > - Create Organization + {t("setupCreateOrg")}
diff --git a/src/components/BrandingLogo.tsx b/src/components/BrandingLogo.tsx new file mode 100644 index 00000000..34771333 --- /dev/null +++ b/src/components/BrandingLogo.tsx @@ -0,0 +1,50 @@ +"use client"; + +import { useEnvContext } from "@app/hooks/useEnvContext"; +import { useTheme } from "next-themes"; +import Image from "next/image"; +import { useEffect, useState } from "react"; + +type BrandingLogoProps = { + width: number; + height: number; +}; + +export default function BrandingLogo(props: BrandingLogoProps) { + const { env } = useEnvContext(); + const { theme } = useTheme(); + const [path, setPath] = useState(""); // Default logo path + + useEffect(() => { + function getPath() { + let lightOrDark = theme; + + if (theme === "system" || !theme) { + lightOrDark = window.matchMedia("(prefers-color-scheme: dark)") + .matches + ? "dark" + : "light"; + } + + if (lightOrDark === "light") { + return "/logo/word_mark_black.png"; + } + + return "/logo/word_mark_white.png"; + } + + const path = getPath(); + setPath(path); + }, [theme, env]); + + return ( + path && ( + Logo + ) + ); +} diff --git a/src/components/Breadcrumbs.tsx b/src/components/Breadcrumbs.tsx deleted file mode 100644 index 25366ffa..00000000 --- a/src/components/Breadcrumbs.tsx +++ /dev/null @@ -1,42 +0,0 @@ -"use client"; - -import { usePathname } from "next/navigation"; -import Link from "next/link"; -import { ChevronRight } from "lucide-react"; -import { cn } from "@app/lib/cn"; - -interface BreadcrumbItem { - label: string; - href: string; -} - -export function Breadcrumbs() { - const pathname = usePathname(); - const segments = pathname.split("/").filter(Boolean); - - const breadcrumbs: BreadcrumbItem[] = segments.map((segment, index) => { - const href = `/${segments.slice(0, index + 1).join("/")}`; - let label = decodeURIComponent(segment); - return { label, href }; - }); - - return ( - - ); -} diff --git a/src/components/ConfirmDeleteDialog.tsx b/src/components/ConfirmDeleteDialog.tsx index a928ed60..cd053a14 100644 --- a/src/components/ConfirmDeleteDialog.tsx +++ b/src/components/ConfirmDeleteDialog.tsx @@ -43,6 +43,7 @@ import { useOrgContext } from "@app/hooks/useOrgContext"; import { Description } from "@radix-ui/react-toast"; import { createApiClient } from "@app/lib/api"; import { useEnvContext } from "@app/hooks/useEnvContext"; +import { useTranslations } from "next-intl"; type InviteUserFormProps = { open: boolean; @@ -67,9 +68,11 @@ export default function InviteUserForm({ const api = createApiClient(useEnvContext()); + const t = useTranslations(); + const formSchema = z.object({ string: z.string().refine((val) => val === string, { - message: "Invalid confirmation" + message: t("inviteErrorInvalidConfirmation") }) }); @@ -105,7 +108,9 @@ export default function InviteUserForm({ {title} -
{dialog}
+
+ {dialog} +
- + + + + + + {t("containersIn", { siteName: site.name })} + + + {t("selectContainerDescription")} + + + +
+ {})} + /> +
+ + + + + + + + + + ); +}; + +const DockerContainersTable: FC<{ + containers: Container[]; + onContainerSelect: (container: Container, port?: number) => void; + onRefresh: () => void; +}> = ({ containers, onContainerSelect, onRefresh }) => { + const [searchInput, setSearchInput] = useState(""); + const [globalFilter, setGlobalFilter] = useState(""); + const [hideContainersWithoutPorts, setHideContainersWithoutPorts] = + useState(true); + const [hideStoppedContainers, setHideStoppedContainers] = useState(false); + const [columnVisibility, setColumnVisibility] = useState({ + labels: false + }); + + const t = useTranslations(); + + useEffect(() => { + const timer = setTimeout(() => { + setGlobalFilter(searchInput); + }, 100); + + return () => clearTimeout(timer); + }, [searchInput]); + + const getExposedPorts = useCallback((container: Container): number[] => { + const ports: number[] = []; + + container.ports?.forEach((port) => { + if (port.privatePort) { + ports.push(port.privatePort); + } + }); + + return [...new Set(ports)]; // Remove duplicates + }, []); + + const globalFilterFunction = useCallback( + (row: any, columnId: string, value: string) => { + const container = row.original as Container; + const searchValue = value.toLowerCase(); + + // Search across all relevant fields + const searchableFields = [ + container.name, + container.image, + container.state, + container.status, + getContainerHostname(container), + ...Object.keys(container.networks), + ...Object.values(container.networks) + .map((n) => n.ipAddress) + .filter(Boolean), + ...getExposedPorts(container).map((p) => p.toString()), + ...Object.entries(container.labels).flat() + ]; + + return searchableFields.some((field) => + field?.toString().toLowerCase().includes(searchValue) + ); + }, + [getExposedPorts] + ); + + const columns: ColumnDef[] = [ + { + accessorKey: "name", + header: t("containerName"), + cell: ({ row }) => ( +
{row.original.name}
+ ) + }, + { + accessorKey: "image", + header: t("containerImage"), + cell: ({ row }) => ( +
+ {row.original.image} +
+ ) + }, + { + accessorKey: "state", + header: t("containerState"), + cell: ({ row }) => ( + + {row.original.state} + + ) + }, + { + accessorKey: "networks", + header: t("containerNetworks"), + cell: ({ row }) => { + const networks = Object.keys(row.original.networks); + return ( +
+ {networks.length > 0 + ? networks.map((n) => ( + + {n} + + )) + : "-"} +
+ ); + } + }, + { + accessorKey: "hostname", + header: t("containerHostnameIp"), + enableHiding: false, + cell: ({ row }) => ( +
+ {getContainerHostname(row.original)} +
+ ) + }, + { + accessorKey: "labels", + header: t("containerLabels"), + cell: ({ row }) => { + const labels = row.original.labels || {}; + const labelEntries = Object.entries(labels); + + if (labelEntries.length === 0) { + return -; + } + + return ( + + + + + + +
+

+ {t("containerLabelsTitle")} +

+
+ {labelEntries.map(([key, value]) => ( +
+
+ {key} +
+
+ {value || + t( + "containerLabelEmpty" + )} +
+
+ ))} +
+
+ + + + ); + } + }, + { + accessorKey: "ports", + header: t("containerPorts"), + enableHiding: false, + cell: ({ row }) => { + const ports = getExposedPorts(row.original); + return ( +
+ {ports.slice(0, 2).map((port) => ( + + ))} + {ports.length > 2 && ( + + + + + + {ports.slice(2).map((port) => ( + + ))} + + + )} +
+ ); + } + }, + { + id: "actions", + header: t("containerActions"), + cell: ({ row }) => { + const ports = getExposedPorts(row.original); + return ( + + ); + } + } + ]; + + const initialFilters = useMemo(() => { + let filtered = containers; + + // Filter by port visibility + if (hideContainersWithoutPorts) { + filtered = filtered.filter((container) => { + const ports = getExposedPorts(container); + return ports.length > 0; // Show only containers WITH ports + }); + } + + // Filter by container state + if (hideStoppedContainers) { + filtered = filtered.filter((container) => { + return container.state === "running"; + }); + } + + return filtered; + }, [ + containers, + hideContainersWithoutPorts, + hideStoppedContainers, + getExposedPorts + ]); + + const table = useReactTable({ + data: initialFilters, + columns, + getCoreRowModel: getCoreRowModel(), + getFilteredRowModel: getFilteredRowModel(), + globalFilterFn: globalFilterFunction, + state: { + globalFilter, + columnVisibility + }, + onGlobalFilterChange: setGlobalFilter, + onColumnVisibilityChange: setColumnVisibility + }); + + if (initialFilters.length === 0) { + return ( +
+
+
+ {(hideContainersWithoutPorts || + hideStoppedContainers) && + containers.length > 0 ? ( + <> +

{t("noContainersMatchingFilters")}

+
+ {hideContainersWithoutPorts && ( + + )} + {hideStoppedContainers && ( + + )} +
+ + ) : ( +

{t("noContainersFound")}

+ )} +
+
+
+ ); + } + + return ( +
+
+
+
+ + + setSearchInput(event.target.value) + } + className="pl-8" + /> + {searchInput && + table.getFilteredRowModel().rows.length > 0 && ( +
+ {t("searchResultsCount", { + count: table.getFilteredRowModel().rows + .length + })} +
+ )} +
+
+ + + + + + + {t("filterOptions")} + + + + {t("filterPorts")} + + + {t("filterStopped")} + + {(hideContainersWithoutPorts || + hideStoppedContainers) && ( + <> + +
+ +
+ + )} + + + + + + + + + + {t("toggleColumns")} + + + {table + .getAllColumns() + .filter((column) => column.getCanHide()) + .map((column) => { + return ( + + column.toggleVisibility( + !!value + ) + } + > + {column.id === "hostname" + ? t("containerHostnameIp") + : column.id} + + ); + })} + + +
+ +
+
+
+ + + {table.getHeaderGroups().map((headerGroup) => ( + + {headerGroup.headers.map((header) => ( + + {header.isPlaceholder + ? null + : flexRender( + header.column.columnDef + .header, + header.getContext() + )} + + ))} + + ))} + + + {table.getRowModel().rows?.length ? ( + table.getRowModel().rows.map((row) => ( + + {row.getVisibleCells().map((cell) => ( + + {flexRender( + cell.column.columnDef.cell, + cell.getContext() + )} + + ))} + + )) + ) : ( + + + {searchInput && !globalFilter ? ( +
+
+ {t("searching")} +
+ ) : ( + t("noContainersFoundMatching", { + filter: globalFilter + }) + )} + + + )} + +
+
+
+ ); +}; + +function getContainerHostname(container: Container): string { + // First, try to get IP from networks + const networks = Object.values(container.networks); + for (const network of networks) { + if (network.ipAddress) { + return network.ipAddress; + } + } + + // Fallback to container name (works in Docker networks) + return container.name; +} diff --git a/src/components/CopyTextBox.tsx b/src/components/CopyTextBox.tsx index e6009019..72a99c3f 100644 --- a/src/components/CopyTextBox.tsx +++ b/src/components/CopyTextBox.tsx @@ -3,6 +3,7 @@ import { useState, useRef } from "react"; import { Button } from "@/components/ui/button"; import { Copy, Check } from "lucide-react"; +import { useTranslations } from "next-intl"; type CopyTextBoxProps = { text?: string; @@ -19,6 +20,7 @@ export default function CopyTextBox({ }: CopyTextBoxProps) { const [isCopied, setIsCopied] = useState(false); const textRef = useRef(null); + const t = useTranslations(); const copyToClipboard = async () => { if (textRef.current) { @@ -27,7 +29,7 @@ export default function CopyTextBox({ setIsCopied(true); setTimeout(() => setIsCopied(false), 2000); } catch (err) { - console.error("Failed to copy text: ", err); + console.error(t('copyTextFailed'), err); } } }; @@ -38,7 +40,7 @@ export default function CopyTextBox({ > 
                 {isCopied ? (
                     
diff --git a/src/components/CopyToClipboard.tsx b/src/components/CopyToClipboard.tsx
index 2ea582c2..b187e6c6 100644
--- a/src/components/CopyToClipboard.tsx
+++ b/src/components/CopyToClipboard.tsx
@@ -1,6 +1,7 @@
 import { Check, Copy } from "lucide-react";
 import Link from "next/link";
 import { useState } from "react";
+import { useTranslations } from "next-intl";
 
 type CopyToClipboardProps = {
     text: string;
@@ -22,6 +23,8 @@ const CopyToClipboard = ({ text, displayText, isLink }: CopyToClipboardProps) =>
 
     const displayValue = displayText ?? text;
 
+    const t = useTranslations();
+
     return (
         

             {isLink ? (
@@ -29,7 +32,7 @@ const CopyToClipboard = ({ text, displayText, isLink }: CopyToClipboardProps) =>
                     href={text}
                     target="_blank"
                     rel="noopener noreferrer"
-                    className="truncate hover:underline"
+                    className="truncate hover:underline text-sm"
                     style={{ maxWidth: "100%" }} // Ensures truncation works within parent
                     title={text} // Shows full text on hover
                 >
@@ -37,7 +40,7 @@ const CopyToClipboard = ({ text, displayText, isLink }: CopyToClipboardProps) =>
                 
             ) : (
                 
                 ) : (
                     
                 )}
-                Copy text
+                {t('copyText')}
             
         

     );
diff --git a/src/components/CreateInternalResourceDialog.tsx b/src/components/CreateInternalResourceDialog.tsx
new file mode 100644
index 00000000..ccfddcd8
--- /dev/null
+++ b/src/components/CreateInternalResourceDialog.tsx
@@ -0,0 +1,422 @@
+"use client";
+
+import { useEffect, useState } from "react";
+import { Button } from "@app/components/ui/button";
+import { Input } from "@app/components/ui/input";
+import {
+    Select,
+    SelectContent,
+    SelectItem,
+    SelectTrigger,
+    SelectValue
+} from "@app/components/ui/select";
+import {
+    Command,
+    CommandEmpty,
+    CommandGroup,
+    CommandInput,
+    CommandItem,
+    CommandList
+} from "@app/components/ui/command";
+import {
+    Popover,
+    PopoverContent,
+    PopoverTrigger
+} from "@app/components/ui/popover";
+import { Check, ChevronsUpDown } from "lucide-react";
+import { useForm } from "react-hook-form";
+import { zodResolver } from "@hookform/resolvers/zod";
+import { z } from "zod";
+import {
+    Form,
+    FormControl,
+    FormDescription,
+    FormField,
+    FormItem,
+    FormLabel,
+    FormMessage
+} from "@app/components/ui/form";
+import {
+    Credenza,
+    CredenzaBody,
+    CredenzaClose,
+    CredenzaContent,
+    CredenzaDescription,
+    CredenzaFooter,
+    CredenzaHeader,
+    CredenzaTitle
+} from "@app/components/Credenza";
+import { toast } from "@app/hooks/useToast";
+import { useTranslations } from "next-intl";
+import { createApiClient, formatAxiosError } from "@app/lib/api";
+import { useEnvContext } from "@app/hooks/useEnvContext";
+import { ListSitesResponse } from "@server/routers/site";
+import { cn } from "@app/lib/cn";
+
+type Site = ListSitesResponse["sites"][0];
+
+type CreateInternalResourceDialogProps = {
+    open: boolean;
+    setOpen: (val: boolean) => void;
+    orgId: string;
+    sites: Site[];
+    onSuccess?: () => void;
+};
+
+export default function CreateInternalResourceDialog({
+    open,
+    setOpen,
+    orgId,
+    sites,
+    onSuccess
+}: CreateInternalResourceDialogProps) {
+    const t = useTranslations();
+    const api = createApiClient(useEnvContext());
+    const [isSubmitting, setIsSubmitting] = useState(false);
+
+    const formSchema = z.object({
+        name: z
+            .string()
+            .min(1, t("createInternalResourceDialogNameRequired"))
+            .max(255, t("createInternalResourceDialogNameMaxLength")),
+        siteId: z.number().int().positive(t("createInternalResourceDialogPleaseSelectSite")),
+        protocol: z.enum(["tcp", "udp"]),
+        proxyPort: z
+            .number()
+            .int()
+            .positive()
+            .min(1, t("createInternalResourceDialogProxyPortMin"))
+            .max(65535, t("createInternalResourceDialogProxyPortMax")),
+        destinationIp: z.string(),
+        destinationPort: z
+            .number()
+            .int()
+            .positive()
+            .min(1, t("createInternalResourceDialogDestinationPortMin"))
+            .max(65535, t("createInternalResourceDialogDestinationPortMax"))
+    });
+    
+    type FormData = z.infer;
+
+    const availableSites = sites.filter(
+        (site) => site.type === "newt" && site.subnet
+    );
+
+    const form = useForm({
+        resolver: zodResolver(formSchema),
+        defaultValues: {
+            name: "",
+            siteId: availableSites[0]?.siteId || 0,
+            protocol: "tcp",
+            proxyPort: undefined,
+            destinationIp: "",
+            destinationPort: undefined
+        }
+    });
+
+    useEffect(() => {
+        if (open && availableSites.length > 0) {
+            form.reset({
+                name: "",
+                siteId: availableSites[0].siteId,
+                protocol: "tcp",
+                proxyPort: undefined,
+                destinationIp: "",
+                destinationPort: undefined
+            });
+        }
+    }, [open]);
+
+    const handleSubmit = async (data: FormData) => {
+        setIsSubmitting(true);
+        try {
+            await api.put(`/org/${orgId}/site/${data.siteId}/resource`, {
+                name: data.name,
+                protocol: data.protocol,
+                proxyPort: data.proxyPort,
+                destinationIp: data.destinationIp,
+                destinationPort: data.destinationPort,
+                enabled: true
+            });
+
+            toast({
+                title: t("createInternalResourceDialogSuccess"),
+                description: t("createInternalResourceDialogInternalResourceCreatedSuccessfully"),
+                variant: "default"
+            });
+
+            onSuccess?.();
+            setOpen(false);
+        } catch (error) {
+            console.error("Error creating internal resource:", error);
+            toast({
+                title: t("createInternalResourceDialogError"),
+                description: formatAxiosError(
+                    error,
+                    t("createInternalResourceDialogFailedToCreateInternalResource")
+                ),
+                variant: "destructive"
+            });
+        } finally {
+            setIsSubmitting(false);
+        }
+    };
+
+    if (availableSites.length === 0) {
+        return (
+            
+                
+                    
+                        {t("createInternalResourceDialogNoSitesAvailable")}
+                        
+                            {t("createInternalResourceDialogNoSitesAvailableDescription")}
+                        
+                    
+                    
+                        
+                    
+                
+            
+        );
+    }
+
+    return (
+        
+            
+                
+                    {t("createInternalResourceDialogCreateClientResource")}
+                    
+                        {t("createInternalResourceDialogCreateClientResourceDescription")}
+                    
+                
+                
+                    
+                        
+                            {/* Resource Properties Form */}
+                            

+                                

+                                    {t("createInternalResourceDialogResourceProperties")}
+                                

+                                

+                                     (
+                                            
+                                                {t("createInternalResourceDialogName")}
+                                                
+                                                    
+                                                
+                                                
+                                            
+                                        )}
+                                    />
+
+                                    

+                                         (
+                                                
+                                                    {t("createInternalResourceDialogSite")}
+                                                    
+                                                        
+                                                            
+                                                                
+                                                            
+                                                        
+                                                        
+                                                            
+                                                                
+                                                                
+                                                                    {t("createInternalResourceDialogNoSitesFound")}
+                                                                    
+                                                                        {availableSites.map((site) => (
+                                                                             {
+                                                                                    field.onChange(site.siteId);
+                                                                                }}
+                                                                            >
+                                                                                
+                                                                                {site.name}
+                                                                            
+                                                                        ))}
+                                                                    
+                                                                
+                                                            
+                                                        
+                                                    
+                                                    
+                                                
+                                            )}
+                                        />
+
+                                         (
+                                                
+                                                    
+                                                        {t("createInternalResourceDialogProtocol")}
+                                                    
+                                                    
+                                                    
+                                                
+                                            )}
+                                        />
+                                    

+
+                                     (
+                                            
+                                                {t("createInternalResourceDialogSitePort")}
+                                                
+                                                    
+                                                            field.onChange(
+                                                                e.target.value === "" ? undefined : parseInt(e.target.value)
+                                                            )
+                                                        }
+                                                    />
+                                                
+                                                
+                                                    {t("createInternalResourceDialogSitePortDescription")}
+                                                
+                                                
+                                            
+                                        )}
+                                    />
+                                

+                            

+
+                            {/* Target Configuration Form */}
+                            

+                                

+                                    {t("createInternalResourceDialogTargetConfiguration")}
+                                

+                                

+                                    

+                                         (
+                                                
+                                                    
+                                                        {t("createInternalResourceDialogDestinationIP")}
+                                                    
+                                                    
+                                                        
+                                                    
+                                                    
+                                                        {t("createInternalResourceDialogDestinationIPDescription")}
+                                                    
+                                                    
+                                                
+                                            )}
+                                        />
+
+                                         (
+                                                
+                                                    
+                                                        {t("createInternalResourceDialogDestinationPort")}
+                                                    
+                                                    
+                                                        
+                                                                field.onChange(
+                                                                    e.target.value === "" ? undefined : parseInt(e.target.value)
+                                                                )
+                                                            }
+                                                        />
+                                                    
+                                                    
+                                                        {t("createInternalResourceDialogDestinationPortDescription")}
+                                                    
+                                                    
+                                                
+                                            )}
+                                        />
+                                    

+                                

+                            

+                        
+                    
+                
+                
+                    
+                    
+                
+            
+        
+    );
+}
diff --git a/src/components/DataTablePagination.tsx b/src/components/DataTablePagination.tsx
index d909b7ea..af0a0fe6 100644
--- a/src/components/DataTablePagination.tsx
+++ b/src/components/DataTablePagination.tsx
@@ -14,29 +14,42 @@ import {
     SelectTrigger,
     SelectValue
 } from "@app/components/ui/select";
+import { useTranslations } from "next-intl";
 
 interface DataTablePaginationProps {
     table: Table;
+    onPageSizeChange?: (pageSize: number) => void;
 }
 
 export function DataTablePagination({
-    table
+    table,
+    onPageSizeChange
 }: DataTablePaginationProps) {
+    const t = useTranslations();
+
+    const handlePageSizeChange = (value: string) => {
+        const newPageSize = Number(value);
+        table.setPageSize(newPageSize);
+        
+        // Call the callback if provided (for persistence)
+        if (onPageSizeChange) {
+            onPageSizeChange(newPageSize);
+        }
+    };
+
     return (
         

             

                  (
                                             
                                                 
-                                                    Authenticator Code
+                                                    {t('otpSetupSecretCode')}
                                                 
                                                 
                                                     
@@ -168,19 +171,17 @@ export default function Disable2FaForm({ open, setOpen }: Disable2FaProps) {
                                 size={48}
                             />
                             

-                                Two-Factor Authentication Disabled
+                                {t('otpRemoveSuccess')}
                             

                             

-                                Two-factor authentication has been disabled for
-                                your account. You can enable it again at any
-                                time.
+                                {t('otpRemoveSuccessMessage')}
                             

                         

                     )}
                 
                 
                     
-                        
+                        
                     
                     {step === "password" && (
                         
                     )}
                 
diff --git a/src/components/DomainPicker.tsx b/src/components/DomainPicker.tsx
new file mode 100644
index 00000000..f00292ee
--- /dev/null
+++ b/src/components/DomainPicker.tsx
@@ -0,0 +1,774 @@
+"use client";
+
+import { useState, useEffect, useCallback } from "react";
+import { Input } from "@/components/ui/input";
+import { Label } from "@/components/ui/label";
+import { Button } from "@/components/ui/button";
+import {
+    Command,
+    CommandEmpty,
+    CommandGroup,
+    CommandInput,
+    CommandItem,
+    CommandList,
+    CommandSeparator
+} from "@/components/ui/command";
+import {
+    Popover,
+    PopoverContent,
+    PopoverTrigger
+} from "@/components/ui/popover";
+import {
+    AlertCircle,
+    CheckCircle2,
+    Building2,
+    Zap,
+    Check,
+    ChevronsUpDown,
+    ArrowUpDown
+} from "lucide-react";
+import { Alert, AlertDescription } from "@/components/ui/alert";
+import { createApiClient, formatAxiosError } from "@/lib/api";
+import { useEnvContext } from "@/hooks/useEnvContext";
+import { toast } from "@/hooks/useToast";
+import { ListDomainsResponse } from "@server/routers/domain/listDomains";
+import { AxiosResponse } from "axios";
+import { cn } from "@/lib/cn";
+import { useTranslations } from "next-intl";
+import { build } from "@server/build";
+import { RadioGroup, RadioGroupItem } from "@/components/ui/radio-group";
+import {
+    sanitizeInputRaw,
+    finalizeSubdomainSanitize,
+    validateByDomainType,
+    isValidSubdomainStructure
+} from "@/lib/subdomain-utils";
+import { toUnicode } from "punycode";
+
+type OrganizationDomain = {
+    domainId: string;
+    baseDomain: string;
+    verified: boolean;
+    type: "ns" | "cname" | "wildcard";
+};
+
+type AvailableOption = {
+    domainNamespaceId: string;
+    fullDomain: string;
+    domainId: string;
+};
+
+type DomainOption = {
+    id: string;
+    domain: string;
+    type: "organization" | "provided" | "provided-search";
+    verified?: boolean;
+    domainType?: "ns" | "cname" | "wildcard";
+    domainId?: string;
+    domainNamespaceId?: string;
+};
+
+interface DomainPicker2Props {
+    orgId: string;
+    onDomainChange?: (domainInfo: {
+        domainId: string;
+        domainNamespaceId?: string;
+        type: "organization" | "provided";
+        subdomain?: string;
+        fullDomain: string;
+        baseDomain: string;
+    }) => void;
+    cols?: number;
+}
+
+export default function DomainPicker2({
+    orgId,
+    onDomainChange,
+    cols = 2
+}: DomainPicker2Props) {
+    const { env } = useEnvContext();
+    const api = createApiClient({ env });
+    const t = useTranslations();
+
+    const [subdomainInput, setSubdomainInput] = useState("");
+    const [selectedBaseDomain, setSelectedBaseDomain] =
+        useState(null);
+    const [availableOptions, setAvailableOptions] = useState(
+        []
+    );
+    const [organizationDomains, setOrganizationDomains] = useState<
+        OrganizationDomain[]
+    >([]);
+    const [loadingDomains, setLoadingDomains] = useState(false);
+    const [open, setOpen] = useState(false);
+
+    // Provided domain search states
+    const [userInput, setUserInput] = useState("");
+    const [isChecking, setIsChecking] = useState(false);
+    const [sortOrder, setSortOrder] = useState<"asc" | "desc">("asc");
+    const [providedDomainsShown, setProvidedDomainsShown] = useState(3);
+    const [selectedProvidedDomain, setSelectedProvidedDomain] =
+        useState(null);
+
+    useEffect(() => {
+        const loadOrganizationDomains = async () => {
+            setLoadingDomains(true);
+            try {
+                const response = await api.get<
+                    AxiosResponse
+                >(`/org/${orgId}/domains`);
+                if (response.status === 200) {
+                    const domains = response.data.data.domains
+                        .filter(
+                            (domain) =>
+                                domain.type === "ns" ||
+                                domain.type === "cname" ||
+                                domain.type === "wildcard"
+                        )
+                        .map((domain) => ({
+                            ...domain,
+                            baseDomain: toUnicode(domain.baseDomain),
+                            type: domain.type as "ns" | "cname" | "wildcard"
+                        }));
+                    setOrganizationDomains(domains);
+
+                    // Auto-select first available domain
+                    if (domains.length > 0) {
+                        // Select the first organization domain
+                        const firstOrgDomain = domains[0];
+                        const domainOption: DomainOption = {
+                            id: `org-${firstOrgDomain.domainId}`,
+                            domain: firstOrgDomain.baseDomain,
+                            type: "organization",
+                            verified: firstOrgDomain.verified,
+                            domainType: firstOrgDomain.type,
+                            domainId: firstOrgDomain.domainId
+                        };
+                        setSelectedBaseDomain(domainOption);
+
+                        onDomainChange?.({
+                            domainId: firstOrgDomain.domainId,
+                            type: "organization",
+                            subdomain: undefined,
+                            fullDomain: firstOrgDomain.baseDomain,
+                            baseDomain: firstOrgDomain.baseDomain
+                        });
+                    } else if (build === "saas" || build === "enterprise") {
+                        // If no organization domains, select the provided domain option
+                        const domainOptionText =
+                            build === "enterprise"
+                                ? "Provided Domain"
+                                : "Free Provided Domain";
+                        const freeDomainOption: DomainOption = {
+                            id: "provided-search",
+                            domain: domainOptionText,
+                            type: "provided-search"
+                        };
+                        setSelectedBaseDomain(freeDomainOption);
+                    }
+                }
+            } catch (error) {
+                console.error("Failed to load organization domains:", error);
+                toast({
+                    variant: "destructive",
+                    title: "Error",
+                    description: "Failed to load organization domains"
+                });
+            } finally {
+                setLoadingDomains(false);
+            }
+        };
+
+        loadOrganizationDomains();
+    }, [orgId, api]);
+
+    const checkAvailability = useCallback(
+        async (input: string) => {
+            if (!input.trim()) {
+                setAvailableOptions([]);
+                setIsChecking(false);
+                return;
+            }
+
+            setIsChecking(true);
+            try {
+                const checkSubdomain = input
+                    .toLowerCase()
+                    .replace(/\./g, "-")
+                    .replace(/[^a-z0-9-]/g, "")
+                    .replace(/-+/g, "-");
+            } catch (error) {
+                console.error("Failed to check domain availability:", error);
+                setAvailableOptions([]);
+                toast({
+                    variant: "destructive",
+                    title: "Error",
+                    description: "Failed to check domain availability"
+                });
+            } finally {
+                setIsChecking(false);
+            }
+        },
+        [api]
+    );
+
+    const debouncedCheckAvailability = useCallback(
+        debounce(checkAvailability, 500),
+        [checkAvailability]
+    );
+
+    useEffect(() => {
+        if (selectedBaseDomain?.type === "provided-search") {
+            setProvidedDomainsShown(3);
+            setSelectedProvidedDomain(null);
+
+            if (userInput.trim()) {
+                setIsChecking(true);
+                debouncedCheckAvailability(userInput);
+            } else {
+                setAvailableOptions([]);
+                setIsChecking(false);
+            }
+        }
+    }, [userInput, debouncedCheckAvailability, selectedBaseDomain]);
+
+    const generateDropdownOptions = (): DomainOption[] => {
+        const options: DomainOption[] = [];
+
+        organizationDomains.forEach((orgDomain) => {
+            options.push({
+                id: `org-${orgDomain.domainId}`,
+                domain: orgDomain.baseDomain,
+                type: "organization",
+                verified: orgDomain.verified,
+                domainType: orgDomain.type,
+                domainId: orgDomain.domainId
+            });
+        });
+
+        if (build === "saas" || build === "enterprise") {
+            const domainOptionText =
+                build === "enterprise"
+                    ? "Provided Domain"
+                    : "Free Provided Domain";
+            options.push({
+                id: "provided-search",
+                domain: domainOptionText,
+                type: "provided-search"
+            });
+        }
+
+        return options;
+    };
+
+    const dropdownOptions = generateDropdownOptions();
+
+    const finalizeSubdomain = (sub: string, base: DomainOption): string => {
+        const sanitized = finalizeSubdomainSanitize(sub);
+
+        if (!sanitized) {
+            toast({
+                variant: "destructive",
+                title: "Invalid subdomain",
+                description: `The input "${sub}" was removed because it's not valid.`,
+            });
+            return "";
+        }
+
+        const ok = validateByDomainType(sanitized, {
+            type: base.type === "provided-search" ? "provided-search" : "organization",
+            domainType: base.domainType
+        });
+
+        if (!ok) {
+            toast({
+                variant: "destructive",
+                title: "Invalid subdomain",
+                description: `"${sub}" could not be made valid for ${base.domain}.`,
+            });
+            return "";
+        }
+
+        if (sub !== sanitized) {
+            toast({
+                title: "Subdomain sanitized",
+                description: `"${sub}" was corrected to "${sanitized}"`,
+            });
+        }
+
+        return sanitized;
+    };
+
+    const handleSubdomainChange = (value: string) => {
+        const raw = sanitizeInputRaw(value);
+        setSubdomainInput(raw);
+        setSelectedProvidedDomain(null);
+
+        if (selectedBaseDomain?.type === "organization") {
+            const fullDomain = raw
+                ? `${raw}.${selectedBaseDomain.domain}`
+                : selectedBaseDomain.domain;
+
+            onDomainChange?.({
+                domainId: selectedBaseDomain.domainId!,
+                type: "organization",
+                subdomain: raw || undefined,
+                fullDomain,
+                baseDomain: selectedBaseDomain.domain
+            });
+        }
+    };
+
+    const handleProvidedDomainInputChange = (value: string) => {
+        setUserInput(value);
+        if (selectedProvidedDomain) {
+            setSelectedProvidedDomain(null);
+            onDomainChange?.({
+                domainId: "",
+                type: "provided",
+                subdomain: undefined,
+                fullDomain: "",
+                baseDomain: ""
+            });
+        }
+    };
+
+    const handleBaseDomainSelect = (option: DomainOption) => {
+        let sub = subdomainInput;
+
+        if (sub && sub.trim() !== "") {
+            sub = finalizeSubdomain(sub, option) || "";
+            setSubdomainInput(sub);
+        } else {
+            sub = "";
+            setSubdomainInput("");
+        }
+
+        if (option.type === "provided-search") {
+            setUserInput("");
+            setAvailableOptions([]);
+            setSelectedProvidedDomain(null);
+        }
+
+        setSelectedBaseDomain(option);
+        setOpen(false);
+
+        if (option.domainType === "cname") {
+            sub = "";
+            setSubdomainInput("");
+        }
+
+        const fullDomain = sub ? `${sub}.${option.domain}` : option.domain;
+
+        onDomainChange?.({
+            domainId: option.domainId || "",
+            domainNamespaceId: option.domainNamespaceId,
+            type: option.type === "provided-search" ? "provided" : "organization",
+            subdomain: sub || undefined,
+            fullDomain,
+            baseDomain: option.domain
+        });
+    };
+
+    const handleProvidedDomainSelect = (option: AvailableOption) => {
+        setSelectedProvidedDomain(option);
+
+        const parts = option.fullDomain.split(".");
+        const subdomain = parts[0];
+        const baseDomain = parts.slice(1).join(".");
+
+        onDomainChange?.({
+            domainId: option.domainId,
+            domainNamespaceId: option.domainNamespaceId,
+            type: "provided",
+            subdomain,
+            fullDomain: option.fullDomain,
+            baseDomain
+        });
+    };
+
+    const isSubdomainValid = selectedBaseDomain && subdomainInput
+        ? validateByDomainType(subdomainInput, {
+            type: selectedBaseDomain.type === "provided-search" ? "provided-search" : "organization",
+            domainType: selectedBaseDomain.domainType
+        })
+        : true;
+
+    const showSubdomainInput =
+        selectedBaseDomain &&
+        selectedBaseDomain.type === "organization" &&
+        selectedBaseDomain.domainType !== "cname";
+    const showProvidedDomainSearch =
+        selectedBaseDomain?.type === "provided-search";
+
+    const sortedAvailableOptions = [...availableOptions].sort((a, b) => {
+        const comparison = a.fullDomain.localeCompare(b.fullDomain);
+        return sortOrder === "asc" ? comparison : -comparison;
+    });
+
+    const displayedProvidedOptions = sortedAvailableOptions.slice(
+        0,
+        providedDomainsShown
+    );
+    const hasMoreProvided =
+        sortedAvailableOptions.length > providedDomainsShown;
+
+
+    return (
+        

+            

+                

+                    
+                     {
+                            if (showProvidedDomainSearch) {
+                                handleProvidedDomainInputChange(e.target.value);
+                            } else {
+                                handleSubdomainChange(e.target.value);
+                            }
+                        }}
+                    />
+                    {showSubdomainInput && subdomainInput && !isValidSubdomainStructure(subdomainInput) && (
+                        

+                            This subdomain contains invalid characters or structure. It will be sanitized automatically when you save.
+                        

+                    )}
+                    {showSubdomainInput && !subdomainInput && (
+                        

+                            {t("domainPickerEnterSubdomainOrLeaveBlank")}
+                        

+                    )}
+                    {showProvidedDomainSearch && !userInput && (
+                        

+                            {t("domainPickerEnterSubdomainToSearch")}
+                        

+                    )}
+                

+
+                

+                    
+                    
+                        
+                            
+                        
+                        
+                            
+                                
+                                
+                                    

+                                        {t("domainPickerNoDomainsFound")}
+                                    

+                                
+
+                                {organizationDomains.length > 0 && (
+                                    <>
+                                        
+                                            
+                                                {organizationDomains.map(
+                                                    (orgDomain) => (
+                                                        
+                                                                handleBaseDomainSelect(
+                                                                    {
+                                                                        id: `org-${orgDomain.domainId}`,
+                                                                        domain: orgDomain.baseDomain,
+                                                                        type: "organization",
+                                                                        verified:
+                                                                            orgDomain.verified,
+                                                                        domainType:
+                                                                            orgDomain.type,
+                                                                        domainId:
+                                                                            orgDomain.domainId
+                                                                    }
+                                                                )
+                                                            }
+                                                            className="mx-2 rounded-md"
+                                                            disabled={
+                                                                !orgDomain.verified
+                                                            }
+                                                        >
+                                                            

+                                                                
+                                                            

+                                                            

+                                                                
+                                                                    {
+                                                                        orgDomain.baseDomain
+                                                                    }
+                                                                
+                                                                
+                                                                    {orgDomain.type.toUpperCase()}{" "}
+                                                                    •{" "}
+                                                                    {orgDomain.verified
+                                                                        ? "Verified"
+                                                                        : "Unverified"}
+                                                                
+                                                            

+                                                            
+                                                        
+                                                    )
+                                                )}
+                                            
+                                        
+                                        {(build === "saas" ||
+                                            build === "enterprise") && (
+                                                
+                                            )}
+                                    
+                                )}
+
+                                {(build === "saas" ||
+                                    build === "enterprise") && (
+                                        
+                                            
+                                                
+                                                        handleBaseDomainSelect({
+                                                            id: "provided-search",
+                                                            domain:
+                                                                build ===
+                                                                    "enterprise"
+                                                                    ? "Provided Domain"
+                                                                    : "Free Provided Domain",
+                                                            type: "provided-search"
+                                                        })
+                                                    }
+                                                    className="mx-2 rounded-md"
+                                                >
+                                                    

+                                                        
+                                                    

+                                                    

+                                                        
+                                                            {build === "enterprise"
+                                                                ? "Provided Domain"
+                                                                : "Free Provided Domain"}
+                                                        
+                                                        
+                                                            {t(
+                                                                "domainPickerSearchForAvailableDomains"
+                                                            )}
+                                                        
+                                                    

+                                                    
+                                                
+                                            
+                                        
+                                    )}
+                            
+                        
+                    
+                

+            

+
+            {showProvidedDomainSearch && (
+                

+                    {isChecking && (
+                        

+                            

+                                

+                                
+                                    {t("domainPickerCheckingAvailability")}
+                                
+                            

+                        

+                    )}
+
+                    {!isChecking &&
+                        sortedAvailableOptions.length === 0 &&
+                        userInput.trim() && (
+                            
+                                
+                                
+                                    {t("domainPickerNoMatchingDomains")}
+                                
+                            
+                        )}
+
+                    {!isChecking && sortedAvailableOptions.length > 0 && (
+                        

+                             {
+                                    const option =
+                                        displayedProvidedOptions.find(
+                                            (opt) =>
+                                                opt.domainNamespaceId === value
+                                        );
+                                    if (option) {
+                                        handleProvidedDomainSelect(option);
+                                    }
+                                }}
+                                className={`grid gap-2 grid-cols-1 sm:grid-cols-${cols}`}
+                            >
+                                {displayedProvidedOptions.map((option) => (
+                                    
+                                ))}
+                            
+                            {hasMoreProvided && (
+                                
+                            )}
+                        

+                    )}
+                

+            )}
+
+            {loadingDomains && (
+                

+                    

+                        

+                        {t("domainPickerLoadingDomains")}
+                    

+                

+            )}
+        

+    );
+}
+
+function debounce any>(
+    func: T,
+    wait: number
+): (...args: Parameters) => void {
+    let timeout: NodeJS.Timeout | null = null;
+
+    return (...args: Parameters) => {
+        if (timeout) clearTimeout(timeout);
+
+        timeout = setTimeout(() => {
+            func(...args);
+        }, wait);
+    };
+}
\ No newline at end of file
diff --git a/src/components/EditInternalResourceDialog.tsx b/src/components/EditInternalResourceDialog.tsx
new file mode 100644
index 00000000..adfed1b7
--- /dev/null
+++ b/src/components/EditInternalResourceDialog.tsx
@@ -0,0 +1,276 @@
+"use client";
+
+import { useEffect, useState } from "react";
+import { Button } from "@app/components/ui/button";
+import { Input } from "@app/components/ui/input";
+import {
+    Select,
+    SelectContent,
+    SelectItem,
+    SelectTrigger,
+    SelectValue
+} from "@app/components/ui/select";
+import { useForm } from "react-hook-form";
+import { zodResolver } from "@hookform/resolvers/zod";
+import { z } from "zod";
+import {
+    Form,
+    FormControl,
+    FormDescription,
+    FormField,
+    FormItem,
+    FormLabel,
+    FormMessage
+} from "@app/components/ui/form";
+import {
+    Credenza,
+    CredenzaBody,
+    CredenzaClose,
+    CredenzaContent,
+    CredenzaDescription,
+    CredenzaFooter,
+    CredenzaHeader,
+    CredenzaTitle
+} from "@app/components/Credenza";
+import { toast } from "@app/hooks/useToast";
+import { useTranslations } from "next-intl";
+import { createApiClient, formatAxiosError } from "@app/lib/api";
+import { useEnvContext } from "@app/hooks/useEnvContext";
+import { Separator } from "@app/components/ui/separator";
+
+type InternalResourceData = {
+    id: number;
+    name: string;
+    orgId: string;
+    siteName: string;
+    protocol: string;
+    proxyPort: number | null;
+    siteId: number;
+    destinationIp?: string;
+    destinationPort?: number;
+};
+
+type EditInternalResourceDialogProps = {
+    open: boolean;
+    setOpen: (val: boolean) => void;
+    resource: InternalResourceData;
+    orgId: string;
+    onSuccess?: () => void;
+};
+
+export default function EditInternalResourceDialog({
+    open,
+    setOpen,
+    resource,
+    orgId,
+    onSuccess
+}: EditInternalResourceDialogProps) {
+    const t = useTranslations();
+    const api = createApiClient(useEnvContext());
+    const [isSubmitting, setIsSubmitting] = useState(false);
+
+    const formSchema = z.object({
+        name: z.string().min(1, t("editInternalResourceDialogNameRequired")).max(255, t("editInternalResourceDialogNameMaxLength")),
+        protocol: z.enum(["tcp", "udp"]),
+        proxyPort: z.number().int().positive().min(1, t("editInternalResourceDialogProxyPortMin")).max(65535, t("editInternalResourceDialogProxyPortMax")),
+        destinationIp: z.string(),
+        destinationPort: z.number().int().positive().min(1, t("editInternalResourceDialogDestinationPortMin")).max(65535, t("editInternalResourceDialogDestinationPortMax"))
+    });
+
+    type FormData = z.infer;
+
+    const form = useForm({
+        resolver: zodResolver(formSchema),
+        defaultValues: {
+            name: resource.name,
+            protocol: resource.protocol as "tcp" | "udp",
+            proxyPort: resource.proxyPort || undefined,
+            destinationIp: resource.destinationIp || "",
+            destinationPort: resource.destinationPort || undefined
+        }
+    });
+
+    useEffect(() => {
+        if (open) {
+            form.reset({
+                name: resource.name,
+                protocol: resource.protocol as "tcp" | "udp",
+                proxyPort: resource.proxyPort || undefined,
+                destinationIp: resource.destinationIp || "",
+                destinationPort: resource.destinationPort || undefined
+            });
+        }
+    }, [open, resource, form]);
+
+    const handleSubmit = async (data: FormData) => {
+        setIsSubmitting(true);
+        try {
+            // Update the site resource
+            await api.post(`/org/${orgId}/site/${resource.siteId}/resource/${resource.id}`, {
+                name: data.name,
+                protocol: data.protocol,
+                proxyPort: data.proxyPort,
+                destinationIp: data.destinationIp,
+                destinationPort: data.destinationPort
+            });
+
+            toast({
+                title: t("editInternalResourceDialogSuccess"),
+                description: t("editInternalResourceDialogInternalResourceUpdatedSuccessfully"),
+                variant: "default"
+            });
+
+            onSuccess?.();
+            setOpen(false);
+        } catch (error) {
+            console.error("Error updating internal resource:", error);
+            toast({
+                title: t("editInternalResourceDialogError"),
+                description: formatAxiosError(error, t("editInternalResourceDialogFailedToUpdateInternalResource")),
+                variant: "destructive"
+            });
+        } finally {
+            setIsSubmitting(false);
+        }
+    };
+
+    return (
+        
+            
+                
+                    {t("editInternalResourceDialogEditClientResource")}
+                    
+                        {t("editInternalResourceDialogUpdateResourceProperties", { resourceName: resource.name })}
+                    
+                
+                
+                    

+                        
+                            {/* Resource Properties Form */}
+                            

+                                
{t("editInternalResourceDialogResourceProperties")}

+                                

+                                     (
+                                            
+                                                {t("editInternalResourceDialogName")}
+                                                
+                                                    
+                                                
+                                                
+                                            
+                                        )}
+                                    />
+
+                                    

+                                         (
+                                                
+                                                    {t("editInternalResourceDialogProtocol")}
+                                                    
+                                                    
+                                                
+                                            )}
+                                        />
+
+                                         (
+                                                
+                                                    {t("editInternalResourceDialogSitePort")}
+                                                    
+                                                         field.onChange(parseInt(e.target.value) || 0)}
+                                                        />
+                                                    
+                                                    
+                                                
+                                            )}
+                                        />
+                                    

+                                

+                            

+
+                            {/* Target Configuration Form */}
+                            

+                                
{t("editInternalResourceDialogTargetConfiguration")}

+                                

+                                    

+                                         (
+                                                
+                                                    {t("editInternalResourceDialogDestinationIP")}
+                                                    
+                                                        
+                                                    
+                                                    
+                                                
+                                            )}
+                                        />
+
+                                         (
+                                                
+                                                    {t("editInternalResourceDialogDestinationPort")}
+                                                    
+                                                         field.onChange(parseInt(e.target.value) || 0)}
+                                                        />
+                                                    
+                                                    
+                                                
+                                            )}
+                                        />
+                                    

+                                

+                            

+                        

+                    
+                
+                
+                    
+                    
+                
+            
+        
+    );
+}
diff --git a/src/components/Enable2FaDialog.tsx b/src/components/Enable2FaDialog.tsx
new file mode 100644
index 00000000..0fca0085
--- /dev/null
+++ b/src/components/Enable2FaDialog.tsx
@@ -0,0 +1,89 @@
+"use client";
+
+import { useState, useRef } from "react";
+import { Button } from "@/components/ui/button";
+import {
+    Credenza,
+    CredenzaBody,
+    CredenzaClose,
+    CredenzaContent,
+    CredenzaDescription,
+    CredenzaFooter,
+    CredenzaHeader,
+    CredenzaTitle
+} from "@app/components/Credenza";
+import TwoFactorSetupForm from "./TwoFactorSetupForm";
+import { useTranslations } from "next-intl";
+import { useUserContext } from "@app/hooks/useUserContext";
+
+type Enable2FaDialogProps = {
+    open: boolean;
+    setOpen: (val: boolean) => void;
+};
+
+export default function Enable2FaDialog({ open, setOpen }: Enable2FaDialogProps) {
+    const t = useTranslations();
+    const [currentStep, setCurrentStep] = useState(1);
+    const [loading, setLoading] = useState(false);
+    const formRef = useRef<{ handleSubmit: () => void }>(null);
+    const { user, updateUser } = useUserContext();
+
+    function reset() {
+        setCurrentStep(1);
+        setLoading(false);
+    }
+
+    const handleSubmit = () => {
+        if (formRef.current) {
+            formRef.current.handleSubmit();
+        }
+    };
+
+    return (
+         {
+                setOpen(val);
+                reset();
+            }}
+        >
+            
+                
+                    
+                        {t('otpSetup')}
+                    
+                    
+                        {t('otpSetupDescription')}
+                    
+                
+                
+                     {setOpen(false); updateUser({ twoFactorEnabled: true });}}
+                        onStepChange={setCurrentStep}
+                        onLoadingChange={setLoading}
+                    />
+                
+                
+                    
+                        
+                    
+                    {(currentStep === 1 || currentStep === 2) && (
+                        
+                    )}
+                
+            
+        
+    );
+} 
\ No newline at end of file
diff --git a/src/components/Enable2FaForm.tsx b/src/components/Enable2FaForm.tsx
index dcc10d58..acc00400 100644
--- a/src/components/Enable2FaForm.tsx
+++ b/src/components/Enable2FaForm.tsx
@@ -1,53 +1,7 @@
 "use client";
 
-import { useState } from "react";
-import { Button } from "@/components/ui/button";
-import { Input } from "@/components/ui/input";
-import { Label } from "@/components/ui/label";
-import { AlertCircle, CheckCircle2 } from "lucide-react";
-import { createApiClient } from "@app/lib/api";
-import { useEnvContext } from "@app/hooks/useEnvContext";
-import { AxiosResponse } from "axios";
-import {
-    RequestTotpSecretBody,
-    RequestTotpSecretResponse,
-    VerifyTotpBody,
-    VerifyTotpResponse
-} from "@server/routers/auth";
-import { z } from "zod";
-import { useForm } from "react-hook-form";
-import { zodResolver } from "@hookform/resolvers/zod";
-import {
-    Form,
-    FormControl,
-    FormField,
-    FormItem,
-    FormLabel,
-    FormMessage
-} from "@app/components/ui/form";
-import {
-    Credenza,
-    CredenzaBody,
-    CredenzaClose,
-    CredenzaContent,
-    CredenzaDescription,
-    CredenzaFooter,
-    CredenzaHeader,
-    CredenzaTitle
-} from "@app/components/Credenza";
-import { toast } from "@app/hooks/useToast";
-import { formatAxiosError } from "@app/lib/api";
-import CopyTextBox from "@app/components/CopyTextBox";
-import { QRCodeCanvas, QRCodeSVG } from "qrcode.react";
 import { useUserContext } from "@app/hooks/useUserContext";
-
-const enableSchema = z.object({
-    password: z.string().min(1, { message: "Password is required" })
-});
-
-const confirmSchema = z.object({
-    code: z.string().length(6, { message: "Invalid code" })
-});
+import Enable2FaDialog from "./Enable2FaDialog";
 
 type Enable2FaProps = {
     open: boolean;
@@ -55,254 +9,5 @@ type Enable2FaProps = {
 };
 
 export default function Enable2FaForm({ open, setOpen }: Enable2FaProps) {
-    const [step, setStep] = useState(1);
-    const [secretKey, setSecretKey] = useState("");
-    const [secretUri, setSecretUri] = useState("");
-    const [verificationCode, setVerificationCode] = useState("");
-    const [error, setError] = useState("");
-    const [success, setSuccess] = useState(false);
-    const [loading, setLoading] = useState(false);
-    const [backupCodes, setBackupCodes] = useState([]);
-
-    const { user, updateUser } = useUserContext();
-
-    const api = createApiClient(useEnvContext());
-
-    const enableForm = useForm>({
-        resolver: zodResolver(enableSchema),
-        defaultValues: {
-            password: ""
-        }
-    });
-
-    const confirmForm = useForm>({
-        resolver: zodResolver(confirmSchema),
-        defaultValues: {
-            code: ""
-        }
-    });
-
-    const request2fa = async (values: z.infer) => {
-        setLoading(true);
-
-        const res = await api
-            .post>(
-                `/auth/2fa/request`,
-                {
-                    password: values.password
-                } as RequestTotpSecretBody
-            )
-            .catch((e) => {
-                toast({
-                    title: "Unable to enable 2FA",
-                    description: formatAxiosError(
-                        e,
-                        "An error occurred while enabling 2FA"
-                    ),
-                    variant: "destructive"
-                });
-            });
-
-        if (res && res.data.data.secret) {
-            setSecretKey(res.data.data.secret);
-            setSecretUri(res.data.data.uri);
-            setStep(2);
-        }
-
-        setLoading(false);
-    };
-
-    const confirm2fa = async (values: z.infer) => {
-        setLoading(true);
-
-        const res = await api
-            .post>(`/auth/2fa/enable`, {
-                code: values.code
-            } as VerifyTotpBody)
-            .catch((e) => {
-                toast({
-                    title: "Unable to enable 2FA",
-                    description: formatAxiosError(
-                        e,
-                        "An error occurred while enabling 2FA"
-                    ),
-                    variant: "destructive"
-                });
-            });
-
-        if (res && res.data.data.valid) {
-            setBackupCodes(res.data.data.backupCodes || []);
-            updateUser({ twoFactorEnabled: true });
-            setStep(3);
-        }
-
-        setLoading(false);
-    };
-
-    const handleVerify = () => {
-        if (verificationCode.length !== 6) {
-            setError("Please enter a 6-digit code");
-            return;
-        }
-        if (verificationCode === "123456") {
-            setSuccess(true);
-            setStep(3);
-        } else {
-            setError("Invalid code. Please try again.");
-        }
-    };
-
-    function reset() {
-        setLoading(false);
-        setStep(1);
-        setSecretKey("");
-        setSecretUri("");
-        setVerificationCode("");
-        setError("");
-        setSuccess(false);
-        setBackupCodes([]);
-        enableForm.reset();
-        confirmForm.reset();
-    }
-
-    return (
-         {
-                setOpen(val);
-                reset();
-            }}
-        >
-            
-                
-                    
-                        Enable Two-factor Authentication
-                    
-                    
-                        Secure your account with an extra layer of protection
-                    
-                
-                
-                    {step === 1 && (
-                        

-                            
-                                

-                                     (
-                                            
-                                                Password
-                                                
-                                                    
-                                                
-                                                
-                                            
-                                        )}
-                                    />
-                                

-                            

-                        
-                    )}
-
-                    {step === 2 && (
-                        

-                            

-                                Scan this QR code with your authenticator app or
-                                enter the secret key manually:
-                            

-                            

-                                
-                            

-                            

-                                
-                            

-
-                            

-                                
-                                    

-                                         (
-                                                
-                                                    
-                                                        Authenticator Code
-                                                    
-                                                    
-                                                        
-                                                    
-                                                    
-                                                
-                                            )}
-                                        />
-                                    

-                                

-                            
-                        

-                    )}
-
-                    {step === 3 && (
-                        

-                            
-                            

-                                Two-Factor Authentication Enabled
-                            

-                            

-                                Your account is now more secure. Don't forget to
-                                save your backup codes.
-                            

-
-                            

-                                
-                            

-                        

-                    )}
-                
-                
-                    
-                        
-                    
-                    {(step === 1 || step === 2) && (
-                        
-                    )}
-                
-            
-        
-    );
+    return ;
 }
diff --git a/src/components/HorizontalTabs.tsx b/src/components/HorizontalTabs.tsx
index 5d17fe33..8f22849b 100644
--- a/src/components/HorizontalTabs.tsx
+++ b/src/components/HorizontalTabs.tsx
@@ -4,6 +4,7 @@ import React from "react";
 import Link from "next/link";
 import { useParams, usePathname } from "next/navigation";
 import { cn } from "@app/lib/cn";
+import { useTranslations } from "next-intl";
 
 export type HorizontalTabs = Array<{
     title: string;
@@ -24,6 +25,7 @@ export function HorizontalTabs({
 }: HorizontalTabsProps) {
     const pathname = usePathname();
     const params = useParams();
+    const t = useTranslations();
 
     function hydrateHref(href: string) {
         return href
@@ -31,6 +33,7 @@ export function HorizontalTabs({
             .replace("{resourceId}", params.resourceId as string)
             .replace("{niceId}", params.niceId as string)
             .replace("{userId}", params.userId as string)
+            .replace("{clientId}", params.clientId as string)
             .replace("{apiKeyId}", params.apiKeyId as string);
     }
 
diff --git a/src/components/Layout.tsx b/src/components/Layout.tsx
index ee92dc82..7d99a773 100644
--- a/src/components/Layout.tsx
+++ b/src/components/Layout.tsx
@@ -1,236 +1,82 @@
-"use client";
-
-import React, { useState } from "react";
-import { SidebarNav } from "@app/components/SidebarNav";
-import { OrgSelector } from "@app/components/OrgSelector";
+import React from "react";
 import { cn } from "@app/lib/cn";
 import { ListUserOrgsResponse } from "@server/routers/org";
-import { Button } from "@app/components/ui/button";
-import { ExternalLink, Menu, X, Server } from "lucide-react";
-import Image from "next/image";
-import ProfileIcon from "@app/components/ProfileIcon";
-import {
-    Sheet,
-    SheetContent,
-    SheetTrigger,
-    SheetTitle,
-    SheetDescription
-} from "@app/components/ui/sheet";
-import { useEnvContext } from "@app/hooks/useEnvContext";
-import { Breadcrumbs } from "@app/components/Breadcrumbs";
-import Link from "next/link";
-import { usePathname } from "next/navigation";
-import { useUserContext } from "@app/hooks/useUserContext";
+import type { SidebarNavSection } from "@app/app/navigation";
+import { LayoutSidebar } from "@app/components/LayoutSidebar";
+import { LayoutHeader } from "@app/components/LayoutHeader";
+import { LayoutMobileMenu } from "@app/components/LayoutMobileMenu";
+import { cookies } from "next/headers";
 
 interface LayoutProps {
     children: React.ReactNode;
     orgId?: string;
     orgs?: ListUserOrgsResponse["orgs"];
-    navItems?: Array<{
-        title: string;
-        href: string;
-        icon?: React.ReactNode;
-        children?: Array<{
-            title: string;
-            href: string;
-            icon?: React.ReactNode;
-        }>;
-    }>;
+    navItems?: SidebarNavSection[];
     showSidebar?: boolean;
-    showBreadcrumbs?: boolean;
     showHeader?: boolean;
     showTopBar?: boolean;
+    defaultSidebarCollapsed?: boolean;
 }
 
-export function Layout({
+export async function Layout({
     children,
     orgId,
     orgs,
     navItems = [],
     showSidebar = true,
-    showBreadcrumbs = true,
     showHeader = true,
-    showTopBar = true
+    showTopBar = true,
+    defaultSidebarCollapsed = false
 }: LayoutProps) {
-    const [isMobileMenuOpen, setIsMobileMenuOpen] = useState(false);
-    const { env } = useEnvContext();
-    const pathname = usePathname();
-    const isAdminPage = pathname?.startsWith("/admin");
-    const { user } = useUserContext();
+    const allCookies = await cookies();
+    const sidebarStateCookie = allCookies.get("pangolin-sidebar-state")?.value;
+
+    const initialSidebarCollapsed =
+        sidebarStateCookie === "collapsed" ||
+        (sidebarStateCookie !== "expanded" && defaultSidebarCollapsed);
 
     return (
-        

-            {/* Full width header */}
-            {showHeader && (
-                

-                    

-                        

-                            {showSidebar && (
-                                

-                                    
-                                        
-                                            
-                                        
-                                        
-                                            
-                                                Navigation Menu
-                                            
-                                            
-                                                Main navigation menu for the
-                                                application
-                                            
-                                            

-                                                

-                                                    
-                                                            setIsMobileMenuOpen(
-                                                                false
-                                                            )
-                                                        }
-                                                    />
-                                                

-                                                {!isAdminPage &&
-                                                    user.serverAdmin && (
-                                                        

-                                                            
-                                                                    setIsMobileMenuOpen(
-                                                                        false
-                                                                    )
-                                                                }
-                                                            >
-                                                                
-                                                                Server Admin
-                                                            
-                                                        

-                                                    )}
-                                            

-                                            

-                                                
-                                                {env?.app?.version && (
-                                                    

-                                                        v{env.app.version}
-                                                    

-                                                )}
-                                            

-                                        
-                                    
-                                

-                            )}
-                            
-                                Pangolin Logo
-                            
-                            {showBreadcrumbs && (
-                                

-                                    
-                                

-                            )}
-                        

-                        {showTopBar && (
-                            

-                                

-                                    
-                                        Documentation
-                                    
-                                

-                                

-                                    
-                                

-                            

-                        )}
-                    

-                    {showBreadcrumbs && (
-                        

-                            
-                        

-                    )}
-                

+        

+            {/* Desktop Sidebar */}
+            {showSidebar && (
+                
             )}
 
-            

-                {/* Desktop Sidebar */}
-                {showSidebar && (
-                    

-                        

-                            

-                                
-                            

-                            {!isAdminPage && user.serverAdmin && (
-                                

-                                    
-                                        
-                                        Server Admin
-                                    
-                                

-                            )}
-                        

-                        

-                            
-                            

-                                

-                                    
-                                        Open Source
-                                        
-                                    
-                                

-                                {env?.app?.version && (
-                                    

-                                        v{env.app.version}
-                                    

-                                )}
-                            

-                        

-                    

+            {/* Main content area */}
+            

+                {/* Mobile header */}
+                {showHeader && (
+                    
                 )}
 
+                {/* Desktop header */}
+                {showHeader && }
+
                 {/* Main content */}
-                

-                    

-                        

-                            {children}
-                        

-                    

-                

+                

+                    

+                        {children}
+                    

+                

             

         

     );
diff --git a/src/components/LayoutHeader.tsx b/src/components/LayoutHeader.tsx
new file mode 100644
index 00000000..2584b259
--- /dev/null
+++ b/src/components/LayoutHeader.tsx
@@ -0,0 +1,72 @@
+"use client";
+
+import React, { useEffect, useState } from "react";
+import Image from "next/image";
+import Link from "next/link";
+import ProfileIcon from "@app/components/ProfileIcon";
+import ThemeSwitcher from "@app/components/ThemeSwitcher";
+import { useTheme } from "next-themes";
+
+interface LayoutHeaderProps {
+    showTopBar: boolean;
+}
+
+export function LayoutHeader({ showTopBar }: LayoutHeaderProps) {
+    const { theme } = useTheme();
+    const [path, setPath] = useState("");
+
+    useEffect(() => {
+        function getPath() {
+            let lightOrDark = theme;
+
+            if (theme === "system" || !theme) {
+                lightOrDark = window.matchMedia("(prefers-color-scheme: dark)")
+                    .matches
+                    ? "dark"
+                    : "light";
+            }
+
+            if (lightOrDark === "light") {
+                return "/logo/word_mark_black.png";
+            }
+
+            return "/logo/word_mark_white.png";
+        }
+
+        setPath(getPath());
+    }, [theme]);
+
+    return (
+        

+            

+            

+                

+                    

+                        

+                            
+                                {path && (
+                                    Pangolin
+                                )}
+                            
+                        

+
+                        {showTopBar && (
+                            

+                                
+                                
+                            

+                        )}
+                    

+                

+            

+        

+    );
+}
+
+export default LayoutHeader;
diff --git a/src/components/LayoutMobileMenu.tsx b/src/components/LayoutMobileMenu.tsx
new file mode 100644
index 00000000..59bc3ba9
--- /dev/null
+++ b/src/components/LayoutMobileMenu.tsx
@@ -0,0 +1,148 @@
+"use client";
+
+import React, { useState } from "react";
+import { SidebarNav } from "@app/components/SidebarNav";
+import { OrgSelector } from "@app/components/OrgSelector";
+import { cn } from "@app/lib/cn";
+import { ListUserOrgsResponse } from "@server/routers/org";
+import { Button } from "@app/components/ui/button";
+import { ExternalLink, Menu, Server } from "lucide-react";
+import Link from "next/link";
+import { usePathname } from "next/navigation";
+import { useUserContext } from "@app/hooks/useUserContext";
+import { useEnvContext } from "@app/hooks/useEnvContext";
+import { useTranslations } from "next-intl";
+import ProfileIcon from "@app/components/ProfileIcon";
+import ThemeSwitcher from "@app/components/ThemeSwitcher";
+import type { SidebarNavSection } from "@app/app/navigation";
+import {
+    Sheet,
+    SheetContent,
+    SheetTrigger,
+    SheetTitle,
+    SheetDescription
+} from "@app/components/ui/sheet";
+import { Abel } from "next/font/google";
+
+interface LayoutMobileMenuProps {
+    orgId?: string;
+    orgs?: ListUserOrgsResponse["orgs"];
+    navItems: SidebarNavSection[];
+    showSidebar: boolean;
+    showTopBar: boolean;
+}
+
+export function LayoutMobileMenu({
+    orgId,
+    orgs,
+    navItems,
+    showSidebar,
+    showTopBar
+}: LayoutMobileMenuProps) {
+    const [isMobileMenuOpen, setIsMobileMenuOpen] = useState(false);
+    const pathname = usePathname();
+    const isAdminPage = pathname?.startsWith("/admin");
+    const { user } = useUserContext();
+    const { env } = useEnvContext();
+    const t = useTranslations();
+
+    return (
+        

+            

+                

+                    {showSidebar && (
+                        

+                            
+                                
+                                    
+                                
+                                
+                                    
+                                        {t("navbar")}
+                                    
+                                    
+                                        {t("navbarDescription")}
+                                    
+                                    

+                                        

+                                            
+                                        

+                                        

+                                            {!isAdminPage &&
+                                                user.serverAdmin && (
+                                                    

+                                                        
+                                                                setIsMobileMenuOpen(
+                                                                    false
+                                                                )
+                                                            }
+                                                        >
+                                                            
+                                                                
+                                                            
+                                                            
+                                                                {t(
+                                                                    "serverAdmin"
+                                                                )}
+                                                            
+                                                        
+                                                    

+                                                )}
+                                            
+                                                    setIsMobileMenuOpen(false)
+                                                }
+                                            />
+                                        

+                                    

+                                    

+                                        {env?.app?.version && (
+                                            

+                                                
+                                                    v{env.app.version}
+                                                    
+                                                
+                                            

+                                        )}
+                                    

+                                
+                            
+                        

+                    )}
+                

+                {showTopBar && (
+                    

+                        

+                            
+                            
+                        

+                    

+                )}
+            

+        

+    );
+}
+
+export default LayoutMobileMenu;
diff --git a/src/components/LayoutSidebar.tsx b/src/components/LayoutSidebar.tsx
new file mode 100644
index 00000000..2ce8996b
--- /dev/null
+++ b/src/components/LayoutSidebar.tsx
@@ -0,0 +1,193 @@
+"use client";
+
+import React, { useEffect, useState } from "react";
+import { SidebarNav } from "@app/components/SidebarNav";
+import { OrgSelector } from "@app/components/OrgSelector";
+import { cn } from "@app/lib/cn";
+import { ListUserOrgsResponse } from "@server/routers/org";
+import { ExternalLink, Server, BookOpenText, Zap } from "lucide-react";
+import { FaDiscord, FaGithub } from "react-icons/fa";
+import Link from "next/link";
+import { usePathname } from "next/navigation";
+import { useUserContext } from "@app/hooks/useUserContext";
+import { useEnvContext } from "@app/hooks/useEnvContext";
+import { useTranslations } from "next-intl";
+import type { SidebarNavSection } from "@app/app/navigation";
+import {
+    Tooltip,
+    TooltipContent,
+    TooltipProvider,
+    TooltipTrigger
+} from "@app/components/ui/tooltip";
+import { build } from "@server/build";
+
+interface LayoutSidebarProps {
+    orgId?: string;
+    orgs?: ListUserOrgsResponse["orgs"];
+    navItems: SidebarNavSection[];
+    defaultSidebarCollapsed: boolean;
+}
+
+export function LayoutSidebar({
+    orgId,
+    orgs,
+    navItems,
+    defaultSidebarCollapsed
+}: LayoutSidebarProps) {
+    const [isSidebarCollapsed, setIsSidebarCollapsed] = useState(
+        defaultSidebarCollapsed
+    );
+    const pathname = usePathname();
+    const isAdminPage = pathname?.startsWith("/admin");
+    const { user } = useUserContext();
+    const { env } = useEnvContext();
+    const t = useTranslations();
+
+    const setSidebarStateCookie = (collapsed: boolean) => {
+        if (typeof window !== "undefined") {
+            const isSecure = window.location.protocol === "https:";
+            document.cookie = `pangolin-sidebar-state=${collapsed ? "collapsed" : "expanded"}; path=/; max-age=${60 * 60 * 24 * 30}; samesite=lax${isSecure ? "; secure" : ""}`;
+        }
+    };
+
+    useEffect(() => {
+        setSidebarStateCookie(isSidebarCollapsed);
+    }, [isSidebarCollapsed]);
+
+    return (
+        

+            

+                

+                    
+                

+                

+                    {!isAdminPage && user.serverAdmin && (
+                        

+                            
+                                
+                                    
+                                
+                                {!isSidebarCollapsed && (
+                                    {t("serverAdmin")}
+                                )}
+                            
+                        

+                    )}
+                    
+                

+            

+            

+                {!isSidebarCollapsed && (
+                    

+                        

+                            
+                                {t("communityEdition")}
+                                
+                            
+                        

+                        

+                            
+                                {t("documentation")}
+                                
+                            
+                        

+                        

+                            
+                                Discord
+                                
+                            
+                        

+                        {env?.app?.version && (
+                            

+                                
+                                    v{env.app.version}
+                                    
+                                
+                            

+                        )}
+                    

+                )}
+            

+
+            {/* Collapse button */}
+            
+                
+                    
+                        
+                    
+                    
+                        

+                            {isSidebarCollapsed
+                                ? t("sidebarExpand")
+                                : t("sidebarCollapse")}
+                        

+                    
+                
+            
+        

+    );
+}
+
+export default LayoutSidebar;
diff --git a/src/components/LocaleSwitcher.tsx b/src/components/LocaleSwitcher.tsx
new file mode 100644
index 00000000..ac6a3ced
--- /dev/null
+++ b/src/components/LocaleSwitcher.tsx
@@ -0,0 +1,63 @@
+import { useLocale } from "next-intl";
+import LocaleSwitcherSelect from "./LocaleSwitcherSelect";
+
+export default function LocaleSwitcher() {
+    const locale = useLocale();
+
+    return (
+        
+    );
+}
\ No newline at end of file
diff --git a/src/components/LocaleSwitcherSelect.tsx b/src/components/LocaleSwitcherSelect.tsx
new file mode 100644
index 00000000..201aeb18
--- /dev/null
+++ b/src/components/LocaleSwitcherSelect.tsx
@@ -0,0 +1,71 @@
+"use client";
+
+import {
+    DropdownMenu,
+    DropdownMenuContent,
+    DropdownMenuItem,
+    DropdownMenuTrigger
+} from "@app/components/ui/dropdown-menu";
+import { Button } from "@app/components/ui/button";
+import { Check, Globe, Languages } from "lucide-react";
+import clsx from "clsx";
+import { useTransition } from "react";
+import { Locale } from "@/i18n/config";
+import { setUserLocale } from "@/services/locale";
+
+type Props = {
+    defaultValue: string;
+    items: Array<{ value: string; label: string }>;
+    label: string;
+};
+
+export default function LocaleSwitcherSelect({
+    defaultValue,
+    items,
+    label
+}: Props) {
+    const [isPending, startTransition] = useTransition();
+
+    function onChange(value: string) {
+        const locale = value as Locale;
+        startTransition(() => {
+            setUserLocale(locale);
+        });
+    }
+
+    const selected = items.find((item) => item.value === defaultValue);
+
+    return (
+        
+            
+                
+            
+            
+                {items.map((item) => (
+                     onChange(item.value)}
+                        className="flex items-center gap-2"
+                    >
+                        {item.value === defaultValue && (
+                            
+                        )}
+                        {item.label}
+                    
+                ))}
+            
+        
+    );
+}
diff --git a/src/components/LoginForm.tsx b/src/components/LoginForm.tsx
index 4953d18c..ddd410e2 100644
--- a/src/components/LoginForm.tsx
+++ b/src/components/LoginForm.tsx
@@ -4,8 +4,8 @@ import { useState } from "react";
 import { useForm } from "react-hook-form";
 import { zodResolver } from "@hookform/resolvers/zod";
 import * as z from "zod";
-import { Button } from "@/components/ui/button";
-import { Input } from "@/components/ui/input";
+import { Button } from "@app/components/ui/button";
+import { Input } from "@app/components/ui/input";
 import {
     Form,
     FormControl,
@@ -13,20 +13,20 @@ import {
     FormItem,
     FormLabel,
     FormMessage
-} from "@/components/ui/form";
+} from "@app/components/ui/form";
 import {
     Card,
     CardContent,
     CardDescription,
     CardHeader,
     CardTitle
-} from "@/components/ui/card";
-import { Alert, AlertDescription } from "@/components/ui/alert";
+} from "@app/components/ui/card";
+import { Alert, AlertDescription } from "@app/components/ui/alert";
 import { LoginResponse } from "@server/routers/auth";
 import { useRouter } from "next/navigation";
 import { AxiosResponse } from "axios";
 import { formatAxiosError } from "@app/lib/api";
-import { LockIcon } from "lucide-react";
+import { LockIcon, FingerprintIcon } from "lucide-react";
 import { createApiClient } from "@app/lib/api";
 import { useEnvContext } from "@app/hooks/useEnvContext";
 import {
@@ -40,6 +40,8 @@ import { REGEXP_ONLY_DIGITS_AND_CHARS } from "input-otp";
 import Image from "next/image";
 import { GenerateOidcUrlResponse } from "@server/routers/idp";
 import { Separator } from "./ui/separator";
+import { useTranslations } from "next-intl";
+import { startAuthentication } from "@simplewebauthn/browser";
 
 export type LoginFormIDP = {
     idpId: number;
@@ -52,17 +54,6 @@ type LoginFormProps = {
     idps?: LoginFormIDP[];
 };
 
-const formSchema = z.object({
-    email: z.string().email({ message: "Invalid email address" }),
-    password: z
-        .string()
-        .min(8, { message: "Password must be at least 8 characters" })
-});
-
-const mfaSchema = z.object({
-    code: z.string().length(6, { message: "Invalid code" })
-});
-
 export default function LoginForm({ redirect, onLogin, idps }: LoginFormProps) {
     const router = useRouter();
 
@@ -75,6 +66,18 @@ export default function LoginForm({ redirect, onLogin, idps }: LoginFormProps) {
     const hasIdp = idps && idps.length > 0;
 
     const [mfaRequested, setMfaRequested] = useState(false);
+    const [showSecurityKeyPrompt, setShowSecurityKeyPrompt] = useState(false);
+
+    const t = useTranslations();
+
+    const formSchema = z.object({
+        email: z.string().email({ message: t("emailInvalid") }),
+        password: z.string().min(8, { message: t("passwordRequirementsChars") })
+    });
+
+    const mfaSchema = z.object({
+        code: z.string().length(6, { message: t("pincodeInvalid") })
+    });
 
     const form = useForm>({
         resolver: zodResolver(formSchema),
@@ -91,30 +94,135 @@ export default function LoginForm({ redirect, onLogin, idps }: LoginFormProps) {
         }
     });
 
+    async function initiateSecurityKeyAuth() {
+        setShowSecurityKeyPrompt(true);
+        setLoading(true);
+        setError(null);
+
+        try {
+            // Start WebAuthn authentication without email
+            const startRes = await api.post(
+                "/auth/security-key/authenticate/start",
+                {}
+            );
+
+            if (!startRes) {
+                setError(
+                    t("securityKeyAuthError", {
+                        defaultValue:
+                            "Failed to start security key authentication"
+                    })
+                );
+                return;
+            }
+
+            const { tempSessionId, ...options } = startRes.data.data;
+
+            // Perform WebAuthn authentication
+            try {
+                const credential = await startAuthentication(options);
+
+                // Verify authentication
+                const verifyRes = await api.post(
+                    "/auth/security-key/authenticate/verify",
+                    { credential },
+                    {
+                        headers: {
+                            "X-Temp-Session-Id": tempSessionId
+                        }
+                    }
+                );
+
+                if (verifyRes) {
+                    if (onLogin) {
+                        await onLogin();
+                    }
+                }
+            } catch (error: any) {
+                if (error.name === "NotAllowedError") {
+                    if (error.message.includes("denied permission")) {
+                        setError(
+                            t("securityKeyPermissionDenied", {
+                                defaultValue:
+                                    "Please allow access to your security key to continue signing in."
+                            })
+                        );
+                    } else {
+                        setError(
+                            t("securityKeyRemovedTooQuickly", {
+                                defaultValue:
+                                    "Please keep your security key connected until the sign-in process completes."
+                            })
+                        );
+                    }
+                } else if (error.name === "NotSupportedError") {
+                    setError(
+                        t("securityKeyNotSupported", {
+                            defaultValue:
+                                "Your security key may not be compatible. Please try a different security key."
+                        })
+                    );
+                } else {
+                    setError(
+                        t("securityKeyUnknownError", {
+                            defaultValue:
+                                "There was a problem using your security key. Please try again."
+                        })
+                    );
+                }
+            }
+        } catch (e: any) {
+            if (e.isAxiosError) {
+                setError(
+                    formatAxiosError(
+                        e,
+                        t("securityKeyAuthError", {
+                            defaultValue:
+                                "Failed to authenticate with security key"
+                        })
+                    )
+                );
+            } else {
+                console.error(e);
+                setError(
+                    e.message ||
+                        t("securityKeyAuthError", {
+                            defaultValue:
+                                "Failed to authenticate with security key"
+                        })
+                );
+            }
+        } finally {
+            setLoading(false);
+            setShowSecurityKeyPrompt(false);
+        }
+    }
+
     async function onSubmit(values: any) {
         const { email, password } = form.getValues();
         const { code } = mfaForm.getValues();
 
         setLoading(true);
+        setError(null);
+        setShowSecurityKeyPrompt(false);
 
-        const res = await api
-            .post>("/auth/login", {
-                email,
-                password,
-                code
-            })
-            .catch((e) => {
-                console.error(e);
-                setError(
-                    formatAxiosError(e, "An error occurred while logging in")
-                );
-            });
-
-        if (res) {
-            setError(null);
+        try {
+            const res = await api.post>(
+                "/auth/login",
+                {
+                    email,
+                    password,
+                    code
+                }
+            );
 
             const data = res.data.data;
 
+            if (data?.useSecurityKey) {
+                await initiateSecurityKeyAuth();
+                return;
+            }
+
             if (data?.codeRequested) {
                 setMfaRequested(true);
                 setLoading(false);
@@ -131,12 +239,38 @@ export default function LoginForm({ redirect, onLogin, idps }: LoginFormProps) {
                 return;
             }
 
+            if (data?.twoFactorSetupRequired) {
+                const setupUrl = `/auth/2fa/setup?email=${encodeURIComponent(email)}${redirect ? `&redirect=${encodeURIComponent(redirect)}` : ""}`;
+                router.push(setupUrl);
+                return;
+            }
+
             if (onLogin) {
                 await onLogin();
             }
+        } catch (e: any) {
+            if (e.isAxiosError) {
+                const errorMessage = formatAxiosError(
+                    e,
+                    t("loginError", {
+                        defaultValue: "Failed to log in"
+                    })
+                );
+                setError(errorMessage);
+                return;
+            } else {
+                console.error(e);
+                setError(
+                    e.message ||
+                        t("loginError", {
+                            defaultValue: "Failed to log in"
+                        })
+                );
+                return;
+            }
+        } finally {
+            setLoading(false);
         }
-
-        setLoading(false);
     }
 
     async function loginWithIdp(idpId: number) {
@@ -151,7 +285,7 @@ export default function LoginForm({ redirect, onLogin, idps }: LoginFormProps) {
             console.log(res);
 
             if (!res) {
-                setError("An error occurred while logging in");
+                setError(t("loginError"));
                 return;
             }
 
@@ -164,6 +298,18 @@ export default function LoginForm({ redirect, onLogin, idps }: LoginFormProps) {
 
     return (
         

+            {showSecurityKeyPrompt && (
+                
+                    
+                    
+                        {t("securityKeyPrompt", {
+                            defaultValue:
+                                "Please verify your identity using your security key. Make sure your security key is connected and ready."
+                        })}
+                    
+                
+            )}
+
             {!mfaRequested && (
                 <>
                     

@@ -177,7 +323,7 @@ export default function LoginForm({ redirect, onLogin, idps }: LoginFormProps) {
                                 name="email"
                                 render={({ field }) => (
                                     
-                                        Email
+                                        {t("email")}
                                         
                                             
                                         
@@ -192,7 +338,9 @@ export default function LoginForm({ redirect, onLogin, idps }: LoginFormProps) {
                                     name="password"
                                     render={({ field }) => (
                                         
-                                            Password
+                                            
+                                                {t("password")}
+                                            
                                             
                                                 
-                                        Forgot your password?
+                                        {t("passwordForgot")}
                                     
                                 

                             

+
+                            

+                                
+                            

                         
                     
                 
@@ -221,12 +379,9 @@ export default function LoginForm({ redirect, onLogin, idps }: LoginFormProps) {
             {mfaRequested && (
                 <>
                     

-                        

-                            Two-Factor Authentication
-                        

+                        
{t("otpAuth")}

                         

-                            Enter the code from your authenticator app or one of
-                            your single-use backup codes.
+                            {t("otpAuthDescription")}
                         

                     

                     

@@ -248,10 +403,16 @@ export default function LoginForm({ redirect, onLogin, idps }: LoginFormProps) {
                                                     pattern={
                                                         REGEXP_ONLY_DIGITS_AND_CHARS
                                                     }
-                                                    onChange={(e) => {
-                                                        field.onChange(e);
-                                                        if (e.length === 6) {
-                                                            mfaForm.handleSubmit(onSubmit)();
+                                                    onChange={(
+                                                        value: string
+                                                    ) => {
+                                                        field.onChange(value);
+                                                        if (
+                                                            value.length === 6
+                                                        ) {
+                                                            mfaForm.handleSubmit(
+                                                                onSubmit
+                                                            )();
                                                         }
                                                     }}
                                                 >
@@ -302,21 +463,24 @@ export default function LoginForm({ redirect, onLogin, idps }: LoginFormProps) {
                         loading={loading}
                         disabled={loading}
                     >
-                        Submit Code
+                        {t("otpAuthSubmit")}
                     
                 )}
 
                 {!mfaRequested && (
                     <>
                         
 
                         {hasIdp && (
@@ -327,7 +491,7 @@ export default function LoginForm({ redirect, onLogin, idps }: LoginFormProps) {
                                     

                                     

                                         
-                                            Or continue with
+                                            {t("idpContinue")}
                                         
                                     

                                 

@@ -360,7 +524,7 @@ export default function LoginForm({ redirect, onLogin, idps }: LoginFormProps) {
                             mfaForm.reset();
                         }}
                     >
-                        Back to Log In
+                        {t("otpAuthBack")}
                     
                 )}
             

diff --git a/src/components/OrgSelector.tsx b/src/components/OrgSelector.tsx
index 626156cf..d105e31c 100644
--- a/src/components/OrgSelector.tsx
+++ b/src/components/OrgSelector.tsx
@@ -15,104 +15,128 @@ import {
     PopoverContent,
     PopoverTrigger
 } from "@app/components/ui/popover";
+import {
+    Tooltip,
+    TooltipContent,
+    TooltipProvider,
+    TooltipTrigger,
+} from "@app/components/ui/tooltip";
 import { useEnvContext } from "@app/hooks/useEnvContext";
 import { cn } from "@app/lib/cn";
 import { ListUserOrgsResponse } from "@server/routers/org";
-import { Check, ChevronsUpDown, Plus } from "lucide-react";
+import { Check, ChevronsUpDown, Plus, Building2, Users } from "lucide-react";
 import { useRouter } from "next/navigation";
 import { useState } from "react";
 import { useUserContext } from "@app/hooks/useUserContext";
+import { useTranslations } from "next-intl";
 
 interface OrgSelectorProps {
     orgId?: string;
     orgs?: ListUserOrgsResponse["orgs"];
+    isCollapsed?: boolean;
 }
 
-export function OrgSelector({ orgId, orgs }: OrgSelectorProps) {
+export function OrgSelector({ orgId, orgs, isCollapsed = false }: OrgSelectorProps) {
     const { user } = useUserContext();
     const [open, setOpen] = useState(false);
     const router = useRouter();
     const { env } = useEnvContext();
+    const t = useTranslations();
 
-    return (
+    const selectedOrg = orgs?.find((org) => org.orgId === orgId);
+
+    const orgSelectorContent = (
         
             
                 
             
-            
-                
-                    
-                    
-                        No organizations found.
+            
+                
+                    
+                    
+                        

+                            {t('orgNotFound2')}
+                        

                     
-                    {(!env.flags.disableUserCreateOrg ||
-                        user.serverAdmin) && (
+                    {(!env.flags.disableUserCreateOrg || user.serverAdmin) && (
                         <>
-                            
+                            
                                 
                                      {
-                                            router.push(
-                                                "/setup"
-                                            );
+                                        onSelect={() => {
+                                            setOpen(false);
+                                            router.push("/setup");
                                         }}
+                                        className="mx-2 rounded-md"
                                     >
-                                        
-                                        New Organization
+                                        

+                                            
+                                        

+                                        

+                                            {t('setupNewOrg')}
+                                            {t('createNewOrgDescription')}
+                                        

                                     
                                 
                             
-                            
+                            
                         
                     )}
-                    
+                    
                         
                             {orgs?.map((org) => (
                                  {
-                                        router.push(
-                                            `/${org.orgId}/settings`
-                                        );
+                                    onSelect={() => {
+                                        setOpen(false);
+                                        router.push(`/${org.orgId}/settings`);
                                     }}
+                                    className="mx-2 rounded-md"
                                 >
+                                    

+                                        
+                                    

+                                    

+                                        {org.name}
+                                        {t('organization')}
+                                    

                                     
-                                    {org.name}
                                 
                             ))}
                         
@@ -121,4 +145,24 @@ export function OrgSelector({ orgId, orgs }: OrgSelectorProps) {
             
         
     );
+
+    if (isCollapsed) {
+        return (
+            
+                
+                    
+                        {orgSelectorContent}
+                    
+                    
+                        

+                            
{selectedOrg?.name || t('noneSelected')}

+                            
{t('org')}

+                        

+                    
+                
+            
+        );
+    }
+
+    return orgSelectorContent;
 }
diff --git a/src/app/components/OrganizationLanding.tsx b/src/components/OrganizationLanding.tsx
similarity index 79%
rename from src/app/components/OrganizationLanding.tsx
rename to src/components/OrganizationLanding.tsx
index 58e765e6..2d235c6d 100644
--- a/src/app/components/OrganizationLanding.tsx
+++ b/src/components/OrganizationLanding.tsx
@@ -11,6 +11,9 @@ import {
 import { Button } from "@/components/ui/button";
 import Link from "next/link";
 import { ArrowRight, Plus } from "lucide-react";
+import { useEnvContext } from "@app/hooks/useEnvContext";
+import { useTranslations } from "next-intl";
+
 interface Organization {
     id: string;
     name: string;
@@ -27,44 +30,42 @@ export default function OrganizationLanding({
 }: OrganizationLandingProps) {
     const [selectedOrg, setSelectedOrg] = useState(null);
 
+    const { env } = useEnvContext();
+
     const handleOrgClick = (orgId: string) => {
         setSelectedOrg(orgId);
     };
 
+    const t = useTranslations();
+
     function getDescriptionText() {
         if (organizations.length === 0) {
             if (!disableCreateOrg) {
-                return "You are not currently a member of any organizations. Create an organization to get started.";
+                return t("componentsErrorNoMemberCreate");
             } else {
-                return "You are not currently a member of any organizations.";
+                return t("componentsErrorNoMember");
             }
         }
 
-        return `You're a member of ${organizations.length} ${
-            organizations.length === 1 ? "organization" : "organizations"
-        }.`;
+        return t("componentsMember", { count: organizations.length });
     }
 
     return (
         
             
-                Welcome to Pangolin
+                {t("welcome")}
                 {getDescriptionText()}
             
             
                 {organizations.length === 0 ? (
-                    disableCreateOrg ? (
-                        

-                            You are not currently a member of any organizations.
-                        

-                    ) : (
+                    !disableCreateOrg && (
                         
                             
                         
                     )
diff --git a/src/components/PermissionsSelectBox.tsx b/src/components/PermissionsSelectBox.tsx
new file mode 100644
index 00000000..d8f9b59f
--- /dev/null
+++ b/src/components/PermissionsSelectBox.tsx
@@ -0,0 +1,249 @@
+"use client";
+
+import { CheckboxWithLabel } from "@app/components/ui/checkbox";
+import {
+    InfoSection,
+    InfoSectionContent,
+    InfoSections,
+    InfoSectionTitle
+} from "@app/components/InfoSection";
+import { useTranslations } from "next-intl";
+
+type PermissionsSelectBoxProps = {
+    root?: boolean;
+    selectedPermissions: Record;
+    onChange: (updated: Record) => void;
+};
+
+function getActionsCategories(root: boolean) {
+    const t = useTranslations();
+
+    const actionsByCategory: Record> = {
+        Organization: {
+            [t('actionGetOrg')]: "getOrg",
+            [t('actionUpdateOrg')]: "updateOrg",
+            [t('actionGetOrgUser')]: "getOrgUser",
+            [t('actionInviteUser')]: "inviteUser",
+            [t('actionListInvitations')]: "listInvitations",
+            [t('actionRemoveUser')]: "removeUser",
+            [t('actionListUsers')]: "listUsers",
+            [t('actionListOrgDomains')]: "listOrgDomains"
+        },
+
+        Site: {
+            [t('actionCreateSite')]: "createSite",
+            [t('actionDeleteSite')]: "deleteSite",
+            [t('actionGetSite')]: "getSite",
+            [t('actionListSites')]: "listSites",
+            [t('actionUpdateSite')]: "updateSite",
+            [t('actionListSiteRoles')]: "listSiteRoles"
+        },
+
+        Resource: {
+            [t('actionCreateResource')]: "createResource",
+            [t('actionDeleteResource')]: "deleteResource",
+            [t('actionGetResource')]: "getResource",
+            [t('actionListResource')]: "listResources",
+            [t('actionUpdateResource')]: "updateResource",
+            [t('actionListResourceUsers')]: "listResourceUsers",
+            [t('actionSetResourceUsers')]: "setResourceUsers",
+            [t('actionSetAllowedResourceRoles')]: "setResourceRoles",
+            [t('actionListAllowedResourceRoles')]: "listResourceRoles",
+            [t('actionSetResourcePassword')]: "setResourcePassword",
+            [t('actionSetResourcePincode')]: "setResourcePincode",
+            [t('actionSetResourceEmailWhitelist')]: "setResourceWhitelist",
+            [t('actionGetResourceEmailWhitelist')]: "getResourceWhitelist",
+            [t('actionCreateSiteResource')]: "createSiteResource",
+            [t('actionDeleteSiteResource')]: "deleteSiteResource",
+            [t('actionGetSiteResource')]: "getSiteResource",
+            [t('actionListSiteResources')]: "listSiteResources",
+            [t('actionUpdateSiteResource')]: "updateSiteResource"
+        },
+
+        Target: {
+            [t('actionCreateTarget')]: "createTarget",
+            [t('actionDeleteTarget')]: "deleteTarget",
+            [t('actionGetTarget')]: "getTarget",
+            [t('actionListTargets')]: "listTargets",
+            [t('actionUpdateTarget')]: "updateTarget"
+        },
+
+        Role: {
+            [t('actionCreateRole')]: "createRole",
+            [t('actionDeleteRole')]: "deleteRole",
+            [t('actionGetRole')]: "getRole",
+            [t('actionListRole')]: "listRoles",
+            [t('actionUpdateRole')]: "updateRole",
+            [t('actionListAllowedRoleResources')]: "listRoleResources",
+            [t('actionAddUserRole')]: "addUserRole"
+        },
+        "Access Token": {
+            [t('actionGenerateAccessToken')]: "generateAccessToken",
+            [t('actionDeleteAccessToken')]: "deleteAcessToken",
+            [t('actionListAccessTokens')]: "listAccessTokens"
+        },
+
+        "Resource Rule": {
+            [t('actionCreateResourceRule')]: "createResourceRule",
+            [t('actionDeleteResourceRule')]: "deleteResourceRule",
+            [t('actionListResourceRules')]: "listResourceRules",
+            [t('actionUpdateResourceRule')]: "updateResourceRule"
+        },
+
+        "Client": {
+            [t('actionCreateClient')]: "createClient",
+            [t('actionDeleteClient')]: "deleteClient",
+            [t('actionUpdateClient')]: "updateClient",
+            [t('actionListClients')]: "listClients",
+            [t('actionGetClient')]: "getClient"
+        }
+    };
+
+    if (root) {
+        actionsByCategory["Organization"] = {
+            [t('actionListOrgs')]: "listOrgs",
+            [t('actionCheckOrgId')]: "checkOrgId",
+            [t('actionCreateOrg')]: "createOrg",
+            [t('actionDeleteOrg')]: "deleteOrg",
+            [t('actionListApiKeys')]: "listApiKeys",
+            [t('actionListApiKeyActions')]: "listApiKeyActions",
+            [t('actionSetApiKeyActions')]: "setApiKeyActions",
+            [t('actionCreateApiKey')]: "createApiKey",
+            [t('actionDeleteApiKey')]: "deleteApiKey",
+            ...actionsByCategory["Organization"]
+        };
+
+        actionsByCategory["Identity Provider (IDP)"] = {
+            [t('actionCreateIdp')]: "createIdp",
+            [t('actionUpdateIdp')]: "updateIdp",
+            [t('actionDeleteIdp')]: "deleteIdp",
+            [t('actionListIdps')]: "listIdps",
+            [t('actionGetIdp')]: "getIdp",
+            [t('actionCreateIdpOrg')]: "createIdpOrg",
+            [t('actionDeleteIdpOrg')]: "deleteIdpOrg",
+            [t('actionListIdpOrgs')]: "listIdpOrgs",
+            [t('actionUpdateIdpOrg')]: "updateIdpOrg"
+        };
+
+        actionsByCategory["User"] = {
+            [t('actionUpdateUser')]: "updateUser",
+            [t('actionGetUser')]: "getUser"
+        };
+    }
+
+    return actionsByCategory;
+}
+
+export default function PermissionsSelectBox({
+    root,
+    selectedPermissions,
+    onChange
+}: PermissionsSelectBoxProps) {
+    const actionsByCategory = getActionsCategories(root ?? false);
+
+    const togglePermission = (key: string, checked: boolean) => {
+        onChange({
+            ...selectedPermissions,
+            [key]: checked
+        });
+    };
+
+    const areAllCheckedInCategory = (actions: Record) => {
+        return Object.values(actions).every(
+            (action) => selectedPermissions[action]
+        );
+    };
+
+    const toggleAllInCategory = (
+        actions: Record,
+        value: boolean
+    ) => {
+        const updated = { ...selectedPermissions };
+        Object.values(actions).forEach((action) => {
+            updated[action] = value;
+        });
+        onChange(updated);
+    };
+
+    const allActions = Object.values(actionsByCategory).flatMap(Object.values);
+    const allPermissionsChecked = allActions.every(
+        (action) => selectedPermissions[action]
+    );
+
+    const toggleAllPermissions = (checked: boolean) => {
+        const updated: Record = {};
+        allActions.forEach((action) => {
+            updated[action] = checked;
+        });
+        onChange(updated);
+    };
+
+    const t = useTranslations();
+
+    return (
+        <>
+            

+                
+                        toggleAllPermissions(checked as boolean)
+                    }
+                />
+            

+            
+                {Object.entries(actionsByCategory).map(
+                    ([category, actions]) => {
+                        const allChecked = areAllCheckedInCategory(actions);
+                        return (
+                            
+                                {category}
+                                
+                                    

+                                        
+                                                toggleAllInCategory(
+                                                    actions,
+                                                    checked as boolean
+                                                )
+                                            }
+                                        />
+                                        {Object.entries(actions).map(
+                                            ([label, value]) => (
+                                                
+                                                        togglePermission(
+                                                            value,
+                                                            checked as boolean
+                                                        )
+                                                    }
+                                                />
+                                            )
+                                        )}
+                                    

+                                
+                            
+                        );
+                    }
+                )}
+            
+        
+    );
+}
diff --git a/src/components/ProfileIcon.tsx b/src/components/ProfileIcon.tsx
index aa435786..7e3b3920 100644
--- a/src/components/ProfileIcon.tsx
+++ b/src/components/ProfileIcon.tsx
@@ -20,8 +20,11 @@ import { useRouter } from "next/navigation";
 import { useState } from "react";
 import { useUserContext } from "@app/hooks/useUserContext";
 import Disable2FaForm from "./Disable2FaForm";
-import Enable2FaForm from "./Enable2FaForm";
+import SecurityKeyForm from "./SecurityKeyForm";
+import Enable2FaDialog from "./Enable2FaDialog";
 import { UserType } from "@server/types/UserTypes";
+import LocaleSwitcher from "@app/components/LocaleSwitcher";
+import { useTranslations } from "next-intl";
 
 export default function ProfileIcon() {
     const { setTheme, theme } = useTheme();
@@ -36,6 +39,9 @@ export default function ProfileIcon() {
 
     const [openEnable2fa, setOpenEnable2fa] = useState(false);
     const [openDisable2fa, setOpenDisable2fa] = useState(false);
+    const [openSecurityKey, setOpenSecurityKey] = useState(false);
+
+    const t = useTranslations();
 
     function getInitials() {
         return (user.email || user.name || user.username)
@@ -51,10 +57,10 @@ export default function ProfileIcon() {
     function logout() {
         api.post("/auth/logout")
             .catch((e) => {
-                console.error("Error logging out", e);
+                console.error(t("logoutError"), e);
                 toast({
-                    title: "Error logging out",
-                    description: formatAxiosError(e, "Error logging out")
+                    title: t("logoutError"),
+                    description: formatAxiosError(e, t("logoutError"))
                 });
             })
             .then(() => {
@@ -65,105 +71,105 @@ export default function ProfileIcon() {
 
     return (
         <>
-            
+            
             
+            
 
-            

-                
-                    {user.email || user.name || user.username}
-                
-                
-                    
-                        
-                    
-                    
+                
+                    
+                
+                
+                    
+                        

+                            

+                                {t("signingAs")}
+                            

+                            

+                                {user.email || user.name || user.username}
+                            

+                        

+                        {user.serverAdmin ? (
+                            

+                                {t("serverAdmin")}
+                            

+                        ) : (
+                            

+                                {user.idpName || t("idpNameInternal")}
+                            

                         )}
-                        Theme
-                        {(["light", "dark", "system"] as const).map(
-                            (themeOption) => (
+                    
+                    
+                    {user?.type === UserType.Internal && (
+                        <>
+                            {!user.twoFactorEnabled && (
                                 
-                                        handleThemeChange(themeOption)
-                                    }
+                                    onClick={() => setOpenEnable2fa(true)}
                                 >
-                                    {themeOption === "light" && (
-                                        
-                                    )}
-                                    {themeOption === "dark" && (
-                                        
-                                    )}
-                                    {themeOption === "system" && (
-                                        
-                                    )}
-                                    
-                                        {themeOption}
-                                    
-                                    {userTheme === themeOption && (
-                                        
-                                            
-                                        
-                                    )}
+                                    {t("otpEnable")}
                                 
-                            )
-                        )}
-                        
-                         logout()}>
-                            {/*  */}
-                            Log Out
-                        
-                    
-                
-            

+                            )}
+                            {user.twoFactorEnabled && (
+                                 setOpenDisable2fa(true)}
+                                >
+                                    {t("otpDisable")}
+                                
+                            )}
+                             setOpenSecurityKey(true)}
+                            >
+                                {t("securityKeyManage")}
+                            
+                            
+                        
+                    )}
+                    {t("theme")}
+                    {(["light", "dark", "system"] as const).map(
+                        (themeOption) => (
+                             handleThemeChange(themeOption)}
+                            >
+                                {themeOption === "light" && (
+                                    
+                                )}
+                                {themeOption === "dark" && (
+                                    
+                                )}
+                                {themeOption === "system" && (
+                                    
+                                )}
+                                
+                                    {t(themeOption)}
+                                
+                                {userTheme === themeOption && (
+                                    
+                                        
+                                    
+                                )}
+                            
+                        )
+                    )}
+                    
+                    
+                    
+                     logout()}>
+                        {/*  */}
+                        {t("logout")}
+                    
+                
+            
         
     );
 }
diff --git a/src/components/SecurityKeyForm.tsx b/src/components/SecurityKeyForm.tsx
new file mode 100644
index 00000000..e343fc5f
--- /dev/null
+++ b/src/components/SecurityKeyForm.tsx
@@ -0,0 +1,858 @@
+"use client";
+
+import { useState, useEffect } from "react";
+import { useTranslations } from "next-intl";
+import { useForm } from "react-hook-form";
+import { zodResolver } from "@hookform/resolvers/zod";
+import { z } from "zod";
+import { createApiClient } from "@app/lib/api";
+import { formatAxiosError } from "@app/lib/api";
+import { toast } from "@app/hooks/useToast";
+import { Button } from "@app/components/ui/button";
+import {
+    Form,
+    FormControl,
+    FormField,
+    FormItem,
+    FormLabel,
+    FormMessage
+} from "@app/components/ui/form";
+import { Input } from "@app/components/ui/input";
+import { Alert, AlertDescription } from "@app/components/ui/alert";
+import {
+    Credenza,
+    CredenzaBody,
+    CredenzaClose,
+    CredenzaContent,
+    CredenzaDescription,
+    CredenzaFooter,
+    CredenzaHeader,
+    CredenzaTitle
+} from "@app/components/Credenza";
+import { startRegistration } from "@simplewebauthn/browser";
+import { useEnvContext } from "@app/hooks/useEnvContext";
+import { Card, CardContent } from "@app/components/ui/card";
+import { Badge } from "@app/components/ui/badge";
+import { Loader2, KeyRound, Trash2, Plus, Shield, Info } from "lucide-react";
+import { cn } from "@app/lib/cn";
+
+type SecurityKeyFormProps = {
+    open: boolean;
+    setOpen: (open: boolean) => void;
+};
+
+type SecurityKey = {
+    credentialId: string;
+    name: string;
+    lastUsed: string;
+};
+
+type DeleteSecurityKeyData = {
+    credentialId: string;
+    name: string;
+};
+
+type RegisterFormValues = {
+    name: string;
+    password: string;
+    code?: string;
+};
+
+type DeleteFormValues = {
+    password: string;
+    code?: string;
+};
+
+type FieldProps = {
+    field: {
+        value: string;
+        onChange: (event: React.ChangeEvent) => void;
+        onBlur: () => void;
+        name: string;
+        ref: React.Ref;
+    };
+};
+
+export default function SecurityKeyForm({
+    open,
+    setOpen
+}: SecurityKeyFormProps) {
+    const t = useTranslations();
+    const { env } = useEnvContext();
+    const api = createApiClient({ env });
+    const [securityKeys, setSecurityKeys] = useState([]);
+    const [isRegistering, setIsRegistering] = useState(false);
+    const [dialogState, setDialogState] = useState<
+        "list" | "register" | "register2fa" | "delete" | "delete2fa"
+    >("list");
+    const [selectedSecurityKey, setSelectedSecurityKey] =
+        useState(null);
+    const [deleteInProgress, setDeleteInProgress] = useState(false);
+    const [pendingDeleteCredentialId, setPendingDeleteCredentialId] = useState<
+        string | null
+    >(null);
+    const [pendingDeletePassword, setPendingDeletePassword] = useState<
+        string | null
+    >(null);
+    const [pendingRegisterData, setPendingRegisterData] = useState<{
+        name: string;
+        password: string;
+    } | null>(null);
+    const [register2FAForm, setRegister2FAForm] = useState<{ code: string }>({
+        code: ""
+    });
+
+    useEffect(() => {
+        if (open) {
+            loadSecurityKeys();
+        }
+    }, [open]);
+
+    const registerSchema = z.object({
+        name: z.string().min(1, { message: t("securityKeyNameRequired") }),
+        password: z.string().min(1, { message: t("passwordRequired") }),
+        code: z.string().optional()
+    });
+
+    const deleteSchema = z.object({
+        password: z.string().min(1, { message: t("passwordRequired") }),
+        code: z.string().optional()
+    });
+
+    const registerForm = useForm({
+        resolver: zodResolver(registerSchema),
+        defaultValues: {
+            name: "",
+            password: "",
+            code: ""
+        }
+    });
+
+    const deleteForm = useForm({
+        resolver: zodResolver(deleteSchema),
+        defaultValues: {
+            password: "",
+            code: ""
+        }
+    });
+
+    const loadSecurityKeys = async () => {
+        try {
+            const response = await api.get("/auth/security-key/list");
+            setSecurityKeys(response.data.data);
+        } catch (error) {
+            toast({
+                variant: "destructive",
+                description: formatAxiosError(error, t("securityKeyLoadError"))
+            });
+        }
+    };
+
+    const handleRegisterSecurityKey = async (values: RegisterFormValues) => {
+        try {
+            // Check browser compatibility first
+            if (!window.PublicKeyCredential) {
+                toast({
+                    variant: "destructive",
+                    description: t("securityKeyBrowserNotSupported", {
+                        defaultValue:
+                            "Your browser doesn't support security keys. Please use a modern browser like Chrome, Firefox, or Safari."
+                    })
+                });
+                return;
+            }
+
+            setIsRegistering(true);
+            const startRes = await api.post(
+                "/auth/security-key/register/start",
+                {
+                    name: values.name,
+                    password: values.password,
+                    code: values.code
+                }
+            );
+
+            // If 2FA is required
+            if (startRes.status === 202 && startRes.data.data?.codeRequested) {
+                setPendingRegisterData({
+                    name: values.name,
+                    password: values.password
+                });
+                setDialogState("register2fa");
+                setIsRegistering(false);
+                return;
+            }
+
+            const options = startRes.data.data;
+
+            try {
+                const credential = await startRegistration(options);
+
+                await api.post("/auth/security-key/register/verify", {
+                    credential
+                });
+
+                toast({
+                    description: t("securityKeyRegisterSuccess", {
+                        defaultValue: "Security key registered successfully"
+                    })
+                });
+
+                registerForm.reset();
+                setDialogState("list");
+                await loadSecurityKeys();
+            } catch (error: any) {
+                if (error.name === "NotAllowedError") {
+                    if (error.message.includes("denied permission")) {
+                        toast({
+                            variant: "destructive",
+                            description: t("securityKeyPermissionDenied", {
+                                defaultValue:
+                                    "Please allow access to your security key to continue registration."
+                            })
+                        });
+                    } else {
+                        toast({
+                            variant: "destructive",
+                            description: t("securityKeyRemovedTooQuickly", {
+                                defaultValue:
+                                    "Please keep your security key connected until the registration process completes."
+                            })
+                        });
+                    }
+                } else if (error.name === "NotSupportedError") {
+                    toast({
+                        variant: "destructive",
+                        description: t("securityKeyNotSupported", {
+                            defaultValue:
+                                "Your security key may not be compatible. Please try a different security key."
+                        })
+                    });
+                } else {
+                    toast({
+                        variant: "destructive",
+                        description: t("securityKeyUnknownError", {
+                            defaultValue:
+                                "There was a problem registering your security key. Please try again."
+                        })
+                    });
+                }
+                throw error; // Re-throw to be caught by outer catch
+            }
+        } catch (error) {
+            console.error("Security key registration error:", error);
+            toast({
+                variant: "destructive",
+                description: formatAxiosError(
+                    error,
+                    t("securityKeyRegisterError", {
+                        defaultValue: "Failed to register security key"
+                    })
+                )
+            });
+        } finally {
+            setIsRegistering(false);
+        }
+    };
+
+    const handleDeleteSecurityKey = async (values: DeleteFormValues) => {
+        if (!selectedSecurityKey) return;
+
+        try {
+            setDeleteInProgress(true);
+            const encodedCredentialId = encodeURIComponent(
+                selectedSecurityKey.credentialId
+            );
+            const response = await api.delete(
+                `/auth/security-key/${encodedCredentialId}`,
+                {
+                    data: {
+                        password: values.password,
+                        code: values.code
+                    }
+                }
+            );
+
+            // If 2FA is required
+            if (response.status === 202 && response.data.data.codeRequested) {
+                setPendingDeleteCredentialId(encodedCredentialId);
+                setPendingDeletePassword(values.password);
+                setDialogState("delete2fa");
+                return;
+            }
+
+            toast({
+                description: t("securityKeyRemoveSuccess")
+            });
+
+            deleteForm.reset();
+            setSelectedSecurityKey(null);
+            setDialogState("list");
+            await loadSecurityKeys();
+        } catch (error) {
+            toast({
+                variant: "destructive",
+                description: formatAxiosError(
+                    error,
+                    t("securityKeyRemoveError")
+                )
+            });
+        } finally {
+            setDeleteInProgress(false);
+        }
+    };
+
+    const handle2FASubmit = async (values: DeleteFormValues) => {
+        if (!pendingDeleteCredentialId || !pendingDeletePassword) return;
+
+        try {
+            setDeleteInProgress(true);
+            await api.delete(
+                `/auth/security-key/${pendingDeleteCredentialId}`,
+                {
+                    data: {
+                        password: pendingDeletePassword,
+                        code: values.code
+                    }
+                }
+            );
+
+            toast({
+                description: t("securityKeyRemoveSuccess")
+            });
+
+            deleteForm.reset();
+            setSelectedSecurityKey(null);
+            setDialogState("list");
+            setPendingDeleteCredentialId(null);
+            setPendingDeletePassword(null);
+            await loadSecurityKeys();
+        } catch (error) {
+            toast({
+                variant: "destructive",
+                description: formatAxiosError(
+                    error,
+                    t("securityKeyRemoveError")
+                )
+            });
+        } finally {
+            setDeleteInProgress(false);
+        }
+    };
+
+    const handleRegister2FASubmit = async (values: { code: string }) => {
+        if (!pendingRegisterData) return;
+
+        try {
+            setIsRegistering(true);
+            const startRes = await api.post(
+                "/auth/security-key/register/start",
+                {
+                    name: pendingRegisterData.name,
+                    password: pendingRegisterData.password,
+                    code: values.code
+                }
+            );
+
+            const options = startRes.data.data;
+
+            try {
+                const credential = await startRegistration(options);
+
+                await api.post("/auth/security-key/register/verify", {
+                    credential
+                });
+
+                toast({
+                    description: t("securityKeyRegisterSuccess", {
+                        defaultValue: "Security key registered successfully"
+                    })
+                });
+
+                registerForm.reset();
+                setDialogState("list");
+                setPendingRegisterData(null);
+                setRegister2FAForm({ code: "" });
+                await loadSecurityKeys();
+            } catch (error: any) {
+                if (error.name === "NotAllowedError") {
+                    if (error.message.includes("denied permission")) {
+                        toast({
+                            variant: "destructive",
+                            description: t("securityKeyPermissionDenied", {
+                                defaultValue:
+                                    "Please allow access to your security key to continue registration."
+                            })
+                        });
+                    } else {
+                        toast({
+                            variant: "destructive",
+                            description: t("securityKeyRemovedTooQuickly", {
+                                defaultValue:
+                                    "Please keep your security key connected until the registration process completes."
+                            })
+                        });
+                    }
+                } else if (error.name === "NotSupportedError") {
+                    toast({
+                        variant: "destructive",
+                        description: t("securityKeyNotSupported", {
+                            defaultValue:
+                                "Your security key may not be compatible. Please try a different security key."
+                        })
+                    });
+                } else {
+                    toast({
+                        variant: "destructive",
+                        description: t("securityKeyUnknownError", {
+                            defaultValue:
+                                "There was a problem registering your security key. Please try again."
+                        })
+                    });
+                }
+                throw error; // Re-throw to be caught by outer catch
+            }
+        } catch (error) {
+            console.error("Security key registration error:", error);
+            toast({
+                variant: "destructive",
+                description: formatAxiosError(
+                    error,
+                    t("securityKeyRegisterError", {
+                        defaultValue: "Failed to register security key"
+                    })
+                )
+            });
+            setRegister2FAForm({ code: "" });
+        } finally {
+            setIsRegistering(false);
+        }
+    };
+
+    const onOpenChange = (open: boolean) => {
+        if (open) {
+            loadSecurityKeys();
+        } else {
+            registerForm.reset();
+            deleteForm.reset();
+            setSelectedSecurityKey(null);
+            setDialogState("list");
+            setPendingRegisterData(null);
+            setRegister2FAForm({ code: "" });
+        }
+        setOpen(open);
+    };
+
+    return (
+        <>
+            
+                
+                    {dialogState === "list" && (
+                        <>
+                            
+                                
+                                    {t("securityKeyManage")}
+                                
+                                
+                                    {t("securityKeyDescription")}
+                                
+                            
+                            
+                                

+                                    

+                                        

+                                            {t("securityKeyList")}
+                                        

+                                        
+                                    

+
+                                    {securityKeys.length > 0 ? (
+                                        

+                                            {securityKeys.map((securityKey) => (
+                                                
+                                                    
+                                                        

+                                                            

+                                                                
+                                                            

+                                                            

+                                                                

+                                                                    {
+                                                                        securityKey.name
+                                                                    }
+                                                                

+                                                                

+                                                                    {t(
+                                                                        "securityKeyLastUsed",
+                                                                        {
+                                                                            date: new Date(
+                                                                                securityKey.lastUsed
+                                                                            ).toLocaleDateString()
+                                                                        }
+                                                                    )}
+                                                                

+                                                            

+                                                        

+                                                        
+                                                    
+                                                
+                                            ))}
+                                        

+                                    ) : (
+                                        

+                                            
+                                            

+                                                {t("securityKeyNoKeysRegistered")}
+                                            

+                                            

+                                                {t("securityKeyNoKeysDescription")}
+                                            

+                                        

+                                    )}
+
+                                    {securityKeys.length === 1 && (
+                                        
+                                            
+                                            
+                                                {t("securityKeyRecommendation")}
+                                            
+                                        
+                                    )}
+                                

+                            
+                        
+                    )}
+
+                    {dialogState === "register" && (
+                        <>
+                            
+                                
+                                    {t("securityKeyRegisterTitle")}
+                                
+                                
+                                    {t("securityKeyRegisterDescription")}
+                                
+                            
+                            
+                                
+                                    
+                                         (
+                                                
+                                                    
+                                                        {t(
+                                                            "securityKeyNameLabel"
+                                                        )}
+                                                    
+                                                    
+                                                        
+                                                    
+                                                    
+                                                
+                                            )}
+                                        />
+                                         (
+                                                
+                                                    
+                                                        {t("password")}
+                                                    
+                                                    
+                                                        
+                                                    
+                                                    
+                                                
+                                            )}
+                                        />
+                                    
+                                
+                            
+                            
+                                
+                                    
+                                
+                                
+                            
+                        
+                    )}
+
+                    {dialogState === "register2fa" && (
+                        <>
+                            
+                                
+                                    {t("securityKeyTwoFactorRequired")}
+                                
+                                
+                                    {t("securityKeyTwoFactorDescription")}
+                                
+                            
+                            
+                                

+                                    

+                                        
+                                        
+                                                setRegister2FAForm({
+                                                    code: e.target.value
+                                                })
+                                            }
+                                            maxLength={6}
+                                            disabled={isRegistering}
+                                        />
+                                    

+                                

+                            
+                            
+                                
+                                    
+                                
+                                
+                            
+                        
+                    )}
+
+                    {dialogState === "delete" && (
+                        <>
+                            
+                                
+                                    {t("securityKeyRemoveTitle")}
+                                
+                                
+                                    {t("securityKeyRemoveDescription", { name: selectedSecurityKey!.name! })}
+                                
+                            
+                            
+                                

+                                    
+                                         (
+                                                
+                                                    
+                                                        {t("password")}
+                                                    
+                                                    
+                                                        
+                                                    
+                                                    
+                                                
+                                            )}
+                                        />
+                                    
+                                
+                            

+                            
+                                
+                                    
+                                
+                                
+                            
+                        
+                    )}
+
+                    {dialogState === "delete2fa" && (
+                        <>
+                            
+                                
+                                    {t("securityKeyTwoFactorRequired")}
+                                
+                                
+                                    {t("securityKeyTwoFactorRemoveDescription")}
+                                
+                            
+                            
+                                

+                                    
+                                         (
+                                                
+                                                    
+                                                        {t("securityKeyTwoFactorCode")}
+                                                    
+                                                    
+                                                        
+                                                    
+                                                    
+                                                
+                                            )}
+                                        />
+                                    
+                                
+                            

+                            
+                                
+                                    
+                                
+                                
+                            
+                        
+                    )}
+                
+            
+        
+    );
+}
diff --git a/src/components/SetLastOrgCookie.tsx b/src/components/SetLastOrgCookie.tsx
new file mode 100644
index 00000000..a142df9e
--- /dev/null
+++ b/src/components/SetLastOrgCookie.tsx
@@ -0,0 +1,19 @@
+"use client";
+
+import { useEffect } from "react";
+
+interface SetLastOrgCookieProps {
+    orgId: string;
+}
+
+export default function SetLastOrgCookie({ orgId }: SetLastOrgCookieProps) {
+    useEffect(() => {
+        const isSecure =
+            typeof window !== "undefined" &&
+            window.location.protocol === "https:";
+
+        document.cookie = `pangolin-last-org=${orgId}; path=/; max-age=${60 * 60 * 24 * 30}; samesite=lax${isSecure ? "; secure" : ""}`;
+    }, [orgId]);
+
+    return null;
+}
diff --git a/src/components/Settings.tsx b/src/components/Settings.tsx
index 7fa689f8..796a4bc8 100644
--- a/src/components/Settings.tsx
+++ b/src/components/Settings.tsx
@@ -19,7 +19,7 @@ export function SettingsSectionForm({
 }: {
     children: React.ReactNode;
 }) {
-    return 
{children}
;
+    return 
{children}
;
 }
 
 export function SettingsSectionTitle({
@@ -55,7 +55,7 @@ export function SettingsSectionFooter({
 }: {
     children: React.ReactNode;
 }) {
-    return 
{children}
;
+    return 
{children}
;
 }
 
 export function SettingsSectionGrid({
diff --git a/src/components/SidebarNav.tsx b/src/components/SidebarNav.tsx
index 1df7f713..a18e2560 100644
--- a/src/components/SidebarNav.tsx
+++ b/src/components/SidebarNav.tsx
@@ -1,31 +1,42 @@
 "use client";
 
-import React, { useState, useEffect } from "react";
+import React from "react";
 import Link from "next/link";
 import { useParams, usePathname } from "next/navigation";
 import { cn } from "@app/lib/cn";
-import { ChevronDown, ChevronRight } from "lucide-react";
 import { useUserContext } from "@app/hooks/useUserContext";
+import { useTranslations } from "next-intl";
+import {
+    Tooltip,
+    TooltipContent,
+    TooltipProvider,
+    TooltipTrigger
+} from "@app/components/ui/tooltip";
 
-export interface SidebarNavItem {
+export type SidebarNavItem = {
     href: string;
     title: string;
     icon?: React.ReactNode;
-    children?: SidebarNavItem[];
-    autoExpand?: boolean;
-}
+};
+
+export type SidebarNavSection = {
+    heading: string;
+    items: SidebarNavItem[];
+};
 
 export interface SidebarNavProps extends React.HTMLAttributes {
-    items: SidebarNavItem[];
+    sections: SidebarNavSection[];
     disabled?: boolean;
     onItemClick?: () => void;
+    isCollapsed?: boolean;
 }
 
 export function SidebarNav({
     className,
-    items,
+    sections,
     disabled = false,
     onItemClick,
+    isCollapsed = false,
     ...props
 }: SidebarNavProps) {
     const pathname = usePathname();
@@ -34,141 +45,111 @@ export function SidebarNav({
     const niceId = params.niceId as string;
     const resourceId = params.resourceId as string;
     const userId = params.userId as string;
-    const [expandedItems, setExpandedItems] = useState>(() => {
-        const autoExpanded = new Set();
-
-        function findAutoExpandedAndActivePath(
-            items: SidebarNavItem[],
-            parentHrefs: string[] = []
-        ) {
-            items.forEach((item) => {
-                const hydratedHref = hydrateHref(item.href);
-                const currentPath = [...parentHrefs, hydratedHref];
-
-                if (item.autoExpand || pathname.startsWith(hydratedHref)) {
-                    currentPath.forEach((href) => autoExpanded.add(href));
-                }
-
-                if (item.children) {
-                    findAutoExpandedAndActivePath(item.children, currentPath);
-                }
-            });
-        }
-
-        findAutoExpandedAndActivePath(items);
-        return autoExpanded;
-    });
-
+    const apiKeyId = params.apiKeyId as string;
+    const clientId = params.clientId as string;
     const { user } = useUserContext();
+    const t = useTranslations();
 
     function hydrateHref(val: string): string {
         return val
             .replace("{orgId}", orgId)
             .replace("{niceId}", niceId)
             .replace("{resourceId}", resourceId)
-            .replace("{userId}", userId);
+            .replace("{userId}", userId)
+            .replace("{apiKeyId}", apiKeyId)
+            .replace("{clientId}", clientId);
     }
 
-    function toggleItem(href: string) {
-        setExpandedItems((prev) => {
-            const newSet = new Set(prev);
-            if (newSet.has(href)) {
-                newSet.delete(href);
-            } else {
-                newSet.add(href);
-            }
-            return newSet;
-        });
-    }
-
-    function renderItems(items: SidebarNavItem[], level = 0) {
-        return items.map((item) => {
-            const hydratedHref = hydrateHref(item.href);
-            const isActive = pathname.startsWith(hydratedHref);
-            const hasChildren = item.children && item.children.length > 0;
-            const isExpanded = expandedItems.has(hydratedHref);
-            const indent = level * 28; // Base indent for each level
-
-            return (
-                

-                    
 {
+        const itemContent = (
+             {
+                    if (isDisabled) {
+                        e.preventDefault();
+                    } else if (onItemClick) {
+                        onItemClick();
+                    }
+                }}
+                tabIndex={isDisabled ? -1 : undefined}
+                aria-disabled={isDisabled}
+            >
+                {item.icon && (
+                    
-                        

-                             {
-                                    if (disabled) {
-                                        e.preventDefault();
-                                    } else if (onItemClick) {
-                                        onItemClick();
-                                    }
-                                }}
-                                tabIndex={disabled ? -1 : undefined}
-                                aria-disabled={disabled}
-                            >
-                                

-                                    {item.icon && (
-                                        
-                                            {item.icon}
-                                        
-                                    )}
-                                    {item.title}
-                                

-                            
-                            {hasChildren && (
-                                
-                            )}
-                        

-                    

-                    {hasChildren && isExpanded && (
-                        

-                            {renderItems(item.children || [], level + 1)}
-                        

-                    )}
-                

+                        {item.icon}
+                    
+                )}
+                {!isCollapsed && (
+                    <>
+                        {t(item.title)}
+                    
+                )}
+            
+        );
+
+        if (isCollapsed) {
+            return (
+                
+                    
+                        {itemContent}
+                        
+                            
{t(item.title)}

+                        
+                    
+                
             );
-        });
-    }
+        }
+
+        return (
+            {itemContent}
+        );
+    };
 
     return (
         
     );
 }
diff --git a/src/components/SidebarSettings.tsx b/src/components/SidebarSettings.tsx
deleted file mode 100644
index 04b68810..00000000
--- a/src/components/SidebarSettings.tsx
+++ /dev/null
@@ -1,35 +0,0 @@
-"use client";
-
-import { SidebarNav } from "@app/components/SidebarNav";
-import React from "react";
-
-interface SideBarSettingsProps {
-    children: React.ReactNode;
-    sidebarNavItems: Array<{
-        title: string;
-        href: string;
-        icon?: React.ReactNode;
-    }>;
-    disabled?: boolean;
-    limitWidth?: boolean;
-}
-
-export function SidebarSettings({
-    children,
-    sidebarNavItems,
-    disabled,
-    limitWidth
-}: SideBarSettingsProps) {
-    return (
-        

-            

-                
-                

-                    {children}
-                

-            

-        

-    );
-}
diff --git a/src/components/StrategySelect.tsx b/src/components/StrategySelect.tsx
index f6a899f8..b431b96c 100644
--- a/src/components/StrategySelect.tsx
+++ b/src/components/StrategySelect.tsx
@@ -4,7 +4,7 @@ import { cn } from "@app/lib/cn";
 import { RadioGroup, RadioGroupItem } from "./ui/radio-group";
 import { useState } from "react";
 
-interface StrategyOption {
+export interface StrategyOption {
     id: TValue;
     title: string;
     description: string;
diff --git a/src/app/components/SupporterMessage.tsx b/src/components/SupporterMessage.tsx
similarity index 90%
rename from src/app/components/SupporterMessage.tsx
rename to src/components/SupporterMessage.tsx
index f21cd52c..2f415e14 100644
--- a/src/app/components/SupporterMessage.tsx
+++ b/src/components/SupporterMessage.tsx
@@ -3,8 +3,12 @@
 import React from "react";
 import confetti from "canvas-confetti";
 import { Star } from "lucide-react";
+import { useTranslations } from 'next-intl';
 
 export default function SupporterMessage({ tier }: { tier: string }) {
+    
+    const t = useTranslations();
+
     return (
         

             
             
             

-                Thank you for supporting Pangolin as a {tier}!
+                {t('componentsSupporterMessage', {tier: tier})}
             

         

     );
diff --git a/src/components/SwitchInput.tsx b/src/components/SwitchInput.tsx
index 571a1ab4..a2291c2e 100644
--- a/src/components/SwitchInput.tsx
+++ b/src/components/SwitchInput.tsx
@@ -4,8 +4,9 @@ import { Label } from "./ui/label";
 
 interface SwitchComponentProps {
     id: string;
-    label: string;
+    label?: string;
     description?: string;
+    checked?: boolean;
     defaultChecked?: boolean;
     disabled?: boolean;
     onCheckedChange: (checked: boolean) => void;
@@ -16,6 +17,7 @@ export function SwitchInput({
     label,
     description,
     disabled,
+    checked,
     defaultChecked = false,
     onCheckedChange
 }: SwitchComponentProps) {
@@ -24,11 +26,12 @@ export function SwitchInput({
             

                 
-                
+                {label && }
             

             {description && (
                 
diff --git a/src/components/ThemeSwitcher.tsx b/src/components/ThemeSwitcher.tsx
new file mode 100644
index 00000000..5605ec31
--- /dev/null
+++ b/src/components/ThemeSwitcher.tsx
@@ -0,0 +1,78 @@
+"use client";
+
+import { Button } from "@app/components/ui/button";
+import { Laptop, Moon, Sun } from "lucide-react";
+import { useTranslations } from "next-intl";
+import { useTheme } from "next-themes";
+import { useEffect, useState } from "react";
+
+export default function ThemeSwitcher() {
+    const { setTheme, theme, resolvedTheme } = useTheme();
+    const [mounted, setMounted] = useState(false);
+
+    const t = useTranslations();
+
+    useEffect(() => {
+        setMounted(true);
+    }, []);
+
+    if (!mounted) {
+        return (
+            
+        );
+    }
+
+    function cycleTheme() {
+        const currentTheme = theme || "system";
+
+        if (currentTheme === "light") {
+            setTheme("dark");
+        } else if (currentTheme === "dark") {
+            setTheme("system");
+        } else {
+            setTheme("light");
+        }
+    }
+
+    function getThemeIcon() {
+        const currentTheme = theme || "system";
+
+        if (currentTheme === "light") {
+            return ;
+        } else if (currentTheme === "dark") {
+            return ;
+        } else {
+            // When theme is "system", show icon based on resolved theme
+            if (resolvedTheme === "light") {
+                return ;
+            } else if (resolvedTheme === "dark") {
+                return ;
+            } else {
+                // Fallback to laptop icon if resolvedTheme is not available
+                return ;
+            }
+        }
+    }
+
+    function getThemeText() {
+        const currentTheme = theme || "system";
+        const translated = t(currentTheme);
+        return translated.charAt(0).toUpperCase() + translated.slice(1);
+    }
+
+    return (
+        
+    );
+}
diff --git a/src/components/TwoFactorSetupForm.tsx b/src/components/TwoFactorSetupForm.tsx
new file mode 100644
index 00000000..f77c2cf5
--- /dev/null
+++ b/src/components/TwoFactorSetupForm.tsx
@@ -0,0 +1,327 @@
+"use client";
+
+import { useState, forwardRef, useImperativeHandle, useEffect } from "react";
+import { Button } from "@/components/ui/button";
+import { Input } from "@/components/ui/input";
+import { Label } from "@/components/ui/label";
+import { CheckCircle2 } from "lucide-react";
+import { createApiClient } from "@app/lib/api";
+import { useEnvContext } from "@app/hooks/useEnvContext";
+import { AxiosResponse } from "axios";
+import {
+    LoginResponse,
+    RequestTotpSecretBody,
+    RequestTotpSecretResponse,
+    VerifyTotpBody,
+    VerifyTotpResponse
+} from "@server/routers/auth";
+import { z } from "zod";
+import { useForm } from "react-hook-form";
+import { zodResolver } from "@hookform/resolvers/zod";
+import {
+    Form,
+    FormControl,
+    FormField,
+    FormItem,
+    FormLabel,
+    FormMessage
+} from "@app/components/ui/form";
+import { toast } from "@app/hooks/useToast";
+import { formatAxiosError } from "@app/lib/api";
+import CopyTextBox from "@app/components/CopyTextBox";
+import { QRCodeCanvas } from "qrcode.react";
+import { useUserContext } from "@app/hooks/useUserContext";
+import { useTranslations } from "next-intl";
+
+type TwoFactorSetupFormProps = {
+    onComplete?: (email: string, password: string) => void;
+    onCancel?: () => void;
+    isDialog?: boolean;
+    email?: string;
+    password?: string;
+    submitButtonText?: string;
+    cancelButtonText?: string;
+    showCancelButton?: boolean;
+    onStepChange?: (step: number) => void;
+    onLoadingChange?: (loading: boolean) => void;
+};
+
+const TwoFactorSetupForm = forwardRef<
+    { handleSubmit: () => void },
+    TwoFactorSetupFormProps
+>(
+    (
+        {
+            onComplete,
+            onCancel,
+            isDialog = false,
+            email,
+            password: initialPassword,
+            submitButtonText,
+            cancelButtonText,
+            showCancelButton = false,
+            onStepChange,
+            onLoadingChange
+        },
+        ref
+    ) => {
+        const [step, setStep] = useState(1);
+        const [secretKey, setSecretKey] = useState("");
+        const [secretUri, setSecretUri] = useState("");
+        const [loading, setLoading] = useState(false);
+        const [backupCodes, setBackupCodes] = useState([]);
+
+        const api = createApiClient(useEnvContext());
+        const t = useTranslations();
+
+        // Notify parent of step and loading changes
+        useEffect(() => {
+            onStepChange?.(step);
+        }, [step, onStepChange]);
+
+        useEffect(() => {
+            onLoadingChange?.(loading);
+        }, [loading, onLoadingChange]);
+
+        const enableSchema = z.object({
+            password: z.string().min(1, { message: t("passwordRequired") })
+        });
+
+        const confirmSchema = z.object({
+            code: z.string().length(6, { message: t("pincodeInvalid") })
+        });
+
+        const enableForm = useForm>({
+            resolver: zodResolver(enableSchema),
+            defaultValues: {
+                password: initialPassword || ""
+            }
+        });
+
+        const confirmForm = useForm>({
+            resolver: zodResolver(confirmSchema),
+            defaultValues: {
+                code: ""
+            }
+        });
+
+        const request2fa = async (values: z.infer) => {
+            setLoading(true);
+
+            const endpoint = `/auth/2fa/request`;
+            const payload = { email, password: values.password };
+
+            const res = await api
+                .post<
+                    AxiosResponse
+                >(endpoint, payload)
+                .catch((e) => {
+                    toast({
+                        title: t("otpErrorEnable"),
+                        description: formatAxiosError(
+                            e,
+                            t("otpErrorEnableDescription")
+                        ),
+                        variant: "destructive"
+                    });
+                });
+
+            if (res && res.data.data.secret) {
+                setSecretKey(res.data.data.secret);
+                setSecretUri(res.data.data.uri);
+                setStep(2);
+            }
+
+            setLoading(false);
+        };
+
+        const confirm2fa = async (values: z.infer) => {
+            setLoading(true);
+
+            const endpoint = `/auth/2fa/enable`;
+            const payload = {
+                email,
+                password: enableForm.getValues().password,
+                code: values.code
+            };
+
+            const res = await api
+                .post>(endpoint, payload)
+                .catch((e) => {
+                    toast({
+                        title: t("otpErrorEnable"),
+                        description: formatAxiosError(
+                            e,
+                            t("otpErrorEnableDescription")
+                        ),
+                        variant: "destructive"
+                    });
+                });
+
+            if (res && res.data.data.valid) {
+                setBackupCodes(res.data.data.backupCodes || []);
+                await api
+                    .post>("/auth/login", {
+                        email,
+                        password: enableForm.getValues().password,
+                        code: values.code
+                    })
+                    .catch((e) => {
+                        console.error(e);
+                    });
+                setStep(3);
+            }
+
+            setLoading(false);
+        };
+
+        const handleSubmit = () => {
+            if (step === 1) {
+                enableForm.handleSubmit(request2fa)();
+            } else if (step === 2) {
+                confirmForm.handleSubmit(confirm2fa)();
+            }
+        };
+
+        const handleComplete = (email: string, password: string) => {
+            if (onComplete) {
+                onComplete(email, password);
+            }
+        };
+
+        useImperativeHandle(ref, () => ({
+            handleSubmit
+        }));
+
+        return (
+            

+                {step === 1 && (
+                    

+                        
+                            

+                                 (
+                                        
+                                            
+                                                {t("password")}
+                                            
+                                            
+                                                
+                                            
+                                            
+                                        
+                                    )}
+                                />
+                            

+                        

+                    
+                )}
+
+                {step === 2 && (
+                    

+                        
{t("otpSetupScanQr")}

+                        

+                            
+                        

+                        

+                            
+                        

+
+                        

+                            
+                                 (
+                                        
+                                            
+                                                {t("otpSetupSecretCode")}
+                                            
+                                            
+                                                
+                                            
+                                            
+                                        
+                                    )}
+                                />
+                            
+                        
+                    

+                )}
+
+                {step === 3 && (
+                    

+                        
+                        

+                            {t("otpSetupSuccess")}
+                        

+                        
{t("otpSetupSuccessStoreBackupCodes")}

+
+                        {backupCodes.length > 0 && (
+                            

+                                
+                            

+                        )}
+                    

+                )}
+
+                {/* Action buttons - only show when not in dialog */}
+                {!isDialog && (
+                    

+                        {showCancelButton && onCancel && (
+                            
+                        )}
+                        {(step === 1 || step === 2) && (
+                            
+                        )}
+                        {step === 3 && (
+                            
+                        )}
+                    

+                )}
+            

+        );
+    }
+);
+
+export default TwoFactorSetupForm;
diff --git a/src/components/tags/autocomplete.tsx b/src/components/tags/autocomplete.tsx
index f2867791..04806643 100644
--- a/src/components/tags/autocomplete.tsx
+++ b/src/components/tags/autocomplete.tsx
@@ -4,6 +4,7 @@ import { TagInputStyleClassesProps, type Tag as TagType } from "./tag-input";
 import { Popover, PopoverContent, PopoverTrigger } from "../ui/popover";
 import { Button } from "../ui/button";
 import { cn } from "@app/lib/cn";
+import { useTranslations } from "next-intl";
 
 type AutocompleteProps = {
     tags: TagType[];
@@ -40,6 +41,7 @@ export const Autocomplete: React.FC = ({
     const triggerRef = useRef(null);
     const inputRef = useRef(null);
     const popoverContentRef = useRef(null);
+    const t = useTranslations();
 
     const [popoverWidth, setPopoverWidth] = useState(0);
     const [isPopoverOpen, setIsPopoverOpen] = useState(false);
@@ -342,7 +344,7 @@ export const Autocomplete: React.FC = ({
) : (
- No results found. + {t('noResults')}
)}
diff --git a/src/components/tags/tag-input.tsx b/src/components/tags/tag-input.tsx index 3510e968..789a127c 100644 --- a/src/components/tags/tag-input.tsx +++ b/src/components/tags/tag-input.tsx @@ -10,6 +10,7 @@ import { TagList } from "./tag-list"; import { tagVariants } from "./tag"; import { Autocomplete } from "./autocomplete"; import { cn } from "@app/lib/cn"; +import { useTranslations } from "next-intl"; export enum Delimiter { Comma = ",", @@ -166,11 +167,13 @@ const TagInput = React.forwardRef( ); const inputRef = React.useRef(null); + const t = useTranslations(); + if ( (maxTags !== undefined && maxTags < 0) || (props.minTags !== undefined && props.minTags < 0) ) { - console.warn("maxTags and minTags cannot be less than 0"); + console.warn(t("tagsWarnCannotBeLessThanZero")); // error return null; } @@ -195,23 +198,27 @@ const TagInput = React.forwardRef( ) ) { console.warn( - "Tag not allowed as per autocomplete options" + t("tagsWarnNotAllowedAutocompleteOptions") ); return; } if (validateTag && !validateTag(newTagText)) { - console.warn("Invalid tag as per validateTag"); + console.warn(t("tagsWarnInvalid")); return; } if (minLength && newTagText.length < minLength) { - console.warn(`Tag "${newTagText}" is too short`); + console.warn( + t("tagWarnTooShort", { tagText: newTagText }) + ); return; } if (maxLength && newTagText.length > maxLength) { - console.warn(`Tag "${newTagText}" is too long`); + console.warn( + t("tagWarnTooLong", { tagText: newTagText }) + ); return; } @@ -228,12 +235,12 @@ const TagInput = React.forwardRef( setTags((prevTags) => [...prevTags, newTag]); onTagAdd?.(newTagText); } else { - console.warn( - "Reached the maximum number of tags allowed" - ); + console.warn(t("tagsWarnReachedMaxNumber")); } } else { - console.warn(`Duplicate tag "${newTagText}" not added`); + console.warn( + t("tagWarnDuplicate", { tagText: newTagText }) + ); } }); setInputValue(""); @@ -259,12 +266,12 @@ const TagInput = React.forwardRef( } if (minLength && newTagText.length < minLength) { - console.warn("Tag is too short"); + console.warn(t("tagWarnTooShort")); return; } if (maxLength && newTagText.length > maxLength) { - console.warn("Tag is too long"); + console.warn(t("tagWarnTooLong")); return; } @@ -309,7 +316,7 @@ const TagInput = React.forwardRef( } if (minLength && newTagText.length < minLength) { - console.warn("Tag is too short"); + console.warn(t("tagWarnTooShort")); // error return; } @@ -317,7 +324,7 @@ const TagInput = React.forwardRef( // Validate maxLength if (maxLength && newTagText.length > maxLength) { // error - console.warn("Tag is too long"); + console.warn(t("tagWarnTooLong")); return; } @@ -490,7 +497,7 @@ const TagInput = React.forwardRef(
@@ -537,7 +544,7 @@ const TagInput = React.forwardRef( onBlur={handleInputBlur} {...inputProps} className={cn( - "border-0 h-5 bg-transparent focus-visible:ring-0 focus-visible:ring-transparent focus-visible:ring-offset-0 flex-1 w-fit", + "border-0 h-5 bg-transparent focus-visible:ring-0 focus-visible:ring-transparent focus-visible:ring-offset-0 flex-1 w-fit shadow-none inset-shadow-none", // className, styleClasses?.input )} @@ -623,7 +630,7 @@ const TagInput = React.forwardRef( onBlur={handleInputBlur} {...inputProps} className={cn( - "border-0 h-5 bg-transparent focus-visible:ring-0 focus-visible:ring-transparent focus-visible:ring-offset-0 flex-1 w-fit", + "border-0 h-5 bg-transparent focus-visible:ring-0 focus-visible:ring-transparent focus-visible:ring-offset-0 flex-1 w-fit shadow-none inset-shadow-none", // className, styleClasses?.input )} @@ -644,7 +651,7 @@ const TagInput = React.forwardRef( ) : (
@@ -711,7 +718,7 @@ const TagInput = React.forwardRef( onBlur={handleInputBlur} {...inputProps} className={cn( - "border-0 h-5 bg-transparent focus-visible:ring-0 focus-visible:ring-transparent focus-visible:ring-offset-0 flex-1 w-fit", + "border-0 h-5 bg-transparent focus-visible:ring-0 focus-visible:ring-transparent focus-visible:ring-offset-0 flex-1 w-fit shadow-none inset-shadow-none", // className, styleClasses?.input )} @@ -792,7 +799,7 @@ const TagInput = React.forwardRef( onBlur={handleInputBlur} {...inputProps} className={cn( - "border-0 h-5 bg-transparent focus-visible:ring-0 focus-visible:ring-transparent focus-visible:ring-offset-0 flex-1 w-fit", + "border-0 h-5 bg-transparent focus-visible:ring-0 focus-visible:ring-transparent focus-visible:ring-offset-0 flex-1 w-fit shadow-none inset-shadow-none", // className, styleClasses?.input )} @@ -835,7 +842,8 @@ const TagInput = React.forwardRef( onBlur={handleInputBlur} {...inputProps} className={cn( - styleClasses?.input + styleClasses?.input, + "shadow-none inset-shadow-none" // className )} autoComplete={ @@ -909,7 +917,7 @@ const TagInput = React.forwardRef( tags.length >= maxTags) } className={cn( - "border-0 w-full", + "border-0 w-full shadow-none inset-shadow-none", styleClasses?.input // className )} diff --git a/src/components/tags/tag-popover.tsx b/src/components/tags/tag-popover.tsx index 6145b498..72871580 100644 --- a/src/components/tags/tag-popover.tsx +++ b/src/components/tags/tag-popover.tsx @@ -4,6 +4,7 @@ import { TagInputStyleClassesProps, type Tag as TagType } from "./tag-input"; import { TagList, TagListProps } from "./tag-list"; import { Button } from "../ui/button"; import { cn } from "@app/lib/cn"; +import { useTranslations } from "next-intl"; type TagPopoverProps = { children: React.ReactNode; @@ -41,6 +42,8 @@ export const TagPopover: React.FC = ({ const [inputFocused, setInputFocused] = useState(false); const [sideOffset, setSideOffset] = useState(0); + const t = useTranslations(); + useEffect(() => { const handleResize = () => { if (triggerContainerRef.current && triggerRef.current) { @@ -183,10 +186,10 @@ export const TagPopover: React.FC = ({ >

- Entered Tags + {t('tagsEntered')}

- These are the tags you've entered. + {t('tagsEnteredDescription')}

= ({ { "justify-between w-full": direction === "column", "cursor-pointer": draggable, - "ring-ring ring-offset-2 ring-2 ring-offset-background": + "ring-ring ring-offset-0 ring-2 ring-offset-background": isActiveTag }, tagClasses?.body diff --git a/src/components/ui/alert.tsx b/src/components/ui/alert.tsx index 8f3e489a..2c30ee73 100644 --- a/src/components/ui/alert.tsx +++ b/src/components/ui/alert.tsx @@ -9,17 +9,18 @@ const alertVariants = cva( variants: { variant: { default: "bg-card border text-foreground", - neutral: "bg-card border text-foreground", + neutral: "bg-card bg-muted border text-foreground", destructive: "border-destructive/50 border bg-destructive/10 text-destructive dark:border-destructive [&>svg]:text-destructive", success: "border-green-500/50 border bg-green-500/10 text-green-500 dark:border-success [&>svg]:text-green-500", - }, + info: "border-blue-500/50 border bg-blue-500/10 text-blue-500 dark:border-blue-400 [&>svg]:text-blue-500" + } }, defaultVariants: { - variant: "default", - }, - }, + variant: "default" + } + } ); const Alert = React.forwardRef< @@ -43,7 +44,7 @@ const AlertTitle = React.forwardRef< ref={ref} className={cn( "mb-1 font-medium leading-none tracking-tight", - className, + className )} {...props} /> diff --git a/src/components/ui/avatar.tsx b/src/components/ui/avatar.tsx index ef6e4355..44c1b5b5 100644 --- a/src/components/ui/avatar.tsx +++ b/src/components/ui/avatar.tsx @@ -1,9 +1,9 @@ -"use client" +"use client"; -import * as React from "react" -import * as AvatarPrimitive from "@radix-ui/react-avatar" +import * as React from "react"; +import * as AvatarPrimitive from "@radix-ui/react-avatar"; -import { cn } from "@app/lib/cn" +import { cn } from "@app/lib/cn"; const Avatar = React.forwardRef< React.ElementRef, @@ -17,8 +17,8 @@ const Avatar = React.forwardRef< )} {...props} /> -)) -Avatar.displayName = AvatarPrimitive.Root.displayName +)); +Avatar.displayName = AvatarPrimitive.Root.displayName; const AvatarImage = React.forwardRef< React.ElementRef, @@ -29,8 +29,8 @@ const AvatarImage = React.forwardRef< className={cn("aspect-square h-full w-full", className)} {...props} /> -)) -AvatarImage.displayName = AvatarPrimitive.Image.displayName +)); +AvatarImage.displayName = AvatarPrimitive.Image.displayName; const AvatarFallback = React.forwardRef< React.ElementRef, @@ -44,7 +44,7 @@ const AvatarFallback = React.forwardRef< )} {...props} /> -)) -AvatarFallback.displayName = AvatarPrimitive.Fallback.displayName +)); +AvatarFallback.displayName = AvatarPrimitive.Fallback.displayName; -export { Avatar, AvatarImage, AvatarFallback } +export { Avatar, AvatarImage, AvatarFallback }; diff --git a/src/components/ui/badge.tsx b/src/components/ui/badge.tsx index 222a234f..3bcf2bea 100644 --- a/src/components/ui/badge.tsx +++ b/src/components/ui/badge.tsx @@ -4,7 +4,7 @@ import { cva, type VariantProps } from "class-variance-authority"; import { cn } from "@app/lib/cn"; const badgeVariants = cva( - "inline-flex items-center rounded-full border px-2.5 py-0.5 text-xs font-semibold transition-colors focus:outline-none focus:ring-2 focus:ring-ring focus:ring-offset-2", + "inline-flex items-center rounded-full border px-2.5 py-0.5 text-xs font-semibold transition-colors focus:outline-none focus:ring-2 focus:ring-ring focus:ring-offset-0", { variants: { variant: { @@ -16,9 +16,9 @@ const badgeVariants = cva( destructive: "border-transparent bg-destructive text-destructive-foreground", outline: "text-foreground", - green: "border-transparent bg-green-500", - yellow: "border-transparent bg-yellow-500", - red: "border-transparent bg-red-300", + green: "border-green-600 bg-green-500/20 text-green-700 dark:text-green-300", + yellow: "border-yellow-600 bg-yellow-500/20 text-yellow-700 dark:text-yellow-300", + red: "border-red-400 bg-red-300/20 text-red-600 dark:text-red-300", }, }, defaultVariants: { diff --git a/src/components/ui/breadcrumb.tsx b/src/components/ui/breadcrumb.tsx index dd40aa55..98c13818 100644 --- a/src/components/ui/breadcrumb.tsx +++ b/src/components/ui/breadcrumb.tsx @@ -1,16 +1,16 @@ -import * as React from "react" -import { Slot } from "@radix-ui/react-slot" -import { ChevronRight, MoreHorizontal } from "lucide-react" +import * as React from "react"; +import { Slot } from "@radix-ui/react-slot"; +import { ChevronRight, MoreHorizontal } from "lucide-react"; -import { cn } from "@app/lib/cn" +import { cn } from "@app/lib/cn"; const Breadcrumb = React.forwardRef< HTMLElement, React.ComponentPropsWithoutRef<"nav"> & { separator?: React.ReactNode } ->(({ ...props }, ref) =>