reqcore-inc
diff --git a/‎CHANGELOG.md‎
Lines changed: 0 additions & 265 deletions b/‎CHANGELOG.md‎
Lines changed: 0 additions & 265 deletions
diff --git a/‎SELF-HOSTING.md‎
Lines changed: 664 additions & 0 deletions b/‎SELF-HOSTING.md‎
Lines changed: 664 additions & 0 deletions
diff --git a/‎app/components/AppTopBar.vue‎
Lines changed: 13 additions & 1 deletion b/‎app/components/AppTopBar.vue‎
Lines changed: 13 additions & 1 deletion
diff --git a/‎app/pages/dashboard/updates.vue‎
Lines changed: 822 additions & 0 deletions b/‎app/pages/dashboard/updates.vue‎
Lines changed: 822 additions & 0 deletions
diff --git a/‎docker-compose.yml‎
Lines changed: 4 additions & 1 deletion b/‎docker-compose.yml‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎server/api/updates/apply.post.ts‎
Lines changed: 128 additions & 0 deletions b/‎server/api/updates/apply.post.ts‎
Lines changed: 128 additions & 0 deletions
diff --git a/‎server/api/updates/backup.post.ts‎
Lines changed: 70 additions & 0 deletions b/‎server/api/updates/backup.post.ts‎
Lines changed: 70 additions & 0 deletions
diff --git a/‎server/api/updates/changelog.get.ts‎
Lines changed: 97 additions & 0 deletions b/‎server/api/updates/changelog.get.ts‎
Lines changed: 97 additions & 0 deletions
@@ -4,7 +4,7 @@ import {
   Kanban, FileText, LogOut, Table2,
   Sun, Moon, MessageSquarePlus, Settings,
   ChevronDown, Menu, X, Users, ChevronLeft,
-  LayoutDashboard, Calendar,
+  LayoutDashboard, Calendar, ArrowUpCircle,
 } from 'lucide-vue-next'
 
 const route = useRoute()
@@ -196,6 +196,18 @@ onUnmounted(() => document.removeEventListener('click', onClickOutsideUser))
             <Moon v-else class="size-4" />
           </button>
 
+          <!-- Updates button -->
+          <NuxtLink
+            :to="$localePath('/dashboard/updates')"
+            class="hidden sm:flex items-center justify-center size-8 rounded-lg transition-all duration-200 no-underline"
+            :class="isActiveRoute('/dashboard/updates', false)
+              ? 'text-brand-600 dark:text-brand-400 bg-brand-50 dark:bg-brand-950/40'
+              : 'text-surface-500 dark:text-surface-400 hover:text-surface-700 dark:hover:text-surface-200 hover:bg-surface-100 dark:hover:bg-surface-800'"
+            title="Updates & changelog"
+          >
+            <ArrowUpCircle class="size-4" />
+          </NuxtLink>
+
           <!-- Feedback button -->
           <button
             v-if="isFeedbackEnabled"
 
@@ -52,6 +52,8 @@ services:
         condition: service_healthy
       minio:
         condition: service_healthy
+    volumes:
+      - backups_data:/data/backups
 
   # Optional DB browser — run with: docker compose --profile tools up
   adminer:
@@ -67,4 +69,5 @@ services:
 
 volumes:
   postgres_data:
-  minio_data:
+  minio_data:
+  backups_data:
@@ -0,0 +1,128 @@
+import { execFile } from 'node:child_process'
+import { promisify } from 'node:util'
+
+const execFileAsync = promisify(execFile)
+
+interface UpdateResult {
+  success: boolean
+  message: string
+  previousVersion: string | null
+  steps: { step: string; status: 'success' | 'failed'; detail?: string }[]
+}
+
+/**
+ * POST /api/updates/apply
+ *
+ * Triggers a self-hosted update via Docker Compose.
+ * This endpoint orchestrates the update process:
+ *   1. Pulls latest code from the default branch
+ *   2. Rebuilds the Docker containers
+ *   3. Restarts the application
+ *
+ * Only works for Docker-based deployments. Railway deployments
+ * auto-update via GitHub integration.
+ *
+ * Requires authentication (owner only).
+ */
+export default defineEventHandler(async (event) => {
+  await requirePermission(event, { organization: ['delete'] })
+
+  const steps: UpdateResult['steps'] = []
+
+  // Read current version before update
+  const { readFile } = await import('node:fs/promises')
+  const { resolve } = await import('node:path')
+  let previousVersion: string | null = null
+  try {
+    const pkg = await readFile(resolve(process.cwd(), 'package.json'), 'utf-8')
+    previousVersion = JSON.parse(pkg).version
+  }
+  catch {
+    previousVersion = null
+  }
+
+  // Verify we're running in Docker
+  try {
+    const { access } = await import('node:fs/promises')
+    await access('/.dockerenv')
+  }
+  catch {
+    return {
+      success: false,
+      message: 'Updates via UI are only available for Docker-based deployments. For other deployment methods, please update manually.',
+      previousVersion,
+      steps: [],
+    } satisfies UpdateResult
+  }
+
+  // Verify required commands are available
+  for (const cmd of ['git', 'docker'] as const) {
+    try {
+      await execFileAsync('which', [cmd], { timeout: 5_000 })
+    }
+    catch {
+      return {
+        success: false,
+        message: `The "${cmd}" command is not available inside this container. One-click updates require git and docker CLI to be installed in the container image, and the Docker socket to be mounted. Please update manually instead.`,
+        previousVersion,
+        steps: [],
+      } satisfies UpdateResult
+    }
+  }
+
+  // Step 1: Pull latest changes
+  try {
+    const { stdout } = await execFileAsync('git', ['pull', 'origin', 'main'], {
+      cwd: '/app',
+      timeout: 120_000,
+    })
+    steps.push({
+      step: 'Pull latest code',
+      status: 'success',
+      detail: stdout.trim(),
+    })
+  }
+  catch (err: unknown) {
+    const message = err instanceof Error ? err.message : 'Unknown error'
+    steps.push({ step: 'Pull latest code', status: 'failed', detail: message })
+    return {
+      success: false,
+      message: 'Failed to pull latest code. Check your network connection and try again.',
+      previousVersion,
+      steps,
+    } satisfies UpdateResult
+  }
+
+  // Step 2: Rebuild and restart via Docker Compose
+  try {
+    const { stdout } = await execFileAsync(
+      'docker', ['compose', 'up', '--build', '--detach', '--no-deps', 'app'],
+      {
+        cwd: '/app',
+        timeout: 600_000, // 10 minutes for build
+      },
+    )
+    steps.push({
+      step: 'Rebuild & restart',
+      status: 'success',
+      detail: stdout.trim(),
+    })
+  }
+  catch (err: unknown) {
+    const message = err instanceof Error ? err.message : 'Unknown error'
+    steps.push({ step: 'Rebuild & restart', status: 'failed', detail: message })
+    return {
+      success: false,
+      message: 'Failed to rebuild. Your current version is still running safely. Try running the update manually.',
+      previousVersion,
+      steps,
+    } satisfies UpdateResult
+  }
+
+  return {
+    success: true,
+    message: 'Update started successfully. The application will restart momentarily. Refresh this page in about 30 seconds.',
+    previousVersion,
+    steps,
+  } satisfies UpdateResult
+})
@@ -0,0 +1,70 @@
+import { execFile } from 'node:child_process'
+import { promisify } from 'node:util'
+
+const execFileAsync = promisify(execFile)
+
+interface BackupResult {
+  success: boolean
+  message: string
+  filename?: string
+}
+
+/**
+ * POST /api/updates/backup
+ *
+ * Creates a PostgreSQL database backup before applying updates.
+ * Backups are stored in /data/backups/ which should be mapped to a
+ * Docker volume for persistence. Falls back to /tmp/ if the
+ * directory cannot be created.
+ *
+ * Requires authentication (owner only).
+ */
+export default defineEventHandler(async (event) => {
+  await requirePermission(event, { organization: ['delete'] })
+
+  const { mkdir } = await import('node:fs/promises')
+  const backupDir = '/data/backups'
+  let effectiveDir = backupDir
+  try {
+    await mkdir(backupDir, { recursive: true })
+  }
+  catch {
+    // Fall back to /tmp if /data/backups is not writable (e.g. non-Docker)
+    effectiveDir = '/tmp'
+  }
+
+  const timestamp = new Date().toISOString().replace(/[:.]/g, '-')
+  const filename = `reqcore-backup-${timestamp}.sql`
+  const backupPath = `${effectiveDir}/${filename}`
+
+  try {
+    // Extract connection details from DATABASE_URL
+    const dbUrl = new URL(env.DATABASE_URL)
+    const host = dbUrl.hostname
+    const port = dbUrl.port || '5432'
+    const user = dbUrl.username
+    const database = dbUrl.pathname.slice(1)
+
+    await execFileAsync(
+      'pg_dump',
+      ['-h', host, '-p', port, '-U', user, '-d', database, '--no-owner', '--no-acl', '-f', backupPath],
+      {
+        timeout: 300_000,
+        env: { ...process.env, PGPASSWORD: dbUrl.password },
+      },
+    )
+
+    return {
+      success: true,
+      message: `Database backup created successfully at ${backupPath}`,
+      filename,
+    } satisfies BackupResult
+  }
+  catch (err: unknown) {
+    const message = err instanceof Error ? err.message : 'Unknown error'
+    return {
+      success: false,
+      message: `Backup failed: ${message}. You can create a manual backup using: docker compose exec db pg_dump -U reqcore reqcore > backup.sql`,
+    } satisfies BackupResult
+  }
+})
@@ -0,0 +1,97 @@
+import { readFile } from 'node:fs/promises'
+import { resolve } from 'node:path'
+
+interface ChangelogEntry {
+  title: string
+  date: string | null
+  version: string | null
+  link: string | null
+  sections: { heading: string; items: string[] }[]
+}
+
+/**
+ * GET /api/updates/changelog
+ *
+ * Parses CHANGELOG.md and returns structured changelog entries.
+ * Requires authentication.
+ */
+export default defineEventHandler(async (event) => {
+  await requireAuth(event)
+
+  const changelogPath = resolve(process.cwd(), 'CHANGELOG.md')
+  let raw: string
+  try {
+    raw = await readFile(changelogPath, 'utf-8')
+  }
+  catch {
+    return { entries: [], currentVersion: null }
+  }
+
+  const { version: currentVersion } = await readFile(
+    resolve(process.cwd(), 'package.json'),
+    'utf-8',
+  ).then(JSON.parse)
+
+  const entries: ChangelogEntry[] = []
+  let current: ChangelogEntry | null = null
+  let currentSection: { heading: string; items: string[] } | null = null
+
+  for (const line of raw.split('\n')) {
+    // Match ## headings (entries)
+    const h2 = line.match(/^## \[(.+?)]\((.+?)\)\s*\((.+?)\)/)
+    const h2Unreleased = line.match(/^## Unreleased/)
+    const h2Date = line.match(/^## (\d{4}-\d{2}-\d{2})/)
+
+    if (h2 || h2Unreleased || h2Date) {
+      if (current) entries.push(current)
+
+      if (h2) {
+        current = {
+          title: `v${h2[1]}`,
+          version: h2[1] ?? null,
+          date: h2[3] ?? null,
+          link: h2[2] ?? null,
+          sections: [],
+        }
+      }
+      else if (h2Unreleased) {
+        current = { title: 'Unreleased', version: null, date: null, link: null, sections: [] }
+      }
+      else if (h2Date) {
+        current = { title: h2Date[1] ?? '', version: null, date: h2Date[1] ?? null, link: null, sections: [] }
+      }
+      currentSection = null
+      continue
+    }
+
+    // Match ### sub-headings (sections within an entry)
+    const h3 = line.match(/^### (.+)/)
+    if (h3 && current) {
+      currentSection = { heading: h3[1] ?? '', items: [] }
+      current.sections.push(currentSection)
+      continue
+    }
+
+    // Match list items
+    const item = line.match(/^\s*[*-]\s+(.+)/)
+    if (item && currentSection) {
+      currentSection.items.push(item[1] ?? '')
+    }
+  }
+
+  if (current) entries.push(current)
+
+  // Only keep versioned releases + Unreleased (not bare date entries)
+  const releases = entries.filter(e => e.version !== null || e.title === 'Unreleased')
+
+  // Deduplicate entries with same title
+  const seen = new Set<string>()
+  const unique = releases.filter((e) => {
+    const key = `${e.title}-${e.date}`
+    if (seen.has(key)) return false
+    seen.add(key)
+    return true
+  })
+
+  return { entries: unique, currentVersion }
+})